Question "Invalid response SW after first INIT UPDATE command" with SCP02 - Google Pixel 6

Hi all,
I use a smartphone (e.g., Google Pixel 6 but what I describe next happens also with other smartphones) and plug a UICC (a.k.a. SIM card) into it. Then I try to start a SCP02 secure channel (SCP02 is a GlobalPlatform security protocol). First, everything runs correctly: the mutual authentication is done successfully and I can send encrypted commands to the UICC. Then I stop the secure channel. And I start again: new secure channel with SCP02 and a new encrypted command, and stop. I do this multiple times and up to some point (after 50 or 100 trials), when I initiate anew the SCP02 channel the UICC replies with an error "Invalid response SW after first INIT UPDATE command" during the authentication. If I use a times (that is, I wait 1 s between two tunnel establishment) I can establish more tunnels than previously (200 or 300 trials) but, eventually, the same error is sent by the UICC. Can anyone help me to solve this issue?
Thanks a lot in advance.

What stage of the booting process are u on? This is very intriguing to me. Is ur phone bricked?

The phone is an off-the-shelf item. I did not update it. It is not bricked. It is working correctly (fully functional besides the issue which I ask help for).

I'm just getting confused about what you mean by SCP02.

SCP02 stands for "Secure Channel Protocol 02". It is a security protocol defined by the GlobalPlatform consortium. Its specification is public (https://globalplatform.org/wp-conte...CardSpecification_v2.3.1_PublicRelease_CC.pdf).
It is based on symmetric keys shared between between the UICC (SIM card) and a remote server/reader. With these keys the UICC and the server/reader mutually authenticate first and then compute fresh session keys. With the session keys, the server/reader can send encrypted commands to the UICC (e.g., to upload an applet or to update parameters stored on the UICC).
So I use SCP02 to establish such a secure channel between an UICC plugged into the smartphone and an application on the smartphone. I know the symmetric keys shared by the UICC and my application on the smartphone, so I can correctly establish the secure channel. But, as said, after several successful establishment the UICC all of a sudden replies with an error message. And I don't understand why and how I can fix this.

Related

SmartProtect Anti-Theft Software with SMS Auto-Responder and MortScript support

IMPORTANT.. CHECK ON THE FIRST PAGE FOR UPDATES.
WARNING : This software has some pretty powerful features so use at your own risk. Importantly, please read the instructions below.
Hi guys.
This is my first software using .NETCF for Windows Mobile Phone. I know this software is peanuts compared to what is out there, but I wish this would be useful to all of you as well. This software helps you track and recover your phone once stolen or lost. Features includes :
1. A Thief or Lost Prevention Software with SMS Auto-Responder and GPS Capability created for Windows Mobile Devices.
2. When you forget your phone and can''t remember where you put it, you can SMS your phone to get the exact location via GPS information if your phone has GPS Capability or approximate location based on Cell Location.
3. You can SMS your phone for other information such as IMSI, IMEI or even remotely reboot your phone etc.
4. This software is also equipped with Thief Prevention system which will automatically SMS your partner phone number if the SIM has been changed against the registered SIM.
5. This software supports registration of Multiple SIM Cards and of Multiple Phone Conctacts as Partners.
6. When your phone has been stolen, it will automatically SMS relevant information such as IMEI, SIM Card Number or IMSI, GPS Location if supported or Cell Location.
7. It is able to also auto-delete Phone Memory Contacts if the phone has been stolen.
8. It is password protected and the password is encrypted with AES-Encryption.
9. Its un-install proof. It requires special procedure to uninstall the protection, so even if you uninstall it, it is still working.
10. It has MortScript support.
You need atleast .NETCF 2.0 for this app to work (which most Windows Mobile has so not to worry).
Note that Cell Location depends on your device. It should be working but the problem is not all devices interfaces with RIL functionality so it may or may not work.
For testing, kindly use Emulation Mode to determine if the application will work on your phone before using these features :
1. Make Phone Unusable
2. Protected Folders
3. Delete Contacts on SIM Change
Emulation mode will run the protection, however on test mode only and not real mode. Therefore, it will just produce a log file to tell you of the action it is supposed to make (however since its a test mode, it does not do that action). If everything is fine, make sure that after testing, to disable the emulation mode.
This was only tested on GSM-based phones. If you have Non-GSM Based phone, and you want to try it out, kindly do and let me know.
This software also can accept SMS Commands from the partner phone so that it can return informations as commanded by you explicitly. Here are the SMS Commands that you can send. Note though that the SMS is only accepted when :
1. The SMS came from a partner phone. (You need to register the phone as a partner phone first).
2. The password is correct. Password is based on the password that you have saved when you configure SmartProtect on your phone. The password is authenticated by the phone once the SMS Command is received.
3. When the SMS Command is correct.
The SMS commands syntax is :
::/[command],[password]
example :
::/getGPSLocation,mypassword
Available Commands are :
getIMEI - Retrieves the IMEI Number
lockMyPhone - makes your phone unusable
enableLockPhone - Enable the Lock Mechanism of your Phone. When your phone is stolen, your phone will become unusable.
rebootPhone - Reboots your phone.
deleteContacts -Deletes your mobile phone contacts. It does not delete the SIM Card Contacts.
unregisterPhone - Unregisters the sender as a partner phone.
disableSecurity - Disables the security mechanism of your phone. This requires restart to take effect.
enableSecurity - Enables the security mechanism of your phone.This requires restart to take effect.
getIMSI - Retrieves the IMSI Number.
alertContacts - alerts your contacts that your phone has been stolen.
getCellLocation - Gets the approximate location based on Cell Tower that your phone has registered to.
getGPSLocation - Retrieves the GPS Coordinates.
exitApp - When you use getGPSLocation command, this application stays in the memory. This command exits the application. However, this applications will still be activated if any of the command is received.
registerPhone - Registers your sender as partner phone number.
listCommands - List the commands available for the Software.
versionInfo - Retrieves the current version of the SmartProtect.
deleteProtectedFolders - Removes the protected folders.
disableEmulation - Disabled the emulation mode.
stopAlert- Stops the alertContacts action.
stopAlert- Stops the alertContacts action.
runPreScript- Runs the pre-action MortScript you've defined.
runPostSCript- Runs the post-action MortScript you've defined.
runAllScripts- Runs all the MortScripts you've defined.
To install the software, unzip the file and run the setup.exe. Make sure you connect your device to the computer for syncing.
Leave your comments if you have suggestions, concerns or reported bugs here[/url]
This has not been tested on Non-GSM based phone.
IMPORTANT :
Please follow the procedure below to update the software :
1. From the partner phone. SMS your phone with the command ::/exitApp,[password]. This is to make sure that the SMS module is not loaded in the memory or update may fail.
2. Uninstall the SmartProtect. (optional)
3. Install the latest SmartProtect. If you didnt uninstall smart protect, it will ask you if you want to uninstall the older SmartProtect. Just click.
4. Once installed, Run SmartProtect to verify that your settings is still there.
5. Once verified, click either exit or save.
6. You will be notified that there's a need to restart the phone. Proceed to restart.
7. To verify its installed, SMS your phone with ::/versionInfo,<password>. This should yield the latest version.
Thanks!!
REMOVAL INSTRUCTIONS :
Please follow the procedure below to remove the software :
1. Uninstall SmartProtect 1.1 from your Mobile Phone.
2. From the partner phone. SMS your phone with the command ::/exitApp,[password]. This is to make sure that the SMS module is not loaded in the memory or update may fail.
3. Install SmartProtectRemove.CAB to your mobile phone.
3. Run the SmartProtectRemove
4. Enter the appropriate password you've configured for SmartProtect. Click on Remove SmartProtect.
5. Reboot/soft reset your phone.
6. To verify that it has been removed, SMS any commands to your phone. It should get thru now.
Thanks!!
THOSE WITH SMS MODULE OF SMARTPROTECT NOT WORKING
Kindly run SmartProtect on Emulation Mode and test by sending SMS commands. The emulation mode works for all commands except for disableemulation, versioninfo and listcommands. Then the resulting log, kindly send to me for debugging purposes. Note that in emulation mode, no SMS will be sent out and all actions are recorded on the log file
Version 1.1.5
Updates.
1. Added Reboot messages if required during exit.
2. Added About Message
3. Changed title to SmartProtect on the first screen.
4. Added OpenCellID Link on the SMS.
Version 1.1.6
Updates.
1. Fixed Deletion of Protected Folders. When in-use Deletion module quits the deletion process.
Version 1.1.7
Updates.
1. Performance enhancement.
2. Fix a minor bug. When a number saved on the Partner Number is not on your address book, there's a tendency that the sms command may not get executed.
Version 1.1.8
Updates.
1. Fixed issue for users with non-english ROM where SMS command is not executed
2. Added MortScript support. You can now run Mort Scripts for Pre-process (before the security is invoked when the phone is compromised) and Post-Process (After the security is invoked). Note that you need to ensure that your Pre-process script ends, as the security will only be invoked when it ends. MortScripts will run only when the phone is compromised.
3. Support for AppToDate for automatic updates. (I have not tested because I can't download AppTodate. I will do a test later).
4. Additional commands such as runPreScript, runPostScript, stopAlert
5. Modified the way alertContacts command is executed.
Version 1.1.9
Minor Update
1. Added SMS Command to the Emulation Mode. In Emulation Mode, log will be produced whenever an SMS command is received and executed. Logs are stored on the Emulation Log.
Version 1.2
Minor Update
1. Fixed issue wherein those with partner number that starts with 0 (example 0917) is not recognized when an SMS is sent. (because the phone recognize it as +63917)
Version 1.2.2
Minor Update
1. Updated Resolution for Finger-Friendly Devices.
2. Integrated the Remove functionality to SmartProtect Configuration
3. Modified the Right-Menu. Instead of Save, it includes other settings normally found on tabs.
4. Internal changes. Libraries were integrated to make it more re-usable to each components.
Version 1.2.3
Minor Update
1. Broken AppToDate file..
Version 1.2.4
Minor Update
1. Removed Debug Statements..
Note. You can use apptodate.cab to automate updates. AppToDate is provided and developed by Paul from Modaco. Thanks!!
Thanks. Great Tools. Will try it out.
Beta?
Freeware after final release?
I am current using IIWPO both my phone and my other half's phone, which has help my other half recovering HTC Trinity when it was lost.
CWKJ said:
Thanks. Great Tools. Will try it out.
Beta?
Freeware after final release?
I am current using IIWPO both my phone and my other half's phone, which has help my other half recovering HTC Hermes when it was lost.
Click to expand...
Click to collapse
Yap, Freeware after final release. I'm thinking of adding further features but I'll probably save it on the next version. I'll stabilize this version first.
Btw, unlike IIWPO, this software uses your SIM Card as registration instead of Owner Information. Every SIM Card has a unique number which can be used as a Unique Identifier of the owner of the phone.
Thanks!!
Yep, I know and understand your point.
But most with the feature you have are not freeware.
Thank you very much for the effort.
Trinity has GPS.
Flame does not.
Edit: Need to uninstall IIWPO before trying this?
mayo98 said:
Btw, unlike IIWPO, this software uses your SIM Card as registration instead of Owner Information. Every SIM Card has a unique number which can be used as a Unique Identifier of the owner of the phone.
Click to expand...
Click to collapse
What about phones that don't contain SIM cards?
CWKJ said:
Yep, I know and understand your point.
But most with the feature you have are not freeware.
Thank you very much for the effort.
Trinity has GPS.
Flame does not.
Edit: Need to uninstall IIWPO before trying this?
Click to expand...
Click to collapse
Hi,
You don't need to uninstall IIWPO. This does not interfere with the registry IIWPO is using.
Thanks!!
smotrs said:
What about phones that don't contain SIM cards?
Click to expand...
Click to collapse
Hi Smotrs,
That's a good question. The answer is maybe it won't work. I haven't tried the application in Non GSM phone. You may try and let me know if it works. I'm happy to add that feature.
I'm using TAPI to get the Subscriber ID. I'm not sure if this will return the same CDMA subscriber ID. But for GSM, this is equal to the IMSI which is the Sim card Number.
Thanks!!
I discovered a bug but minor. If the phone is in PIN mode for a while and the SmartProtect kicks in, even if the SIM Card is correct, the application will detect a wrong SIM Card (probably because the SIM has not been registered yet??) and therefore sends SMS. Once the PIN has been keyed in, and the SIM has been registered, the protection stops.
The bug does not always happen. Only when the PIN Mode has been idle for a while.
I'll fix this by adding a detection of PIN entry.
Just to let you all know.
Thanks!!
A couple of questions...What do you mean by make the phone unuseable?....Also is their some type of way that you can send a hard reset command to the phone (which also delete's files on the Memory Card as well)?
d_preston215 said:
A couple of questions...What do you mean by make the phone unuseable?....Also is their some type of way that you can send a hard reset command to the phone (which also delete's files on the Memory Card as well)?
Click to expand...
Click to collapse
Hi,
The application will blank the screen and therefore unusable. He can't see what's happening on the screen. He is able to receive a call though and answer it via the Keypad. He can receive SMS but he can't see it.
For your feature request, I have thought of that and will add that as well. My thought is like this. Users are able to choose which folders (Phone Memory and Memory Card) they want to be protected so in the event that the phone is stolen, these folders are either automatically deleted or deleted based on trigger via SMS. I've plans to add this feature on the next version after the final version (unless there's not much bug to be fixed which means I have time to add the feature for the final release). For now, my plan is to stabilize and fix minor bugs to make it final before adding the new features.
But not to worry though, I'll definitely add this as I've thought of this as well.
Thanks!!
Is there any way (such as if the phone is recovered) to make the phone re-useable, or is a hard-reset the only solution?
Looks like an awesome app! What a great idea. I'll hold out for someone else to test it on their non GSM phone, but can't wait.
I think the protected folders idea is fantastic, that way a person could make sure all their pictures etc are gone.
mssmison said:
Looks like an awesome app! What a great idea. I'll hold out for someone else to test it on their non GSM phone, but can't wait.
I think the protected folders idea is fantastic, that way a person could make sure all their pictures etc are gone.
Click to expand...
Click to collapse
Thanks!!.
Let me see if I can find an emulator to test this out. Unless someone can point me to a site to download an emulator for CDMA ? Thanks!!
d_preston215 said:
Is there any way (such as if the phone is recovered) to make the phone re-useable, or is a hard-reset the only solution?
Click to expand...
Click to collapse
Hi,
Normally, just insert the correct SIM Card and it will work. But, for example--
Let's say you manage to recover the phone but the SIM Card has already been thrown by the thief.The solution here is to :
1. Send an SMS from your partner phone to the recovered phone with the disableSecurity command. This will disable the security of the phone.
2. Send an SMS from your partner phone a resetPhone command to reboot the phone. This is to apply the disabled changes you've SMS'ed previously.
2. Run SmartProtect and register the SIM Card
3. Enable Security.
Your phone will then be protected with the new SIM Card in-place.
Thanks!!
Updated the software with the following changes :
1. Fix for PIN Mode issue.
2. Use schedule instead of sleeping during interval run, to make the software more responsive to SMS Commands once the protection runs.
Let me know if you need further information or if the update didn't go thru well.
Thanks!!
To survice hardreset, cook your own rom.
Configuring the setting and found some question, possible improvement and suggestion.
Suggest to put a warning message that User to backup their contacts before trying out one of the feature "Delete Contact on SIM Change".
But on SIM change, it will be deleting the changed SIM Contacts, not my SIM's contacts or Phone's memory contacts.
Anyway, I am backing up my contacts now before I click that option.
Suggest to also get the "Owner Information" sent in SMS like IIWPO when the content change so you may know more things about this thief.
My question is, if phone is unusable, how to send SMS? Or you are just locking the voice but not the SMS?
If you go to "Settings->Remove Programs", you see JLG SmartProtect, you can still remove program, make this invisible.
You have SmartProtect in "StartUp" which is needed, but the program should be running is secret invisible mode upon power up and not visible to the thief.
mayo98 said:
Hi,
Normally, just insert the correct SIM Card and it will work. But, for example--
Let's say you manage to recover the phone but the SIM Card has already been thrown by the thief.The solution here is to :
1. Send an SMS from your partner phone to the recovered phone with the disableSecurity command. This will disable the security of the phone.
2. Send an SMS from your partner phone a resetPhone command to reboot the phone. This is to apply the disabled changes you've SMS'ed previously.
2. Run SmartProtect and register the SIM Card
3. Enable Security.
Your phone will then be protected with the new SIM Card in-place.
Thanks!!
Click to expand...
Click to collapse
Or you can register 2 SIM Card. Chances of you losing 2 phones together is slim. Once the phone is back, insert the other SIM Card, it will be ok.
Looking at the feature, it should able to register more than 1 SIM, right?
After Configure, only switching on the Sercurity Mode, with my first SIM, I tried to test by switching to another SIM.
Upon power up with another SIM, the SmartProtect tried to execute from "StartUp" but gives an error message.
Tried getting into SmartProtect from "Program", it gives the same error message.
Putting back the original SIM, able to get into the configurating program.
Is this the correct behaviour?
CWKJ said:
After Configure, only switching on the Sercurity Mode, with my first SIM, I tried to test by switching to another SIM.
Upon power up with another SIM, the SmartProtect tried to execute from "StartUp" but gives an error message.
Tried getting into SmartProtect from "Program", it gives the same error message.
Putting back the original SIM, able to get into the configurating program.
Is this the correct behaviour?
Click to expand...
Click to collapse
Hi,
The first one seems to be an error. Is it an application error ?Can you click on details of the error and show me the screenshot ?
Second one is a correct behaviour. SmartProtect will not get executed until you've inserted the correct SIM Card. This is to protect it from someone else configuring other than you (assuming your phone was lost).
I've released a latest update on the first page. Can you try that one ? I will give you instructions on private on to configure manually first as I'm encountering errors on my post application.
Thanks!!

[Don't steal my phone] Another thief protection software

Hi,
I've found many software that supposed to help in case your phone get lost or stolen.
Some were expensive, some were free, but none fitted perfectly to what I was really expecting. So I've made my own.
The closest in terms of functionnalities (and price) is Remote Tracker, but it requires .NET 3.5 which is not installed on my WM6.5 phone, and honestly, it's a very fat dependency.
The idea is that you install this software (no CAB, simply copy the 2 files on your phone), and run it once to set up the configuration. Then forget it.
In the case the phone is stolen, the software will send you a SMS with the thief's phone number, it's GPS position, the CellID in case the GPS pos is not available.
You'll then be able to act on your phone remotely by sending it some SMS (described in documentation).
The features that makes this software unique are:
It's possible to destroy all your personal data remotely (call log history, contact, emails, SMS, calendar, owner info, storage card) -> help social engineering to get back your phone.
It's possible to make the phone send you back the call history and the sim contacts.
Slut mode (see the documentation for details).
WOULDYOUSHUTUP mode (where the phone is very very nasty).
All other tracking software features...
This software is open C++ source (GPLv3), small (75ko with no dependencies), and free.
You'll find it at http://dsmp.sf.net (documentation on that page)
Or the direct link is attached.
Beta tester welcome (I've tested all functions already, but, you know what software development is....)
Some remarks for those who don't read threads:
whereRU: requires you to have at least a .wav file in your windows ring folder. I thought all phone had at least one .wav based ring. In 64kb, I haven't included a MP3/AAC/MP4 player.
owner: This is what I said in my first posts. Microsoft didn't feel it was interesting to document how to retrieve owner info. So, almost all manufacturer have made there own proprietary stuff. I've a HTC phone, so I've checked the code work for HTC. If you have more information about where your phone store its owner information in registry, I can add your phone support.
contact: On the main config dialog, in the combo box where you can enter the phone number to contact, you'll have a phone number list. It's the same list as returned in the "contact" command. So if you don't have such list in the config dialog, then this means that either you don't have any contact on your SIM card, or it's not working (in that case PM me).
Please read the website http://dsmp.sf.net
To install the software:
1. Extract the zip file (either on your phone, or on the PC, and then copy the 2 files from archive to your phone)
2. Run the extracted exe on your phone. If you have signed warning say yes.
3. Set up your configuration (DON'T check "Don't show this screen anymore")
4. If you have a GPS in your device, go outside to make sure the GPS is working with the configuration you've made
5. Enter a (not yours) phone number in the SMS par edit/combobox
6. Enter a password in the edit box on the bottom
7. Click done => Say yes.
8. Start the software again, enter the previous password in the field on the botton to unlock the dialog, then click on "Configuration done, install now"
9. If you have signature warning for the DLL say yes.
10. It should display "Installation done". You can then send yourself a SMS with the right format to check if it's working.
11. If it's working, delete the SMS you've just sent from your outbox, and trash, and then start the software again and check "Don't show this screen anymore". You'll have to click "Configuration done" again, but this times, you shouldn't have any warning.
12. If it's not working, well post on the forum.
Changelog:
- Added "allow" command so it's possible to use multiple allowed SIM card. Setup the software as described above, and then change your card. You'll get a SMS with the new number (if not, your configuration isn't good). Then reply with the command "dsmp # allow # password" with no space between #. This SIM card is then allowed. You can have up to 4 allowed SIM card.
- Fixed an installation bug on non-french phone. Sorry, I've been lazy, and it should be fixed.
- Added support for "Dsmp" in addition of "dsmp" as trigger code
- More owner info retrieved for HTC phones
Please go to sf.net page ( http://dsmp.sf.net ) if you want to get the debug version or source code.
sounds impressive ! i might give it a try!
good work !
CDMA diamond running a 6.1 rom. got to step 8 and each time I enter in my password and close my keyboard the screen where the keyboard was (touchpal is my SIP) shows the screen behind what it should show. hope that makes sense. how do I uninstall this software?
also, I dont see anywhere where it says what WOULDYOUSHUTUP mode is.
WOULDYOUSHUTUP is what happen when you send a sms with "whereRU". The phone rings at max volume for 60s with no possible way to stop it, even if it was in silent mode.
Useful when you've lost your phone nearby, (it won't stop until you've found it, or 60s later), or, as intended, to become a nuisance to any thief in the middle of the night.
To uninstall the software you must click on "Zap" button, but you need your password for that. BTW if you haven't done step 8, you don't need to uninstall, as the installation proceed only when you click "Configuration done" button.
If the software doesn't accept the password you've set at step 6, then it's likely that it was entered wrong at first? I'll PM you about this, if you don't mind.
installed it, and tested a whereRU with another phone, doesn't work. :\
I've answered with specific details by PM. I trying to understand why installation didn't work for you. I'll update the post with the informations you'll give me.
sounds really nice.
I just see some problems. These problems apply to any anti-theft program :
If you have a pin-lock for the device (not sim card lock, the built-in windows lock), the thief will not be able to change anything (owner, ...). He can only change the sim and try to boot, what will of course fail. As this fails (without unlocking phone-lock, no dialing), he will not be able to establish a connection to his mobile network and you will not get his number (?!)
As hard-reset is always possible (every thief can google ) w/o the program being cooked into rom, this software is senseless if you can't cook roms. I can't
If I understood it correctly, you would need to edit the 2 files to your needs (with numbers aso) at first instance and afterwards cook them into rom. This has to be done by each end-user each time he flashes a new rom and cant be done by rom-chef because he doesnt know your data.
Isn't it possible to make that wireless? E.g. you specify an email there and the programm will at first boot after hardreset (after cooking into rom) establish a connection to a server (or mail to specified mail) to download the details (cell number, pw, ...) you entered in the server? ^^
You only can enter one own cell number. Bad if you sometimes switch the sim's.
Would be better to implement that from remotetracker:
SIM Cards: you can set up to four known SIM cards. If you, or anyone, change the SIM card to an unknown card, your emergency number and e-mails will receive a message alerting you about the change and with the new number
Click to expand...
Click to collapse
* If you use this kind of software, you'll want to make your thief believe he succeed owning your phone. If you PIN-lock your device, then the thief will have to hard reset the phone to use it, defeating the whole process.
* In my previous phone (Universal), there was a Extended ROM made by the operator that survived hard reset. I've used that ROM by that time.
Now, you're perfectly right, with a single ROM, the hard reset kills the software. Your idea of using a external server is genius. I guess I'll add this, using your device ID (which doesn't change whatever the ROM) (or IMEI), to retrieve the config for your phone. The config will be saved on a server, and the config can be sent back by SMS (so even if the thief doesn't have network contract, it'll work).
* You switch SIM ? Is 2 SIM okay ?
I wanted the software to be extremely simple to setup, so it detected the IMSI by itself.
Now, if you need to store 2 IMSI, it'll need another edit box to let you enter the IMSI numbers.
I can add a new command "allow" that, when you've inserted your second SIM, will allow the new IMSI upon receiving.
Let me think about this.
Yep, but I won't -of course- disable excellent built-in security mechanisms to make it *perhaps* easier to get the phone back just in case someone steals my phone.
The phone-lock is ideal to keep away random access to private and corporate data from other persons (friends, aso).
Despite the lack of some functions I installed the program yesterday and it doesn't work as thought:
The program loads after each reset again with the config screen
The program is active in task manager (dsmp.exe)
The sent commands aren't executed. If I send the commands (e.g. rst or whereRU) to the phone, the display turns on but nothing happens.
(perhaps the first 2 problems are caused because I did not hide the program yet with "Do not show this anymore" Not sure about that )
You could just say at setup: Now turn off the phone and enter your other sim and start the setup again to detect the second sim
hi popol256,
is there a chance for a very thin application, that after installed on a phone (e.g LEO) makes JUST the following:
- receiving a predefined SMS lock's the phone and encrypts the msd card.
To unlock the phone and decrypt the msd card, just a so called "master password" or whatever needs to be input.
That's all
thank you,
/s1
Locking the phone is possible (but again, if you lock the phone, then the thief will hard reset it).
Encrypting the microSD card is not, I think.
So far, I think you need to either encrypt it at first use (all WM6 phone have this as a base feature). When you have data on it and want to encrypt, it's almost impossible as you'll need the same free space on your device as your card size to store the encrypted version.
(Or if only encrypting content, you'll need to reserve half your card size for the "possibly" encrypted archive).
I guess the best method for you if to use the storage card encryption feature of WM + pin lock.
bliblablub said:
Yep, but I won't -of course- disable excellent built-in security mechanisms to make it *perhaps* easier to get the phone back just in case someone steals my phone.
The phone-lock is ideal to keep away random access to private and corporate data from other persons (friends, aso).
Click to expand...
Click to collapse
You are right. The only way to have both would be to cook your own ROM with the software inside.
bliblablub said:
Despite the lack of some functions I installed the program yesterday and it doesn't work as thought:
The program loads after each reset again with the config screen
The program is active in task manager (dsmp.exe)
The sent commands aren't executed. If I send the commands (e.g. rst or whereRU) to the phone, the display turns on but nothing happens.
(perhaps the first 2 problems are caused because I did not hide the program yet with "Do not show this anymore" Not sure about that )
Click to expand...
Click to collapse
Yes the 2 first issues are because the config says to show the dialog.
The third issue means that the software isn't installed well.
I've only tested it on my phone, and I might have done something wrong.
There is a debugversion here
Extract this version to your card, then run the exe in it, and click "Zap". Then wait for few minutes, and reset your phone (this is to make internal mail application to release its lock on the interceptor DLL).
Run the software again, and set the config, click "done" or "ok", and send yourself a SMS (don't need to install this version, it runs from the card).
You should get 2 message box, the first one contains the path to the software (end in .exe), and the message you've sent, and the second only contains the command you've sent. If this work, well, I'll have to double check the release version.
bliblablub said:
You could just say at setup: Now turn off the phone and enter your other sim and start the setup again to detect the second sim
Click to expand...
Click to collapse
Yes, it's the basic idea (in fact, as soon as you insert your second SIM, you'll receive a SMS, but you'll then send an "allow" command to add this IMSI in the allowed IMSI list). I'm adding this.
Hehe, got the following error running the debugversion:
CmdLine (OK)
(empty)
Click to expand...
Click to collapse
Can't load DLL (OK)
\Carte de stockage\DSMPI.dll
Click to expand...
Click to collapse
Error (OK)
Can't register the message interceptor DLL
Please make sure the DSMPI.dll is in windows folder
Click to expand...
Click to collapse
Ok, my fault then, I've used French name for the path. Let me few hours to compile a new version with the regular name, I'll post back here.
Ok, I've added the "allow" command for multiple sim card. The idea is simple, configure your software as said in the first page, then change your sim.
You'll received a SMS to the number you've set up. Then send a "allow" command with your password, and the new SIM is allowed you'll never receive a SMS again.
bliblablub,
Please run the version you have on your storage card, and click "Zap" button to uninstall it.
Then delete the 4xxxxxxxxx_dfed_p (xxxxx is a hexadecimal number) from your storage card (file format changed).
Then download the updated DSMP.zip version from the main (or the official) page again.
There was a bug with the file path that should be fixed now with the release version.
Thank you for your patience.
popol256 said:
bliblablub,
Please run the version you have on your storage card, and click "Zap" button to uninstall it.
Then delete the 4xxxxxxxxx_dfed_p (xxxxx is a hexadecimal number) from your storage card (file format changed).
Then download the updated DSMP.zip version from the main (or the official) page again.
There was a bug with the file path that should be fixed now with the release version.
Thank you for your patience.
Click to expand...
Click to collapse
I can't uninstall it because it was not installed I guess (debug - storage). See errors on post before
Somehow I managed to uninstall the internal version. Needed several attempts.
Now installed again on phone and again nothing happens with whereRU and any other command except lcd turning on
Does it work fine?
Any opinion?
Nice, nice, nice. Sounds like the app I was always looking for. I will download and try. Thanks
It seems to work fine on my X1.
But gps is not recognized on port 4 baud 4800...

Setting up a proxy server on Android

Hello there guys.
So my problem is that I cannot setup a Proxy server on my Android properly, when I'm trying to use it I just get "ERR_PROXY_CONNECTION_FAILED" error in the browser.
I tried 2 programs (by the same author) - Servers Ultimate and Proxy Server.
With SU for example I created a simple "proxy server", obtained the ip/port from the "connection info" and was trying to connect through it, with no success...
I tried this on two different phones. One is Samsung A3 2016, second is something old with Android 3+ version.
Can someone point me to the right direction? I would be very thankful.
Also to mention, I'm trying to perform this with 3G connection and not Wi-Fi. Does this interfere somehow?
I just realised in the Status tab of a created instance it says:
"Public Connectable - No". Even with Wi-Fi. I asked one friend to perform this on Meizu and he got success with SOCKS server/Wi-Fi setup. Hmm.
What is the solution to this issue. I'm also facing the same over 3G network.

Enable system certificate on Android

Dear all,
I'm searching for some help regarding system certificates on Android.
First of all, a little bit of context : I'm in charge of the migration of mobile devices from one Airwatch server to another. All devices are managed by MDM (Airwatch MDM Agent) that allows deployment of configuration profiles and apps. One of those profiles is called "CertAuth" and pushes some certificates that are needed to access internal ressources.
A few months ago, we have discoverd that one of the system certificates (Thawte Primary Root G3) was missing on some devices, mainly old versions of Android.
So we decided to push this certificate through the "CertAuth" profile.
Now the problem whith that method is that once the devices are unenrolled from the first server, profile "CertAuth", all corporate content and apps are removed (normal behavior). As Thawte Primary Root G3 certificate is part of the system certificates, it cannot be removed. So it is simply disabled.
This certificate is needed to access the target server, so once devices try to enroll, they receive some error message "cannot connect to host". Connection is simply refused due to the disabled Thawte G3.
Of course it can be manually enabled, but as you all may know, basic users are not always able to find the correct option in the device settings...
So (finally) my question is : is there any way to remotely enable this system certificate (little swich OFF/ON) in order to void manual action on more than 5000 devices?
By using a script or something that would be deployed on devices as third-party content/not removable content?

Question Is it possible to retrieve data from a locked phone?

Recently, I don't know why but a message popped up asking me to enter an alphabetic password even though I didn't set any. To unlock the phone I had: fingerprint, face and 4 digit PIN.
I was hoping that after a reboot it would not require an alphabetic password just the 4-digit PIN (only the numeric keypad was displayed) as always, unfortunately there is a message: "Password Must Be Entered After Device Restarts".
OnePlus service said that if I send the phone to them they will still clear it of data.
After connecting to the computer, the commands:
adb devices
fastboot devices
Click to expand...
Click to collapse
don't detect the phone, whether in normal mode or recovery mode.
Is there any way to recover at least some of the data before I do the format? Or is there any tool that will bypass entering the password ?
A data recovery specialist might be able to.
Always back up critical data redundantly, regularly to multiple hdds that are physically and electronically isolated from each other and the PC. At the very least use a OTG flashstick. If you had an encrypted SD card used as a data drive you probably still have access. SD card slots are far for obsolete but Android is becoming less usable by the year. Thanks Gookill.
I just send it in...

Categories

Resources