Itch3: Anti-lost/theft protection
t3st3r at mail.ru
Tue Mar 6 01:23:13 CET 2007
Marcel de Jong wrote:
> On 3/4/07, t3st3r <t3st3r at mail.ru> wrote:
>> FYI: just to let you know, an anti-thief\anti-lost system for phones
>> already exists.Here is the story.Maybe someone already heard that
>> proprietary Siemens mobile phones (x55 series based on 80C166 CPU and
>> x65 and x75 series based on ARM9) were reverse-engineered deeply and
>> people has bypassed boot loader protection (preventing user's code from
>> being uploaded) so everyone can run it's own code on phone's CPU.Also I
>> heard some other vendors were hacked successfully as well.Some
>> SonyEricsson for example.
>> One of the first firmware patches has been the anti-thief subsystem.How
>> does it works?It does detects SIM card change (by IMSI checking IIRC)
>> and then SMSes to predefined number(s) (should be someone of your family
>> or friends of course).This reveals new phone number (allowing to take a
>> legal actions) and can allow owner to regain remote control, get
>> coordinates (actually, on Siemens phones you can get Cell ID at very
>> most, funny enough anyway).
> But how does this affect resale of the device? Because then the new
> owner inserts a new SIMcard, and then this mechanism would go active,
> wouldn't it?
This subsystem was invented by geeks and intended for smart users only -
you have to apply binary patch to firmware to use this. Of course you
have to shut this subsystem down before selling phone. Or tell new owner
how to deal with it if he\she is smart enough.But actually I have to
admit that before selling phone it is a good idea to
1) revert all patches, if any (upload factory firmware)
2) reset all phone settings to factory defaults (and address
books\SMSes as well)
3) revert filesystem to factory state.
At this point at least you're free from being bothered by new owner with
any sort of firmware\settings problems and do not leak your private
data.Ideal solution is to make FULL firmware backup of new phone (whole
flash IC dumped) and when you're about to sell phone, just upload this
backup before you're selling it (therefore returning device to backed up
state, completely trashing private data and all things you messed
up).Unfortunately, at home this is possible for some phones only (yep,
Siemens phones for example) and this may require unreasonable efforts
for some others.
> I'm just curious, it sounds like an interesting idea.
Btw there is some problem.If this solution is default and popular,
thieves and "lucky people" may become aware of it and may do something
against this.So in general this will work only while solution is not
> Marcel de Jong
> OpenMoko community mailing list
> community at lists.openmoko.org
More information about the community