Related
Hey Everyone,
Wanted to tell all of you about a neat app we're developing, called Flexilis.
It's a mobile security suite for Windows Mobile devices, that keeps your device and data safe from loss, theft, hackers, viruses, malware, spam, and more.
We've currently opened signups for our private beta testing, if you're interested in checking it out, just hit up http://beta.flexilis.com and sign up, and feel free to chat about the product here
If anyone has questions or runs into trouble, just shoot us an email at [email protected] and we'll help you out!
-Chris
Community Director,
Flexilis Inc.
[email protected]
Also, if any of you request an invite and it hasnt gotten granted within a day or so, let me know and I'll take care of it.
If you weren't asking for so much personal information, you might actually get people to try your app...
we're actually working on revising that, the reason we ask for the phone number is because it's used to sms you your download link for the software later on in the process, we're in the process of moving that to later on in the process, as well as an explanation of why we ask for it.
Thanks for the feedback!
-Chris
NRGZ28 said:
If you weren't asking for so much personal information, you might actually get people to try your app...
Click to expand...
Click to collapse
Hey man,
nice thing with this soft, that we give the phone number is not so a big problem i think. could you post a little bit infos about the program? Cause on your side there a not many informations.
But i ithink i'll give it a try...
I just have one little question, on you privacy page you write:
When you use the Flexilis Services, our servers automatically record certain information about your usage. These logs may include information such as the IP address, mobile device identification number, phone number, operating system, version information, wireless carrier, web requests, browser type, browser language, referring pages, landing pages, pages viewed, or other usage information.
Click to expand...
Click to collapse
Why do record the pages we visit?
we're still working on a little bit of a tour/walkthrough area of the software on the front page, as we get closer to public beta, but for now there's nothing there yet. My first post in this thread gives a brief summary of it though. Feel free to shoot me an email at [email protected] with any questions!
-Chris
There's nothing in the software that tracks the pages you view or anything, what that refers to is on our end we track what pages users use on the flexilis website the most, much the same way other websites do, to track what pages and content on our site our most popular, etc.
JeckyllHavok said:
I just have one little question, on you privacy page you write:
Why do record the pages we visit?
Click to expand...
Click to collapse
I'm still not sure what your program do, but it certainly doesn't behave the way I expect.
1) Why to require authorization so often?
2) Contrary to the stated phone number is not accepted for authorization. Only email.
3) I don't really know what you mean by "a few minutes", but currently Flexilis is authorizing my phone already for more than two hours. I see no progress bar and I don't understan what's going.
4) I can't stop authorization process.
5) Why the authorization process continues even when I close all connections? Did you invent new method of communication?
6) The program is hidden from task managers and process viewers. What for?
I didn't sniff the traffic but currently behavior of your program reminds more of malware rather than security software.
My conclusion: As I don't understand what your program is doing, I'm not going to test it anymore until additional guidance is provided.
Sorry, if I'm sounding harsh. It's just writing style (tough work, you know )
No worries
1] once it's authorized the first time, it shouldnt have to authorize again, what kind of phone are you authorizing it on? we're making some fixes to the authorization process to make it even simpler that should roll out in the next release.
2] if you're outside of the US, you might need to add your country code and such if that's the case, let me know, or send me an email to [email protected] so we can look into it.
3] per all authorization questions, it'll try til its authorized, again we're fixing this.
4] per the it being hidden from task managers, we've given this some discussion, for right now it's a security feature to try to prevent theives from disabling the software, though we might fix that in the future to have the app visible in there somehow.
As far as being more indepth on all of the features, we are working on a tour of sorts to explain it all before the beta goes public.
Thanks for the feedback!
-Chris
mrcaze said:
I'm still not sure what your program do, but it certainly doesn't behave the way I expect.
1) Why to require authorization so often?
2) Contrary to the stated phone number is not accepted for authorization. Only email.
3) I don't really know what you mean by "a few minutes", but currently Flexilis is authorizing my phone already for more than two hours. I see no progress bar and I don't understan what's going.
4) I can't stop authorization process.
5) Why the authorization process continues even when I close all connections? Did you invent new method of communication?
6) The program is hidden from task managers and process viewers. What for?
I didn't sniff the traffic but currently behavior of your program reminds more of malware rather than security software.
My conclusion: As I don't understand what your program is doing, I'm not going to test it anymore until additional guidance is provided.
Sorry, if I'm sounding harsh. It's just writing style (tough work, you know )
Click to expand...
Click to collapse
Authorizing a device ... what a hassle. I finally gave up since I couldn't tell if it was doing anything. No more testing for or feedback from me.
fredcatsmommy: sorry it didnt work out for you. hopefully in the future when that's fixed (should be less than a week), we can lure you back, it does some amazing stuff, but we do run into bugs from time to time due to the vast number of windows mobile devices out there, and only having a small test bed of them to work with. Keep your eyes peeled, and we'll have that fixed soon!
fredcatsmommy said:
Authorizing a device ... what a hassle. I finally gave up since I couldn't tell if it was doing anything. No more testing for or feedback from me.
Click to expand...
Click to collapse
I think you need to tell us what the app actually does?
I have read this and your site and still don't know what it does?
Will hold off on trying it till I know.
How long is the initializing and activating supposed to take?
seriously, the authorizing bugs should have been worked out before releasing a beta here. we cant even tell if its running, authorizing, stealing information from our devices, etc.. I surely hope this is a legit app youre pushing, if so, FIX IT, so we can at least see what it does.
thx
I installed and authorized with no issues what-so-ever... contrary to what everyone else is saying everything seems to work just fine. works great and doesn't seem to take much memory... not a single complaint here!
Advertising your application for beta purposes is usually not a problem. But, it seems you are here more for "recruiting" testers than anything else. Looks like you joined for this purpose only.
My suggestion to you, is to give a little more description on your develpoment. Seems there are too many questions going unanswered here.
jhw549 said:
I installed and authorized with no issues what-so-ever... contrary to what everyone else is saying everything seems to work just fine. works great and doesn't seem to take much memory... not a single complaint here!
Click to expand...
Click to collapse
what device do you have? did you do anything special to get it working?
I have a sprint vogue and installed to main mem and the data conn. is constantly active.
Polargoat said:
what device do you have? did you do anything special to get it working?
I have a sprint vogue and installed to main mem and the data conn. is constantly active.
Click to expand...
Click to collapse
I have an HTC Mobul/Titan using default Rom/Radio with WinMo 6.1
To install it I just did what I would any other and installed it onto internal memory...
Correction: The application works just fine if you don't have push e-mail (aren't connected to a remote exchange server), I have been having problems all day with my push e-mail from mail2web which I use to forward my work e-mail to my phone. I have therefore decided to remove it as I can't afford to have it interfere with work.
My G1 is two days old so came from the shop (T-Mobile, UK) with Android RC-30 already on. I've been trying to use it as a modem for my laptop on public transport (without success).
So far I have Tetherbot installed and the Socks service started on 1080, Android SDK is installed on the lappy (Ubuntu 8.04 LTS) and 'adb forward tcp:1080 tcp:1080) creates a port to which I can telnet to (and terminate from by pressing return). FF is configured to use a manual proxy on localhost:1080..
Also set the about:config network.proxy.socks_remote_dns flag to true.
All good, except when I enter any URL into FF, the status bar immediately shows 'Done' yet there's no rendering being done at all - still looking at a blank screen.
I've yet to try FoxyProxy which I'll give a go tonight - but I was wondering if it is currently possible to configure a instance of RC-30 w/o root access at all? Reading around, some people say it is while others say it isn't..
Many thanks,
Duncan
Definitely works in ota RC30. Snippet from the Tetherbot thread:
Make sure that you set FoxyProxy to use SOCKS for DNS lookups(under Global Settings)...this stumped me too at first
Click to expand...
Click to collapse
Thanks! Web-browsing now works with FoxyProxy although I have to keep re-entering the ./adb forward tcp:1080 tcp:1080 command every few minutes..
Setting up the port-bouncer for ssh on 22 was less successful though, as it usually causes the Tetherbot application to crash.
Any ideas why T-Mobile wouldn't want you to use the phone as a modem anyway? Having come from an O2/Xda package I'd just expected that all modern phones would work as modems. Shame about the root lock-down too, I was half hoping for a meaningful bash shell and porting/installing Gnu utils, etc.
I guess the G1 would have the same data problems even if it were paired with a tablet like the N-800?
Many thanks,
Duncan
dsmith1974 said:
Any ideas why T-Mobile wouldn't want you to use the phone as a modem anyway? Having come from an O2/Xda package I'd just expected that all modern phones would work as modems.
Click to expand...
Click to collapse
My guess is it has to do with anticipated network usage. I don't know how tethering works with data plans in the UK, but generally in the US unlimited data is divided into handset-only and full unlimited (e.g. for pc cards). Not only is data usage generally lower for mobile applications, you're also highly limited by battery life.
Shame about the root lock-down too, I was half hoping for a meaningful bash shell and porting/installing Gnu utils, etc.
Click to expand...
Click to collapse
A lot of people were hoping for that. The G1 isn't that device though. Full unencumbered shell access would just be a nightmare from a customer service POV. The G1 is first and foremost a consumer device. A lot of those people could end up easily and irreversibly bricking their phones from a root shell.
Yeah i hear that, thats why i really dont care if i have root access. I'm sure in time all that we are wishing for will come out for g1, dont wanna ruin my phone!!! All i really want is internet sharing on mine.
A lot of people were hoping for that. The G1 isn't that device though. Full unencumbered shell access would just be a nightmare from a customer service POV.
Click to expand...
Click to collapse
It has nothing to do with customer service, but T-Mobile's desire to retain control over things. They probably don't want people to do internet sharing, because it will slow down their network. What they don't realize, is that soon there are going to be a lot of unlocked android phones available which wont be subject to their policies.
What I don't get is that with any other HTC device you can boot the phone into SPL mode and flash a new image. With the G1, that is not possible.
Datruesurfer said:
It has nothing to do with customer service, but T-Mobile's desire to retain control over things. They probably don't want people to do internet sharing, because it will slow down their network. What they don't realize, is that soon there are going to be a lot of unlocked android phones available which wont be subject to their policies.
What I don't get is that with any other HTC device you can boot the phone into SPL mode and flash a new image. With the G1, that is not possible.
Click to expand...
Click to collapse
Your speculations are incorrect. T-Mobile stated that they will not stop or block internet sharing, but they will not help you either. Basically they remain neutral and that is why you think T-Mobile is against you.
Google blocked the usb mode image flash. So far we just don't know how to flash a new image because we are not sure if it is supposed to be DREA100.IMG or what is even in the image itself.
Back on topic, I think you will see a real solution when Android 1.0 is released. Or at least have a way to get full root. Basically from what has been said root was locked down not because of anything we did but because the source is not open yet. They are working on things behind the scenes and they need to finish those before they want us to fool around. Give them time to finish their projects and then they will let us start our own.
Datruesurfer said:
It has nothing to do with customer service, but T-Mobile's desire to retain control over things. They probably don't want people to do internet sharing, because it will slow down their network. What they don't realize, is that soon there are going to be a lot of unlocked android phones available which wont be subject to their policies.
Click to expand...
Click to collapse
It's funny you should make that statement in a thread about tethering on OTA RC30. Almost like you didn't know what the heck you were talking about...
neoobs said:
Your speculations are incorrect. T-Mobile stated that they will not stop or block internet sharing, but they will not help you either. Basically they remain neutral and that is why you think T-Mobile is against you.
Google blocked the usb mode image flash. So far we just don't know how to flash a new image because we are not sure if it is supposed to be DREA100.IMG or what is even in the image itself.
Back on topic, I think you will see a real solution when Android 1.0 is released. Or at least have a way to get full root. Basically from what has been said root was locked down not because of anything we did but because the source is not open yet. They are working on things behind the scenes and they need to finish those before they want us to fool around. Give them time to finish their projects and then they will let us start our own.
Click to expand...
Click to collapse
A few things...
1. The source code has already been published (minus a few hardware specific drivers) at source.android.com. You can build an image from source and boot it on the emulator that Google has packaged with the android sdk. There still is no way to load said image on a G1 unless you have root of course.
2. Google didn't lock down SPL on the dream, HTC did. And it was probably because T-Mobile didn't want people loading their own firmware on a device that is already running on open source software.
3. Ever since this root nonsense has come to light, I don't buy the whole neutrality thing. If everyone had root access, we would have a much easier way to tether.
@jashu: I know exactly what I'm talking about because I tried doing the same thing on my friends G1 with the official RC30 firmware on it.
Datruesurfer said:
A few things...
1. The source code has already been published (minus a few hardware specific drivers) at source.android.com. You can build an image from source and boot it on the emulator that Google has packaged with the android sdk. There still is no way to load said image on a G1 unless you have root of course.
2. Google didn't lock down SPL on the dream, HTC did. And it was probably because T-Mobile didn't want people loading their own firmware on a device that is already running on open source software.
3. Ever since this root nonsense has come to light, I don't buy the whole neutrality thing. If everyone had root access, we would have a much easier way to tether.
@jashu: I know exactly what I'm talking about because I tried doing the same thing on my friends G1 with the official RC30 firmware on it.
Click to expand...
Click to collapse
1. Google hasn't released the entire source code, even they have said that officially on the android site.
2. Google asked HTC to do that.
3. Google is the one that locked down root not T-Mobile. Again this goes back to them not having 1.0 released.
Datruesurfer said:
@jashu: I know exactly what I'm talking about because I tried doing the same thing on my friends G1 with the official RC30 firmware on it.
Click to expand...
Click to collapse
Not only does this convince me you don't know what you're talking about, it also leads me to believe you don't know what you're doing either. Just because you can't figure out the simple instructions to perform socks-based tethering when everyone else already has doesn't mean it is broken.
neoobs said:
3. Google is the one that locked down root not T-Mobile. Again this goes back to them not having 1.0 released.
Click to expand...
Click to collapse
Android was 1.0 at the launch of G1. See the official release notes.
Thread is going off topic.
jashsu said:
Android was 1.0 at the launch of G1. See the official release notes.
Thread is going off topic.
Click to expand...
Click to collapse
it is 1.0 RC30... meaning it is still beta. Not released yet.
This thread should have been closed quite some time ago.
Just fine on OTA RC30, Vista. I had to use Proxifier as I prefer Chrome to Firefox, but it works just fine. ADB crashes on very high performance downloads, but otherwise its fine.
rc-30 ?? i think not
dsmith1974 said:
My G1 is two days old so came from the shop (T-Mobile, UK) with Android RC-30 already on. I've been trying to use it as a modem for my laptop on public transport (without success).
So far I have Tetherbot installed and the Socks service started on 1080, Android SDK is installed on the lappy (Ubuntu 8.04 LTS) and 'adb forward tcp:1080 tcp:1080) creates a port to which I can telnet to (and terminate from by pressing return). FF is configured to use a manual proxy on localhost:1080..
Also set the about:config network.proxy.socks_remote_dns flag to true.
All good, except when I enter any URL into FF, the status bar immediately shows 'Done' yet there's no rendering being done at all - still looking at a blank screen.
I'v
e yet to try FoxyProxy which I'll give a go tonight - but I was wondering if it is currently possible to configure a instance of RC-30 w/o root access at all? Reading around, some people say it is while others say it isn't..
Many thanks,
Duncan
Click to expand...
Click to collapse
Duncan, I think you should have another look at what device you have, tmouk devices came out with rc-7 and an ota put them upto 8, so before you start askin questions get your facts right. Also it wasn't tmobile alone that blocked the device being used as a modem it was a joint effort between htc google and tm to promote the use of the open source to its full potential. It also doesn't breach any fair use using the hset as a modem which if it 'wasnt' allowed then you would be breaching the fair use. Ta
jashsu said:
Definitely works in ota RC30. Snippet from the Tetherbot thread:
Click to expand...
Click to collapse
Thanks this helped me a lot.
I'm finding a lot of threads about changing from pin/password to pattern unlock, but not having any luck in completely disabling the security feature BS...
Is it possible to completely eliminate the password lock required by my exchange server? I have tried lockpicker and no lock, neither of which worked.
I would like to keep syncing but am not going to deal with this unlocking all the time (they JUST started enforcing it)...any help would be appreciated.
BTW, running Calkulin's EViO 2 v 1.7 (sense, so HTC mail)
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Justin.G11 said:
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Click to expand...
Click to collapse
Thanks...I figured it wouldn't be that easy but I had to ask.
Justin.G11 said:
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Click to expand...
Click to collapse
I get complaints all the time about policies. 99.999% of the time, the policies are created/approved by steering committees, the legal department or executive management. There is usually nothing IT can do about it as the policies are put into place for legal reasons or company security.
Additionally, if IT departments are not compliant in company policies there could be legal ramifications if the company has to comply with certain government guidelines.
And IT staff don't hate dealing with people...it sounds like your work environment is not like others.
Check out this thread to see if it does what you are looking for.
http://forum.xda-developers.com/showthread.php?t=775007
They modified the actual email.apk app to remove the security requirement that was hardcoded in it.
It was taken from CM7 which is AOSP, so I cannot say whether or not it will work on sense.
EDIT: After searching some more, droidforums has a modified email.apk file that you can install, that you use instead of the HTC mail, which tricks your exchange server into thinking that you have your security enabeled.
http://www.droidforums.net/forum/dr...onal-froyo-bypass-exchange-server-policy.html
Just download the zip, and extract the apk from it, then place the apk on your SDCard and install it just like a regular app.
Khilbron said:
Check out this thread to see if it does what you are looking for.
http://forum.xda-developers.com/showthread.php?t=775007
They modified the actual email.apk app to remove the security requirement that was hardcoded in it.
It was taken from CM7 which is AOSP, so I cannot say whether or not it will work on sense.
EDIT: After searching some more, droidforums has a modified email.apk file that you can install, that you use instead of the HTC mail, which tricks your exchange server into thinking that you have your security enabeled.
http://www.droidforums.net/forum/dr...onal-froyo-bypass-exchange-server-policy.html
Just download the zip, and extract the apk from it, then place the apk on your SDCard and install it just like a regular app.
Click to expand...
Click to collapse
Will look into that. Thank you very much!
I ended up using the modified email.apk from CM7...works like a charm!!! The Droid forums version kept coming up with security errors. THANKS AGAIN Khilbron!!!
awenthol said:
I ended up using the modified email.apk from CM7...works like a charm!!! The Droid forums version kept coming up with security errors. THANKS AGAIN Khilbron!!!
Click to expand...
Click to collapse
Can you please post a link to the one you used?
Sent from my PC36100 using XDA App
Justin.G11 said:
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Click to expand...
Click to collapse
Yes..this reply really isn't correct. There have been some sqlite modifications that can be made or using the mail.apk from this link (http://forum.xda-developers.com/showthread.php?t=775007) works perfect, even with the new CM7-RC2
Bypassing Exchange security
I had this same issue with my work email. My way of bypassing it and still using the stock Mail app is by installing widgetlocker. Unfortunately the newest version does not bypass your encryption, but the older version before the most recent update does. Also it allows you to fully customize your lockscreen and add widgets and what have you. All in all pretty cool app.
widgetlocker.teslacoilsw.com/general/widgetlocker-1-2-9/
(unfortunately because i have never posted before i cannot post links so pm if the link does not work)
Amazing! So you guys have a device in your pocket that has complete access to your work mail server (something you don't own), and you apparently don't care if that falls into the wrong hands?
I don't want to get preachy but this is serious stuff:
1. Are you aware of the damage that can fall on an organization, its IP and reputation if a hacker/spammer has access to a mail account?
2. Your company's mail server is an assett of the company. Gaining access and leaving it unlocked is like borrowing something from work and leaving it on the street.
I understand that IT policies are annoying to the end user, but they are there for good reason.
Would you leave the company vehicle unlocked because it is annoying to get the key out? No.
Oh, and by the way, you can be held directly liable for damages for disabling/ hacking around policies. I have seen employees get fired for it.
Sent from my device.
ramiss said:
Amazing! So you guys have a device in your pocket that has complete access to your work mail server (something you don't own), and you apparently don't care if that falls into the wrong hands?
I don't want to get preachy but this is serious stuff:
1. Are you aware of the damage that can fall on an organization, its IP and reputation if a hacker/spammer has access to a mail account?
2. Your company's mail server is an assett of the company. Gaining access and leaving it unlocked is like borrowing something from work and leaving it on the street.
I understand that IT policies are annoying to the end user, but they are there for good reason.
Would you leave the company vehicle unlocked because it is annoying to get the key out? No.
Oh, and by the way, you can be held directly liable for damages for disabling/ hacking around policies. I have seen employees get fired for it.
Sent from my device.
Click to expand...
Click to collapse
The issue I have is with the idea that the company gets to dictate how my entire device functions. Your points are valid, but why not just require a password on the email app, not on the whole phone? Why do I have to consent to allowing them to order a full device wipe, instead of just a wipe of the company data?
bkrodgers said:
The issue I have is with the idea that the company gets to dictate how my entire device functions. Your points are valid, but why not just require a password on the email app, not on the whole phone? Why do I have to consent to allowing them to order a full device wipe, instead of just a wipe of the company data?
Click to expand...
Click to collapse
Those are some good points and questions:
If you just locked the mail app then the app would need to encrypt/decrypt all data, which would make it MUCH slower. However, the main reason is that the app lock approach is much more hackable..one simple example would be to load a proxy on the phone to intercept communication before it could be encrypted.
The idea behind the device lock is that it happens on a deeper level and is the most secure answer.
The question about having a choice with your device is actually a simple one to answer...if you don't agree with the work policy then don't use your personal device for work email.
The other thing is that, besides not having a choice, the forced answer is beneficial for everyone....if I lose my device then I definitely don't want strangers crank calling my family or getting personal info. I have read about some horrible stories.
The real question is...If your phone is lost why would you NOT want it to be secure and erased asap??
Sent from my "locked" device.
ramiss said:
Those are some good points and questions:
If you just locked the mail app then the app would need to encrypt/decrypt all data, which would make it MUCH slower. However, the main reason is that the app lock approach is much more hackable..one simple example would be to load a proxy on the phone to intercept communication before it could be encrypted.
The idea behind the device lock is that it happens on a deeper level and is the most secure answer.
Click to expand...
Click to collapse
Yes and no. There are approaches that are easier if you aren't securing the whole device, but that doesn't mean it can't still be hacked.
The question about having a choice with your device is actually a simple one to answer...if you don't agree with the work policy then don't use your personal device for work email.
Click to expand...
Click to collapse
Overall I agree with that, although I think at a company that offers mobile email, there's a sort of "peer pressure" to use it. Not to say that's a good reason. I'd imagine that it'd be hard for a company to actually require you to use mobile email on your personal device -- if your job truly requires it, I'd think they'd have to provide you a device if you don't have a compatible device or aren't willing to use it that way. So yes, you're probably right that you have the choice. It doesn't mean that we can't complain though.
The other thing is that, besides not having a choice, the forced answer is beneficial for everyone....if I lose my device then I definitely don't want strangers crank calling my family or getting personal info. I have read about some horrible stories.
The real question is...If your phone is lost why would you NOT want it to be secure and erased asap??
Click to expand...
Click to collapse
If it's really lost forever, yes. But what if:
- The exchange admin sends the wipe command to the wrong phone. ("Hi, I'm John Smith and I've lost my phone.")
- The "wipe after X invalid passcode" policy is enabled. A friend or a kid picks up the phone and tries to play with it. Whoops.
- Something else goes wrong...bottom line is that the company should have no right to wipe anything other than their own data.
I understand the need for locking the device...I really do. But, if someone does happen to find my phone (knock on wood but HIGHLY, HIGHLY unlikely, as I've never even almost forgotten any phone, anywhere, ever) they aren't going to find ANYTHING of value in my emails. I'm pretty low on the totem pole.
If I had sensitive data on my phone...no questions asked, I would keep it p-word locked.
matt2053 said:
Can you please post a link to the one you used?
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?t=775007
awenthol said:
I understand the need for locking the device...I really do. But, if someone does happen to find my phone (knock on wood but HIGHLY, HIGHLY unlikely, as I've never even almost forgotten any phone, anywhere, ever) they aren't going to find ANYTHING of value in my emails. I'm pretty low on the totem pole.
If I had sensitive data on my phone...no questions asked, I would keep it p-word locked.
Click to expand...
Click to collapse
Your Exchange Admin (or you depending on the version of Exchange you're using) has the ability to remotely wipe your device in the event it gets stolen/lost.
Could anyone give a brief possible explanation of why I can connect to my exchange server easily using Touchdown, but not using the Android integrated Exchange Account Sync?
Sent from my PC36100 using XDA App
Just found this thread as I've encountered the same issue on a HTC Sensation, just setup Exchange ActiveSync, and bam, have to set up the PIN lock on the phone.
However I've noticed that once you've done it, you can then go into Settings, Security and change the timeout before it locks up to 1 hour (I think that is dependent on your company setting). Mine was defaulting to every time the screen locked, but changing it to 1 hour I find I hardly ever have to unlock the phone now apart from first thing in the morning as I tend to use it regularly through the day.
Is anybody know a way to unlock personlization in windows 8 without activating?
Lasanda said:
Is anybody know a way to unlock personlization in windows 8 without activating?
Click to expand...
Click to collapse
there is in app in the development and hacking windows 8 forum on xda... Its called ModernBackChanger
Just activate using a KMS activation.
Or you know, stop stealing software.
You unlock it by going to your closest best buy on October 26 and buying it
Sent from my SPH-D710 using xda app-developers app
ShinigamiH4ck3r said:
You unlock it by going to your closest best buy on October 26 and buying it
Sent from my SPH-D710 using xda app-developers app
Click to expand...
Click to collapse
Lmao
Sent from my primoc using xda app-developers app
redviper666 said:
Or you know, stop stealing software.
Click to expand...
Click to collapse
hacking is stealing now?
ohgood said:
hacking is stealing now?
Click to expand...
Click to collapse
I think the difference here is that if you actually purchase Windows 8 and activate it properly (which happens to be something you can do when you purchase a copy of Windows 8), that you don't need to "hack" the operating system to change the background.
So in this particular scenario, if you can't change the background on a copy of Windows 8 you are running, you either have not legitimately purchased a copy of Windows 8 (which is probably why you can't activate your copy and thus customize your background), or you are using a trial of some sort.
I'm gonna guess (and I think most people will also make this guess) that 95% of people that are looking to hack their copy of Windows 8 to change the background probably haven't gotten their copy through a legal method. Quite similar to people looking to remove the "Evaluation copy" watermark commonly found on unactivated or stolen copies of Windows.
Best way now is buying key
prjkthack said:
I think the difference here is that if you actually purchase Windows 8 and activate it properly (which happens to be something you can do when you purchase a copy of Windows 8), that you don't need to "hack" the operating system to change the background.
So in this particular scenario, if you can't change the background on a copy of Windows 8 you are running, you either have not legitimately purchased a copy of Windows 8 (which is probably why you can't activate your copy and thus customize your background), or you are using a trial of some sort.
I'm gonna guess (and I think most people will also make this guess) that 95% of people that are looking to hack their copy of Windows 8 to change the background probably haven't gotten their copy through a legal method. Quite similar to people looking to remove the "Evaluation copy" watermark commonly found on unactivated or stolen copies of Windows.
Click to expand...
Click to collapse
assumptions, and guessing. he may, I may, or you may have stolen a piece of gum in the third grade. that's about as relative at this point as the assumption that he's "stolen" something today.
I'm just curious what mechanisms are used to prevent customization, and why.
ohgood said:
assumptions, and guessing. he may, I may, or you may have stolen a piece of gum in the third grade. that's about as relative at this point as the assumption that he's "stolen" something today.
I'm just curious what mechanisms are used to prevent customization, and why.
Click to expand...
Click to collapse
i cant say the how, but they why is because microsoft isnt going to make it easy for you to get the full benefits of their os without paying for it. Even if its something as small as not being able to change the background. Obviously enough people care about that small thing that they might just go out and buy a copy. I doubt they will go out and buy it, but its a nice thought
I could tell you how to unlock the stuff BUT I may get banned for it.
He's not asking how to activate the software, he's not asking how to trick it into thinking it's activated, he's asking how to enable a feature so that he can customize his background because he hasn't purchased a key yet... Maybe he wants to explore all of the features of the OS before purchasing it... Whatever his reason is, there's nothing illegal about enabling desktop personalization on a non-activated copy of Windows 8. Just like there's nothing illegal about enabling the Aero Lite theme on an activated copy of Windows 8. Or any other tweak or hack that we come up with to do something that we're not supposed be able to do.
Anyways, I think the guy who made the stealing software comment was speaking to the person who suggested activation over KMS server, not the guy who posed the question... So, we can stop now.
xuninc said:
He's not asking how to activate the software, he's not asking how to trick it into thinking it's activated, he's asking how to enable a feature so that he can customize his background because he hasn't purchased a key yet... Maybe he wants to explore all of the features of the OS before purchasing it... Whatever his reason is, there's nothing illegal about enabling desktop personalization on a non-activated copy of Windows 8. Just like there's nothing illegal about enabling the Aero Lite theme on an activated copy of Windows 8. Or any other tweak or hack that we come up with to do something that we're not supposed be able to do.
Anyways, I think the guy who made the stealing software comment was speaking to the person who suggested activation over KMS server, not the guy who posed the question... So, we can stop now.
Click to expand...
Click to collapse
i would understand if the wallpaper feature was a major feature, but it isnt. Pretty much everyother feature is ready and working in the trial, and chances are if you dont like windows 8 without the wallpaper, your opinion wouldn't change if your able to change it. So if you like windows 8, just buy a key, most people qualify for the cheaper upgrade price anyway, so its not really that expensive. Plus if you actually buy it you dont ever have to worry about your copy becoming non genuine and shutting down, or getting an update that shuts you dont, like the antipiracy update in windows 7
xuninc said:
He's not asking how to activate the software, he's not asking how to trick it into thinking it's activated, he's asking how to enable a feature so that he can customize his background because he hasn't purchased a key yet... Maybe he wants to explore all of the features of the OS before purchasing it... Whatever his reason is, there's nothing illegal about enabling desktop personalization on a non-activated copy of Windows 8. Just like there's nothing illegal about enabling the Aero Lite theme on an activated copy of Windows 8. Or any other tweak or hack that we come up with to do something that we're not supposed be able to do.
Click to expand...
Click to collapse
Except that this particular part of this "personalization" feature is completely dependent on the successful purchase and/or activation of Windows 8. Therefore, in order to personalize the background, you do have to trick Windows into thinking that it has been legally purchased and activated.
This is not a uxtheme patch or something, this is a benefit that you get once you activate Windows 8. Any circumvention of that functionality is clearly not an intended function of a non-activated copy of Windows, and therefore anything you do to get around this is probably just as illegal as stealing Windows itself.
Now we can stop.
thread closed. we don't condone trying to bypass paid function.
prjkthack said:
Except that this particular part of this "personalization" feature is completely dependent on the successful purchase and/or activation of Windows 8. Therefore, in order to personalize the background, you do have to trick Windows into thinking that it has been legally purchased and activated.
This is not a uxtheme patch or something, this is a benefit that you get once you activate Windows 8. Any circumvention of that functionality is clearly not an intended function of a non-activated copy of Windows, and therefore anything you do to get around this is probably just as illegal as stealing Windows itself.
Now we can stop.
Click to expand...
Click to collapse
good lord man, hacking is not stealing! read it again!!!
Windows Phone 8 technically only allows apps to be installed from the marketplace.
However, Microsoft pretty much has left us with an avenue that would allow us to easily create our own custom 3rd party marketplaces.
With Windows Phone 8, Microsoft has introduced the "company app store" concept. This is originally intended to allow companies to easily distribute LOB applications to its employees.
http://www.windowsphone.com/en-US/business/custom-hub?wa=wsignin1.0
Note how the whole system pretty much relies on a certificate. Anyone with the certificate can sideload applications signed with said certificate.
Now this gives me the idea, why can't the homebrew community purchase their own certificate, and use it to create a 3rd party homebrew marketplace?
the_tyrant said:
Windows Phone 8 technically only allows apps to be installed from the marketplace.
However, Microsoft pretty much has left us with an avenue that would allow us to easily create our own custom 3rd party marketplaces.
With Windows Phone 8, Microsoft has introduced the "company app store" concept. This is originally intended to allow companies to easily distribute LOB applications to its employees.
http://www.windowsphone.com/en-US/business/custom-hub?wa=wsignin1.0
Note how the whole system pretty much relies on a certificate. Anyone with the certificate can sideload applications signed with said certificate.
Now this gives me the idea, why can't the homebrew community purchase their own certificate, and use it to create a 3rd party homebrew marketplace?
Click to expand...
Click to collapse
Let's bump this up, shall we? (Since I'm not going to bother making my own thread, if nobody is going to reply to it)
Here's what I've learned through my evaluation of the company app system. The requirements are simple:
-Company Dev Center account
--Requires that you have a legally registered company (e.g. an LLC), which is verified by Symantec
--$99 plus whatever fees are associated with the LLC
-Symantec Signing certificate
--Requires the company dev center account
--$299
This is actually much less than I thought, as I was expecting this to be limited to the enterprise. Rather, anyone with chump change and some legal papers can get a certificate that allows anyone to sideload apps.
The legal papers is where it gets complicated, unfortunately. If it were just the money, I'd honestly consider a fundraiser to start a homebrew store. The certificate simply needs to be used to sign the enrollment tokens (which are just provxml documents with the cert in them), the enrollment token needs to be distributed to the masses, and then the cert is used to sign all the 'brew. It could be setup pretty easily with an online system for registering devs, uploading xaps, and having them signed, for example.
But the requirement that I have an actual company makes things really complicated; I'm not sure how much verification Symantec does, but I'm under the impression a security firm like expects legal registration, which is not something I personally have, nor something I particularly want (LLC taxes are pretty steep these days)
So, here's the question. Does anyone out there have a "company" dev center account, or has played with "company apps", and is willing to experiment to see if this system would be at all useful for homebrew?
Curious to see if there's any interest. In theory, a WP8 Cydia-like app could be developed very easily
this sounds very interesting, though I do not have a company...yet. Does it have to be an LLC? I am thinking of starting an IT/computer repair company here in my town as a side business, not 100% sure yet, but considering it.
Jaxbot, you sly fox .
That's a great idea.
A couple issues to consider...
Might want to read through the WP Store T&C carefully. While those may very well be the only requirements to get a company account, I wouldn't be surprised if there are much more in the terms to keep one. In other words, distributing your app to non-employees could get your company account banned/disabled/revoked. I haven't done the leg work on this so not sure.
The VeriSign cert you get will likely have requirements to be maintained by a single person or group. Publishing the private key would almost certainly (and quickly) get this revoked. So you would either need to someone to manually sign/publish all the apps or figure out an automated process. That should be possible but would likely take a good bit of work to get going.
My $.02.
Jaxbot, did you get a WP8 device and if so, what model did you get ? I know you were trying to get one.
What would be interesting is to see what type of apps you can deploy with this. Could something like this open a full unlock or Interop unlock becase the corporate account could get those type of pemissions to their devices ?
Is this tyed to the Active Directory in anyway, knowing Microsoft each user might need an account in the Active Directory to be able to use the "Company Dev center"? There could be a lot of limits depending how you can connect to the server that runs it.
Do they have a test version ? Maybe that can be used in this case, just to see if it works and could use a deeper investment to get this working. If you could get me a full unlock from this, I surely would pay up a little for it.
DavidinCT said:
What would be interesting is to see what type of apps you can deploy with this. Could something like this open a full unlock or Interop unlock becase the corporate account could get those type of pemissions to their devices ?
Is this tyed to the Active Directory in anyway, knowing Microsoft each user might need an account in the Active Directory to be able to use the "Company Dev center"? There could be a lot of limits depending how you can connect to the server that runs it.
Do they have a test version ? Maybe that can be used in this case, just to see if it works and could use a deeper investment to get this working. If you could get me a full unlock from this, I surely would pay up a little for it.
Click to expand...
Click to collapse
I believe there are a few things you can do with corp apps that can't be done with regular ones but there's not much. Definitely not full interop unlock (at least not directly).
No. It's not tied to AD at all.
I don't think there's a "test" version. The $400 it would cost is chump change for any legit company. Microsoft could waive the $99 fee for someone they're working with but you'll still need the $299 cert and Symantec/VeriSign isn't gonna give that to you for free.
I'm just an end-user, but YEAH! Dev-unlock: $99. Full unlock: priceless. Definitely would pay a bit.
piaqt said:
I'm just an end-user, but YEAH! Dev-unlock: $99. Full unlock: priceless. Definitely would pay a bit.
Click to expand...
Click to collapse
This wouldn't be a full unlock. It would just allow devs to publish apps to an alternate marketplace and users that are not dev unlocked could easily download them.
RustyGrom said:
A couple issues to consider...
Might want to read through the WP Store T&C carefully. While those may very well be the only requirements to get a company account, I wouldn't be surprised if there are much more in the terms to keep one. In other words, distributing your app to non-employees could get your company account banned/disabled/revoked. I haven't done the leg work on this so not sure.
The VeriSign cert you get will likely have requirements to be maintained by a single person or group. Publishing the private key would almost certainly (and quickly) get this revoked. So you would either need to someone to manually sign/publish all the apps or figure out an automated process. That should be possible but would likely take a good bit of work to get going.
My $.02.
Click to expand...
Click to collapse
Correct. The ToS needs to be really well understood. Some people seem to imply that users outside the company are okay to enroll, but I'm not sure. However, I'm not really sure if the enrollment even touches MSFT's servers at all, and if T&C violations would cause a problem. Something that needs to be looked into. If it's a definite breach of T&C, I say it's not worth it. My $0.02
DavidinCT said:
Jaxbot, did you get a WP8 device and if so, what model did you get ? I know you were trying to get one.
Click to expand...
Click to collapse
Unfortunately no, all my research has been on the emulator. All my attempts to get my hands on a WP8 have proven fruitless so far.
What would be interesting is to see what type of apps you can deploy with this. Could something like this open a full unlock or Interop unlock becase the corporate account could get those type of pemissions to their devices ?
Click to expand...
Click to collapse
No, definitely not full unlock. Interop, I'm not sure. The apps are signed and installed, so I have no idea if ID_CAPs are limited. An app like Folders could definitely be deployed, though, with the new WP8 apis.
Is this tyed to the Active Directory in anyway, knowing Microsoft each user might need an account in the Active Directory to be able to use the "Company Dev center"? There could be a lot of limits depending how you can connect to the server that runs it.
Click to expand...
Click to collapse
No, you can enroll within active directory, it says that in the instructions.
Do they have a test version ? Maybe that can be used in this case, just to see if it works and could use a deeper investment to get this working. If you could get me a full unlock from this, I surely would pay up a little for it.
Click to expand...
Click to collapse
RustyGrom said:
This wouldn't be a full unlock. It would just allow devs to publish apps to an alternate marketplace and users that are not dev unlocked could easily download them.
Click to expand...
Click to collapse
What he said. Basically, it would give us homebrew apps that fit into the limitations of the SDK, but not necessarily the limitations of the certification requirements. Folders, Themes, etc. could likely be built. Apps such as CacheClearer and Tweaks, probably not, but again, I have no experimental research on this yet.
This presentation from BUILD (http://channel9.msdn.com/Events/Build/2012/2-014) should answer most of your questions. The phone does 'phone home' to Microsoft to check the publishers and apps installed. Also, capabilities are limited to "same as standard marketplace apps" however the 'company store' app can install apps and manage apps that have been published through it.
RustyGrom said:
This presentation from BUILD (http://channel9.msdn.com/Events/Build/2012/2-014) should answer most of your questions. The phone does 'phone home' to Microsoft to check the publishers and apps installed. Also, capabilities are limited to "same as standard marketplace apps" however the 'company store' app can install apps and manage apps that have been published through it.
Click to expand...
Click to collapse
55 minutes, exciting Thanks for that, though, clarifies a lot. In that case, then, it sounds like the company store app won't really have much useful information for us, as it sounds almost more restricted than I had originally hoped. In that case, then, "company apps" is probably not a worthwhile route to peruse. My 2 cents.
Terms and conditions for a company account
a. Internal Distribution. Subject to the terms of this Addendum and the Application Provider Agreement,
you may make Enterprise Applications internally available to your Employees. Enterprise Applications
may not be made available to consumers, other companies or the general public, except for vendors or
companies that are under contract with you to develop or test any Enterprise Applications. You are
responsible for any unauthorized distribution of the Certificate Software and Enterprise Applications
outside of the terms and conditions of this Addendum.
b. No Alternative Marketplace. You will not use the Certificate Software to: (i) make paid Applications that
are offered in the general Windows Phone Store available to your Employees; and (ii) make available
Enterprise Applications in a manner that harms the Windows Phone Store as determined by Microsoft
Yeah, MSFT thought about that idea WAY ahead already.
Termination. If you breach the terms of this Addendum and/or the Application Provider Agreement, Microsoft
may (a) revoke the certificates provided by Certificate Software; and/or (b) terminate your Enterprise Account immediately.
If that happens, every app installed will fail to work a day later.
Well it was a good thought guys. A damn good thought..
Since WP8 supports MMC, can we side load any temporary OS to read or execute from anything from it!?
nitin88g said:
Since WP8 supports MMC, can we side load any temporary OS to read or execute from anything from it!?
Click to expand...
Click to collapse
MMC? And seriously, go start another thread! Do NOT thread hijack! I can't stand it, seriously
MMC - Multimedia Card.
I am a MCSE, I wounder if there is a verson to learn how use it. Maybe they have a traning version so I could learn how to get it working on domain. This would be nice if I can try this and get a interop unlock by setting it up on my own domain..
DavidinCT said:
I am a MCSE, I wounder if there is a verson to learn how use it. Maybe they have a traning version so I could learn how to get it working on domain. This would be nice if I can try this and get a interop unlock by setting it up on my own domain..
Click to expand...
Click to collapse
Not possible. The apps you deploy will not get interop privileges.