Guest alphaflux Posted December 1, 2003 Report Share Posted December 1, 2003 Could someone using an MPx200 AT&T supplied phone in the US please post the default SecurityPolicy settings ? Pretty please, with sugar on! :lol: There has been quite a bit of controversy over the AT&T default policy, and I am just interested to know exactly how much the AT&T phone security policies differ from those of the locked and unlocked states of UK phones. I asked this under http://smartphone.modaco.com/viewtopic.php?t=97588, but figured a new thread would be more appropriate and would get a better response. :D Many thanks, Alphaflux. Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 5, 2003 Report Share Posted December 5, 2003 Sorry, I meant to respond, but I forgot. What do you mean by default? I mean I know what you mean but I changed them the minute I got it out of the box, and they haven't changed since, even with a reboot. whatta I have to do, do a hard reset in order to find out. what will that do to all my stuff? Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 5, 2003 Report Share Posted December 5, 2003 Hey salad_tosser, Thanks, it would be great if you could. As I say, I want these more out of interest than anything else, but they could prove useful for the UK community. :lol: The default parameters (those that would be applied after a hard reset) are not modified on the phone, so no matter what you do in modifying the registry or security settings, these values will not be altered ... and no, getting these settings does not require a hard reset of your phone. :D If a hard reset is performed, it does just that, and would require the complete re-installation of everything on your phone. Not something that I would ask anyone to do! I've done it enough times that I know for sure what a pain a rebuilt is. :cry: So, all that I need is a copy of the Mxip_OPERATOR_950.provxml (may have a number other than 950) file from the windows directory. This file does not contain anything specific to you and so you could send the whole file, although I really just need the paramters contained within the SecurityPolicy section of the file. What you send is up to you. :) As an example, the below is the UK version of the MPx200 policies: Thanks VERY much for replying to this. I've been dying to see what all the contoversy is about. :D If there is anything I can do in return let me know, I would like to return the favor. Alphaflux. Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 6, 2003 Report Share Posted December 6, 2003 ok h4xor, just don't mess with my phone :lol: In my Windows directory, I list files and it goes from mxip_smartfon_300.rgu to networks.cpl.xml. If my files are listed alphabetically, which they are, shouldn't the file you request be in betwixt these two files? Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 6, 2003 Report Share Posted December 6, 2003 wait--i f****ed up. it goes: mxip_oem_900.rgu mxip_smarfon_100.rgu mxip_smarfon_200.rgu mxip_smarfon_300.rgu networks.cpl.xml It isn't there that I can see. Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 6, 2003 Report Share Posted December 6, 2003 h4xor! Me! Never! :wink: Well I guess that proves the differences between the builds ! It was my understanding that the initialisation files all had the .provxml extension, but I guess that isn't the case! :shock: I fear I am beginning to ask too much now, but do any of these files contain the SecurityPolicy section ? My guess is that the mxip_oem_900.rgu would be the prime candidate. Thanks salad_tosser. Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 6, 2003 Report Share Posted December 6, 2003 to me, the only file that has a name that I recognize as being security related is security.cpl.xml and it does not resemble the sample you posted. the file you mentioned is follows shortly. first, however, i want to know how to lock my phone down. Please tell me that. also, i don't see any unique info about me or my phone number in hex or german or italian here, but if i am mistaken, please say so so i will know. here's the file you mentioned : REGEDIT4 [HKEY_CURRENT_USERControlPanelPowerOnWave] "on"=dword:1 "HeadSetProfileNotificationInitVol"=dword:3 "HeadSetProfileNotificationScript"="p" "NormalProfileNotificationInitVol"=dword:3 "NormalProfileNotificationScript"="p" [HKEY_LOCAL_MACHINESoftwareMicrosoftRIL] "PreferredBandSelection"=dword:1 [HKEY_CURRENT_USERControlPanelExternalLCD] "0410"=multi_sz:"Batteria principale scarica. Per impedire perdita di dati, sostituirla o ricaricarla secondo il manuale dell'utente.", "Batteria", "Sconosciuto", "SIM bloccata", "Immett. PIN", "Errore SIM", "Inserire SIM", "Mod. aereo", "Ricerca", "No serv.", "Profilo :", "Pross. appunt.:", "Volume:", "Conferenza", "Conversaz.", "Chiamata", "Composizione" "0407"=multi_sz:"Hauptakku sehr schwach. Um Datenverlust zu vermeiden, mussen die Akkus gemas Anleitung ausgetauscht oder wieder aufgeladen werden.", "Akku", "Unbekannt", "SIM gesperrt", "PIN eingeben", "SIM-Fehler", "SIM eins.", "Flugz.-Mod.", "Suche", "Kein Netz", "Profil :", "Nachst. Term.:", "Lautstarke:", "Konferenz", "Spreche", "Rufe", "Wahle" "040c"=multi_sz:"Pile principale vide. Pour eviter toute perte possible de donnees, changez ou rechargez vos piles selon le mode d'emploi.", "Pile", "Inconnu", "SIM BLOQUE", "Entr BROCHE", "Eechec SIM", "Inserer SIM", "Mode Avion", "Recherche", "Sans Service", "Profile :", "RV suivant:", "Volume:", "Conference", "Conversation", "Appel", "Composition" "040a"=multi_sz:"Bateria principal muy baja, cambiar o recargar sus baterias de acuerdo al manual de usuario.", "Bateria", "Desconocido", "SIM ENG.", "Entrar PIN", "Falla SIM", "Insertar SIM", "MODO AER.", "Buscando", "No Servicio", "Perfil :", "Proxima Cita :", "Volumen:", "Reunion", "Hablando", "Llammando", "Discando" "0809"=multi_sz:"Main Battery very low. To prevent possible data loss, replace or recharge your batteries according to the owner's manual.", "Battery", "Unknown", "SIM LOCKED", "Enter PIN", "SIM Failure", "Insert SIM", "Airplane Mode", "Searching", "No Service", "Profile :", "Next Appt. :", "Volume:", "Conference", "Talking", "Calling", "Dialing" "0409"=multi_sz:"Main Battery very low. To prevent possible data loss, replace or recharge your batteries according to the owner's manual.", "Battery", "Unknown", "SIM LOCKED", "Enter PIN", "SIM Failure", "Insert SIM", "Airplane Mode", "Searching", "No Service", "Profile :", "Next Appt. :", "Volume:", "Conference", "Talking", "Calling", "Dialing" "FlipLogo"=dword:0 "Style"=dword:2 [HKEY_CURRENT_USERControlPanelOpenPhoneAction] "OpenAns"=dword:1 [HKEY_CLASSES_ROOTCLSID{2B327B33-5CBC-41ed-B034-1DAF6EF149B3}InprocServer32] @="oemcsp.DLL" [HKEY_CLASSES_ROOTOEMCLSID] @="{2B327B33-5CBC-41ed-B034-1DAF6EF149B3}" [HKEY_CURRENT_USERSoftwareMicrosoftATCmdInt] "RLSDOffTimeoutMS"=dword:c350 [HKEY_LOCAL_MACHINESoftwareMicrosoftATCIUI] "LastBaudRateIndex"=dword:8 "LastConnectionIndex"=dword:0 "ImplementationDLLs"="" "Connections"=multi_sz:"IrCOMM|COM3:|", "USB|COM8:|" "WarningDisplayed"=dword:0 [HKEY_LOCAL_MACHINESoftwareMicrosoftResOver410] "11"="Inserire SIM ¡V solo chiamate emergenza" [HKEY_LOCAL_MACHINESoftwareMicrosoftResOver407] "11"="SIM einsetzen ¡V sonst nur Notruf moglich" [HKEY_LOCAL_MACHINESoftwareMicrosoftResOver40c] "11"="Inserer SIM ¡V Appels d'urgence uniquement" [HKEY_LOCAL_MACHINESoftwareMicrosoftResOver40a] "11"="Insertar SIM- Llamadas de emergencia solamente" [HKEY_LOCAL_MACHINESoftwareMicrosoftResOver809] "11"="Insert SIM - Emergency Calls Only" [HKEY_LOCAL_MACHINESoftwareMicrosoftResOver409] "11"="Insert SIM - Emergency Calls Only" [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionInternet SettingsCacheContent] "CachePath"="WindowsTemporary Internet Files" [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionInternet SettingsCacheContent] "CachePrefix"="" "CacheLimit"=dword:1f4 [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain] "NoNewWindows"=dword:1 [HKEY_LOCAL_MACHINESYSTEMGDIGLYPHCACHE] "limit"=dword:8000 [HKEY_LOCAL_MACHINEDriversBuiltInmux2] "Index"=dword:2 "Order"=dword:3 "Dll"="mux.dll" "Prefix"="MUX" [HKEY_LOCAL_MACHINEDriversBuiltInmux1] "Index"=dword:1 "Order"=dword:3 "Dll"="mux.dll" "Prefix"="MUX" [HKEY_LOCAL_MACHINEDriversBuiltInVirtCOM] "Index"=dword:9 "Order"=dword:4 "Prefix"="COM" "Dll"="rilgsm.dll" [HKEY_CURRENT_USERControlPanelBacklight] "ACTimeout"=dword:927c0 "BatteryTimeout"=dword:1388 [HKEY_CURRENT_USERControlPanelPower] "Display"=dword:ea60 [HKEY_LOCAL_MACHINEDriversBuiltInFlshDrv] "IOCTL"=dword:f "Order"=dword:1 "Index"=dword:1 "FSD"="PSMFSD.DLL" "Prefix"="PSM" "Dll"="FlshDrv.dll" [HKEY_LOCAL_MACHINECommDefaultConnections] "`Infrared Port"=multi_sz:"Infrared Port", "115200" [HKEY_LOCAL_MACHINECommIrsir1Parms] "TransceiverType"=dword:0 "IntIR"=dword:1 "Port"=dword:4 "BusType"=dword:0 "BusNumber"=dword:0 [HKEY_LOCAL_MACHINEDriversBuiltInIrCOMM] "Index"=dword:3 [HKEY_LOCAL_MACHINECommIrsir1] "ImagePath"="irsir.dll" "Group"="NDIS" "DisplayName"="Irsir1 (irsir.dll)" [HKEY_LOCAL_MACHINECommIrsirLinkage] "Route"=multi_sz:"Irsir1" [HKEY_LOCAL_MACHINECommIrsir] "ImagePath"="irsir.dll" "Group"="NDIS" "DisplayName"="Serial (COM) IrDA Driver" [HKEY_LOCAL_MACHINECommIrDALinkage] "Bind"=multi_sz:"Irsir1" [HKEY_LOCAL_MACHINECommIrDA] "Index"=dword:1 [HKEY_LOCAL_MACHINEDriversBuiltInRIL] "Index"=dword:1 "Order"=dword:5 "Prefix"="RIL" "Dll"="rilgsm.dll" [HKEY_LOCAL_MACHINESoftwareMicrosoftRIL] "DLCII"="MUX2:" "ComPort"="MUX1:" [HKEY_LOCAL_MACHINEDriversBuiltIngti7] "Index"=dword:7 "Order"=dword:2 "Dll"="GSMTI.Dll" "Prefix"="GTI" [HKEY_LOCAL_MACHINEDriversBuiltIngti5] "Index"=dword:5 "Order"=dword:2 "Dll"="GSMTI.Dll" "Prefix"="GTI" [HKEY_LOCAL_MACHINEDriversBuiltIngti2] "Index"=dword:2 "Order"=dword:2 "Dll"="GSMTI.Dll" "Prefix"="GTI" [HKEY_LOCAL_MACHINEDriversBuiltIngti1] "Index"=dword:1 "Order"=dword:2 "Dll"="GSMTI.Dll" "Prefix"="GTI" [HKEY_LOCAL_MACHINEControlPanel] "InputConfig"=dword:1 [HKEY_LOCAL_MACHINEDriversBuiltInSerialIrdaUnimodem] "DevConfig"=hex:10,0,0,0,5,0,0,0,10,1,0,0,0,4b,0,0,0,0,8,0,0,0,0,0,0 "FriendlyName"="Serial/Infrared on COM4:" "DeviceType"=dword:0 "Tsp"="Unimodem.dll" [HKEY_LOCAL_MACHINEDriversBuiltInSerialIrda] "DevConfig"=hex:10,0,0,0,5,0,0,0,10,1,0,0,0,4b,0,0,0,0,8,0,0,0,0,0,0 "FriendlyName"="Serial/Infrared on COM4:" "DeviceArrayIndex"=dword:2 "Index"=dword:4 "Order"=dword:0 "Dll"="Serial.Dll" "Prefix"="COM" [HKEY_LOCAL_MACHINEDriversBuiltInSerialUnimodem] "DevConfig"=hex:10,0,0,0,5,0,0,0,10,1,0,0,0,4b,0,0,0,0,8,0,0,0,0,0,0 "FriendlyName"="Serial Cable on COM1:" "DeviceType"=dword:0 "Tsp"="Unimodem.dll" [HKEY_CURRENT_USERControlPanelComm] "Cnct"="`USB" [HKEY_LOCAL_MACHINECommDefaultConnections] "`USB"=multi_sz:"Serial on USB", "115200" [HKEY_LOCAL_MACHINEinit] "Launch97"="usbcnect.exe" [HKEY_LOCAL_MACHINEDriversBuiltInUSBSerial2] "DevConfig"=hex:20,0,0,0,5,0,0,0,10,1,0,0,0,4b,0,0,0,0,8,0,0,0,0,0,0 "FriendlyName"="Serial on USB" "DeviceArrayIndex"=dword:1 "Index"=dword:7 "Order"=dword:0 "Dll"="usbc.Dll" "Prefix"="COM" "DeviceType"=dword:0 "Tsp"="Unimodem.dll" [HKEY_LOCAL_MACHINEDriversBuiltInUSBSerial] "DevConfig"=hex:20,0,0,0,5,0,0,0,10,1,0,0,0,4b,0,0,0,0,8,0,0,0,0,0,0 "FriendlyName"="Serial on USB" "DeviceArrayIndex"=dword:0 "Index"=dword:8 "Order"=dword:0 "Dll"="usbc.Dll" "Prefix"="COM" "DeviceType"=dword:0 "Tsp"="Unimodem.dll" [HKEY_LOCAL_MACHINEDriversBuiltInsdmmc] "Ioctl"=dword:4 "Index"=dword:1 "Order"=dword:0 "FSD"="fatfs.dll" "Dll"="sdmmc.dll" "Prefix"="DSK" [HKEY_LOCAL_MACHINESoftwareAppsTracerLoader] "AutoRun"=dword:1 [HKEY_LOCAL_MACHINEinit] "Depend32"=hex:14,0,1e,0 "Launch32"="TracerLoader.exe" [HKEY_LOCAL_MACHINEDriversBuiltInWaveDev] "Order"=dword:0 "Index"=dword:1 "Dll"="wavedev.dll" "Prefix"="WAV" [HKEY_LOCAL_MACHINEDriversBuiltInSPI] "Index"=dword:1 "Order"=dword:0 "Dll"="spi.dll" "Prefix"="SPI" [HKEY_LOCAL_MACHINEDriversBuiltIngpio4] "DeviceArrayIndex"=dword:4 "Index"=dword:4 "Order"=dword:0 "Dll"="GPIO.DLL" "Prefix"="GIO" [HKEY_LOCAL_MACHINEDriversBuiltIngpio3] "DeviceArrayIndex"=dword:3 "Index"=dword:3 "Order"=dword:0 "Dll"="GPIO.DLL" "Prefix"="GIO" [HKEY_LOCAL_MACHINEDriversBuiltIngpio2] "DeviceArrayIndex"=dword:2 "Index"=dword:2 "Order"=dword:0 "Dll"="GPIO.DLL" "Prefix"="GIO" [HKEY_LOCAL_MACHINEDriversBuiltIngpio1] "DeviceArrayIndex"=dword:1 "Index"=dword:1 "Order"=dword:0 "Dll"="GPIO.DLL" "Prefix"="GIO" [HKEY_LOCAL_MACHINESystemGDIDrivers] [HKEY_LOCAL_MACHINEDriversDmaClientDisplaySecondary] "nDstMemType"=dword:0 "nSrcMemType"=dword:0 "bMonitor"=dword:0 "nDataType"=dword:0 "nDirection"=dword:0 "bElemSync"=dword:0 "nPeriId"=dword:0 [HKEY_LOCAL_MACHINEDriversDmaClientDisplayPrimary] "nDstMemType"=dword:0 "nSrcMemType"=dword:0 "bMonitor"=dword:0 "nDataType"=dword:0 "nDirection"=dword:0 "bElemSync"=dword:0 "nPeriId"=dword:0 [HKEY_LOCAL_MACHINEDriversDmaClientUSBCRx] "nDstMemType"=dword:1 "nSrcMemType"=dword:1 "bMonitor"=dword:1 "nDataType"=dword:0 "nDirection"=dword:3 "bElemSync"=dword:1 "nPeriId"=dword:5 [HKEY_LOCAL_MACHINEDriversDmaClientUSBCTx] "nDstMemType"=dword:1 "nSrcMemType"=dword:1 "bMonitor"=dword:0 "nDataType"=dword:0 "nDirection"=dword:2 "bElemSync"=dword:0 "nPeriId"=dword:5 [HKEY_LOCAL_MACHINEDriversDmaClientSerialIrdaRx] "nDstMemType"=dword:1 "nSrcMemType"=dword:1 "bMonitor"=dword:0 "nDataType"=dword:0 "nDirection"=dword:3 "bElemSync"=dword:1 "nPeriId"=dword:2 [HKEY_LOCAL_MACHINEDriversDmaClientSerialIrdaTx] "nDstMemType"=dword:1 "nSrcMemType"=dword:1 "bMonitor"=dword:0 "nDataType"=dword:0 "nDirection"=dword:2 "bElemSync"=dword:0 "nPeriId"=dword:2 [HKEY_LOCAL_MACHINEDriversDmaClientwavedevRecord] "nDstMemType"=dword:1 "nSrcMemType"=dword:1 "bMonitor"=dword:0 "nDataType"=dword:1 "nDirection"=dword:3 "bElemSync"=dword:1 "nPeriId"=dword:8 [HKEY_LOCAL_MACHINEDriversDmaClientwavedevPlay] "nDstMemType"=dword:1 "nSrcMemType"=dword:1 "bMonitor"=dword:0 "nDataType"=dword:1 "nDirection"=dword:2 "bElemSync"=dword:1 "nPeriId"=dword:8 [HKEY_LOCAL_MACHINEDriversBuiltIndma] "Index"=dword:1 "Order"=dword:0 "Dll"="DMA.Dll" "Prefix"="DMA" [HKEY_LOCAL_MACHINEPlatform] "Type"="PERSEUS1" "Name"="OMAP Reference Platform for Microsoft Windows CE" [HKEY_LOCAL_MACHINESoftwareMicrosoftSpeech] "Engine"="{91458A0C-948C-42ae-B3A1-542423117D47}" [HKEY_CLASSES_ROOTCLSID{91458A0C-948C-42ae-B3A1-542423117D47}InprocServer32] @="sapi.dll" [HKEY_CLASSES_ROOTCLSID{91458A0C-948C-42ae-B3A1-542423117D47}] @="CM SAPI" [HKEY_LOCAL_MACHINESoftwareMicrosoftssupdate] "BatteryLate"=dword:ffffffff "BatteryEarly"=dword:ffffffff Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 6, 2003 Report Share Posted December 6, 2003 DOH! Sorry, when I replied last night it was late and I was having a dim moment! Nothing new there then! :wink: You can't see the provxml files because you don't have the "Show hidden files and Folders" option enabled in explorer. (Under the tools menu, options, on the dialog that opens). Once this has been enabled the provxml files will be visible. :lol: And, no, don't worry the file you posted does't contain any personal information. None of the files present in the Windows directory will, as they are refreshed from ROM each time the phone is reset. :D Sorry for being a little slow in picking that up. :roll: Your help is appreciated. --- As regards locking your phone, it very much depends on how much you want to lock it ... and against what. You can lock it to prevent unsigned applications from running, prevent the installation of unsigned cabinets, prevent applications from gaining elevated privileges, prevent the installation of themes etc. I am unsure as to what applications you run on the phone, and as such don't know whether any of them are unsigned. If you currently run anything like Pocket TV, or any number of utilities or games out there ... locking your phone will prevent these applications from functioning. As you know the UK phones are locked against unsigned applications by default, which is why we had to find a way to unlock them! :wink: The main thing you would want to prevent against is applications getting elevated rights on the phone, with which they are able to call restricted APIs. I can certainly help if this is something you really want to do ... but could do with knowing whats currently in place first. :wink: :) Thanks again, Alphaflux. Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 6, 2003 Report Share Posted December 6, 2003 Ok, I have no applications in place. It's all factory-original. I just use the phone for its business functionality (i.e., syncing). I am not a gamer, but I would use PGP or http://www.securstar.com/products_pocketcrypt.php were the available for my device. As for now, I am happy enough with the phone's stock capabilities. My goal is to not have to worry about virii, worms, and trojans. So, what should I do, and how do I do it? Here is your file: Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 6, 2003 Report Share Posted December 6, 2003 Thats excellent, thank you so much. Just what I wanted. :lol: Sorry for the initial confusion on this, put my brain in gear and everything clicks into place. :wink: I have an xmas party to attend in a couple of hours 8), and will as such will not have time to work on these today. Have to get ready to party! ...but I will work through these permissions tomorrow morning and I'll send you a lock solution for your phone then. It will come in the form of a cabinet to install on your phone, much the same as the UK unlock version ... but with slightly adjusted parameters. Many thanks again Salad_tosser. :D Alphaflux. Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 6, 2003 Report Share Posted December 6, 2003 Ummm...nothin' personal, but how do i know your cabinet is not a trojan? can you just send me the directions. maybe i would learn something anyway. Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 8, 2003 Report Share Posted December 8, 2003 Sorry for the delay in getting back to you. I haven't forgotten, but was rather under the weather yesterday. :cry: I quite understand your comments; and agree I could be anyone, so why should you trust me. That’s why you want to lock it in the first place, right. :wink: Anyway … locking your phone isn't that hard, but does require a compression tool capable of making Microsoft cabinets. I am afraid you'll have to find one of those yourself; as the tools I have are licensed and as such are not re-distributable. Once you have a compression tool ... All you have to do is put the below lines in a file called _setup.xml and create a cabinet containing that file. Then copy the created cabinet to IPSMWindowsStart MenuAccessories directory and using the program list on your phone to browse to and run the file. Simple hey! :lol: _setup.xml file contents: Explanation ... Setting the 4102 parameter to 0 will prevent your phone from running unsigned applications; that is applications that have not been explicitly signed with a trusted certificate. Setting the 4119 parameter to 298 will prevent your phone from allowing cabinets that have not been signed from installing. WARNING: If you allow set this parameter, then changing the security policy on your phone via this method again will NOT be possible ... but will obviously provide the greatest level of security on your phone. With the above warning in mind ... If you just wish to lock your phone against unsigned applications, which does provide a level of protection, but not the best ... then all you have to do is omit the line containing 4119. The other parameters should remain untouched and as such do not need to be contained in the _setup.xml file. They relate to various other security topics, such as OTA management, message authentication, service loading, manager, remote API, etc, etc, policies and are of no concern (unless you want to stop the operator from performing actions on your phone too). Hope that’s what you are looking for. Let me know if there is anything else you need, or are unsure of. I still hold open the offer to create the cabinet for you, after all, knowing what it is and does you will be able to check it yourself. Alphaflux. Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 8, 2003 Report Share Posted December 8, 2003 FYI: ZipWrangler from CursorArts seems to be capable of creating cabinet files, and is free too ! :wink: Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 8, 2003 Report Share Posted December 8, 2003 ok, send me the cab please. i will extract, view and install assuming you didn't put a rootkit in it. :lol: thanks for your help and effort! [email protected] Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 8, 2003 Report Share Posted December 8, 2003 Ok, no problem. I will get that posted a little later tonight. Just one thing, did you want it with or without unsigned cabinet lock protection ? Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 8, 2003 Report Share Posted December 8, 2003 what are the practical and theoretical risks of allowing an unsigned cab file to load. what type of exploit would use this (active x?). are there any paricular 'sploits that have used this method on mobiles? i tend to be cautious; i don't anticipate buying after-market software for my mpx200, but that could change as I become more and more hooked. were the apps available, i would encrypt all of my data, install tripwire, a firewall, and snort. what do you say or recommend? Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 9, 2003 Report Share Posted December 9, 2003 I decided to produce both. Find attached. :lol: Have a think about it, but if you decide to go with the HARD lock option, please make sure this is what you really want to do. A hard reset of the phone will be the only way to undo the changes. Alphaflux.AT&T MPx200 SOFT Lock.CABAT&T MPx200 HARD Lock.CAB Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 9, 2003 Report Share Posted December 9, 2003 Sorry didn't refresh the page, so only just seen your post. Well, to my knowledge at this time there are no threats to smartphones via unsigned cabinets or applications. However, I appreciate that it is probably only a matter of time; I only hope I am wrong. It is worth noting that smartphones have been around for a while now, and to my knowledge, nothing has appeared yet. One thing is for sure; if we do start to see problems with malicious code on smartphones, virus scanner and firewall software won't be far behind. :cry: As regards exploits, to be honest, that’s what this does ...:lol: Exploits a way to get the OS to update protected registry entries (This works because wceload.exe, which performs the installation, runs at kernel privilege). This could potentially mean that someone else could use this exploit for more sinister purposes, but at this time I can't really think of anything else that could be gained from write access to these parts of the registry. So, on to the risks of allowing unsigned cabinets … A cabinet installation file is capable of running configuration applications etc during an installation session. Any application contained in the cabinet would also be unsigned and so that would fail because of the application lock. However, because of the above exploit, potentially the installation script could reverse the application lock parameter first and then run one of the contained applications. Adding the cabinet lock is obviously a great deal better protection, but comes at the price of a hard reset if your phone usage habits change. Alphaflux. Link to comment Share on other sites More sharing options...
Guest salad_tosser Posted December 9, 2003 Report Share Posted December 9, 2003 The malicious 'sploits will be here soon enough. Nice doin' business with you. salad_tosser Link to comment Share on other sites More sharing options...
Guest alphaflux Posted December 9, 2003 Report Share Posted December 9, 2003 You too. :wink: Thanks. Alphaflux. Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now