Related
Circumvent Device Lock in Blackberry Connect for Windows Mobile
---------------------------------------------------------------
Description:
------------
BBC features a security module that, if configured and activated, locks the device after a specific amount of time.
In a corporate environment this is usually set up by a security policy which is pushed to the device via Blackberry Enterprise Server (BES).
If the device is locked the user has to enter a password to unlock the device again.
There are two ways a user can compromise the security implied with the BBC security service.
1) Using a task manager a user can deactivate the BB security service (bbsecurity.dll) which is responsible for enforcing the security policy. The BB service itself is not affected by stopping the security service as long as the device is not rebooted. Thus the security policy is no longer enforced but the user is still able to use all other BB features.
2) The BB security service does not block all user actions during device lock. Only the screen overlay is enforced but applications might still be started using hardware keys. There are several ways to misuse this flaw. One for example is if a voice command software is installed, the user can still send voice commands to the device. If Microsoft Voice Vommand is installed and bound to a hardware key and the device gets lost or stolen a malicious person can press the voice command hardware key and ask for upcoming appointments, dial numbers etc. which leads to information leakage.
Affected:
---------
Blackberry Connect (BBC) for Windows Mobile PocketPC 4.0.0.97 (only version tested, but suspectable all currently available 4.x versions)
Not Affected:
-------------
Blackberry Connect (BBC) for Windows Mobile PocketPC 2.x
Workaround / Fixes:
-------------------
None
Vendor Contacted:
-----------------
14.05.2008
Vendor Response:
----------------
None
How to deactivate it?
Hi,
I am looking for long time how to deactivate this security feature and would be interrested how to schedule with a task scheduler the dll??
Could you please advise how to do this?
Thanks
jsimpson said:
Hi,
I am looking for long time how to deactivate this security feature and would be interrested how to schedule with a task scheduler the dll??
Could you please advise how to do this?
Thanks
Click to expand...
Click to collapse
You cannot deactivate it completely since the policy is enforced after each softreset. As I wrote you can use a task manager to stop the service, but you should under no circumstances stop it permanently because your device will not come up anymore if the service is completely disabled.
So to get back to your question; No, I cannot tell you how to do it with a task scheduler as the only way I know is using a task manager.
One can write a small utility to stop the service and after a softreset one can run this program to avoid using a task manager for that, but AFAIK there is no such program.
mmm After being happy when I put the WWE HTC rom on my TMO Vario IV and after managed to install and initialize Blackberry Connect .103 I got disappointed when the BB security lock came in the first time.
I cannot set the lock-timer higher than 15 min.
Its extremely nasty when I am driving using Tom Tom navigator.....have to type the password every now and then (I have the feeling not exact 15min's!).
I tried the stop-service trick, but that one appears non working with (at least) BBC version .103 and .104 on my device.... Without running BB security service the device wont wake up or soft-reset itself.
Has anyone encountered these new issues with BBC 4 security lock and has anyone found a solution yet???
Was thinking to let the security lock active (preventing my device from locking up or soft-resetting spontaneously) and to build a script that runs in the background checking whether or not the security lock screen is present. And once it is...pastes the security code in the box and pushes OK.
Does this sound do-abe?
edsub said:
Was thinking to let the security lock active (preventing my device from locking up or soft-resetting spontaneously) and to build a script that runs in the background checking whether or not the security lock screen is present. And once it is...pastes the security code in the box and pushes OK.
Does this sound do-abe?
Click to expand...
Click to collapse
Do the same for GOODLINK and you got a deal!
Well I managed to fix this like I mentioned.
Attached are 2 Mortscripts that to run in background from \Program Files\Mortscript
(I have a shortcut in \Windows\StartUp to make sure it is run when my devices is reset, so i do not have to start it myself after every reset, but thats optional)
The 1st script is for general purpose: It just makes sure you will not be bothered again by the BBC security screen
The 2nd script only works when TomTom navigator is active.
You simply choose which script suits your needs best. Both can be run at he same time also I suppose.
The 1st script, BBCUnlock.mscr, simply waits for the security screen, sends the appropriate keystrokes (leftsoftkey, password, leftsoftkey) and restarts itself (to wait for the next security screen popup).
Beware:
1. Enter your own password in the right placxe in the script before using it.
2. Comment-out the last line until you are absolutely sure the script works (remember: 10 wrong passwords deletes all BBC data on your device!!)
It runs in a couple of seconds (which you see happening)
The 2nd script, NoLockTTNVGA.mscr, only works when TomTom Navigator is running: Every 10 minutes it taps the zoom-in and zoom-out hot-spots in TomTom's 3D view (based on VGA resolution!!), before re-launching itself again. This makes the security time-out will never happen as long as TomTom is running.
Update:
The NoLockTTNVGA script works flawlessly, but only fixes the issue when TTN is active
The BBCUnLock script has some glitches. Apparently it locks up my device when
- a reminder 'stays active' for some reason.
- TomTom Navigator is active (but that can be fixed whith the other script!)
The script can be run simultaneously. And when you have TTN: for now they must!
Not sure how to make the BBCUnLock script more stable, any help appreciated.
Hi edsub,
Thanks for your efforts so far. Up to now I have used MemMaid in my startup files so that after a soft reset, I have to firstly unlock the Blackberry and secondly the MemMaid then kicks in and I disable Blackberry Security in Startup Services. This means the security is overridden until my next soft reset as you already know. Therefore, I don't need to install the mortscript for TomTom.
However, I am particularly interested in the other mortscript you have given. I want to be able to simply soft reset my Diamond and then just leave it, without having to (1) input my password and then (2) disable the Blackberry Security in MemMaid.
I think your mortscript is possibly the answer to my prayers.
However, I have installed it to my device and also installed MortScript v4.3.0.2 Beta. I am concerned that (1) I am a beginner & this is too advanced for me and (2) running mortscript will eat up my battery.
I have renamed the extention on your file with .doc and input my password overwriting the appropriate parts) on my desktop and then renamed the extention back to .mscr and then installed in the MortScript folder back on my Diamond.
In MemMaid, I have put the Mortscript and Autorun .exe's into the Startup Items section, so this should run after a soft reset.
However, my Diamond does not unlock itself. What am I doing wrong?
I really appreciate any help you can give me. I am very much a newbie with this program!
I am persevering with this, but cannot get it working. I have put a shortcut for Mortscript.exe and the BBCUnlock.mscr into my Windows Startup folder using MemMaid. I have also tried to change the order of the programs starting on MemMaid, but this does not seem to have any effect on inputting the password. I have obviously changed the word "secret" to "mypassword" in the BBCUnlock.mscr file. I have also tried just putting the BBCUnlock.mscr (without the Mortscript.exe) in the Startup folder.....
I would appreciate your help edsub...
Update:
I have managed to get the BBCUnlock.mscr work during normal operation, but it does not work for the password immediately following a soft reset (it does work thereafter).
This is already a huge improvement as I don't need to then disable the Blackberry Security from MemMaid following a soft reset. However, how can I get it to work for the password immediately following a soft reset?
Please help edsub!!! This is the final ingredient to my perfert Diamond!!!
I think the Mortscript does not run until AFTER the Blackberry Security has been unlocked for the first time following a soft reset. I have tried to change the order of the shortcuts on MemMaid, but haven't managed to succeed. Can anyone offer any help PLEASE???
I have tried some more things too:
Added in a sleep timer of 5 seconds from sensing the "owner information" to pressing the left soft key and also increased the time from pressing the left soft key to inputting the password. It works great in normal mode, but still doesn't work for the single password required immediately following a soft reset.
Also I have tried to put not just a shortcut into the startup folder, but the actual mortscript itself. Plus the shortcut!
I can't believe there aren't more people with this problem. Edsub has certainly created a wonderful mortscript here. It is nearly perfect and I'm sure others would want it if it worked for ALL password inputs required.
Can anyone please help????
I guess Mortscript is not running before the password is given for the first time. I have this behaviour too. So i have to give the password myself right after reset. After that the Mortscript takes good care of it.
edsub said:
I guess Mortscript is not running before the password is given for the first time. I have this behaviour too. So i have to give the password myself right after reset. After that the Mortscript takes good care of it.
Click to expand...
Click to collapse
Hi Edsub, nice to see you back! Thanks for the reply & PM. Your Mortscript programme is still the most important programme on my device! I did try to re-order the start up processes on SK Tools so that the mortscript would start before the Blackberry security, but I couldn't get it to be more important in this way!! Now I have a Diamond 2 and am hoping not to have to soft reset at all. I have another problem now - I can't seem to get BBC working at all on this phone, but that's another story.....
EdSub, as you are my hero for getting the Blackberry security to sort itself out via your Mortscript programme, I wonder if you can write another Mortscript programme for this: http://forum.xda-developers.com/showpost.php?p=4381321&postcount=89?
I would be very grateful!! I think other Blackberry users would be too.
Hi,
Maybe the question is idiot, but reading the first post, I was wondering why not create a small script which would simply deactivate bbsecurity.dll on startup... If I read it well, doing this once would be enough, and have no impact on the BB service itself...
Using a small sleep, it would be easy to put this script directly in the windows startup folder so that the sleep leaves enough time for the dll to start, and then deactivate it...
Isn't this possible?
Thanks
bbdoc said:
Hi,
Maybe the question is idiot, but reading the first post, I was wondering why not create a small script which would simply deactivate bbsecurity.dll on startup... If I read it well, doing this once would be enough, and have no impact on the BB service itself...
Using a small sleep, it would be easy to put this script directly in the windows startup folder so that the sleep leaves enough time for the dll to start, and then deactivate it...
Isn't this possible?
Thanks
Click to expand...
Click to collapse
Edsub already did this with Mortscript. It doesn't de-activate it completely, just senses when the code is required and then enters the code. I would like a script which does what you are suggesting.
mitsi said:
Edsub already did this with Mortscript. It doesn't de-activate it completely, just senses when the code is required and then enters the code. I would like a script which does what you are suggesting.
Click to expand...
Click to collapse
Yes, I know this script, and I'm using it... It's working quite good, even if it sometimes misses the code, don't know why... but I'm a bit worried about battery consumption linked to the fact a script is constantly running only for typing this password every 20 minutes... Deactivating the dll would probably be a more efficient solution, but maybe this is not possible using mortscript...
bbdoc said:
Deactivating the dll would probably be a more efficient solution, but maybe this is not possible using mortscript...
Click to expand...
Click to collapse
You can use the attached program to stop the service. Just execute it and the service will be stopped. However, you have to do this after each softreset. I recommend to wait until the connection is established to the RIM network and then use BBStopSec.exe
Hope this is what you were looking for.
That's indeed what I was looking for... I'm just surprised it's an .exe and not .mscr...
Is it something you compiled yourself? The idea I had with the mortscript was to add a sleep before stopping the service, because this way, I can simply put it in my startup folder and it will launch automatically after a soft reset... As far as the first lock screen will only come after 20 minutes, I could even put a sleep of 10 or 15 minutes before stopping the service and I would never get my screen locked...
Exchange admin is forcing outlook password every hour so my phone is locked. Is there a way to extend this timer or turn off the password all together in the registry in WM6.1. There was a thread a while ago for this in WM5 but it does not work for WM6.1 Some one please help!!
Use this CAB. It will let you extend the timeout up to 24 hours.
It doesnt work. Once its installed it just runs in the background. There are no options for it.
I have a HTC Diamond
EDIT:
In addition, all this app seems to do it monitor and write to the registry for
HKLM>Security>Policies>Policies>00001023 to = a 1. I have even manually set this and after the passlock (activesync) enables the value is still the same which makes me think there is a different value for WM6.1
Thanks for the reply.
Yes, i know i can do it manually clossing app (QuikMenu, synckill, etc.). Also i´ve tried in Notifications inTaskMgr excluding: replog.exe -->AppRunAfterTimeChange .. without success. Actsync for some strange reason always start up in a few minutes. Really is ennoying. I need KILL actsync when i don´t need it !
Please, any way to kill actsync?
I have WWE 6.1 in a Mio A701 (20931 M2D cooked)
THANKS A LOT
Frank
You could use mortscript never tried it, but in the manuals there is a "kill" function to close a application
9.21.6 End a running process (Kill)
Kill( process name )
Terminates the application. The parameter must be either the name of the exe without path (e.g.
solitare.exe) or include the entire path. Like with ProcExists, you should prefer the version without
path. See 9.21.2 Checking existence of a process (ProcExists) for more details.
WARNING: This command kills the process regardless of any losses!
It could cause data loss, crashes, or error messages.
Wherever possible, you should use Close instead, which allows the application to end gracefully
(save/close files, etc.).
from: http://www.sto-helit.de/downloads/mortscript/MortScript-Manual.pdf
You could also try quickmenu (it's somewhere around these forums), it has an option to automatically close activesync.
Thanxx..
I know that these options let to kill activesync, but manually, by press soft or hardware button. Now i have assigned a buttont to Close-all-app in QuickMenu and other hardbuton to execute SyncKill app that does te same, but only for this process. My "dream" is to see closed actsync automaticaly after disconnection on pc and don´t see again process active (i suffer also to see screen turn on every time actsync enable it without motive). When i plug device to pc must connect again, of course.
I´ll try again option in QuickMenu called "Close Actsync when disconnect Pc". I think i tried it but didn´t work me. Maybe works me now in my actual ROM.
Frank
try async killer here....
http://forum.xda-developers.com/showthread.php?p=2136914
Yes. I know.. In first post i´ve said that KillSync (async killer app) let me do the same action than QuickMenu (close all app). It´s a manual action by hardware button. I wish to do automaticaly but i don´t find solution.
Option in QuickMenu called "Close Actsync when disconnect Pc" don´t work too. After some minutes, f**** actsync proccess appear again, grrrrr...
Thanks for your atention!
Fk
There's a solution in KhanX's Touch Navia 1.5 ROM thread in the polaris section.
it's in the FAQ if I'm not mistaken.
I´ve searched in post u say and it´s the same async killer app that i said in first post. This app kill proccess when you execute it but in a few minutes, actsync appear active again. I must to press Asynkiller again (or close all app in QuickMenu). Uhmm, mb a morscript that execute asynkiler every...10 minutes?
Thanks friend!
no no.. there's a registry solution there.
Yeah, just found it..
http://forum.xda-developers.com/showthread.php?p=2921549&highlight=sync#post2921549
Second option (replloc.exe notification i have dissabled it some time ago without success). First option in regitry is a new solution but don´t work. Actsync appear again, again, again, grrrr. I will cut my veins with a comb..
Thanks again. I´m sure finally i´ll find solution in this forum. It´s the best!!
Frank
Activesync periodically starts itself and hogs your PocketPC's precious resources. To prevent this from happening you can do this trick.
--
1. Open Activesync
2. Menu > Add Server Source
3. Add Server address [one letter will do] > Next
4. Fill in the fields [again one letter will do] > Next
5. Un-check everything [optional] > Next
6. Really Close Activesync [optional but recommended]
7. Open Activesync again
8. Menu > Schedule
9. Choose Manually for both
10. Close Activesync
--
Activesync should start when you connect your device to a Computer but will not start periodically and use resources.
--
Hope this helps... ^_^
WOW... I try this trick inmediately...
Yeah! Finaly, it seems this trick works ok !!
Thanks a lot
Frank
Thank you sakshamkatyal.
I have this issue with every ROM.
I have a Μιο Α701 like mainsail, so if this a solution for him,
it's for me too.
do us all a favor and don't cut your veins with a comb.
tho... it would make a good laugh cause on your headstone we could write:
"XDA-Member - died due to ActiveSync problems"
That´s an old joke from south of Spain (traslated to english), haha..
You have saved my live !!!!
This is a cool trick. I wanna do this but I'm wondering if I need activesync running in the background for push email to work? I'm using Mail2Web.
Thanks.
hi folks,
i urgently need a simple programm: it should run without having any .net sdk etc on board.
it should simply disable wlan, bluetooth, phone etc. without any questions on program start.
because my device hangs up after booting WM6 and all i see is the bluetooth/wlan led flashing. so i need this application which i can autostart form my sd card (already working, i managed to reset some reg settings but my visual studio doesn't have the requiered entries for bluetooth and phone communication) and disable all this stuff.
it is not necessary to have a gui or something, just on start of the app it should deactivate all things.
thanks in advance!!!
guro
I'd suggest you change the notificication in the paranthesis to REQ
..
Hello,
I have an HTC Touch Cruise with windows mobile 6.1. I use it on my motorcycle with TOMTOM NAVIGATOR, and earphones. I config TOMTOM, push the today screen and lock my phone. It works perfect for 10 min.
After the 10 min, windows mobile displays a message:
"TOMTOM NAVIGATOR is still running an using the battery would you like to close NAVIGATOR", you must aswer the question with YES or NO.
If you do not answer the question, windows mobile close the NAVIGATION software. > very irritating....
Is there an solution to disable this battery saving function, so the NAVIGATION software must never stop automatically...
Thanks
it only asks if tomtom is running in background
I reckon your screen lock is behaving as foreground app. first try to run tomtom without keylocker, if the issue is gone, search for different keylocker.
otherwise, there is no trigger, nor registry for this.
Not working
Hello,
I have tried to not locking my phone, but only running tomtom with windows mobile today screen.
Then also i recieve the question.. Are there other solutions, or this problem ?
something is running in front of it. Something on your pda is behaving as front app. You need to find out what is it and stop it from running.
use a proper task manager like fdc. post out list of processes here. We will tell you what else it could be. Which procs are required and which you can safely kill.
There is no tweak to stop the pop up question. You can run a script which would wait for it and always answer yes, but that's not proper solution
reply
Hello,
If you have an script what always saying NO, it is perfect.
Here are the proccesse that are running:
NK.EXE
filesys.exe
tmail.exe
device.exe
SAPSettings.exe
gwes.exe
shell32.exe
services.exe
connmgr.exe
cprog.exe
QuickDail.exe
APLauncher.exe
MediaHubMini.exe
Biotouch.exe
GNAngent.exe
sddaemon.exe
repllog.exe
TaskManager.exe
TomTom Navigator.exe
Do you know what procces is causes the note? maby i can kill it..?
These you can kill safely:
in order what I suppose could cause your trouble.
GNAngent.exe - google nav
APLauncher.exe
MediaHubMini.exe
QuickDail.exe
SAPSettings.exe
Biotouch.exe
these below are just standard winmo apps, shouldn't be doing problems, but you can close them for a try:
connmgr.exe - comm manager
tmail.exe - mails
repllog.exe - activesync
sddaemon.exe - speed dial
cprog.exe - phone functions
can't kill:
services.exe
device.exe
shell32.exe
gwes.exe
filesys.exe
NK.EXE
===
use the same proram for closing app, upper toolbar on bottom, 3rd icon from left. close all except those I wrote you can't and give it a try.
it should help, then you need to find out which of them is trouble maker and remove start command of it.
If this won't work, I can send you that script.
Not working
Hello,
I have killed all the proccess:
GNAngent.exe - google nav
APLauncher.exe
MediaHubMini.exe
QuickDail.exe
SAPSettings.exe
Biotouch.exe
connmgr.exe - comm manager
tmail.exe - mails
repllog.exe - activesync
sddaemon.exe - speed dial
cprog.exe - phone functions
But no results, i recieve again the note... to close tomtom. Please can you send me the script. So i can try it.....
Script
Hello, Iam running TOMTOM v7.915 with Windows Mobile 6.1 Pro.
Look also in the attachment, for the picture..
tomtom82 said:
Hello, Iam running TOMTOM v7.915 with Windows Mobile 6.1 Pro.
Look also in the attachment, for the picture..
Click to expand...
Click to collapse
try the new version first,
for this script you need to install mortscript (cab\mortscript-ppc.cab). then copy file RunTT.mscr from runTT.zip to windows folder and .lnk file to windows\start menu\programs
I have no idea if it will work though. there is commented out another option for pressing the key, try to switch them if it will not work like it is.
Hey guys.
Was a solution found to this? I too use TTNavigator7 on my motorbike and have the same problem with WM6.5 closing TTN after 10 minutes. WM6 asks if I would like to close Navigator and if I don't answer, Navigator is closed and then the phone goes into sleep mode after the normal sleep timeout.
Of course, I could power up the phone when on my bike using a USB cable, but that would negate the benefits of the Bluetooth receiver that I've just attached to my intercom system on my Harley.
The HD2 was an upgrade from a TYTN II running TTN6. The timeout problem did not occur with that combination!
I've tried to stop the problem using Keepawake and Deltalock but neither works (I used Deltalock successfully on my previous phone).
I so hope that there's a decent solution to this problem.
Neil
papo said:
try the new version first,
for this script you need to install mortscript (cab\mortscript-ppc.cab). then copy file RunTT.mscr from runTT.zip to windows folder and .lnk file to windows\start menu\programs
I have no idea if it will work though. there is commented out another option for pressing the key, try to switch them if it will not work like it is.
Click to expand...
Click to collapse
Hi Papo
I've installed MortScript and tried out your RunTT script. Mortscript seems to not be recognising that Windows has displayed the notification. I suspect that it may be because it's a notification rather than a full window - does this seem likely to you?
I'm sure that this is where the problem lies - I've added lines to the script to display debug messages and the code to respond to the notification is never getting executed.
Is there any way that you can suggest to trap the notification within Mortscript please - I haven't used Mortscript enough to know where to look next.
Thanks
Neil
Hi Guys
I've cracked this problem - I couldn't do it by trapping the notification, so I attacked it a different way. The attached script just counts how long TomTom has been in background and then makes it the active window every nine minutes to stop the timeout.
If external power is used, or if TomTom is brought to foreground, then the counter is reset and the counter is only restarted when the power cable is unplugged or TomTom is sent to background.
The process relies on the KeepAwake program. The script will automatically load KeepAwake if it's not running.
It's my first Mortscript, so it may not be coded the way experienced scriptwriters would write it so if anyone wants to suggest improvements, then I'll be happy to take them on board.
When I'm out and about on my bike, I use a program called deltaLock by Christophe Sommer to lock the screen. I set deltaLock to use the HTC back button to unlock and Lock Mode set to "black screen" (I used this on my Tytn II with TTN6).
Happy to receive any feedback
Neil