As u all can see,I'm a newbie here and also in android...A few weeks ago,I bought a Motorola Droid 2 Global from ebay,but it was locked,i've search many forums and can't find a way to unlock it manually,i did know that it was possible to unlock it with unlock codes supplied by verizon and other 3rd party vendors,and of course,the amazing turbo sim..But still the unlocking issue is one of the major problem in almost all of the mobile forums..
I've known that softwares have been developed for SGS and SGS2 to find the unlock codes,but why not for D2G??...is it harder than other phones?? I don't know anything about it,but I've some ideas to have the unlock code.This may sound stupid to the great developers,but I just want to share my ideas :
1.Since the unlock codes provided by verizon and some vendors work even in the place where verizon network does not reach,this made me believe that the unlock codes must be somewhere inside the phone(firmware etc.) to match the unlock codes that we typed in,so maybe there might be a possible to find it like we did in SGS2 with an app developed by Cainfire and Odin.
2.Brutal force : As i'm actually not a developer,i don't know how to create or develop an application..please don't expect me to do this..lol ..Will a delevoper be able program an application that can risk out the unlock code like that of a facebook hacker do it by a method called brutal force..as far as i know,the unlock code used to be 8 digits,and so that app wud risk all the 8 digit number till the correct one comes..
These are just my stupid idea,I shared them hoping that someone someday wud be able to develop the application...Thanks!!
and by the way,have anyone tried this method.??
m.wikihow.com/Unlock-Motorola-Phones-with-Windows
The unlock code is “stored” in baseband's memory. It's also not stored in some “plaintext” form; when you input the correct code, it gets saved into that memory area and the algorithm that verifies the code tells the baseband “yeah, it's alright to register on all those other networks”. The unlock code isn't compared to its “correct” copy, rather, it's input into an equation, and if that equation works out, it's considered correct.
There is no way to handle the code input box with some application. It happens inside the Blur framework (and sure enough you cannot input the unlock code if you aren't running stock firmware). Moreover, there's a significant delay on code verification, and after a certain number of attempts it blocks for 10 hours. 8 digits is 99 999 999, i.e. 99M possible values. Let's say you get 100 attempts (well, it's actually 10) before it locks out for 10 hours. So even if you manage to get an app to enter the code, this means you'll need 1 000 000 * 10 hours = 10 million hours to unlock. That's 416667 days. 1141.5 years. Are you ready to wait a thousand years while your device is looking for the right code?
Be fair! You are assuming you have to try all combinations, on average it is only half, so we are talking about a much more reasonable 570 years.
(Of course, if we revert to 10 rather than 100, it becomes 2,850 years). This is ignoring input time between the ten hour lockouts, but that is probably negligible.
hehe....i dont know what to say..just sharing my ideas..anyway i got a turbo sim and works 99% ...i think
Gasai Yuno said:
The unlock code is “stored” in baseband's memory. It's also not stored in some “plaintext” form; when you input the correct code, it gets saved into that memory area and the algorithm that verifies the code tells the baseband “yeah, it's alright to register on all those other networks”. The unlock code isn't compared to its “correct” copy, rather, it's input into an equation, and if that equation works out, it's considered correct.
There is no way to handle the code input box with some application. It happens inside the Blur framework (and sure enough you cannot input the unlock code if you aren't running stock firmware). Moreover, there's a significant delay on code verification, and after a certain number of attempts it blocks for 10 hours. 8 digits is 99 999 999, i.e. 99M possible values. Let's say you get 100 attempts (well, it's actually 10) before it locks out for 10 hours. So even if you manage to get an app to enter the code, this means you'll need 1 000 000 * 10 hours = 10 million hours to unlock. That's 416667 days. 1141.5 years. Are you ready to wait a thousand years while your device is looking for the right code?
Click to expand...
Click to collapse
sir,is it possible to alter or hack the baseband,like they did in iphone??
seijidinzuala said:
sir,is it possible to alter or hack the baseband,like they did in iphone??
Click to expand...
Click to collapse
Yes, but then you need to hack the boot loader... And there you're looking at a lot more years of brute-forcing compared to the mere 1200 or so GY calculated...
Related
Hi! Let me introduce a tiny app, available in English in the moment.
This program shows a small info window during incoming/outgoing call. It contents country, region, city (or mobile operator) and LOCAL TIME in that place (worldwide)!
See latest comments and screenshots on cyrket (I'm not allowed to insert links)
Detailed popup customization is supported
The phone base I collected and created (many errors there were fixed by hands) was only available in Russian, but today I released English base, made with help of Google Translate
I know, such translation is buggy (but still much better I expected). I hope you'll help me and other users to have a complete and accurate information about calls - just email me right from the program menu about any issues or comment here.
World time also changes (for example, Russia lost two time zones this March) and if you find any error - post here or email me
You don't need to download phone base. You may download its latest version from the app, but if you want to do it manually, unpack the zip to the sdcard's root
How accurate does it get? I don't get many international calls, but might be useful to know where a landline call from within the UK is coming from?
What happens with mobile calls from with the UK? I assume no detail at all then?
it covers both landline and mobile network all over the world, where it is possible to distinguish between numbers by area codes. just try =) there are more than 25000 records in the base
Sent from my T-Mobile G1 using the XDA mobile application powered by Tapatalk
Hi. How do you set this up?
I have placed my Country Code (00351) and set GMT to +1 and when I call from my desk to my phone, it says it's a call from India ...
afaik, country code cant starts with zeros. Please, provide full number (you may hide last four digits) and right country for you I'll check and write settings here
Erm, I think techinally it either starts with two zeros, or a + but you're asking for a single number?
For example, UK is either 0044 or +44
wow. That is new for me. I know that with one leading zero start local calls. And you say two zeros replace + . hmmm. try left country code blank, that may help, I think. and if not, please, type whole number without four last digits
Not sure if this is already obvious but as there seems some uncertainty. AIUI the correct way to state an international number is to prefix it with +. To make a call, the plus sign is replaced with the two (or sometimes three or four) digit international access code which depends on the country one is placing the call from. For Europe this is 00, for the States, 011 etc.
I'm in Portugal, and my number is +35193233xxxx. I have tried leaving it blank, but by default leaves a 7... tried with 00351, with 351 and when calls are incoming still stays it's from India.
I'll wait for further clarification and if nothing happens I'll un-install it.
By the way, it doesn't let me use the +.
Thanks
okay, and what was the incoming number? what it was looking like on the call screen? country code preset replaces leading zero or eight digit. so it doesn't interfere number detection in you case I think
Sent from my T-Mobile G1 using the XDA mobile application powered by Tapatalk
The incoming number was looking like this: 91811xxx
It's a mobile number from Vodafone.
Just got a call from Germany, and it identified the Country and city allright. Seems that it doesn't work for calls inside Portugal only...
i see eight digits and no country info in this number. if there are seven digits program says local call and do not provide any information (because there is no trusted information) in eight or more digits it tries to detect country code. it replaces leading 8 or 0 with country code from the settings - for example local russian mobile calls may look like 8916xxxyyzz - we replace 8 with country code 7 and identify it with MTS - the program even say region or city based on x or xx or xxx in the example above. but in your situation I have no idea how to detect that the call is local and country code needs to be put before the number =( I've never heard that income mobile number may be in the format you wrote - it should start with plus sign and country code or 8 or zero (Ukraine, Moldova). I'm whirled
Sent from my T-Mobile G1 using the XDA mobile application powered by Tapatalk
Any chance you can convert the database into something human-readable? I'll be glad to cross reference a bunch of Southern California area codes and prefixes so that you can get some more accurate data there.
Also, a program similar to yours got hit with a cease & desist a few months back by some patent trolls because they supposedly hold a patent on this very thing. You're in Russia though so I dunno if their reach extends to you. Just thought I'd give you an FYI.
XStylus said:
Any chance you can convert the database into something human-readable? I'll be glad to cross reference a bunch of Southern California area codes and prefixes so that you can get some more accurate data there.
Also, a program similar to yours got hit with a cease & desist a few months back by some patent trolls because they supposedly hold a patent on this very thing. You're in Russia though so I dunno if their reach extends to you. Just thought I'd give you an FYI.
Click to expand...
Click to collapse
please, email me a t r a n t . s g @ g m a i l . c o m (or from the program menu) to discuss db elements, thanks in advance.
and yeah... i've read that stuff and even contacted the author...
But, my program is better now, I think =) And I will hit 10000 downloads, I hope. That will be enough, I think, for my efforts and hand-made db =))
Uninstallation
How do i uninstall de database, can't find it but i takes 3 mb of internal memory. Anyone has a suggestion!!
castor.troy said:
How do i uninstall de database, can't find it but i takes 3 mb of internal memory. Anyone has a suggestion!!
Click to expand...
Click to collapse
Just remove the DB app. There is no way to leave DB app and remove the DB, android OS restriction (can't modify signed apk on the device)
uninstallation
So when i uninstall WorldCallPlaceAndTime.apk than de database will be removed from my internal memeory?
Castor
castor.troy said:
So when i uninstall WorldCallPlaceAndTime.apk than de database will be removed from my internal memeory?
Castor
Click to expand...
Click to collapse
Sure, man! Do it right now!
when do you guys think microsoft will stop giving out the activation keys?
i think soon cause of this new rom, but i'm happy i got my key already. lol
I'm already suprised they don't verify imei numbers before giving it to you.
nrfitchett4 said:
I'm already suprised they don't verify imei numbers before giving it to you.
Click to expand...
Click to collapse
that's extacly what i was thinking when they said for you to call MS to activate the phone.
nrfitchett4 said:
I'm already suprised they don't verify imei numbers before giving it to you.
Click to expand...
Click to collapse
Because you're going to see a load of banned Live IDs for this...
This must only be in the US and I have a HTC Trophy 7 in the UK and working on my live account without activating
alan1467 said:
This must only be in the US and I have a HTC Trophy 7 in the UK and working on my live account without activating
Click to expand...
Click to collapse
because they're talking about flashed HD2's which require activation
I'd be wary about doing it just so I don't get Xbox banned
hidden_hunter said:
because they're talking about flashed HD2's which require activation
I'd be wary about doing it just so I don't get Xbox banned
Click to expand...
Click to collapse
hey i live in belgium and i flashed my omnia 7 more than 2 time and it never asked for id
hidden_hunter said:
because they're talking about flashed HD2's which require activation
I'd be wary about doing it just so I don't get Xbox banned
Click to expand...
Click to collapse
which is the reason why i made a new account,
i'm not trying to risk my main account you know... lol
nrfitchett4 said:
I'm already suprised they don't verify imei numbers before giving it to you.
Click to expand...
Click to collapse
I have my imei and hd7 before so if they want it...I got it
my hotmail is also associated as dvp previously owned hd7
so I'm in the clear if microsoft has a problem
I Don't think they should have a problem anyways, it's not like WP7 is sky rocketting these days and this HD2 boost brings a lot of developers on board and a lot of attention, they are probably doind MS a favor... WP7 on the HD2 is the best thing that happend for WP7 since it launched, now with a far larger user-base, they can rack up money from Marketsales.
Besides, they can't check if you don't have an HTC HD7, they can probably ban all of those who activated their "HD7's" in the last week, but that will be very very wrong.
And lets say they do ban us, that will just make people mad and probably more anxious to hack the system even further.
tkato said:
I Don't think they should have a problem anyways, it's not like WP7 is sky rocketting these days and this HD2 boost brings a lot of developers on board and a lot of attention, they are probably doind MS a favor... WP7 on the HD2 is the best thing that happend for WP7 since it launched, now with a far larger user-base, they can rack up money from Marketsales.
Besides, they can't check if you don't have an HTC HD7, they can probably ban all of those who activated their "HD7's" in the last week, but that will be very very wrong.
And lets say they do ban us, that will just make people mad and probably more anxious to hack the system even further.
Click to expand...
Click to collapse
Love your logic. Actually, considering imei and serial numbers are device specific, if they would have asked, that would have stopped most people right there.
How many hd2's do you think are in the world? I don't think all that many. And how many xda members actually spend money on programs??? Most want them all for free.
hidden_hunter said:
because they're talking about flashed HD2's which require activation
I'd be wary about doing it just so I don't get Xbox banned
Click to expand...
Click to collapse
There is conflict when you have two sep phones with same account @live.com (ie: real wp7 and hd2-wp7) and then sign in at same time to try and use xbox live.
Edit/Update:
Wondering how live pvk and id goes to phone in hd2-wp7 situation where no real device provisioning partition exists?!?!?!??! This leads me to think that maybe:
Perhaps with Cotulla's partition layout over 4 seperate nand areas it would be an option to modify this and his wp7 spl because the activation thing happened AFTER (live activation hack around etc) he had finished leo70 release and then..........
-whilst jtag/usb or eth/debug happening- (obviously you'd though of this b4- im just theorizing- let me know if way off)- to take a HTC HD2 (LEO70) that HAS BEEN ACTIVATED ON LIVE and see where/how/when/with/which partitions, filesys, regkeys, etc, have pvk for live or the ffu and then insert a test cert like ur own xbmod/chevron. or whatever is in sdk for 7 or ce. and then utilize this to diff and comp. I dont see why not. Then .ffu then self signature.[/QUOTE]
If anyone is looking at doing this and needs hardware or I can help let me know thanks. Also:
Anyway to DUMP the newly-activated after-hack after-key after-ms-call hd2 wp7 contents completely? Any news on this unknown filesystem and sd jbod with nand? If a way to extract device provisioning partition etc. Not interested so much in live but more HSPL-for-WP7 creation to allow custom roms. Can not seem to find much on this. Anyone got ideas on own signature or other method using pre-existing leo70 nand parts as workaround maybe?
For the record - I have used a singled live key from Microsoft activation phone call more than 4 times on 2 devices and it works fine over and over: you have to consider fact that if vendor or product id was misflashed at factory onto DPP then every hardreset would not wipe this (unsure)? eitherway:
does ne1 know what the key over the phone from microsoft is actual doing? is this key taken with say imei or serial of phone and maybe your @live.com unique GUID and seeded or used with hash or some algorithm to produce a pvk for device provisioning partition? or it simply override and enable live? are there only one type of activation key over phone? seems there could be ones maybe based on your live address+guid and ones that completely allow model and oem identification to be cleanly changed?
I am just theorizing here from what I have been reading. Finally: Is it true that uk/etc MS stopped giving out keys and referring ppl to HTC etc for key2live?
leo70 said:
Edit/Update:
Wondering how live pvk and id goes to phone in hd2-wp7 situation where no real device provisioning partition exists?!?!?!??! This leads me to think that maybe:
Perhaps with Cotulla's partition layout over 4 seperate nand areas it would be an option to modify this and his wp7 spl because the activation thing happened AFTER (live activation hack around etc) he had finished leo70 release and then..........
-whilst jtag/usb or eth/debug happening- (obviously you'd though of this b4- im just theorizing- let me know if way off)- to take a HTC HD2 (LEO70) that HAS BEEN ACTIVATED ON LIVE and see where/how/when/with/which partitions, filesys, regkeys, etc, have pvk for live or the ffu and then insert a test cert like ur own xbmod/chevron. or whatever is in sdk for 7 or ce. and then utilize this to diff and comp. I dont see why not. Then .ffu then self signature.
Click to expand...
Click to collapse
If anyone is looking at doing this and needs hardware or I can help let me know thanks. Also:
Anyway to DUMP the newly-activated after-hack after-key after-ms-call hd2 wp7 contents completely? Any news on this unknown filesystem and sd jbod with nand? If a way to extract device provisioning partition etc. Not interested so much in live but more HSPL-for-WP7 creation to allow custom roms. Can not seem to find much on this. Anyone got ideas on own signature or other method using pre-existing leo70 nand parts as workaround maybe?
For the record - I have used a singled live key from Microsoft activation phone call more than 4 times on 2 devices and it works fine over and over: you have to consider fact that if vendor or product id was misflashed at factory onto DPP then every hardreset would not wipe this (unsure)? eitherway:
does ne1 know what the key over the phone from microsoft is actual doing? is this key taken with say imei or serial of phone and maybe your @live.com unique GUID and seeded or used with hash or some algorithm to produce a pvk for device provisioning partition? or it simply override and enable live? are there only one type of activation key over phone? seems there could be ones maybe based on your live address+guid and ones that completely allow model and oem identification to be cleanly changed?
I am just theorizing here from what I have been reading. Finally: Is it true that uk/etc MS stopped giving out keys and referring ppl to HTC etc for key2live?[/QUOTE]
I think the limit is 3 devices per key before MS drops the hammer.
microsoft germany support asked me for the IMEI of my HD7 (which is of course a HD2). the support guy entered the number i told him and i got an activation key.
i thought they maybe have a list of IMEIS from phones suitable for running WP7, but apparently not ...
Is it me or does the DeviceID of a Viewsonic G always come back as the same thing on every device?
I'm running TNT Lite. Running certain market apps immediately lets me take over an existing account owned by someone else, and other apps tell me my deviceID is already registered and give me the username / email address of the person who registered it.
First, it's a bad idea for an app to identify the user solely on the DeviceID. Second, it's a bad idea (and probably against the Android specifications) for all devices to report the same DeviceID, I would assume.
I've also written an app that tracks mileage for tax purposes. I developed a web based license solution that allows a user to either purchase the "pro" version through the Google Market, or I can also "gift" it to people, identified by their gmail account.
When I gift it to someone, it allows them to register up to three devices associated with their gmail account and it sends me an encrypted one-way hash of the DeviceID. I've seen a couple of the same DeviceID's associated with users that my own gTab reports.
This also means if anyone tries to set up an app that does any sort of encryption key based on the deviceID that it would be easy to break.
So, long story short, is this a problem with the core Viewsonic build, or is this an effect of TNT Lite? Or are all DeviceID's the same unless you have a cell radio?
VEGAn 5.1.1 has the same problem... found that out the other night while trying to get Line2 going.
If memory serves correctly there's a hack involving the Android Emulator that I'm adding to my list of todos.
Well I found a post here by Chief Beefalo describing how to do it, but his post is wrong when it comes to the viewsonic.
It's stored in the database at:
/data/data/com.android.providers.settings/databases/settings.db
In the "secure" table is a row with device_id. Just update that from sqlite should do the trick. It's a 16 digit hexadecimal number.
Of course then you still need to generate a random number that doesn't still conflict with anyone else...
Now the security expert in me starts to think about how bad it would be to write an app that would roll through a ton of deviceid's and log into Pocket Empires (which only locks it down by the deviceid, no password) and trash people's accounts.
I believe you found the android_id ... check out this write up:
http://augendev.wikispaces.com/Market+Fix
start at step 18
And I can confirm this works. You can use a tool such as Android ID Changer (on the market) to update your id. Once that is done you're now free of all the other custom rom holders.
Line2 is now working great for me!
Here's another link to the same (basic) instructions with a better download link if you have problems with the one above:
http://www.smartqmid.com/wiki/index.php?title=Getting_Android_Market_to_work_with_2.1_v1
Can't I just modify the Android ID with a random 16 hex digit number? It might be a duplicate with 1 device out there, but that would be better than to be a duplicate with every ROM of the same kind?
The emulator solution takes all of maybe 15 minutes. You could also look into stealing 15 of the 32 bytes consumed by a guid. I'd like to find the code that supposedly regenerates the android id and host it on a web page. Curious to learn what its variability is.
Sent from my Tegra 2 gTab using Tapatalk
This is also what we used to do over on the Pandigital Novel Slatedroid forum. It was called the "ugly" Market hack. Maybe it should have been called the "secure" Market hack.
When I originally got my GTablet, I couldn't figure out how to port the ugly hack over, and eventually we found the other Market hack that we currently use. Also, interesting enough, I added the xbin folder into TNT Lite originally to get sqlite because of early attempts to get that hack working.
OK. So I tried the emulator path and the problem I have is that I ended up with a 18 digit Android ID instead of the 16. The Android ID application will not let me change the ID to an 18 digit number, only a 16 digit one. Any ideas?
I dropped the first two digits ... go figure
Btw I'm finding the same Id on every rom ... it is not limited to any one distribution. The only app this has visibily effected for me is line2. Seems fewer and fewer apps rely on this value... atleast on its own. Problem for us is some bring in the imei code and all the gtab is going to do is return zeroes there.
Sent from my Tegra 2 gTab using Tapatalk
Synman said:
I dropped the first two digits ... go figure
Btw I'm finding the same Id on every rom ... it is not limited to any one distribution. The only app this has visibily effected for me is line2. Seems fewer and fewer apps rely on this value... atleast on its own. Problem for us is some bring in the imei code and all the gtab is going to do is return zeroes there.
Sent from my Tegra 2 gTab using Tapatalk
Click to expand...
Click to collapse
So you just dropped the first two digits and it worked? Let me try that!
Thank you!
BTW, I am running Vegan 5.1.1 So this is not a TNTLite only problem. I am guessing that any ROM will have this problem.
Agreed. I've seen the same id on vegan 5.1 and chalkilin.
Sent from my Tegra 2 gTab using Tapatalk
A suggestion:
any coder, or anyone who can modify the "SettingsProvider.apk" can change the creation to something else.
On FolioMod and Elocity i changed it to be based on the "ro.firstboot" value, so any new installs will always be different, and yes it might conflict in any firstboot values match by the second or a minute in other parts of the world but chances are small.
its normally generating it from the ro.serialno value..
Hi Guys. I've been wondering around the internet looking at information for unlocking sim locked mobile phones and have come across the same typical information. I was wondering if anyone knows the in's and out's of how the operators lock their phones to thier networks so that at least it can answer a few questions which I have not come about.
Now I know that there are various programs out there for nokias that use your IMEI number to generate codes to unlock your mobile phone, but as I'm not a nokia user and have an old HTC Hero, these I guess would not work.
I have also tired and failed to look for software that does the same for smart phones. Code generators etc...
The only solution I can find is to use a website to input my IMEI number, pay a rediculous ammount of cash to get a code to unlock the phone.
Now, obviously these companies can get hold of the information to generate the code to unlock the phone.
1. Do they get this code from a program they use? And if so... would anyone like to share the name of this program with us???
2. Or is it a case that they gain the codes from the operators who lock them in the first place? And thus there is no way of getting the code to unlock the phone? (with out paying)
3. Are there any programs on the net that can decode these codes that are made for Android phones or universal, or apps made to automatically do this via the android market etc...
4. If not, is there anyone who would be able to make one? I've seen one for the samsung Galaxy s2. But would there be a universal one available or someone willing to write apps for the specific phones if that's the case?
5. I've rooted my phone, would using a different rom unlock the phone? Or is this totally seperate from the rom?
I just find it difficult to believe that with all the rooting, making software run on phones they weren't ment to, app building and stuff you clever people do on this site... why does it seem so difficult to do and make something that unlocks the phone to all networks? Is it actually that hard?
6. I'd like more information on why it is so hard if anyone knows?
Thanks everyone for any information and any help you can give me on this matter?
Regards.
anyone have any info or ideas?
Found this thread created recently on another website. I thought you guys might be interested in reading the content.
Github page: https://github.com/julKali/nokia8-evenwell
Here are some of the most interesting comments:
mattlondon 2 days ago [-]
So I have spent some initial time looking at this.
com.evenwell.autoregistration.Caivs has some worrying looking stuff.
There is a website here with the username and password in cleartext in the jars: https://www.c2dms.com Nothing visible/doable once logged in from what I could see.
It also appears to be collecting fine-grained location data, e.g. this is the output from logcat (I have obfuscated my own GPS coords here, but they are 6 digits of accuracy)
Code:
2019-03-30 19:38:21.406 15139-15159/? D/[CAIVS] LocationFinder: LocationUpdated: 3.location:Location[gps 51.xxxxxx,-0.xxxxxx hAcc=39 et=+1d19h59m28s923ms alt=102.50201416015625 vel=3.09 bear=14.3 vAcc=24 sAcc=3 bAcc=10 {Bundle[mParcelledData.dataSize=96]}]
2019-03-30 19:38:21.406 15139-15159/? D/[CAIVS] LocationFinder: updateLocation: gps accuracy:38.592003
2019-03-30 19:38:21.406 15139-15159/? D/[CAIVS] LocationFinder: updateLocation: is in accuracy :1000
com.evenwell.autoregistration.Utils.RegisterManager seems to be doing some scheduled checks and doing something with this collected data in the first 24 hours, then phased at 15 and 90 days. It is not clear what is happening having only done an initial scan over this.
It does look like they are doing some checking to see if the device is a Nokia device and selectively doing or not doing location-based stuff based on that, e.g. from com.evenwell.autoregistration.Utils.GetInfo
Code:
2019-03-30 20:09:25.108 16558-16577/? D/[CAIVS] GetInfo: getCellLocation: in black list
Further investigation probably warranted. This looks a bit suspect and might only send data on specific days (and would explain why I did not notice anything outbound over my 4 day period of checking before).
Click to expand...
Click to collapse
I found this in English: https://web.archive.org/web/20081027134825/http://www.cseed....
Quote: "CAIVS notifies our system when the handset is purchased. Data includes the date, time, and location that a SIM card is first inserted into the handset, the inserted SIM card's telecom operator, the handset's operating system, the handset model and phone number, and even the time when it is first turned on. "
WTF.
It is not clear at the moment if there is a blacklist on the MCC code going on in com.evenwell.autoregistration.Util.XMLHelper that reads from /product/etc/AutoRegConfig.xml is this line:
Code:
<NOKIA>
<REJECTMCCLIST>232,206,284,219,280,230,238,248,244,208,262,202,216,274,510,272,222,247,295,228,246,270,278,204,242,260,268,226,231,293,655,214,240,228,234,235,520</REJECTMCCLIST>
</NOKIA>
These are - I think - the Mobile Country Codes (https://en.wikipedia.org/wiki/Mobile_country_code) it gets from the cellsite. This list is basically the EU + South Africa, Thailand and Indonesia. Don't know what things are like in SA, Thailand or Indonesia but in the EU this sort of thing would not be acceptable. Looks also like there is a hard-coded short-circuit in getLocation() in com.evenwell.autoregistration.Util.GetInfo to always return no location lat-longs which appears to trigger another shortcut in RegisterManager that shortcuts out to the "Caivs not in registration phase" log output which returns without triggering the sendToServer() calls on other code paths.
I am not convinced that this will never send location back, but looks like it might have been updated with to prevent phoning home in those countries in the MCC list (and maybe by hard-coded shortcuts the actual code). This would meet with what was said with there recent phoning home response from Nokia - i.e. (https://translate.google.com/translate?u=https://nrkbeta.no/...)
Click to expand...
Click to collapse
As foobarbazetc noted, the listed packages have been specifically developed for Nokia (HMD). And although many only actually send telemetry on Nokia phones that have been sold in China, there is still quite a lot of data at stake that can be used to track the device when combined with data from other sources.
I wanted to share my findings to create the awareness that the mechanisms are there and it only takes a little misconfiguration (see https://arstechnica.com/gadgets/2019/03/hmd-admits-the-nokia...) and all this goes straight to the Chinese authorities.
Click to expand...
Click to collapse
full thread: https://news.ycombinator.com/item?id=19530670
This is why I feel like a custom rom for this phone is long overdue so we can use our phones free of concerning bloatware and privacy issues.