Related
I need to erase all data from my phone Sprint PPC 6700 (HTC Apache). How to do it to completly remove all my data from it?
I do not want to hear that there is "Clear Storage" procedure on device because you can retrive that kind of erased data. It brings device to factory state but you can still retrieve data.
Any program which will eg. 10 times write down in free memory space with 0's and then 1's.
I do not want any information to be recovered, info in device is strictly confidential like TaxIDs, SocialSecurityNumbers, passwords and other sensitive data.
It is like with computer format hard drive - normal user will not see data but user with knowledge can access it.
I do not post question in HTC Apache forum because maybe somebody have or may have similar problem with different device.
on wm2005 you format from inside the bootloader
There is no default secure way.
If you're that concerned about the sensitive data now, then really I am surprised it wasn't encrypted anyway.
If it was, simply use the same application to secure wipe those files, and then you have no problem.
If not, use something like http://www.pocketpcfreewares.com/en/index.php?soft=1694 to delete the files you are concerned about, and then simply wipe the storage as normal.
Also, possibly use wm5torage and write/rewrite until you are satisfied with the result.
Rudegar said:
on wm2005 you format from inside the bootloader
Click to expand...
Click to collapse
May you please give me magic commands to do it?
Thank you
Well, format it from the bootloader sounds just like a normal formatting. Anyway, if you do not have ultra secret important information, nobody with that amount of skill will want to hack and recover your data after a hardreset. If you were to ask the gurus here, they may not want to go through the trouble to recover them (if possible at all). If you were to ask me, you are just being paranoid. The chances that your phone will fall into a hand of a [1]hacker capable of recovering data from hardreset phone AND [2]person interested in your data, is very very slim. You will be more likely to have your information stolen surfing the web (wired), getting a trojan in your PC, stolen via wireless, etc.
Anyway, the US military standard of 12 times write on a hardisk ensures that no data can be recovered via physical means. That is to disassemble the hardisk, and using sophisticated electron scanning equipment to get the data. That's because normal reading via the usual way is not possible after just 1 write.
Anyway, having babbled the above, from what I experienced from retrieving data from a hardisk (the normal way), your data is relatively gone if you fill it up with stuff. SO, if you can just hardreset your device, copy some movies, mp3s over (eg via WM5Storage) until it is full, and then hardreset it again, it ought to do the job. If you are still worried, do this 12 times. Those that are good enough to retrieve your data will just get he movies/mp3s you use.
FYI:
On magentic storage, like hard drives, one pass of zeros is sufficient to write over the data such that not even an electron microscope could determine what the bits previously contained. It may have once been possible on 10-20 MB MFM hard drives in the early 80s, but is certainly not possible anymore.
The American military and intelligence agencies use the same clean-room data recovery procedures as do commercial data recovery houses, and in fact often contract out to those houses.
Flash memory I'm not so sure about, especially because a lot of flash memory uses redundant sectors to fill in when a given sector has exceeded the number of read-write cycles it's supposed to be capable of.
I would probably just fill the device up with files, delete and repeat like hanmin is suggesting. If your data is so important that someone would try to steal the device (or buy it from you) and then subject it to a military-grade inspection, you can probably afford to destroy the device physically or at least destroy the memory chips inside it and resell it for parts.
mikesol: Thanks for clarification.
Latelly I read article about guy who recovered average od 20k pages from PocketPC Phones after where were "Clean Storaged" and owners thought that data are safely deleted.
Maybe I am paranoid but if somebody gave me theirs personal/confidential data I try to protect them as much as possible.
Device will stay in one company, but probably next person will not have such vital information as I did. That is why I try to clean it as much as possible.
Now, I am satisfy with what I did.
FYI: I do not work with DoD or cooperating company but level of security is high, ie. old harddrive - 10 times write over + drill over and apply acid inside. Just to be safe
http://www.informit.com/guides/content.asp?g=security&seqNum=234&rl=1
good read
Haahaha, with our old hard drives at my company we just take them apart and then tack up the platters because they look cool.
From what I've been reading, wear-levelling may make it possible to recover "old" bits on a memory card, but there's no context for them - the FAT (or whatever filesystem you're using) won't retain any links to them and it's possible that the microcontroller built into the memory card simply won't allow access to sectors that have exceeded their read/write cycle count.
Regardless, all that would be left in those sectors would be some random bits, context-free and virtually impossible to recover from.
As of now, most of the data recovery techniques for flash rely on the ability to read bits off of the card, and then applying the same utilities to them that you'd use for a disk image of a hard drive. I haven't read about any advanced, dissection-based approaches to determine whether previous states for a given bit can be read even when a bit has been overwritten.
I'd think that there's probably no good way to do that without a massive expenditure in R&D, and you're probably safe filling the memory up once or twice with a format after each. Anyone that gets old data back after that won't be going after you, they'll be working for the NSA or something.
Hmm.. I never thought I will see this, such software do exist!
http://pocketpcapps.net/fileshredppc.aspx
Pawlisko, you may ask your company to get a few copies of this.
hanmin - I used exactly this program. I do not have Apache no more and I feel quite secure about wipe out.
Probably my company will use this software in future, but for now our major concern is case when somebody will lose device. Of course we will remotly wipe it out, but data will not be securly deleted.
Every employee knows that loosing device is not an option
You used this software before or after my post? You ought to let others know your discovery
Anyway, in what form your 'secret' information are in? I mean, text, recordings, pictures? There are some software out there that do encrypt these things. I mean, if they were to be encrypted at stage 1, you won't have to worried about it anymore. If you were to let us know in what form the information is, probably members here can think of a better idea
So, what are you using now?
when it is avaliable, ma i recommend that your company upgrades to wm6, it has built in encryption for everything (optional) it will even encrypt stuff on sd cards.
If by WM6 you mean Crossbow, the encryption option is for the SD card, not the internal memory.
It's so that if you remote wipe a device, the contents of the card can't be read on another device or system, unless you restore that device from ActiveSync.
If the company information is that sensitive, it should be stored encrypted with any one of the hundreds of applications aimed at corporate users.
If they aren't doing this, then their IT department simply is not providing the solution to the business that it should be, and someone should do something about it.
Something like this will encrypt all of the PIM, and for instance your My Documents folder so all files stored will also be encrypted.
http://www.safeboot.com/products/device-encryption/windows/
And this one is quite impressive, I saw a demo at IPSEC in London last time:
http://www.pointsec.com/products/smartphonepda/
hanmin - fileshredppc I used after your tip, thank you very much.
What is sensitive stuff - PIM, text, PDF files and photos. Do you know any good solution to encrypt it in Stage 1?
Midget_1980 - for now on there are no plans to go for WM6. But I am monitoring if WM6 would be worth to invest money in it.
AlanJC - I will investigate your links. Thanks in advance.
Hi everybody
Ive been around thousand of threads on xda-dev and couldn't find any official one for Anti-Virus. That's the main reason why I'm starting this new thread and also because Anti-Virus on Pocket PC are growing more and more. Actually we are not safe but we don't care until we get infected and that will be too late, with most of the time the only solution a hard reset.
Let's discuss and compare in this thread the different Anti-Virus SW available on the market today, and bring out positive/negative points based on our experience. It will be benifit for everybody ...
I know everyone hates Norton/Symantec but I was on the beta testing team for Norton Smartphone Security Premier Edition since day one and it is very friendly and easy to use.
http://www.symantec.com/home_homeoffice/beta/overview.jsp?pvid=nssp1beta
Actually I was using Symanter antivirus for handheld on my QTEK 2020i WM2003SE and that's true it is user friendly and worked fine, with virus definitions updates very ofently.
I was unable to install it on my HTC Athena WM6
Do you know is there is any version coming for WM6 Pumpiron?
I checked you link and it's different from what I used to have on my old device.
Ill download this beta and try it.
I'll let you know what I think about it, if it slow down the machine etc ...
It did not on mine and when I uninstalled it, it was gone...no traces..part of the beta testing. I did uninstall from my desktop, not my PPC
I am curios, how does this effect your device speed and performance?
What is the CPU and memory usage (in reality, not what stated on the site)?
I have Symantec on my XP PC and it sucks big time (does the job for the most part, but very slow and heavy).
eTrust came pre-installed on my Jamin, but that is an even bigger atrocity!
Another question - do they have a list for PPC viruses on their site like they do for PC ones?
The only PPC virus I heard of was a harmless proof of concept that could make files display a pop-up message and did not reproduce.
If real viruses for WM systems are already out there (I know its a only matter of time) I would be interested in reading up on them to know what I am facing.
Also, anyone actually caught a virus on a WM machine and can share the experience?
Here are my first impressions:
1 - The Startup time of my Athen after a soft reset has increased by around 20 sec, this because Symantec is loading on the startup.
2 - I didn't noticed a slow down during normal utilization of the device, but it's really early before concluding on that point because I need to try different applications.
3 - When I first connected to the Internet via WiFi, even the connection were established, could not load the pages having an error "page not found"
but after 15sec everything is back to normal and connections to Internet was not a problem at all.
4 - I just suffered a Freeze but not sure it is due to Symantec, because i've been suffering frequent daily freezes on my Athena since I upgraded to WM6.
But the freeze came this time while using the Antivirus SW
5 - The package is composed by an AntiVirus, a Firewall, a Norton Secure Folders utility and a Norton Tools utility.
6 - Also note that after finish installing it, it force you to set a pin code that you will have to enter everytime you soft reset your device. I tried to disable it but it won't let you do it
I'll give more details about the package in a different post after some testing
levenum said:
I am curios, how does this effect your device Another question - do they have a list for PPC viruses on their site like they do for PC ones?
Click to expand...
Click to collapse
You can check the list from the SW installed on the PPC
Just applied live update over WiFi and basically there are 5 in the list:
EICAR-TEST-FILE
WinCE.Duts.A
Backdoor.Brador.A
Trojan.Redbrowser.A!jar
MSIL.Cxover.A
Definitions : 04/06/07 ver 2.0
As promised, here is my feedback on the tools provided in the package:
1 - Norton Antivirus
Very friendly and easy to use, from the menu u can access the options for the Antivirus, the Scans, the AntiSpam, Updates and Proxy config. You can also access the quanrantined files, the activity log and the virus definitions list. Manual scan and automatic scan can be performed.
2 - Norton Firewall
I didn't really understood how we use the Firewall function. Basically when you start it you have a tab showing the security level. It is have different security levels for World (the highest), Office, Home and Open Sapce Networks (the lowest). Also you can not modify them at all. You can access a second tab called Events by severity in last and a third tab "Event list" which show in details all the events that happened on your device, like soft reset, login success .... very weird as we can not reset this list, also we can not change any parameter in the Norton Firewall, everything is set by default
3 - Norton Secure Folders
from what I guessed, this utility allow you to choose folders on your device and set them as secure. I don't know what it does exactly but I think it should encrypt the data inside the folder so it's protected in case you have been attacked by a trojan who collects your data and send it to the pirate.
You click on menu->Add->then you choose from the list Device, Mircrodrive or Storage Card if you have one. Then you type the name of the folder you want to secure.
I did a test, I choosed Device, and kept the folder name blank and clicked on ok. It added the "secure folder" under device. if you try to remove it you will have this warning "Removing the secure folder will destroy all data in the folder. do you really want to remove it?"
4 - Norton Tools
It contains 2 utilities, GetUUID and Lock
GetUUID will display on the screen 2 series of digites
the first one don't know what it is and second one is your IMEI
I guess this info is needed when the final version is released and
you need to register the SW
Lock utility display the following message when u click on it
Encryption may take several minutes. Pls wait for the device to power off.
If you need to soft reset, pls wait until encryption is completed and the
device powers itself off.
I clicked on yes, so the device start encrypting something .... then the screen turned off. I turned it on using the power button and it displayed to me the password screen which I entered. then it displayed the message decrypting for about 30 sec, then I had my normal today screen ...
Im wondering if it does not encrypt/decrypt the secure folders you
already chosen using the "Norton Secure Folders" utility.
Ive wrote to Symantec asking them for a manual or user guide, hopefully they will reply.
I have rated this SW 3/5 on their site, mainly because it is not clear what all utilities does and because Firewall is set by default and noting can be changed.
Hope my feedback will be usefull, and I hope other users will bring to us their experiences with the different Anti-Virus SW they have used on their Pocket PCs.
Just as I suspected, no real viruses just a nice proof of concept that asks you if you want to try it:
WinCE.Duts.A
A back door that needs to be run and does not spread:
Backdoor.Brador.A plus it would be useless if you are on GPRS/EDGE/UMTS or behind a NUT router.
This one seems like it could actually be trouble, if:
a) you leave in Russia
b) you are stupid enough to believe you can get WAP pages through SMS and that it would be cheaper than GPRS
c) you can get it to work on PPC.
Trojan.Redbrowser.A!jar
This one though, I have to admit is rather clever - using .NET to run both on PC and PPC amd is fairly destructive:
MSIL.Cxover.A
It is still unclear, however how its spreads from PC to PC (presumably you have to download and install / run it).
Of course given the fact that many people save their docs on SD and not the default My documents folder and that they do not disable security completely on their WM 5 and up devices (which are becoming majority these days) the effectiveness of this worm is more than questionable.
Well I still think it is too early to actually by this kind of apps. Also I think that as with many other programs the same "heavy" approach that works on PCs with many resources will not work well on PPC (not the way they are today). A different solution to virus protection needs to be found to be useful.
But hey - thats just my opinion...
So from what ive read its still to early to be using a resource draining av on the ppc? If this is the case, how about Spybot S&D? Is spyware more of a threat than viruses? are they really that much different? I find that spybot updates more regularly(when i connnect wifi).
as with virus's i believe that have to be made to support ppc's
in which case maybe due to spyware makers lack of innovation
that market have yet to take off
WingChan: whether to use the software or not is a personal decision - my belief is: given the list of threats it is too early. Also I believe that the method used to protect against viruses on PC is not suitable for PPC because of the resource requirement. Something more efficient needs to be invented, perhaps taking advantage of difference in architecture between WM and desktop - like the fact that system files can not be corrupted but only hidden.
Note that BigDede preformed the test on HTC Advantage which has a 600+ MHz processor if I am not mistaken. I doubt the app would be as unnoticeable on my 200MHz Prophet.
But it is only a matter of time before someone writes a real and damaging virus for this platform as it becomes more and more common. So if you really value the info you have on there you might want to get protection already - although a good and frequent backup would be much better.
I haven't heard of spyware for Windows Mobile, only major one for BB - any one got any news on this?
There is a major difference between spyware and viruses:
Viruses try to cause as much damage as possible and their effects always become visible sooner or later, in many cases almost immediately after infection.
Spyware on the other hand, needs to hide and tries not to interfere in device operation as much as possible and show no sign of activity.
levenum said:
WingChan:
There is a major difference between spyware and viruses:
Viruses try to cause as much damage as possible and their effects always become visible sooner or later, in many cases almost immediately after infection.
Spyware on the other hand, needs to hide and tries not to interfere in device operation as much as possible and show no sign of activity.
Click to expand...
Click to collapse
Very good explanation of the differences between Viruses and Spywares.
I agree also that it is too early today to really worry about having protection, but I prefer to be ready instead of regretting and wishing I had some protection.
Very good remark as well regarding the frequent backup ...
Need Help
Hello Everyone,
I'm not a developer, but I found your thread on this subject via Google and was hoping I could ask a question...
I'm able to download the Norton Smartphone Security Premier Edition Beta version, but when I try to install it (which I assume must be done first to my laptop, followed by sync'ing my laptop with my 8525) a "Self-Extracting Archive" window comes up that says: "Warning, one or more files skipped". This occurs when the installation process reaches "Extracting: SUPPORT\START.ICO 100%".
Does anyone know what I'm doing wrong?
Many thanks for your time!
A. J.
ajbt said:
Hello Everyone,
I'm not a developer, but I found your thread on this subject via Google and was hoping I could ask a question...
I'm able to download the Norton Smartphone Security Premier Edition Beta version, but when I try to install it (which I assume must be done first to my laptop, followed by sync'ing my laptop with my 8525) a "Self-Extracting Archive" window comes up that says: "Warning, one or more files skipped". This occurs when the installation process reaches "Extracting: SUPPORT\START.ICO 100%".
Does anyone know what I'm doing wrong?
Many thanks for your time!
A. J.
Click to expand...
Click to collapse
Hi
Maybe this warning is not a big deal, have you tried to install it by double clicking on the start.exe file ???
G.S./BigDede,
Thanks for the reply. I really appreciate it.
If I understand your recommendation, I don't think that gets me where I need to be. However, it could always be user error on my part.
When I try to "Setup" the file I downloaded (called "NSSPB.exe") from Symantec, a window comes up that contains a button that says "Install". However, after I click on it, it gets to a point in the installation process that shows "Extracting: SUPPORT\START.ICO 100%", and the process simply stops and a small window comes up that says: "Warning, one or more files skipped".
In essence, it appears I have recieved the entire 4.04 MB of program files I downloaded, but something goes askew when I try to extract/install them.
I'm stumped...
Thanks again, A.J.
I'll extract the files and will zip them for you.
Send me via PM your email adress so I can send you the zip file
Cheers
I have noticed that over certain period the performance of my Kaiser degrades. Considering that it works great even after I install additional software and configure it to sync with exchange 2007, over time it start to act flaky. Could somebody tell me what causes this and how to resolve it?
My guess is it has to do with temporary and cache file used by different applications and os. If so, what should I be getting rid of?
Thanks in advance
rgelfand said:
I have noticed that over certain period the performance of my Kaiser degrades. Considering that it works great even after I install additional software and configure it to sync with exchange 2007, over time it start to act flaky. Could somebody tell me what causes this and how to resolve it?
My guess is it has to do with temporary and cache file used by different applications and os. If so, what should I be getting rid of?
Thanks in advance
Click to expand...
Click to collapse
u need to use some "cleaning tools" like sktools or memmaid. There are options to clear some files(temp. internet, ...) and to free up your ram. Thats the main problem, your ram memory is decreasing over time and the phone is acting slover. To make it quicker is to make softreset after some time or use this tools and free up your ram.
You also can use some tools (apps) which will automatically and periodically do the soft-reset for you,
e.g. during the night your device is unused etc...
You can use tools, I like Sk Tools as it is the most comprehensive tool period. But there are many things you can do manually as well.
Delete the files in: \Application Data\Volatile, also in: \Windows\Profiles\Guest\Cookies; History; & Temporary Internet Files; as well as files in \temp.
GSLEON3 said:
You can use tools, I like Sk Tools as it is the most comprehensive tool period. But there are many things you can do manually as well.
Delete the files in: \Application Data\Volatile, also in: \Windows\Profiles\Guest\Cookies; History; & Temporary Internet Files; as well as files in \temp.
Click to expand...
Click to collapse
I have to agree with GSLEON3. SKtools was by far the best piece of software I have purchased for my kaiser. It allows easy cleaning, sip changes, today changes, registry editor, and nearly any tool or tweak you can think of.
I suggest you check out their trial and see what you think.
Hi, I would like to give my dad my old Kaiser and my copy of TT6 now I don't need them.
However, I doubt very, very much that he will remember to keep it charged (He uses his phone like once a month) and it will most likely hard reset, losing the TT install.
I was wondering, is it possible to set it up so that should it hard reset, he will not need to reactivate tomtom maps.
I am thinking something along these lines:
1) Install a bit of s/w that monitors for registry changes.
2) Install TT6 and the maps, and activate.
3) Take a dump of the registry changes, and a copy of the files installed to the device
4) Build a CAB to install the REG and files in the right places and inject it into the ROM.
I guess that the maps could be installed to the SD card, as long as the s/w had the correct activation info then they would be OK?
Would that work? Any advice appreciated.
If a device running WM5 or newer goes flat it doesn't lose any of the applications or software that are installed, this used to be the case with WM2003SE or earlier OS, so let him have the device and it won't give you any issues with lost applications/ hard resets.
If you are still worried about this consider Sprite Backup, but it really isn't needed for this - Mike
evilc said:
Hi, I would like to give my dad my old Kaiser and my copy of TT6 now I don't need them.
However, I doubt very, very much that he will remember to keep it charged (He uses his phone like once a month) and it will most likely hard reset, losing the TT install.
I was wondering, is it possible to set it up so that should it hard reset, he will not need to reactivate tomtom maps.
I am thinking something along these lines:
1) Install a bit of s/w that monitors for registry changes.
2) Install TT6 and the maps, and activate.
3) Take a dump of the registry changes, and a copy of the files installed to the device
4) Build a CAB to install the REG and files in the right places and inject it into the ROM.
I guess that the maps could be installed to the SD card, as long as the s/w had the correct activation info then they would be OK?
Would that work? Any advice appreciated.
Click to expand...
Click to collapse
Another approach could be to keep the required cabs in the extended memory, modify the autoinstall.exe (usually by changing the autoinstall.ini) that runs after a hard reset to install the required files.
the only problem is that you would have to manually register the application.
(simply making changes in the reg. will not register/activate TOMTOM).
maybe you could have a note installed that would have the required registration info??
the other way would be to use a pre-activated tomtom.
Hi, I'm pretty much a noob to this forum as you can see from my number of posts.
Recently got a HTC Iolite and been reading the forums, there are some things that I wasn't able to find, so I thought I'd just ask about it here.
Programs affecting interface
Currently I have the following installed, QM2.8, M2DC, PHM reg editor, Touchflo of course, I'm planning to try out SPB Pocket Pack and SPB Mobile Shell.
Here comes the confusing part, what's the difference between each of these? Which programs are a complete overlap? I read somewhere that SPB Pocket Pack and MS can complement each other, but for TF and MS, it's either TF or MS and not both together. Any advice on this would be greatly appreciated!
About Hard Reset
I recently had a service.exe error after a soft reset. But it only happened once, I'm wondering whether it might have been caused by the installation of M2DC. So, I'm thinking of doing a hard reset. However, I do have some concerns. I have PAPAGO X3 installed when I first bought my Iolite. Upon doing a hard reset, will it remove PAPAGO as well?
What about programs that I installed on my storage card? What happens to it upon a hard reset? I'm sure it will have to be reinstalled, but what about the space it occupies on the storage card? Do I need to remove them as well, in other words, uninstall them first then do a hard reset?
Having said all that, I'm not particularly too concerned about the services.exe issue, since it's only happened once.
Appreciate any advice I can get! Sorry if some of these questions have been addressed in the forums, perhaps someone could direct me to the respective places?
hardreset return your device to how it was the first time you ever started it up
any program you installed after this will be gon untill you reinstall them
hardreset will not of cause change any programs located on the sdcard
but if any of those programs require dll's to be placed on the main device
or require some reg keys to be placed in the registry
then they too will require a reinstall
Rudegar said:
hardreset will not of cause change any programs located on the sdcard but if any of those programs require dll's to be placed on the main device or require some reg keys to be placed in the registry
then they too will require a reinstall
Click to expand...
Click to collapse
Does that mean that if the programs do not require dll's to be placed on the main device, I will still be able to find it immediately after a hard reset?