Itch3: Anti-lost/theft protection

t3st3r t3st3r at mail.ru
Tue Mar 6 01:23:13 CET 2007 

Marcel de Jong wrote:
> On 3/4/07, t3st3r <t3st3r at mail.ru> wrote:
> <snip>
>> FYI: just to let you know, an anti-thief\anti-lost system for phones
>> already exists.Here is the story.Maybe someone already heard that
>> proprietary Siemens mobile phones (x55 series based on 80C166 CPU and
>> x65 and x75 series based on ARM9) were reverse-engineered deeply and
>> people has bypassed boot loader protection (preventing user's code from
>> being uploaded) so everyone can run it's own code on phone's CPU.Also I
>> heard some other vendors were hacked successfully as well.Some
>> SonyEricsson for example.
>>
>> One of the first firmware patches has been the anti-thief subsystem.How
>> does it works?It does detects SIM card change (by IMSI checking IIRC)
>> and then SMSes to predefined number(s) (should be someone of your family
>> or friends of course).This reveals new phone number (allowing to take a
>> legal actions) and can allow owner to regain remote control, get
>> coordinates (actually, on Siemens phones you can get Cell ID at very
>> most, funny enough anyway).
>>
>
> But how does this affect resale of the device? Because then the new
> owner inserts a new SIMcard, and then this mechanism would go active,
> wouldn't it?
This subsystem was invented by geeks and intended for smart users only - 
you have to apply binary patch to firmware to use this. Of course you 
have to shut this subsystem down before selling phone. Or tell new owner 
how to deal with it if he\she is smart enough.But actually I have to 
admit that before selling phone it is a good idea to
 1) revert all patches, if any (upload factory firmware)
 2) reset all phone settings to factory defaults (and address 
books\SMSes as well)
 3) revert filesystem to factory state.
At this point at least you're free from being bothered by new owner with 
any sort of firmware\settings problems and do not leak your private 
data.Ideal solution is to make FULL firmware backup of new phone (whole 
flash IC dumped) and when you're about to sell phone, just upload this 
backup before you're selling it (therefore returning device to backed up 
state, completely trashing private data and all things you messed 
up).Unfortunately, at home this is possible for some phones only (yep, 
Siemens phones for example) and this may require unreasonable efforts 
for some others.
> I'm just curious, it sounds like an interesting idea.
Btw there is some problem.If this solution is default and popular, 
thieves and "lucky people" may become aware of it and may do something 
against this.So in general this will work only while solution is not 
very popular\custom\invisible.

>
> <snip>
>
> ---
> Marcel de Jong
>
> _______________________________________________
> OpenMoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community
>
>

More information about the community mailing list