[VULNERABILITY] !important security exploit! - Desire General

Very Imporant - Security Exploit for HTC Desire
I suggest you read the entire post and DO NOT IGNORE IT, the HTC Desire is DEFINITELY VULNERABLE
As some of you might know, the Samsung phone remote wipe exploit is not limited to Samsung phones, in fact, older HTC models such as the HTC Desire are vulnerable too!
If you are unaware, read all about it on this link {siliconrepublic.com} - It's NOT limited to Samsung phones, I can confirm that UK HTC phones are vulnerable too, including the Desire!
This webpage when viewed on your phone will tell you if you are vulnerable:
http://dylanreeve.com/phone.php
Simply navigate to it and if it displays your IMEI number then you are vulnerable.
A simple way of being notified if your phone is being attacked by a malicious SMS or webpage is by installing TelStop:
https://play.google.com/store/apps/details?id=org.mulliner.telstop
It will open the default application selector when you hit a webpage that is trying to dial a number, when you choose telstop it will inform you if the number is malicious or not!
If you are not sure about visiting that page, I suggest you view it from a desktop or laptop computer and check the source code yourself.
This line will show your IMEI number:
Code:
<iframe src="tel:*%2306%23" />
It's an incredibly obvious and simple exploit and I'm in disbelief that it's gone unnoticed for so long, all it takes is opening an SMS or going on a dodgy webpage and then your sim and phone are wiped and potentially bricked.
My phone is a UK HTC Desire with Oxygen ROM 2.3.2, Android version 2.3.7
UPDATE: Looks like the HTC Desire might not have a reset dialer code, making the vulnerability not as bad, but we need confirmation on this one.

Latest Sandvold Build is vulnerable.
Btw.: HTC One X with Stock Rom too ...

Hehe I don't know whats with all the paranoia about security unless you're trading government secrets or doing a lot of online banking via your phone I don't think this should be a real issue. For me this is crazy but happy for people who really worry about security issues so at least they can check it out.
Sent from my HTC Desire using xda app-developers app

Fix for this exploit: https://play.google.com/store/apps/details?id=com.voss.notelurl
Article concerning exploit-fix: http://www.heise.de/security/meldung/Schutz-vor-Fernloeschung-von-Samsung-Smartphones-1717765.html (Sorry, only in German - try to Google Translate it)
Another exploit-check website: http://heise.de/ussd

I run latest nightly CM7 on my desire and tried the reset code *2767*3855# and can confirm it didn't reset

Related

WaveSecure - Free for Life/Device Lifetime Android Only

Hey guys, thought you might all find this sueful as I have and I find the pplication to run very well.
http://wavesecure.com
http://m.wavesecure.com - Anyone brosing on their phone can get it straight.
Or alternatively check the Market for it ...
I'm guessing it has to be installed on the phone before March 31 to get the free for lifetime offer, so for those of us still waiting for our Desires it won't be free.
However, I am unsure how much use this app has, since a hard reset is always an option. After that, the phone can be sold (or used) "as new" by the perp. Granted, your personal data is safe in this case, but to make the phone unuseable, you'll have to get the IMEI banned with the network.
Hardreset seems to be the only way to remove it but then again how many people get a phone and hardreset it before it even boots?
If you're quick enough and the person is slow enough you may be able to get the location of the phone.
As it's free I thought it might help even a little in such situations ...
The end date is a major shame . The good think is though it works on other devices, may be possible to ask them to transfer from one device to another.
A knowledgeable thief would probably do a hard reset, but at least your personal data (that is not on the memory card, that is) is safe that way.
I've sent them an email asking about the end date and whether it has to be installed on the phone before that date to be valid. I'll report back when/if I get an answer.
O and O said:
Hardreset seems to be the only way to remove it
Click to expand...
Click to collapse
According to the FAQs on their website -
"On Symbian and Windows Mobile phones, you will be prompted to put in your PIN before you can uninstall the application. On Android and BlackBerry phones, WaveSecure can be uninstalled without a PIN."
norm2002 said:
According to the FAQs on their website -
"On Symbian and Windows Mobile phones, you will be prompted to put in your PIN before you can uninstall the application. On Android and BlackBerry phones, WaveSecure can be uninstalled without a PIN."
Click to expand...
Click to collapse
There is an app on the Market to combat this, if you uninstall either it will lock and you need to put your pin in ...
Hey guys,
I figured out how I can get WaveSecure for free before the end date and without having the Desire yet. Basically I have a dual boot with Android on my Diamond 2 and I installed WaveSecure on that from the Android market and registered my phone and SIM with it. When you go on the WaveSecure website, login to your account then go settings and there is a disconnect option. From there you can disconnect the current phone from the account and connect a new one. So when I buy a SIM free desire I will put my current SIM in it and change the device from the website.
Hope this helps some of you.
That's REALLY impressive. Nice find!
I downloaded the .apk using a Spoofed User Agent on Firefox to make the Wavesecure website believe I was browsing using the Android Browser.
I assume I would have to install this on an Android device to qualify me for the free subscription?
StuMcBill said:
I downloaded the .apk using a Spoofed User Agent on Firefox to make the Wavesecure website believe I was browsing using the Android Browser.
I assume I would have to install this on an Android device to qualify me for the free subscription?
Click to expand...
Click to collapse
/e delete this post
StuMcBill said:
I downloaded the .apk using a Spoofed User Agent on Firefox to make the Wavesecure website believe I was browsing using the Android Browser.
I assume I would have to install this on an Android device to qualify me for the free subscription?
Click to expand...
Click to collapse
Yes ...
... Is it OS exclusive ... you need to install the application ...
Excellent, thanks!!

[UPDATED] Android Market Apps I bought for my Hero: Are they "paid for" on my Desire?

[UPDATED] Android Market Apps I bought for my Hero: Are they "paid for" on my Desire?
Updated April 18, 2010
Now I get it. See Post #6 below. Google's dragging their ass on "fingerprint" approval. They need to be SHAMED virally across the web for sheer incompetence -- or intentional malice toward purchasers of a phone that competes with their Nexus One. "Do No Evil" my ass.
========== My Original Posting =========
I bought maybe 6-7 apps for my hero -- 2 different keyboards, "Executive Assistant", some kind of alarm clock... When on my Hero, even after factory reset and resetting up my phone, when I went to MARKET and "My Downloads", those paid for apps showed up as available to install again on my Hero.
I have been using my Desire -- but thus far only for Wifi as I set it up and get acquainted with the phone. Perhaps stupidly (!) I am still using the Hero as my "phone" til I have all my apps and widgets and layouts replicated on my Desire.
Though I do not have my carrier's SIM card installed in my Desire, 90% of the device works fine, especially all wifi usages, Market downloads, email, web, etc... I did set up my Gmail account as well.
It's one's Gmail account which is your linkage to PAID FOR apps, via Google Checkout. So, I am surprised that when I select "My downloads" i don't see any indication of paid for apps.
Is this tied to a SIM card? (if so seems ridiculous)
RELATED: I can't even find BETTER KEYBOARD app in the Market now, nor "SMART KEYBOARD" ... Does the market auto-filter out apps that do not run on Android 2.1 ?
thank you
the paid apps are tied with your google account.
(no longer relevant)
From what I read, some paid and free apps should appear as soon as google finishes some signature thing related to that! so it's a matter of time.
By the way, do you see paid apps in general? For me, I always had to use Market Enabaler on the Hero to open Market to paid apps.
A temporary solution, you can use your Hero to extract the paid applications (apk files) using Root Explorer, copy them to the Desire SD card and install them using any file manager. The only limitation here is that you have to keep checking for updates on the Hero.
Re: Android Market > Apps I bought for my Hero: Are they "paid for" on my Desire?
as far as I know, and experts correct me if wrong, the ability to get access are directly connected to the sim from which you connect.
which is why market enabler used to spoof the apn's from which paid apps were available.
with no sim card you should only be able to get free apps or nothing at all.
I live in Sweden, no paid apps.
was at friends last night who has an old UK sim card, popped that in and I got access to some paid apps. but still with the limitations as previously discussed in this forum. (waiting for Google to get it straightened out)
so, yes & no, the apps are tied to your sim, cuz it tells the phone which apn/ network your phone is connecting from...
Sent from my HTC Desire using the XDA mobile application powered by Tapatalk
I just read a few other threads, with links to the official Android Market forums. First off, I have to ask some basic vocabulary:
What are "protected apps" ?
I have no idea what this means.
Second: salahag, thanks for your reply. I didn't respond initially because I didn't understand it at all. Paid apps showed up in my Hero from day 1 and that was for me October 2009. I was baffled because I had no context for even thinking "is everything that's available showing here?" because by default my brain had no reason to pose that question. I just assumed the Market worked one way, and I was seeing everything the way everyone else sees it.
I'm suddenly quite baffled by this emerging mystery now that I can't find a bunch of apps for my DESIRE. But now the mystery of "where are my paid apps that I bought on my Hero?" is solved, replaced by "why are hundreds of apps that were available on my Hero not available on my Desire?"
XDA-devs to the rescue, via another thread here about "Missing apps in the Market" linking to this posting in Android Market forums:
by nprussell - 4/8/10 (LINK to this posting at Android Market forums)
Hi all,
I'm an Android developer from the XDA forum & VillainROM.co.uk. I've primarily worked on the Hero, but I received my Desire yesterday.
I can confirm that I too am missing several apps from the market. I also have an answer to your question.
First things first, it's protected apps that are missing from the market. There are generally two reasons why apps will be missing from the market.
(1) When a new ROM/Phone is released, the manufacturer, in this case HTC, sends the build to Google, which includes a 'Fingerprint' (a unique line of text which governs its market access) in the build.prop file. Generally, it states the name of the phone and Android version in the fingerprint. With Root & system write access, this fingerprint can easily be changed... but we don't have that luxury right now.
Once Google approve the build, the fingerprint will be added to their allowed database to view protected apps on the market.
(2) The other cause for apps missing from the market in builds (such as twidroid, layar, barcode scanner etc) is that these apps require permissions to use the camera/auto focus. They are NOT protected apps. If the XML permission files are missing from system/etc/permissions, then Google Market will simply block these apps from showing.
So again... to answer your question... we'll see the protected apps as soon as either:
a) HTC chase up Google
b) Google get around to activating the fingerprint
Click to expand...
Click to collapse
Un-frikkin-believable.
It's like the equivalence of a dumb low-IQ bureaucrat holding up a long line for Drivers' License renewals at the "Department of Motor Vehicles". No reason at all for the stupid delay other than some asshole letting some work order sit on his desktop til he feels like getting to it.
No wonder the author (gogol) of that other related thread recommends consumer activism or we just stand in line each time and just wait to get ****'d in the ass by beaurocratic process that sounds WAY more like Microsoft than "the smartest guys in the room" at Google -- who pride themselves on only hiring Ivy-league grads and equivalents, like from Stanford. They ought to be ridiculed out of town with this.
gogol writes: I really cannot believe Google screws this great Android platform like this. Think about the next firmware update, from Google or HTC ... We will AGAIN get this issue ... Then wait again very long. I am really mad and hate this.
If one of you guys is capable of writing a good professional article or blog regarding this issue, we could spread the voice all over the internet / twitter / facebook / blogs / news so Google could "end" or "fix" this.
Click to expand...
Click to collapse
I'm game to SHAME GOOGLE into getting their f-ing act together or be ridiculed for incompetence -- everywhere we can post that message on the web. And they have the nerve to criticize APPLE for their ridiculous App Store totalitarianism?
.
xrrkrrkx said:
I live in Sweden, no paid apps. Was at friends last night who has an old UK sim card, popped that in and I got access to some paid apps. but still with the limitations as previously discussed in this forum. (waiting for Google to get it straightened out)
so, yes & no, the apps are tied to your sim, cuz it tells the phone which apn/ network your phone is connecting from...
Click to expand...
Click to collapse
Can you clarify this further. Thank you for information related to SIM card needing to be in use in order to access paid apps -- god only knows why -- it's retarded to me.
But is it correct that I have read other places that there are LOCALIZATION ISSUES? where some apps are only available to certain regions? (Like YouTube does) -- Or can you shoot that one down as rumor. I don't get this. Open source OS. Google's entire revenue model based on ads. More phones = more ad impressions = more money to Google. What possible motivation is there to block access to apps in a marketplace that I am willing to pay for -- where Google gets % of all sales, as well as transactional revenue thru Google Checkout? -- Something doesn't make sense. And usually when that's the case, SOMEONE IS BEING PROTECTED in some corporate deal.
What's the story. Is this another CARRIER-TAINTED example of holding customers hostage? If so, I can't wait til the day we can blow up that Carrier-driven model that strangles the free marketplace. They should make it or break it based on direct delivery of services at competitive pricing. I am so tired of Boardroom Protectionist Policies agreed to by major competitors, to ensure a baseline profit well above anything deserved if there was open competition. ... But I could be off on my little side rant and it has nothing to do with this issue, in which case, .... ooops. sorry
salahag said:
From what I read, some paid and free apps should appear as soon as google finishes some signature thing related to that! so it's a matter of time.
By the way, do you see paid apps in general? For me, I always had to use Market Enabaler on the Hero to open Market to paid apps.
A temporary solution, you can use your Hero to extract the paid applications (apk files) using Root Explorer, copy them to the Desire SD card and install them using any file manager. The only limitation here is that you have to keep checking for updates on the Hero.
Click to expand...
Click to collapse
Many thanks - I never even thought to do this. Rooted my Hero, copied the apks (they're in /data/app-private) to the Desire and installed. I now have National Rail and Locale Lockscreen back again
Ta.
you can use your Hero to extract the paid applications (apk files) using Root Explorer, copy them to the Desire SD card and install them using any file manager.
Click to expand...
Click to collapse
I meant to ask: Is Root Explorer an app from the Market (I'll check of course), and does it only work on rooted Heroes? Mine is unrooted. But I have used Astro app many times for moving stuff from my computer to Hero, and now my Desire. So, it would just be a matter of my knowing which folder/directory to look in on my Hero to access the .apk files.
(EDIT: I see now from daern above: they're in /data/app-private ... well Astro Explorer shows me root folder and data folder but both say "directory is empty", so I am guessing unless I root my Hero i can't access this stuff... right?)
So, thanks from ME also!
Easy. Install "InstantRook.apk" on the Hero (Google for it, download directly to the device and run from Astro).
Once installed, it will announce "your device is rooted". Now fire up Root Explorer and note that you can see the /data folder. Copy the private apk files to /sdcard and away you go.
It really is as easy as that. It may stuff your Hero (it didn't affect mine in the slightest) but as I'm assuming that you're replacing it anyway, the worst it would require would be a hard-boot anyway.
Took < 5 mins

[Q] Problem with auto-calling on HTC with Gingerbread

Hi all,
I'm new to xda-developers, and I didn't find a thread with a similar problem, so I'm hoping you could help or point me in the right direction.
I wrote an auto-dialing app, which uses the Android SDK's Intent.ACTION_CALL and the URI "tel:<number>#".
I tested it on an HTC Desire HD phone (with stock Froyo ROM). So far so good.
However, since I updated my phone's ROM to HTC's Gingerbread (2.3.3), the app started to quietly ignore all "#" characters when dialing the number.
I checked around several users of the app - it seems that only HTC Gingerbread ROMS are affected, so it's not a general Android SDK problem. On the other hand, HTC support was very frustrating so far (e.g. "did you try to reboot the device?").
Does anybody else know about this? Is there any workaround for this?
I'm attaching the source code for a sample app which demonstrates the problem.
Thanks

HTC security risk when checking for updates.

In order to set up my script that checks the HTC server for new software (for us long forgotten Three customers) I had to do some packet monitoring to see how the conversation has changed between the phone and the server - as I last did this during the HTC Desire days.
I am gobsmacked to find the sheer amount of information that the phone sends to HTC when performing an update check - and remember this is not a SSL conversation - this is plaintext.
This is an example of what the phone is sending to HTC unecrypted:
{"id":"","checkin":{"mcc_mnc":"23420","mid":"PJ4610000","checkin_type":"Manual","build":{"product":"endeavoru","id":"h3g_uk\/endeavoru\/endeavoru:4.0.3\/IML74K\/56522.9:user\/release-keys","revision":"0","firmware_version":"1.28.771.9 CL56522 release-keys","radio":"1.1204.103.14H","carrier":"h3g_uk","bootloader":"0.94.0000","build_type":"user","changelist":"56522","serialno":"HT23WW11XXXX"},"cid":"H3G__001","connection_media":"Wifi","client_version":"A4.0(GB)"},"model_number":"HTC One X","digest":"e975e0884266a65e23c359caf7c533","last_checkin_msec":"1345851401021","imei":"3591880XXXXXXXX","locale":"en_GB"}
Click to expand...
Click to collapse
Note I have replaced some numbers and letters with X to protect my phone identity.
It is bad enough that the phone is passing it's serial number and IMEI number in the clear - but wait till you see what comes back:
{"time_msec":"1345852109152","stats_ok":true,"reason":"FOTACANCEL_NO_MATCH_RULE_FOR_CID","DeviceSettings":{"settingInfo":[{"value":"3","key":"powersaver_switch_2G_call","type":"int"}]},"intent":[{"action":"android.server.checkin.FOTA_CANCEL"}]}
Click to expand...
Click to collapse
Notice that as well as replying that there is no software update available - it is also telling the device to change a setting. I don't know what sort of things they can tell the phone to do - and a Google search for powersaver_switch_2G_call comes up empty - but I am sure that one of the many devs on here could have a look at the code regarding android.server.checkin and see what they can dig up. It is of course an unfounded worry - but there is nothing to stop someone setting up a fake access point and intercepting traffic to http://andchin.htc.com possibly returning other actions for the device to perform.
QUICK! To the tin foil hats!
TommUK said:
QUICK! To the tin foil hats!
Click to expand...
Click to collapse
LOL!
+1
Sent from my HTC One X using xda premium

HTC M8 (Verizon) Wipe Windows, Install Android

Greetings people smarter than I, so here's my problem
I have an HTC M8 (Verizon) Windows Phone. I have done research that shows that the M8 (Both the android and windows version) are the exact same phone with the exception of the windows logo on the back of the case.
I'm interested in (after backing up what is on it) wiping the darn thing and making it an Android phone instead because I miss playing similar games with my friends that aren't available on Windows phone and I thought they were (see Clash of Clans). All of the articles I have found on this forum so far, and others, all start from the point of view of switching to a custom Android ROM from a phone that is already running Android and well...that's obviously not going to work for me. That I know of.
My question is: Is it possible to re flash my phone from the windows phone that it is, to an Android phone instead. Research suggest the SIM card should still work and be unaffected by the OS change, but I'm unsure where to even start after going to HTCdev.com. Or if I should.
Any help is appreciated.
This is the list of OSs that I'm interested in (Specifically Viper and CyanogenMod)
((Apparently I cannot post links yet, so go to phonearena.com slash News Slash Outstanding-custom-Android-ROMs-for-the-HTC-One-M8_id63633))
afaik there is no platform conversion possible so i would not try anything if i where you.
Secondary question from the thread I haven't checked in a while, I'm curious if anyone has actually tried this on this specific phone. From what I have read there is no hardware difference between the android version of the M8 and the WP version. The only difference is software.
So If I were to simply unlock it (Through HTC's approved process) and swap ROM files, why wouldn't this work? Would it brick the phone? Am I crazy?
/for reference I'm actually using a Motorola Droid MAXX for my daily phone, this HTC WP is an extra one I have
//because I like messing with things
///slashies come in three
The hardware is the same except we do not have available the software to make the conversation. You're stuck with WP and there won't be anything in the future. Little to no development on the HTC M8 windows platforms proves as much. Enjoy while you have it.
Reasons why it wouldn't work:
Partition layouts - if different then no.
Processor OTP - chip security, one wrong digit in this .... It's a paperweight.
Between the sbl, OTP, RADIO and security - if it doesn't all tally with each other... Paperweight.
Partitions match - even if they do, between the second and third reason .... Paperweight.
Sent from my HTC One_M8 using XDA Free mobile app

Categories

Resources