Related
I saw this product mentioned on infosync, and it got me thinking that with your growing knowledge of the Phone Edition's inner workings that something like this might be possible on the XDA:
PsiLOC+ miniGPS
(in case you don't want to visit the page)... Basically they are using information about which cell towers are in range to trigger events. They give some nice examples, like having an alarm go off when you get close to your train stop (that way even if the train's delayed and you're asleep you still get the "wake-up call" when you're near your destination.) Or how about having the phone turn the volume down (and switch to vibrate) automatically whenever you're in church or your favorite movie theater.
You could do the XDA a great service just making details of how to get at the relevant information (area ID and cell ID) public, if they aren't already...
CellID and other network info
At the lowest layer, there seem to be no AT commands to get network-related information. And at the TAPI layer (the only one an application can easily get to), this information is, as far as we know, unavailable.
We're working on understanding the modem better, and one of the aims of this endavour is precisely this: getting the CellID for location-based stuff.
Stay tuned (but don't hold your breath)
Surely not?
Surely the only communication with the radio stack isn't via AT commands. Is there no low level api, IO ports, DMA, interrupts etc? How, for example, is the voice stream delivered to the radio stack?
Would it be possible to write a kernel mode driver for these services?
I won't teach you to suck eggs, but maybe a few ideas.
Well... As we see it now all communication with the modem may well be multiplexed in one serial 115.200 bps serial stream. We're working on it...
On my Nokia 6210 I've installed Network-monitor. It shows easily this kind of information.
see this:
http://www.logomanager.co.uk/help/Tools/NetMonMenus.html
localization??? it's already there!
look:
http://www1.o2.ie/products_services/location_services
Re: localization??? it's already there!
kimmie said:
http://www1.o2.ie/products_services/location_services
Click to expand...
Click to collapse
These services are network based: i.e. the network knowing where the phone is. This is different than the phone autonomously figuring out where it is, without help from the network.
Depending on the provider, maps with cellIDs may be available.
serial stream.
XDA Developer, I'd like to be involved in the investigation of the modem. This interests me a great deal.
Not hot on hardware, but I can do some dissassembly and stuff like that.
[email protected]
Disassembly would be a lot easier if you set yourself up with a dev system for ATI Nucleus (which I'm told is the embedded OS for the radio stack).
I have a Nucleus setup here but it's geared toward PowerPC as the target. Anybody know what kind of processor is in the radio module? Is the DSP ("TI HERCROM") what's running Nucleus? According to ATI's site all of the dev tools for that port are maintained by TI. The chip has a JTAG interface, so that would make emulation a possibility, and might help. TI's tools for these things are historically free (they want you to buy chips, after all) but I haven't dug any deeper than this right now.
A 4 meg code space is quite a lot to have to wade through, and it's looks like they're using most of it.
Anyone who upgraded their T-Mobile device using the latest update has easy access to the radio stack ROM image, since it lives in the Windows directory after the CE OS upgrade and never gets deleted. There's a file called rsupgrade.cp64 (3.83 MB) which contains the code being squirted into the radio module's ROM by rsupgrade.exe after the first soft-reset.
hi all!
i just wanted to ask if there is any way to change the ID of the pocketpc.
why i ask: i just upgraded to ppc2003 and after i did it my ID has changed. and that's a real mess because i use a piece of software that needs to be activated (and therefore calculates a code that includes the ID). that wouldn't be THAT bad - but you are allowed to request a code change only ONCE. a real pain in the a**.
so: is there a way to change the numer back to what it was before?
and another Q: can you confirm what i heard, that with ppc2003 the ID changes with every COLD reset (disconnect from battery) ? i was too afraid to try *g* (=no more chance for a new code)
thanx!
regards ize|man
ID and cold booting
Yes, I've seen that too, but also with PPC2002: every cold reset there's a new ID. So every time I need to delete the old ActiveSync association and create a new one, which is annoying if you flash a new ROM a few times a day.
If someone finds out how the system generates a new ID, and how to overwrite it, we'll create a small app that sets it to some constant value which you can supply when you create your ROM. Maybe even use adaptROM for it so that it asks the old ID and makes sure the new ROM wakes up with the same ID. Hmmmm....
that would be very cool. it HATE that behaviour.
thanx!
regards ize|man
I'm looking for some screen locking and encryption software for Windows Mobile 6 (or 6.1).
I'm looking for software that will lock the screen and buttons when the PDA is turned on, and require a password, either PIN or button entry.
I would also especially like a poison pill where the system would hard reset after a number of password failures, or failing that, at the very least it would autodelete the internal memory and PIM data. It would also be great if such a program had an OEM install for adding to one of DCDs ROMs, but that's more wishful thinking than an actual requirment.
I would be willing to pay for this software, but freeware is my first choice for obvious reasons.
Thanks to anyone who can help out.
Currently running Telus P4000 (aka Titan) with DCD 2.3.2, but willing to reflash to get the security software runing if necessary.
ncotton said:
I'm looking for some screen locking and encryption software for Windows Mobile 6 (or 6.1).
I'm looking for software that will lock the screen and buttons when the PDA is turned on, and require a password, either PIN or button entry.
I would also especially like a poison pill where the system would hard reset after a number of password failures, or failing that, at the very least it would autodelete the internal memory and PIM data. It would also be great if such a program had an OEM install for adding to one of DCDs ROMs, but that's more wishful thinking than an actual requirment.
I would be willing to pay for this software, but freeware is my first choice for obvious reasons.
Thanks to anyone who can help out.
Currently running Telus P4000 (aka Titan) with DCD 2.3.2, but willing to reflash to get the security software runing if necessary.
Click to expand...
Click to collapse
I don't know about a program will hard reset the phone on failure to authenticate, that is a hard one. But your phone should already have a security feature were you can add a pin to lock your phone or add a longer password.
Every time you boot up it will prompt you for a password.
built in security
The built in security can be bypassed by connecting to activesync, which is one of the reasons I want to replace it.
ncotton said:
The built in security can be bypassed by connecting to activesync, which is one of the reasons I want to replace it.
Click to expand...
Click to collapse
How can you bypass it through active sync?
I mean when I set the password and connected through active sync, it wouldn't sync or read unless i typed in the pin on my phone. It prompted me first and if i was unsuccessfull it would kick me off and not let active sync work.
PIN entry on PC
It's also possible to enter the PIN from the PC side (at least with WMDC on vista), which means it's easy to brute force the PIN.
There are programs that can do this, matter of fact, there are security programs out there that can remotley flash your phone should it ever get stolen or lost. Normally they are set up that you send a certain text mesage to your phone and it wipes itself clean. I just did a google search and found this: mSecure PDA
Features:
Function
Enforces security policies Windows Mobile, Palm OS and Symbian devices
Broad platform support including Windows Mobile, Palm OS
Reliable and automatic data protection, without downgrading the user experience
Protection on device or removable media using centrally-controlled, policy-based security
Remote data destruction if device is lost, stolen or subject to misuse
Sadly
"You're just a couple of steps away from an mSuite trial... Remeber that mSuite is for Enterprises only, requires a minimum of ten users for purchase and as an installer you will need Administrator rights to your corporate server. "
Click to expand...
Click to collapse
Cite
The price is ok, if I only had to buy it once that is. It seems like most of the software that does this is enterprise only.
There's another one called SafeGuard PDA but they discontinued the single user version before they got to WM6 compatability (and the WM5 version absolutely kills a WM6 device).
WM5
For anyone running WM5 who's looking at this thread someday, PocketSecure is a great program that does pretty much everything I was looking for but sadly isn't compatible with WM6 (or at least, the version I'm using anyway).
And I thought the cold war was over.
It seems if you guys want to get some James Bond gadgetry on your phones.
I understand this because we keep highly value data in our phones, but even if we do lose our phone they are is always a way to crack any locking mechanism or security measure if they have physical access to your device.
I mean if the other person is smart enough to do so.
True enough
I'm not planning on keeping national secrets on my PDA, it's just that I would like to keep some phone numbers on there that I don't want someone stumbeling upon if I'm draft enough to lose my phone or someone is quick enough to lift it.
The annoying thing is that there's a lot of decent software like this for Palm platforms. (TealLock, etc).
ncotton said:
I'm not planning on keeping national secrets on my PDA, it's just that I would like to keep some phone numbers on there that I don't want someone stumbeling upon if I'm draft enough to lose my phone or someone is quick enough to lift it.
The annoying thing is that there's a lot of decent software like this for Palm platforms. (TealLock, etc).
Click to expand...
Click to collapse
All security measures should start at the physical level. By not allowing others to steal our phones or lose them, but if you feel that you need software to secure your phone in any way check out.
http://www.handango.com/SoftwareCat...E97X&platformId=2&osId=993&N=4294913805+95886
they have many types of software that could help you. It is a start, better to be protected then not.
[email protected]$
Sorry mate, I'm not sure if I'm just missing something there or if I didn't what I'm looking for properly...
I've looked through the handango store and while it's got plenty of good software for encrypting a file (word doc etc) and plenty of good stuff for storing extra data like passwords and credit card info, all I really want is something that will lock the PDA and the built in PIM (contacts mainly) inforamation.
I'm *not* looking for a way to encrypt my storage card or individual files in main memory (and I've already got a password managent program that encypts that data and syncs it with my laptop).
P.S. It's not like I don't plan on keeping my phone secure, but the idea is that good security STARTS with physical security, it doesn't end there.
ncotton said:
Sorry mate, I'm not sure if I'm just missing something there or if I didn't what I'm looking for properly...
I've looked through the handango store and while it's got plenty of good software for encrypting a file (word doc etc) and plenty of good stuff for storing extra data like passwords and credit card info, all I really want is something that will lock the PDA and the built in PIM (contacts mainly) inforamation.
I'm *not* looking for a way to encrypt my storage card or individual files in main memory (and I've already got a password managent program that encypts that data and syncs it with my laptop).
P.S. It's not like I don't plan on keeping my phone secure, but the idea is that good security STARTS with physical security, it doesn't end there.
Click to expand...
Click to collapse
Hmm I have looked for some apps that describe your needs and found some, but they are for WM5 ...... you can try it out and see if it works. As some cabs from WM5 still work..
Well here is another website that might help out..
http://pocketpccentral.net/software/security.htm
Other then that I would recommend using google to search for your needs due to the fact that not many people here post about this.
http://www.truecrypt.org the windows version can install a program to mount a truecrypt encoded card on your PPC, but so far I dont think it can encrypt on it.
also found this http://www.microsoft.com/downloads/...CF-EF96-4567-B817-215E24668F75&displaylang=en
Dont know if these help, worth a look maybe.
Hello XDA-Developers!
I had an idea this morning.
Current Transfer Tech:
Bluetooth - Requires the user of both devices to enable their bluetooth devices, then they have to go about pairing the devices to allow file tansfer (this is not always the case though). then the, shall we call him "sender" has to select a file and attempt to bluetooth the file to the, shall we say "reciever", who in turn has to accept the data and then the transfer starts.
Wifi - not used very often but files can be transferred through an app or through an ftp server etc from one device to another. this however requires a little, if not more, skill to complete and can be fustrating looking for ip addresses etc.
NFC - this is an emerging technology that is being implemented in more and more devices such as the Galaxy Nexus. This is a very efficient and fast way to transfer data from one NFC enabled device to another NFC enabled device, however like most of the android community, my phone does not have this capability.
My Idea:
This is just an idea and you may say what you like about it but i thought i would write it down here, the first place that came into my mind where i thought that someone could take this idea further.
Now my friend uses a blackberry, and i know that that word is almost taboo on this forum but hear me out. He uses his blackberry for a service called BBM (Blackberry Messenger), i am sure you are all familiar, and to add a friend of his so that he can contact them using the service, he simply uses his blackberrys camera to scan a 2D Barcode on his friends device and all his BBM Pin and other data is transfered through the phones camera so that they can communicate on the service.
I though that this could be used more on android devices. This could be used to transfer small files from one device to another such as contact information, websites (already a reality), even larger files such as word documents and other reletavely small documents. Now i know that these files cannot be displayed on a single 2D barcode but maybe they can be send using not one barode but a series, the barcodes could be in an animation on the device screen, showing one barcode after another all and the "reciever" could simply hold his device's camera over the animation and it could read the series of barcodes and then compile all of the data to create a single document.
Now i realise that this could be a silly idea as the ammount of data that can be transferred through a 2D barcode is not huge, al lot of barcodes would be needed to transfer a larger file than someones contact details.
Let me know what you think, and you are free to do what you want with my idea, i wont hold it against you
hazzahex
Hello
I know it's a little late (only 3 years lol), but I just wanted you to know that I've implemented a system similar to the one you describe
It was my college's final project
hazzahex said:
Hello XDA-Developers!
I had an idea this morning.
Current Transfer Tech:
Bluetooth - Requires the user of both devices to enable their bluetooth devices, then they have to go about pairing the devices to allow file tansfer (this is not always the case though). then the, shall we call him "sender" has to select a file and attempt to bluetooth the file to the, shall we say "reciever", who in turn has to accept the data and then the transfer starts.
Wifi - not used very often but files can be transferred through an app or through an ftp server etc from one device to another. this however requires a little, if not more, skill to complete and can be fustrating looking for ip addresses etc.
NFC - this is an emerging technology that is being implemented in more and more devices such as the Galaxy Nexus. This is a very efficient and fast way to transfer data from one NFC enabled device to another NFC enabled device, however like most of the android community, my phone does not have this capability.
My Idea:
This is just an idea and you may say what you like about it but i thought i would write it down here, the first place that came into my mind where i thought that someone could take this idea further.
Now my friend uses a blackberry, and i know that that word is almost taboo on this forum but hear me out. He uses his blackberry for a service called BBM (Blackberry Messenger), i am sure you are all familiar, and to add a friend of his so that he can contact them using the service, he simply uses his blackberrys camera to scan a 2D Barcode on his friends device and all his BBM Pin and other data is transfered through the phones camera so that they can communicate on the service.
I though that this could be used more on android devices. This could be used to transfer small files from one device to another such as contact information, websites (already a reality), even larger files such as word documents and other reletavely small documents. Now i know that these files cannot be displayed on a single 2D barcode but maybe they can be send using not one barode but a series, the barcodes could be in an animation on the device screen, showing one barcode after another all and the "reciever" could simply hold his device's camera over the animation and it could read the series of barcodes and then compile all of the data to create a single document.
Now i realise that this could be a silly idea as the ammount of data that can be transferred through a 2D barcode is not huge, al lot of barcodes would be needed to transfer a larger file than someones contact details.
Let me know what you think, and you are free to do what you want with my idea, i wont hold it against you
hazzahex
Click to expand...
Click to collapse
Hi *,
I'm very new to forum and hardware hacking. I'm also new to android dev (I have done some WP7 development).
I want to write application about radio conditions (RSCP, EcNo) and also wanna to decode ASN.1 messages to get some 3GPP layer 3 messages (RRC). To do that, I suppose that low level access is required.
So, is there any tutorials, guides etc. on how to do that for android devices (I know about android telephony class) or WP7/WP8 devices.
I also know that that is not possible on every device due manufacture restrictions.
I'm interested in Galaxy S(2/3), Nokia Lumia, Nexus, etc (device doesn't need to have qualcom chipset, all i wanna to do that).
I also know that some of companies like ASCOM are working together with chip suppliers for that kind of applications.
So, is it possible to do on market smartphones...
Thanks in advance for answers
Cheers!
TK
It's troublesome thing.
Every modern mobile solution does split into AP (Application Processor) and BP/CP/Modem (Baseband/Call Processor), sometimes these are integrated into one SoC (QC chips) or are splitted into 2 SoCs (like Exynos AP+QC/Infineon CP), on AP there's working ARMLinux with Android platform.
Platform does communicate with RIL HAL (proprietary lib), RIL does communicate with modem through some dedicated HW interface using kernel driver, nowaday its common shared-memory topology with abit of control through UART/GPIOs before RAM-share is set up (modem bootup, assuming AP does startup first, which is case in 2xSoC topology, on QC SoCs modem does startup first and does perform bootup of AP submodules).
The problem is - BP OS is closed source. In best case (rather unlikely) low-level transmission params might being received by RIL from AP but not being passed to platform, then you probably would need to patch RIL binary to expose these values to platform. If these transmission params aren't being transmitted from CP to AP, the easiest (and the ugliest) way to do is trying to find network structures inside of modem OS and pooling them from AP (assuming you've got direct access to all of CP memory). More advanced way would be integrating additional data into BP-RIL interface (modifying both RIL and modem binaries), what then narrows down to "best case".
If you aren't familiar with ARM assembly - analysing modem binary is pretty big task, prepare for at least few weeks of intense reversing.
This is a very interesting question!
So far, AFAIK, no one here at XDA (or elsewhere) have been able to successfully extract L1 radio parameters from the modem, using any form of API or other. So anyone who would successfully be able to do this, would be an instant XDA hero! (As for L3, I don't know.)
But then again, I don't think anyone have tried hard enough either. I have tried to a limited extent in my research of the Intel XMM6260 and trying to use some of the Android internal telephony API. Others have managed by hacking the AT command line interpreter, directly in the modem image of some limited versions of the 2xSoC's (like those of Intel/Infineon) used for jailbreaking <4S iPhones. These modem images are "only" 10 MB, whereas the Qualcomm modems "images" consists of 50-60 files and have a size up to 60 MB!! Although we should be able to find the AT command Processor (ATcP) in those...
As I see it today, we only have these options how to get these parameters in the Android eco-system.
1) We believe that the modem AT command interpreter/processor have the capability to provide radio parameters to the outside world. But this direct access often seem to be crippled:
a) by denying local or external terminal (UART) serial-access.
b) by being filtered by the RIL daemons and accompanying RIL libraries
c) by being complicated due to using modified IPC (shared memory) communication, rather than regular serial devices. However, by putting the device into "download/debug" mode, sometimes these devices re-appear!
(This is what ODIN, QPST and other programs does, see (4).)
2) We know that the Android internal phone API can use the following calls to get particular modem "stuff" (including sending AT commands): RIL_OEM_HOOK_RAW and RIL_OEM_HOOK_STR
The problem is that no one seem to know how to use it, nor how it depends on the hardware...
3) We know that the Service Mode's (settings/menu) are displaying many of these parameters, so that the phone OS certainly can get have access to these. So another option is to hack and understand how this is done by the service mode menu and the underlying modem software. This is where reverse engineering would come to its right!
4) We also know that many of the OEM phone debug/repair software, like QPST and QDART (Qualcomm) and "CDMA work-shop" etc. have full access to these variables as well...
Actually, if you're on a Qualcomm based device and can put it into QXDM mode, you can have all radio data to be output to the QXDM (3.12.754) software and possibly interface API. Thus... if we can understand the handshake and protocol they use we should eventually be able to make an app that can fetch this data as well...
Thx for your answers!
It looks like I need many hours to investigate and learn! Sound like fun, hope it will be...
I hope that soon I'll post something new on this thread about question.
Thx and hear ya!
Little update: Regarding radio conditions, here is telephony API http://developer.android.com/reference/android/telephony/package-summary.html and here is Signal strength class http://developer.android.com/reference/android/telephony/SignalStrength.html!
So I have these information (at least I hope so, because I don't have device for testing and I don't have dev environment set yet).
Also, regarding WP7 Samsung devices: there is samsung app called Diagnosis, where you can access root/debug screen in Test Mode... I was looking little into that app (I have unlocked Samsung Omnia W device), and there are very interesting informations, like list of neighbour cells with CellID and signal strength and many others (Handover test, antenna/ADC, RRC state, Tx Channel, Tx Power, EcIo, RSCP, L1 (looking now it's PCH_Sleep value ??), etc)
I need that kind of information + need to find way for decode L3 messages like RRC and RLC. From L3 you can find many other information (RAB establishment, IRAT handover, all 3GPP information element for GSM/WCDMA/LTE and so on!)...
hi *,
What about Gobi platform and GOBI dev?
BR
TheKrigla said:
hi *,
What about Gobi platform and GOBI dev?
BR
Click to expand...
Click to collapse
Hi, i was just looking for GOBI, too.
But they only show 4 Devices, with the Gobi-Modem inside:
qualcomm.com/gobi/products/finder?type=Smartphones
But there are buid in a few UMTS/USB-Sticks, Mobile Hotspots, a Router and some Notebooks (SubNotebooks),
Not bad, if you can use it as an external device, like the mobile router.
So it looks like a very special solution.
Did somebody check the HTC, Motorola or Samsung SDK ?
I am also trying to get low network info, and it looks like AT commands that exist (at least on my Samsung S3) do not provide this information. So I think emulating what QXDM does is the secret sauce... but that's hard
You can probably find what you need in the "QMI" related documents from THIS post... Let us know how it goes!
E:V:A said:
You can probably find what you need in the "QMI" related documents from THIS post... Let us know how it goes!
Click to expand...
Click to collapse
I quite don't fully understand how QMI works. The SDK appears (C++) to run on Windows. Is it possible run QMI directly on android? Also one post said that really low level information like Signaling can only be through the diag port. Perhaps there is a way to emulate QXDM on the android and connect to it to grab this info
Chipset access
I am wondering how tools like qualpoc from SwissQual work. They seem to have access to every damn thing happening in the android phone. Do they have any special API access from Qualcomm ?
enigma99a said:
I quite don't fully understand how QMI works. The SDK appears (C++) to run on Windows. Is it possible run QMI directly on android? Also one post said that really low level information like Signaling can only be through the diag port. Perhaps there is a way to emulate QXDM on the android and connect to it to grab this info
Click to expand...
Click to collapse
mknair said:
I am wondering how tools like qualpoc from SwissQual work. They seem to have access to every damn thing happening in the android phone. Do they have any special API access from Qualcomm ?
Click to expand...
Click to collapse
Thanks.
http://www.swissqual.com/
Probably nothing special. What is special, is that they have full access to all their documentation. If you can download their white papers and the Android app, I'll tell you how they do it!
Is it possible to connect something like a 4G dongle to the usb port to create a roaming RF scanner and get the RSCP ECIO details from that? It's a bit mental but it doesn't look like we will be able to get this detail from the phone without paying the tens of thousands for the documentation anytime soon...
I tried to connect a Sierra Wireless device which can provide this info but I cannot seem to compile the module against the kernel.
I got QMI talking just fine on android 100%. But I need layer 1 info etc as well (DIAG)... Qualcomm docs look easy enough for the packet structure but now i just need access... And I'm totally stuck. USB is one way, but isn't there to get access locally? Like through UART or some other means? I believe all communication goes to the /dev/diag device but so far I have not been able to get access
E:V:A said:
So far, AFAIK, no one here at XDA (or elsewhere) have been able to successfully extract L1 radio parameters from the modem, using any form of API or other. So anyone who would successfully be able to do this, would be an instant XDA hero! (As for L3, I don't know.)
Click to expand...
Click to collapse
Well, I guess I am a XDA hero then I have successfully extracted L1 radio info, etc on Android itself. DIAG is pretty powerful and not very well documented so I had to figure everything out myself, but when it works you can get just about anything possible.
enigma99a said:
Well, I guess I am a XDA hero then I have successfully extracted L1 radio info, etc on Android itself. DIAG is pretty powerful and not very well documented so I had to figure everything out myself, but when it works you can get just about anything possible.
Click to expand...
Click to collapse
Any thought about sharing solution?? Not cool man...
enigma99a said:
Well, I guess I am a XDA hero then I have successfully extracted L1 radio info, etc on Android itself. DIAG is pretty powerful and not very well documented so I had to figure everything out myself, but when it works you can get just about anything possible.
Click to expand...
Click to collapse
Is that right? There were never any heroes who didn't prove their worth. So why don't you share it with us? (Or if you don't want to share, at least tell us why not?)
E:V:A said:
Is that right? There were never any heroes who didn't prove their worth. So why don't you share it with us? (Or if you don't want to share, at least tell us why not?)
Click to expand...
Click to collapse
Yeah, sorry guys for the late reply. Basically I had to rewrite the diag driver to get diag info. And this project is for profit, so I can't put myself at a competitive disadvantage after spending many weeks on it But if anyone has questions, I would be happy to answer
Hi at all!! My hero, enigma99 please tell me (or who knows)!!
I'm developing a app with SDK that use the java methods of classes like SignalStrenght and Telephony. But those methods dont work very well. (they are slow, and in much smartphone dont return the Ec/Io)
Do you think if in 3g tecnhology (UMTS, HSPA) the modem part always returns all measure (RSCP and Ec/Io)??
What's the way to follow for return this values? recompiling kernel? programming with NDK?
enigma99a said:
Yeah, sorry guys for the late reply. Basically I had to rewrite the diag driver to get diag info. And this project is for profit, so I can't put myself at a competitive disadvantage after spending many weeks on it But if anyone has questions, I would be happy to answer
Click to expand...
Click to collapse
Is this for sale yet? Curious minds would like to know.