Related
QUESTION 1
I've been flashing and reflashing ROMs for a couple of weeks now and am very impressed with Dutty's latest endeavor. In anticipation of the v4 release, I'm hoping someone in the community can tell me if it is possible to backup an over-the-air (OTA) enterprise activation of BB Connect. Currently I'm calling our technical support guys who, sooner than later I'm sure, will start asking why I have to have to get a new OTA activation password (which they change as soon as you use it) every 5-7 days.
So, in short: moving from one ROM to the next and want to back up OTA BBConnect enterprise activation. Possible? If so, how?
QUESTION 2
Any BES administrators out there willing to tell me if my Tilt/Kaiser shows up on the BES (v4) differently than a BlackBerry (like the POS 7280 I'm given by the company). If so, is there a way to "spoof" that since my company will not allow non-blackberry devices.
QUESTION 3
When using the stock AT&T ROM, my Tilt respects the (highly restrictive, Bluetooth disabling, password-enforcing, ridiculous) IT Policy pushed by the BES administrator. When I flashed to Dutty's DualTouch ROM v3 Final, this no longer happened. Now, it just reads "default" for the IT Policy. Is this a fluke or some wonderful reg entry that we need to identify and protect like diamonds?
Thanks, all.
Cheers,
Your Local Village Idiot
VillageIdiot said:
QUESTION 2
Any BES administrators out there willing to tell me if my Tilt/Kaiser shows up on the BES (v4) differently than a BlackBerry (like the POS 7280 I'm given by the company). If so, is there a way to "spoof" that since my company will not allow non-blackberry devices.
Click to expand...
Click to collapse
We run BES here and indeed non-blackberry devices are reported as the phone model when you look up the phones information.
This could probably easily be spoofed to whatever you like. If you hacked the blackberry connect application, or intercepted and modified the data passed over to BES. You could make it say anything you want at that point.
I'd get "in" with your IT guys and that way they can pull a favor for you now and then with the BES server. Other then that, have the company pay for a blackberry phone and carry two phones around, or refuse to carry a company phone and don't use your personal phone for company resources. If they're blocking your productivity by a poorly guided company policy, make it cost them money. Don't inconvenience yourself to keep your productivity as an employee on par.
Really though, it's not feasible to secretly go behind your employers back with your tilt. I think it's ridiculous a company wouldn't let you use your Tilt -- though probably because the corporation is uneducated or ignorant to the fact that the Tilt can be locked down just as well as a blackberry phone. Too bad the employer has a bunch of pointy haired management types running around who don't know what they're doing and out of ignorance banned non-BB devices.
Jon,
Thank you for your prompt reply and clarification on what shows up at the BES. Hacking the BB connect app is beyond my current knowledge set, but I may look into it if I'm unable to find a simpler solution.
Unfortunately, my company has several thousand employees so my productivity concerns are far outweighed by their misinformed security concerns. I've pitched the benefits of BB connect, WM5/6 devices and direct-push Exchange sync, but my pitch falls on deaf ears. They have provided me a BB 7280 and some get newer 8XXX devices, but beyond that we're expected to be happy with what we have. I'm even buying a non-camera Tilt to replace my two week old Tilt because they won't allow personal camera phones (all BB connect issues aside). You'd think I work for MI-6...
Cheers,
T.V.I.
VillageIdiot said:
QUESTION 1
I've been flashing and reflashing ROMs for a couple of weeks now and am very impressed with Dutty's latest endeavor. In anticipation of the v4 release, I'm hoping someone in the community can tell me if it is possible to backup an over-the-air (OTA) enterprise activation of BB Connect. Currently I'm calling our technical support guys who, sooner than later I'm sure, will start asking why I have to have to get a new OTA activation password (which they change as soon as you use it) every 5-7 days.
im soooo it this situation, any ideas?
Click to expand...
Click to collapse
Here's how you do it
you could use the desktop software instead of OTA. this will activate the phone without requiring you to get a new activation code.
Here's how I back up and restore. This has worked often, and not worked a few times.
Try to follow this exactly for best results.
get task manager v2.7 from fdcsoft
tap the blackberry icon on the taskbar and suspend the service under status
start taskmanager, and go to services. stop the two blackberry services, log and security.
open file explorer, and copy the directory RIM in /application data to your storage card
flash your phone with whatever-
copy the RIM folder back to /application data from your storage card
load blackberry connect (this should be the same version you had, otherwise you may have issues)
tap the blackberry icon in settings-system
instead of installing, you should see a window that says "repairing settings"
your old password should be restored, and the phone will lock and ask you to unlock. use your password you had before the backup.
all of your folders and mail should be back.
This works about 90% of the time.
some issues I've had-
multiple blackberry folders- one with emails, one with nothing.
folders missing, a bunch of email in drafts folder.
older messages no longer sync with desktop
good luck!
On Linux one can run $sudo iwconfig to get details about the WiFi hardware. CM used to ship with iwconfig, but this has gone. I've built iwconfig from source in https://github.com/servalproject/batphone yet when I ran it on a couple of CM ROMs it doesn't give any info about the interface. The reason why I'm bothered about this is that in the past, I've seen Android phones showing 32dBm when queried via iwconfig txpower which is incredible: that's over 1W. Not only is it illegal but, possibly damaging for health, wasteful of battery and leaking my whereabouts further than is necessary. Pengus77 implemented a sys interface for the Kowalski kernel: https://github.com/pengus77/kowalski and I'd like to see this accessible via the WiFi advanced options.
dabl8 said:
On Linux one can run $sudo iwconfig to get details about the WiFi hardware. CM used to ship with iwconfig, but this has gone. I've built iwconfig from source in https://github.com/servalproject/batphone yet when I ran it on a couple of CM ROMs it doesn't give any info about the interface. The reason why I'm bothered about this is that in the past, I've seen Android phones showing 32dBm when queried via iwconfig txpower which is incredible: that's over 1W. Not only is it illegal but, possibly damaging for health, wasteful of battery and leaking my whereabouts further than is necessary. Pengus77 implemented a sys interface for the Kowalski kernel: https://github.com/pengus77/kowalski and I'd like to see this accessible via the WiFi advanced options.
Click to expand...
Click to collapse
Two possibilities:
1) Illegal, damaging for health/hardware, etc.
2) Since Android doesn't use that interface, the OEM who wrote the wifi driver didn't test the txpower interface and it returns bogus data and does nothing.
I'm leaning towards 2)
Entropy512 said:
Two possibilities:
1) Illegal, damaging for health/hardware, etc.
2) Since Android doesn't use that interface, the OEM who wrote the wifi driver didn't test the txpower interface and it returns bogus data and does nothing.
I'm leaning towards 2)
Click to expand...
Click to collapse
I agree with 2. I haven't looked into this, but since there's legal issues here, that argues that there's some sort of inspection (like the FCC) that has to happen before consumer release. It obviously passed that to be allowed in the market, so it's probably just feeding bad/generic data, especially since it doesn't come with that app by default.
You're probably right about the data being wrong. However the law is different in different countries. Last time I checked, in France the law is 10mW outdoors and there are restrictions in military zones; it's even less in New Zealand. So if I buy a phone in the U.S. and bring it to France I could be breaking the law. Therefore it surprises me that the OEM wouldn't test this. In Symbian it was possible to switch between 4mW/10mW/100mW in the settings but I've never seen this on Android.
dabl8 said:
You're probably right about the data being wrong. However the law is different in different countries. Last time I checked, in France the law is 10mW outdoors and there are restrictions in military zones; it's even less in New Zealand. So if I buy a phone in the U.S. and bring it to France I could be breaking the law. Therefore it surprises me that the OEM wouldn't test this. In Symbian it was possible to switch between 4mW/10mW/100mW in the settings but I've never seen this on Android.
Click to expand...
Click to collapse
Android does it by sending a wifi region code to the kernel driver (which passes it on to the firmware in most cases). This enforces frequency band limits, and (I am assuming) power limits.
For example, if a device defaults to EU region, you can't see a bunch of 5 GHz USA channels until you change region code. (There's a reason why I'm the one that wrote the region code settings patches. )
Not having VOLTE is quiet an annoyance when you have been using it previously on other handsets.
what are the specifics regarding enabling volte by both carieer and manufacterer?
what information do they need to enable the service?
Manufacturers have to include the proper configuration for VoLTE/VoWifi in their devices, e.g. ISM, Gateways, etc.
VoLTE/VoWifi has to be configured a little different than the usual VoIP like e.g. SIP.
The GSM Association has a Device Settings Database (where telco's can provide the needed information for handset manufacturers/OEMs), into slides can be found here: www gsma com/futurenetworks/wp-content/uploads/2017/02/Device_Settings_Database.pdf (insert dots after www and before com)
Sadly, I guess the database is for registered vendors/telcos only..
RipperFox said:
Manufacturers have to include the proper configuration for VoLTE/VoWifi in their devices, e.g. ISM, Gateways, etc.
VoLTE/VoWifi has to be configured a little different than the usual VoIP like e.g. SIP.
The GSM Association has a Device Settings Database (where telco's can provide the needed information for handset manufacturers/OEMs), into slides can be found here: www gsma com/futurenetworks/wp-content/uploads/2017/02/Device_Settings_Database.pdf (insert dots after www and before com)
Sadly, I guess the database is for registered vendors/telcos only..
Click to expand...
Click to collapse
is it the responsibility of the MNO to liaison with the phone manufacturer to provide the VOLTE / VOWIFI settings? (or atleast make available) and thus the manufacturer would update the settings via an update?
is it possible to get the settings manually via a device that already has volte?
what im trying to figure out is this
i have two phones. a huawei p20 and a oneplus 6
they both support the same bands so no issues there
volte works on my p20 and not my oneplus 6 - this is confusing.
my operator clearly favors huawei (as they sell it in store) so they provide the required information (or do they add configuration to the network) to get the volte working
my p20 was not purchased via my telco so there is no telco based firmware required to get it working.
if possible can we pull the information required from the phone / telco and make available for others to enable VOLTE?
From what I think I read: MNOs: At least the three big players here in Germany whitelisted tested handsets until about beginning of 2017 - then I guess they decided they tested their networks enough and now you can read on their pages that it's (solely?) the OEMs part of work to include the correct config tu support VoLTE/Wifi in their Firmware (e.g. Android release).
In principle, the MNOs should send the needed details how to configure for VoLTE/VoWifi to GSMAs database, where the phone manufacturers could access it to implement in their phones - so there's no contact between MNO and phone OEM necessary at all.
Of course, if a MNO sells a branded phone, they make sure that phone had that specific MNOs VoLTW/VoWifi settings embeded (and maybe ONLY for that MNO ) .
Maybe if we find a Qualcomm Snapdragon 845 based phone we'd be able to copy the configs for other providers. Seems the OP6 currently (5.1.8) has these configs included:
OnePlus6:/data/vendor/radio/modem_config/mcfg_sw # cat mbn_sw.txt
cat mbn_sw.txt
mcfg_sw/generic/apac/airtel/volte/mcfg_sw.mbn
mcfg_sw/generic/apac/idea/commerci/mcfg_sw.mbn
mcfg_sw/generic/apac/reliance/commerci/mcfg_sw.mbn
mcfg_sw/generic/apac/vodafone/volte/india/mcfg_sw.mbn
mcfg_sw/generic/china/cmcc/commerci/volte_op/mcfg_sw.mbn
mcfg_sw/generic/china/cmcc/lab/conf_vol/mcfg_sw.mbn
mcfg_sw/generic/china/cmcc/lab/nsiot_vo/mcfg_sw.mbn
mcfg_sw/generic/china/cmcc/lab/tgl_comb/mcfg_sw.mbn
mcfg_sw/generic/china/ct/commerci/hvolte_o/mcfg_sw.mbn
mcfg_sw/generic/china/ct/lab/cta/mcfg_sw.mbn
mcfg_sw/generic/china/ct/lab/volte_co/mcfg_sw.mbn
mcfg_sw/generic/china/cu/commerci/volte/mcfg_sw.mbn
mcfg_sw/generic/eu/ee/commerci/mcfg_sw.mbn
mcfg_sw/generic/eu/elisa/commerci/fi/mcfg_sw.mbn
mcfg_sw/generic/eu/h3g/commerci/denmark/mcfg_sw.mbn
mcfg_sw/generic/eu/h3g/commerci/uk/mcfg_sw.mbn
mcfg_sw/generic/eu/telefoni/commerci/uk/mcfg_sw.mbn
mcfg_sw/generic/eu/telia/commerci/norway/mcfg_sw.mbn
mcfg_sw/generic/eu/telia/commerci/sweden/mcfg_sw.mbn
mcfg_sw/generic/na/att/volte/mcfg_sw.mbn
mcfg_sw/generic/na/tmo/commerci/mcfg_sw.mbn
mcfg_sw/generic/oem/lab/volte_pt/mcfg_sw.mbn
mcfg_sw/generic/oem/lab/volte_te/mcfg_sw.mbn
mcfg_sw/generic/oem/oversea/commerci/mtnl_bsn/mcfg_sw.mbn
mcfg_sw/generic/oem/oversea/commerci/mcfg_sw.mbn
mcfg_sw/generic/sea/chunghwa/commerci/tw/mcfg_sw.mbn
mcfg_sw/generic/sea/fareasto/commerci/mcfg_sw.mbn
mcfg_sw/generic/sea/tm/commerci/mcfg_sw.mbn
mcfg_sw/generic/sea/ytl/commerci/mcfg_sw.mbn
Click to expand...
Click to collapse
The files seem to have a digital signature, so it's unlikely that we'd be able to edit them, even if we would just know the correct parameters. Also, not everything is for VoLTE/Wifi.
RipperFox said:
From what I think I read: MNOs: At least the three big players here in Germany whitelisted tested handsets until about beginning of 2017 - then I guess they decided they tested their networks enough and now you can read on their pages that it's (solely?) the OEMs part of work to include the correct config tu support VoLTE/Wifi in their Firmware (e.g. Android release).
In principle, the MNOs should send the needed details how to configure for VoLTE/VoWifi to GSMAs database, where the phone manufacturers could access it to implement in their phones - so there's no contact between MNO and phone OEM necessary at all.
Of course, if a MNO sells a branded phone, they make sure that phone had that specific MNOs VoLTW/VoWifi settings embeded (and maybe ONLY for that MNO ) .
Maybe if we find a Qualcomm Snapdragon 845 based phone we'd be able to copy the configs for other providers. Seems the OP6 currently (5.1.8) has these configs included:
The files seem to have a digital signature, so it's unlikely that we'd be able to edit them, even if we would just know the correct parameters. Also, not everything is for VoLTE/Wifi.
Click to expand...
Click to collapse
mcfg_sw/generic/eu/h3g/commerci/uk/mcfg_sw.mbn
It seems my network three uk is included, however VOLTE doesn't work for me.
See my last sentence in my last post
Those modem configs seem to include seperate config files for selecting the correct bands, etc.
I'd guess that mostly the directory entries with "volte" contain VoLTE settings
virtyx said:
is it the responsibility of the MNO to liaison with the phone manufacturer to provide the VOLTE / VOWIFI settings? (or atleast make available) and thus the manufacturer would update the settings via an update?
is it possible to get the settings manually via a device that already has volte?
what im trying to figure out is this
i have two phones. a huawei p20 and a oneplus 6
they both support the same bands so no issues there
volte works on my p20 and not my oneplus 6 - this is confusing.
my operator clearly favors huawei (as they sell it in store) so they provide the required information (or do they add configuration to the network) to get the volte working
my p20 was not purchased via my telco so there is no telco based firmware required to get it working.
if possible can we pull the information required from the phone / telco and make available for others to enable VOLTE?
Click to expand...
Click to collapse
Hey mate, can you upload your p20 mbn files?
I need specifcally bouygues .
If you guys need, I have pixel 3(snapdragon 845 as well) and i can upload all my mbn files for reference?
I see there has been a few mentions of TMC here and there on xda that haven't amounted to much, but I came across an old article elsewhere that discussed the possible inclusion in android. Although several years old it has a link to a basic linux based software decoder.
Link - h**tp://linux.downloadatoz.com/simple-rds-tmc-decoder/
No special hardware required (UK anyway) as RDS data is received anyway by android head units radio. It just needs filtering and injected into appropriate nav. No special hardware necessary and no need for special mcu access.
I'm sure anyone born later than 2000 will never have heard of TMC and would cite google or waze as a better alternative of info / data received over an internet stream anyway.
While this is true, the cons are
1, needs permanent reliable data connection
2, reliance on google apps / services.
3, subject to google (and others) spyware, personal location tracking.
4, possible heavy data use costs.
5, not easy to implement in a head unit, and relies on a dongle or smartphone
6, may have in app costs associated.
RDS TMC has none of these disadvantages. It is always on provided FM radio is receivable. For basic info / data It is completely free, although some providers offer extra services and charge.
It has been around and used for years in win ce based systems (before android) yet it seems to have lost favour to android based manufacturers and users. Is that I wonder because of its advantages, and big companies want people to switch to more chargeable services with personal data harvesting??
What are peoples thoughts...?
I would love to have rds working with this radio so I could get it working with some nav programs.
Hey,
Germany is implementing EU-Alert (ETSI TS 102 900 [1]) at the moment and referring to the local News, it is a huge mess [2].
But let's start at the beginning.
CellBroadcast is a core component of each mobile network generation (2G,3G,4G,5G,...) and part of the 3GPP spec. CellBroadcast basically allows the network to send a simple SMS to all mobile phones connected to a specific base station. Thes SMS-CB are sent with a Message Identifier (aka Channel, aka Topic) which gives them a special purpose by convention. e.g. ID / Channel 50 is often used for area related information [3], while channel 207 might broadcast local weather information. Since not all Channels are standardized, there is also the option to broadcast an Index that lists all channels with a description. And since users probably don't want any message broadcasted, users have to subscribe to these channels.
Since decades now, CellBroadcast is also used for public Emergency Warnings. This means that, by definition of a country, a specific channel is used to broadcast Emergency Warnings. Long time ago, in many countries it looks like Channel 919 was used for this purpose. For this to work properly, mobile phones were instructed to subscribe to channel 919 by default and also use a special ringtone (even if muted) to alert such a message.
Later - over 12 years ago - additional channels from 4370-4399 were standardized in ETSI TS 123 041 [4] for public warning systems like CMAS, EU-Alert, KPAS. All using the same channels which is beneficial for global roaming.
Android of course supports these public warning systems specified in ETSI TS 123 041 [4] since at least Android 4.2.2 [5]. And nations that use these systems already, like CMAS in the US, report very high and reliable coverage.
However, referring to German news [2] and government, not many phones that are currently on the market will actually support EU-Alert in Germany, despite already supporting EU-Alert in Netherlands or CMAS in the US.
How is this possible when exactly the same SMS-CB is broadcasted, just in a different country?
Golem [2] says that Samsung and Google already confirmed that EU-Alert is currently not supported in Germany, but updates will be rolled out to recent devices.
This strongly suggests to me that OEMs like Samsung and Google actually added country specific filters/configurations for these public warning systems to their phones without deploying a reasonable fallback. Public warning systems based on ETSI TS 123 041 [4] thus may only work in countries that were known to use these systems when the phone was released.
Isn't this an obvious issue?
Google said, starting with Android 11+ it will be possible to update the CellBroadcastReceiver App via Google Play. So devices with Android 11+ will likely receive an update to support EU-Alert in Germany. For Android 10 and older, OEMs will have to supply updates.
What also confuses me is the fact that all Android Phones I own (Nexus 4 with Android 5, Nexus 5X with Android 8, Pixel 3a with Android 12) here in Germany do actually offer the setting for Emergency Warnings and they are already enabled by default. So I assume they would work? Did Google actually deploy a sane default configuration here already?
But if they did - why isn't it working on ALL Android 11+ Phones already? I'm pretty sure my Pixel 3a uses Googles CellBroadcastReceiver App which is provided through the Play Store. So all Android 11+ phones should already use the exact same App?! Or am I wrong here? So what is this update Google actually needs to provide?
And does this also mean that with Android 11+ OEMs are not allowed / cannot implement their own Emergency Warning CellBroadcastReceiver?
This topic is really confusing to me
Shouldn't it be really simple?
All phones, regardless of the OEM, should have a proper SMS-CB Application which allows you to subscribe to custom channels, view the index, and manage your SMS-CB Messages.
Phones should also be aware of special channels to apply special ringtones etc if needed, but they should have a sane fallbacks!
A phone that knows about NL-Alert and CMAS may call messages on Channel 4370 received in the Netherlands "NL-Alert". But when it receives the same message in Germany, it shouldn't just drop it! It should display it as warning and call it whatever it wants. And if it doesn't know about CMAS / EU-Alert, it should just receive it as regular SMS-CB.
Can't be that hard?
Interestingly enough, Samsung phones allow you to subscribe to custom channels. Google phones do not :/
Should there be a better / more enforced standard, so that a country that wants to implement CMAS/EU-Alert in the future doesn't have to rely on OEMs help?
And finally some technical Questions:
I found zero Apps for Android that would allow me to subscribe to custom CellBroadcast Channels on my Google Android phones. Is this even possible?
Also, is it possible to test these CellBroadcasts somehow? Is it possible to write an App that can inject SMS-CB into the system?
Sorry for the long post, but I think this an important Topic.
Let me know what you think
Do you have experience with these Emergency Warnings already?
[1] https://www.etsi.org/deliver/etsi_ts/102900_102999/102900/
[2] https://www.golem.de/news/cell-broadcast-warum-es-am-warntag-ruhig-bleiben-koennte-2206-165822.html
[3] https://source.android.com/devices/architecture/modular-system/cellbroadcast#channel-50
[4] https://www.etsi.org/deliver/etsi_ts/123000_123099/123041/11.04.00_60/ts_123041v110400p.pdf
[5] https://cs.android.com/android/plat...ternal/telephony/gsm/SmsCbConstants.java;l=58
Hey! I was just researching something about this. Thanks for your detailed post.
I am from Chile and, in my case, my operator had subscriptions to two channels: 919 and 920.
In order to see the Cell Broadcast menu in the Messages app, I had to override a CSC setting (I use a Samsung device), particularly "CarrierFeature_Message_DisableMenuCBMessage") because it seems some Chilean operators ordered Samsung to hide it.
Even then, the Google Cell Broadcast app would not let me modify settings other than test alerts.
In my country these emergency alerts are quite unreliable and are often sent by mistake or to the wrong place (i.e. sending a tsunami alert to an area more than 100 km away from the coast).
Shooting Star Max said:
Hey! I was just researching something about this. Thanks for your detailed post.
I am from Chile and, in my case, my operator had subscriptions to two channels: 919 and 920.
In order to see the Cell Broadcast menu in the Messages app, I had to override a CSC setting (I use a Samsung device), particularly "CarrierFeature_Message_DisableMenuCBMessage") because it seems some Chilean operators ordered Samsung to hide it.
Even then, the Google Cell Broadcast app would not let me modify settings other than test alerts.
In my country these emergency alerts are quite unreliable and are often sent by mistake or to the wrong place (i.e. sending a tsunami alert to an area more than 100 km away from the coast).
Click to expand...
Click to collapse
Can you explain how you disabled this CSC setting and on what samsung phone/os?
You can see Googles/Androids latest default configuration for Chile (MCC 730) here:
https://cs.android.com/android/plat...apps/CellBroadcastReceiver/res/values-mcc730/
The config.xml really has some restrictive features enabled :/
Thanks for your reply!
Please note that all the following information assumes you have rooted your device. It's impossible to override this configuration otherwise.
My device is a Galaxy Note20 Ultra (Exynos version, SM‑N985F) running Android 12, One UI 4.1.
As you might know, Samsung devices include several packages named “CSC”, which define settings according to a sales code matching with a region. For example, a device sold in Chile without a carrier uses the sales code CHO, while one sold by operator Movistar uses the sales code CHT.
In the Galaxy Note20 Ultra, the CSC packages are stored in /optics/config/carriers/single (older Samsung devices might use /omc/).
Once you find the sales code matching with your current configuration, you can grab two files: cscfeature.xml and customer_carrier_feature.json. Taking CHO again as an example, the files would be /optics/config/carriers/single/CHO/conf/system/cscfeature.xml and/optics/config/carriers/single/CHO/conf/system/customer_carrier_feature.json.
These files are encoded, but OmcTextDecoder can take care of that.
In the case of CHO, customer_carrier_feature.json has the value "CarrierFeature_Message_DisableMenuCBMessage":"TRUE", which hides the cell broadcast menu in the stock Messages application. Just replace “TRUE” with “FALSE”, save the file and push it to its location. The next time you reboot your system, it will be applied.
Regarding the link you sent, I think we could get around that configuration by decompiling the GoogleCellBroadcastApp.apk through Apktool, modifying the restrictive values, and then pushing the APK to the device, replacing the original version.
Thank you!
Let me know if you managed to patch your original CellBroadcastReceiver.apk!
I actually tried using Runtime Resource Overlays (RROs) which is described on the official docu about CellBroadcast in Android.
You can find the result here: https://github.com/xsrf/android-de-alert
However, I didn't quite get these RROs. It looked like in Oreo you can use RROs to overlay any resource of any app without any permissions or matching signatures, which is quite a surprise to me?!
On my phones with more recent OS, I get signature mismatch errors and also it looks like apps now have to define what resources can be overlayed ...