Guest The PocketTV Team Posted April 25, 2003 Report Posted April 25, 2003 Microsoft confirmed the following problem: KernelIOControl(IOCTL_HAL_GET_DEVICEID...) can only be used by trusted applications. This means that non-trusted applications cannot have access to the smartphone's unique device ID in order to implement efficuent copy protection. > 1) What is the rational for not allowing un-trusted apps to get > the unique id ? MS: The explanation seems to be that they made a blanket decision to make all cellcore APIs privileged...
Guest awarner [MVP] Posted April 25, 2003 Report Posted April 25, 2003 Moved from Bugtrack to Main as this is not a bug but a decision my MS.
Guest Soyale Posted April 26, 2003 Report Posted April 26, 2003 I believe you can use SMSGetPhoneNumber if your application is signed. You can also use the ExTAPI interface to get the IMEI number. I think the reason to lock down the KernelIOControl function is that it is pretty hardcore, for example you can hard reset the device from software using it! I also don't think it's part of the cellcore library though. HTH jp
Guest The PocketTV Team Posted April 26, 2003 Report Posted April 26, 2003 Thanks. > I believe you can use SMSGetPhoneNumber if your application is signed. You can also use the ExTAPI interface to get the IMEI number. It's the same as IOCTL_HAL_GET_DEVICEID, your application needs to be not only signed, but trusted, in order to get access to the IMEI number. > I think the reason to lock down the KernelIOControl function is that it is pretty hardcore, for example you can hard reset the device from software using it! I also don't think it's part of the cellcore library though. Yes, but I think blanker decisions like that are not good. Accessing the UniqueID of a device is not dangerous at all and should not require trusted provileges. Haveing access to a unique devide id is the only way to implement efficient copy protection, and this is why this was added in Pocket PC 2002 (it was not in Pocket PC 2000). So making it un-available to non-trusted apps on the smartphone is a non-sense. I understand the technical side, i.e. they decided to require trust for all the KernelIOControl functions. What I don't understand is why MS did not provide a regular function (not KernelIOControl) to get access to the device unique id.
Guest madu Posted April 28, 2003 Report Posted April 28, 2003 Sounds more like developer stuff, moved to dev...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now