Related
Hi All,
Has there been anyone that's successfully got WM6 working with DirectPush email using certificates to log-on to their Exchange 2003 mailboxes? And if so, I'd be really grateful for the steps to take in making this work.
Thanks a lot guys!
Cheers,
DAN
Me
Open Activesync.
Enter server, check use ssl.
Add user/pass/domain/
Get yur mail.
Otherwise, if your cert is not valid or shows expired, you will need to connect one time with Outlook on your PC (I use RPC/HTTPS, I'm fairly confident that this is why the cert was loaded into my PPC local store) and you'll sync.
Then, go into comm manager and enable direct push. It's the icon with the "envelope".
dnathan said:
Hi All,
Has there been anyone that's successfully got WM6 working with DirectPush email using certificates to log-on to their Exchange 2003 mailboxes? And if so, I'd be really grateful for the steps to take in making this work.
Thanks a lot guys!
Cheers,
DAN
Click to expand...
Click to collapse
I had to install the certs before entering any information in AS. After I did that, it's worked flawlessly...
Didn't have to do anything but enter my exchange info
Yeah, this feature is no different than WM5.
Most times, its true
That you don't have to do anything but make the connection as I described above.
However, I've had occasions where it didn't "just work" and syncing with the PC corrected the issue.
You should not have to manually install a cert for ActiveSync to work.
Glad it worked the first time for you guys, though.
silverfox0214 said:
You should not have to manually install a cert for ActiveSync to work.
Click to expand...
Click to collapse
Hmmm.. I don't believe that's true if the server utilizes a self-signed certificate.
silverfox0214 said:
Otherwise, if your cert is not valid or shows expired, you will need to connect one time with Outlook on your PC (I use RPC/HTTPS, I'm fairly confident that this is why the cert was loaded into my PPC local store) and you'll sync.
Click to expand...
Click to collapse
Are you saying A/S will push the appropriate certificate to the device? If so, this is news to me, but maybe they changed A/S to do this. It'd be cool if they did, but probably a bit "unorthodox" security-wise.
vp3G said:
Hmmm.. I don't believe that's true if the server utilizes a self-signed certificate.
Click to expand...
Click to collapse
This was the case with my employer. Also, the certs would not work if I had a server configured in AS, I had to first delete the server, install certs and then re-enter my Exchange info.
ceebz said:
This was the case with my employer. Also, the certs would not work if I had a server configured in AS, I had to first delete the server, install certs and then re-enter my Exchange info.
Click to expand...
Click to collapse
Yeah, and furthermore some carriers lock their ROM's down quite tightly, thereby making it a royal PITA to install a self-signed cert.
Agreed... but
Like the VZ Q? One guy had a helluva time.
I'm referring to a Verisign cert from my company and with one of my customers. Self signed certs would indeed need to be installed. However, why don't some of the carriers have Verisign as trusted root authorities in their ROMS?
I'm still baffled why some companies would use self signed certs when they are a drop in the bucket. I can see doing it in your own "lab". When I had WM 5 on a K-Jam, I did have my own CA's issued cert for PEAP on WiFi. It was an unlocked device, I'll admit.
Since this forum is under Hermes Mobile 6, I also assume that the experience I had may not apply to everyone, but it worked for me. Sounded like the first post was having the issue I had. And they were signed by a MAJOR trusted root authority.
vp3G said:
Yeah, and furthermore some carriers lock their ROM's down quite tightly, thereby making it a royal PITA to install a self-signed cert.
Click to expand...
Click to collapse
silverfox0214 said:
Like the VZ Q? One guy had a helluva time.
Click to expand...
Click to collapse
Heh, yep, that's the very one I was thinking of... what total ***** those are. Sprint does it too. I hate 'em both for it.
silverfox0214 said:
I'm still baffled why some companies would use self signed certs when they are a drop in the bucket. I can see doing it in your own "lab".
Click to expand...
Click to collapse
I use them for my own company's servers because a) I'm a cheap bastard, b) I understand them, and c) I can deal with them easy enough. Granted, it was one of the stupider things M$ came up with and public certs are much easier to deal with. But still not foolproof, as you noted.
Cert Autoenrolment?
All, thank you very very much for your input and suggestion.
That's really weird. For some reason, I tried exactly what you all suggested and it just plain didn't work. Very frustrating. I am told that Cert AutoEnrol only works on WM5 and not in WM6.0? Is that true at all?
Bro,
Got it working,..... show you later .
You need to manually locate the cert using ActiveSync 4.5.
Cheers
dnathan said:
Hi All,
Has there been anyone that's successfully got WM6 working with DirectPush email using certificates to log-on to their Exchange 2003 mailboxes? And if so, I'd be really grateful for the steps to take in making this work.
Thanks a lot guys!
Cheers,
DAN
Click to expand...
Click to collapse
By "certificate to log-on" you mean Client certificate on WM6 to log on exchange to avoid maintaining local user pwd in the device ?
If yes export your personal certificate with the private key, copy it to your device double click on it (Yes thanks WM6 this is a new feature). Configure your active-sync IIS virtual directory to require client authentification and it's done.
don't forget you need Root public key of your CA in your device and on your Exchange server.
ps : you will found informations about Direct Push here : www.httpsync.net
My procedure for configuring AS with my Exchange servers
I'm assuming that your Exchange Server's admin has already generated a self-signed certificate. On my PC I install the certificate by going to the server OWA (Outlook Web Access) site, for instance http://mail.myexchangerserver.com/exchange. You should get the certificate notification. View and install the certificate. Exit Internet Explorer and go back to the OWA site and it should go straight to the sign on screen which means you're golden. Exit Internet Explorer.
On XP click on Start, then Run and type mmc <enter> (Vista click on start and type mmc <enter>)
Now click on File / Add/Remove Snap-in. Double click Certificates and accept the default "My User Account" to add the snap-in.
Open the Certificates snap-in, go to Trusted Root Certification Authorities\Certificates and find the certificate that you installed earlier.
Right click, All Tasks and Export to a DER encoded binary X.509 (CER) and save.
Copy the certificate to your device (I put mine on the SC as I flash quite often) and install.
I know there are perhaps easier ways but this is pretty painless and is how I set up the 60 or so WM6 devices that I support.
@ Dr Puttingham: Thanks for posting that procedure. No, I don't believe there's any easier way to deal with a self-signed certificate, at present. Things get particularly interesting when you run into devices whose security is locked down tight (e.g., Verizon Q).
Things get particularly interesting when you run into devices whose security is locked down tight (e.g., Verizon Q)
Click to expand...
Click to collapse
Man ain't that the truth.
I am using Exchange server for work email and use LockPicker to get by the constant entering of a security code to un-lock the phone. Not sure I should load 2.2 because the developer has informed me that LockPicker will not work with 2.2. If anybody is running 2.2 and Exchange server, does 2.2 offer an option of the screen time out vs. the exchange lockout????
Im running exchange and have to enter the code if the phone sleeps for more than 15 minutes. The time is adjustable, plus the code entry keyboard is huge not a problem to enter at all, overall its a minor pain but workable. The guys that developed lockpicker have an app out that disables this, it is only in the beta stage now and not released to the general public but should be soon.
if found that any of my end users were attempting to disable/bypass the Exchange security...i would haul their ass to HR faster than they could enter their PIN.
DraginMagik said:
if found that any of my end users were attempting to disable/bypass the Exchange security...i would haul their ass to HR faster than they could enter their PIN.
Click to expand...
Click to collapse
He He, I'm thinking if I were an IT guy i'd do that too. Lucky for me I'm an end user, I'm hoping somebody comes up with a way to just toggle the time to a longer value say options for 30 - 60 minutes. In reality the new code entry screen is a breeze to use, not such a big deal as before. I'm just wondering if the time delayed is specified by the Exchange server or if it is built into the phone app.
ifly4vamerica said:
I'm hoping somebody comes up with a way to just toggle the time to a longer value say options for 30 - 60 minutes.
Click to expand...
Click to collapse
/shudders at the thought.
I haven't played with it yet, but pray there is no way for my end users to set a 60min lockout period. that's just waaaaaay too long. how long do you have before your work desktop auto-locks? 15min? and that is for a device that doesn't move and if anyone else is at it would draw attention.
perhaps you feel that you are not important on the food chain and have nothing important in your email. but as these type devices get more powerful folks keep more data on them... pictures, movies, xls, doc, mp3 etc. plus tons of email (with email addresses, names and numbers), some folks will setup the VPN function and map network folders or setup VNC/RDC connections (server names, ip addresses and domain name).
it's not "JUST" that someone may see who you're going to lunch with or that your racquetball game got rescheduled. its all that other crap that concerns us. stuff that you may or may not have. for things that you probably don't see as being a possible security breach. sorry if this has an overbearing tone, it's one of those things i have to beat into folks head everyday.
"i don't care if they know my password, maybe they'll do my work." /facepalm
no...they won't.
ask your favorite IT nerd how many pwd's he has floating in his head and how many times he has to unlock his computer each day.
/steps down from security soapbox
DraginMagik said:
/shudders at the thought.
I haven't played with it yet, but pray there is no way for my end users to set a 60min lockout period. that's just waaaaaay too long. how long do you have before your work desktop auto-locks? 15min? and that is for a device that doesn't move and if anyone else is at it would draw attention.
perhaps you feel that you are not important on the food chain and have nothing important in your email. but as these type devices get more powerful folks keep more data on them... pictures, movies, xls, doc, mp3 etc. plus tons of email (with email addresses, names and numbers), some folks will setup the VPN function and map network folders or setup VNC/RDC connections (server names, ip addresses and domain name).
it's not "JUST" that someone may see who you're going to lunch with or that your racquetball game got rescheduled. its all that other crap that concerns us. stuff that you may or may not have. for things that you probably don't see as being a possible security breach. sorry if this has an overbearing tone, it's one of those things i have to beat into folks head everyday.
"i don't care if they know my password, maybe they'll do my work." /facepalm
no...they won't.
ask your favorite IT nerd how many pwd's he has floating in his head and how many times he has to unlock his computer each day.
/steps down from security soapbox
Click to expand...
Click to collapse
I here ya!!! can we comprimise at 55 mins???? Ok 30 mins?? ;-P How did you know my R-Ball game was rescheduled????????????
/retires from badgering the IT guy!
LOL ... if only we lived in a perfect world.
Solution here: http://forum.xda-developers.com/showthread.php?t=745065
Anyone here tell me what the actual setting in the Exchange Active Sync profile causes this error? I am working with my IT group to get back access to the Exchange server that is currently locked out because of a missing security setting.
Microsoft dissed me, Samsung blames Exchange, Exchange peeps won't budge with out direction and I love my phone so I won't go back.
Thanks,
Brian
It has to do with security policies... It could be a number of things (I think on the older WM6 phones, sometimes it actually would tell you why)...
Your IT department should be able to look at logs on their side to find out why it's not being passed...
Keep in mind, this could be something as easy as you not having a pin password when you use your phone (phone lock). But if your IT department have changed default settings, it could be something more complicated.
First off, I would set a phone lock password, and try setting up the sync. If that doesn't work, you'll have to wait for your IT department.
Zhariak said:
It has to do with security policies... It could be a number of things (I think on the older WM6 phones, sometimes it actually would tell you why)...
Your IT department should be able to look at logs on their side to find out why it's not being passed...
Keep in mind, this could be something as easy as you not having a pin password when you use your phone (phone lock). But if your IT department have changed default settings, it could be something more complicated.
First off, I would set a phone lock password, and try setting up the sync. If that doesn't work, you'll have to wait for your IT department.
Click to expand...
Click to collapse
Thank you for the response. I have tried several gyrations of password before Exchange add, Exchange delete and reinstall, number of things. The real puzzling thing is that the settings they have shown me from screen grabs are all supported by WP7. I posted the error code on the Windows Phone boards at MS and no response yet. I have seen other codes for security issues, this one seems to be a lot more obscure. I was hopping someone could bust out a decoder ring so I could just tell our IT guys what to do (pretty common).
I told them about being able to circumvent the password lock in Win6.5 with a simple registry edit, blew their minds.
IT found the fix, sort of. They rebuilt the security policy as part of an another user issue and the phone syncs correctly. Apparently, importing the security policy from Exchange 2003 into 2010 brings along some baggage.
Still no clue what actually caused it, but if anyone else around the web finds this thread because of the error code, ask your peeps to rebuild the policy. They will have other issues besides yours, eventually.
TESTED ON MANGO, AND WORKED FINE
Gentlemen,
I have found the reg key in some posts to disable the lock code for the windows phone, if you have configured the exchange e-mail account in Phone.
I was unable to view the specific reg key in normal registry editor. So I have converted the reg key to an xap file by using provxml method. And you can apply the key even if you don't have the registry editor app installed on your device.
Steps:
1. Deploy the xap file to your developer unlocked device.
2. Launch the app.
3. Tap on the green button, it should gibe you a success message.
4. Uninstall the app.
5. It may require to restart the device, since this is a registry change.
5. U r done. Now u will be able to turn off your phone security code even if you have configured the exchange e-mail account in your phone.
I have tested on my chevron unlocked HTC HD7, and it is working fine.
Hope some one will be looking for this.
Note: it's recommended to keep your phone with lock code enabled, but sometimes we need to keep the phone unlocked for some reasons.
If you install this xap, it will enable another wonderful feature..
By default, the 10 invalid attempts will erase ur phone. But after you install this xap, the password will be locked out for 1 min after 5 invalid attempts. Then after each attempts, the lockout time will double. I have tried untill the phone lockedout for 64 minutes. Then I stopped trying with the invalid lock codes. It will help you to keep the data safe, if anyone play with the phone, especially kids.
Note: Please don't try after 5-6 attempts if the phone didn't get locked out, may be this not compatible on your device. You may lose your data. I applied this on my T-Mobile HD7, and it is working fine.
Hit thanks if you like my post..
Thanks
JAZEEL
So I just applied the registry change in your provxml, and it temporarily works,i.e. it enables the option in the lock and wallpaper screen to disable the password, but next time you sync email the policy is reenforced and you have to set a pin again.
Are you also changing the permissions to that reg key in your xap somehow? haven't got a machine with the dev tools handy to try the actual xap out.
benneh said:
So I just applied the registry change in your provxml, and it temporarily works,i.e. it enables the option in the lock and wallpaper screen to disable the password, but next time you sync email the policy is reenforced and you have to set a pin again.
Are you also changing the permissions to that reg key in your xap somehow? haven't got a machine with the dev tools handy to try the actual xap out.
Click to expand...
Click to collapse
I have tested myself, and it's a permanent solution. It's stays for ever. But I don't know what will happen if you reconfigure the exchange account..
Is there any way to keep a timeout for the lock? I find it very irritating to enter the unlock code every time the device wakes up
@OP, what is the reg key for the change? You must know that to make an XAP?
timmymarsh said:
@OP, what is the reg key for the change? You must know that to make an XAP?
Click to expand...
Click to collapse
This is the key which deploys through the xap..
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001023"=dword:1
Doesn't Work ...
Hi I tried this unlocker but it is not working for me every time I connect to the computer (Zune and Windows Phone Device Manager) it relocks and have to chevron unlock again.
Any suggestions?
Hello OP,
I have a Sprint HTC Arrive, I got the following message just trying to launch the xap file:
(WARNING)
(The carrier doesn't exist in database. Please contact your carrier for connection setting and go to Setting>cellular>edit
APN for further configuration.)
Theres no APN in my settings that I see, any help would be great, thanks
Striving said:
Hi I tried this unlocker but it is not working for me every time I connect to the computer (Zune and Windows Phone Device Manager) it relocks and have to chevron unlock again.
Any suggestions?
Click to expand...
Click to collapse
This is to disable the lock code on the phone if you have enabled the exchange account which will force to put the lock code.
To permanent developer unlock, please search in xda, someone already posted it before and I have applied that on my HD7.
purian23 said:
Hello OP,
I have a Sprint HTC Arrive, I got the following message just trying to launch the xap file:
(WARNING)
(The carrier doesn't exist in database. Please contact your carrier for connection setting and go to Setting>cellular>edit
APN for further configuration.)
Theres no APN in my settings that I see, any help would be great, thanks
Click to expand...
Click to collapse
I have checked on my HTC HD7 T-Mobile unlocked.. It's working fine..
Search for the reg key for your specific device, and if you find I will help you to deploy it on your device..
jazeelkk said:
This is to disable the lock code on the phone if you have enabled the exchange account which will force to put the lock code.
To permanent developer unlock, please search in xda, someone already posted it before and I have applied that on my HD7.
Click to expand...
Click to collapse
Thanks for the response funny a little while after I realized that is was for something other than the dev unlock. And happily I have gotten have way there I am unlock but have to make sure I remember to put phone in flight mode before connecting it.
rhn said:
is there any way to keep a timeout for the lock? I find it very irritating to enter the unlock code every time the device wakes up
Click to expand...
Click to collapse
i 2nd that!
jazeelkk said:
I have checked on my HTC HD7 T-Mobile unlocked.. It's working fine..
Search for the reg key for your specific device, and if you find I will help you to deploy it on your device..
Click to expand...
Click to collapse
Thanks for your response, the only reg i've ever found to disable the lock on my device is the one you posted and built into your xap file. For some reason the reg doesn't exist in my phone and I can't create it either.
Most likely why you put this together for us. But on my end here, I now have to app to my phone, once I go to launch it I get the message from my previous post, it just wont deploy/launch. Any ideas up i'm for trying.!!
Thank you,
The reg key is protected, so you can't browse to it, but you can still use a tool like advanced explorer to set it by manually specifying the full path and value to change.
I was able to set the value manually like this, but like I mentioned the value is set back automatically next time your phone sync's with exchange. The policy must get checked on every sync with exchange, and gets set back if your exchange server requires a PIN policy.
From what I can ascertain this XAP simply sets that value, so you would have to run this xap after every sync which isn't a great solution.
barrychon said:
i 2nd that!
Click to expand...
Click to collapse
I have tried it as mentioed in some old posts. But it is not working. Only thing I could do is to activate the ON/OFF button with this reg key, so that I can disable the code at any time.
I presume you guys know this already, but just for the heck of it.
You're bypassing a policy. A policy that's most likely you companies' policy. If you do lose your phone and people are able to access files or e-mails that are highly important and/or confidential, you could take the blame for leaking this information.
This could mean the company would sue you for all kinds of things, and it would be very much possible they would fire you. There is a reason the policy is enforced.
I can see why you want to disable the policy, but, as said, there is a reason your company wants that policy on a device that connects to their Exchange server and it's not to annoy you.
EvilWhiteDragon said:
I presume you guys know this already, but just for the heck of it.
You're bypassing a policy. A policy that's most likely you companies' policy. If you do lose your phone and people are able to access files or e-mails that are highly important and/or confidential, you could take the blame for leaking this information.
This could mean the company would sue you for all kinds of things, and it would be very much possible they would fire you. There is a reason the policy is enforced.
I can see why you want to disable the policy, but, as said, there is a reason your company wants that policy on a device that connects to their Exchange server and it's not to annoy you.
Click to expand...
Click to collapse
You are right. I recommend to keep the phone locked always.
It meant for some situation, where we need the phone need to be stayed unlocked. Atleast we should have the option for it.
EvilWhiteDragon said:
I presume you guys know this already, but just for the heck of it.
You're bypassing a policy. A policy that's most likely you companies' policy. If you do lose your phone and people are able to access files or e-mails that are highly important and/or confidential, you could take the blame for leaking this information.
This could mean the company would sue you for all kinds of things, and it would be very much possible they would fire you. There is a reason the policy is enforced.
I can see why you want to disable the policy, but, as said, there is a reason your company wants that policy on a device that connects to their Exchange server and it's not to annoy you.
Click to expand...
Click to collapse
Thanks mum. But seriously...
I think this is a perfect example of a security policy being set which isn't realistic, so users find workarounds. Like when you mandate everyone has a 50 character password which has to be changed once a week, everyone simply ends up writing them down on post it notes.
The PIN code every time you want to use your phone is bloody annoying. It could improved to make it more useable, e.g.:
Only require a PIN if it's been more than 30 minutes since you last entered it.
Only require a PIN when accessing data in exchange like calendar/email.
Specify certain actions which don't require a PIN unlock, e.g. playing music or games.
Anyhow this is mostly irrelevant as this hack is only temporary and the setting reverts so that's a killjoy.
benneh said:
Thanks mum. But seriously...
I think this is a perfect example of a security policy being set which isn't realistic, so users find workarounds. Like when you mandate everyone has a 50 character password which has to be changed once a week, everyone simply ends up writing them down on post it notes.
The PIN code every time you want to use your phone is bloody annoying. It could improved to make it more useable, e.g.:
Only require a PIN if it's been more than 30 minutes since you last entered it.
Only require a PIN when accessing data in exchange like calendar/email.
Specify certain actions which don't require a PIN unlock, e.g. playing music or games.
Anyhow this is mostly irrelevant as this hack is only temporary and the setting reverts so that's a killjoy.
Click to expand...
Click to collapse
Lol, you have a point, but or colleague above is quite correct, the policy is enforced for a reason. At my company, such an offense can mean instant dismissal
(if you use exchange for just calendar and contacts, as i do, a pin is not required to unlock, the policy is only enforced for email strangely enough....)
I agree the Pin should be how it was in WM 6.5 where you could have it only ask after 2 hours or evey 24 in some cases. That way if was a good balance. This business of requiring the PIN every time you look at your phone is crap. I have removed it from my droid device and I am fornunate that my company will not hassle me over it. Still though its a bunch a crap to enter it every 5 minutes.
I was toying today with the My Phone service here (https://www.windowsphone.com/en-US/my) while my sim card was in an android device.
After trying the "ring my phone" option, I received an SMS from Microsoft that contains some string encoded as a base64 message it seems. I have then send the same SMS to my number with the sim card on my Omnia 7 and it actually made the phone ring, I have tried this process multiple times and it seems to work even when the phone has no data connection.
I have noticed that all the SMS commands sent to the phone has the same magic header, which if you even try to send it to yourself, will still be interpreted as a command. Also, once an SMS command is received, it doesn't trigger the phone anymore (the phone appears to remember the old commands).
What is left to do now is:
1. identify how the commands are encoded (and eventually generate them)
2. and if the commands are generic and work on any phone or are generated per user account.
The second point could be verified easily, as I can provide some of the SMS commands I have for anyone who wishes to test (please notice that the commands only make the phone ring).
Please leave me a message if you want to test the commands, I would also be happy to hear any thoughts about this if some of you have already investigated it before.
[Update 03/05]
After some testing it appears that the commands are not generic enough to work on all models. The commands of my Omnia 7 do not affect an HTC 7 Pro for example, but we do not know yet if they are model specific, or user/defice specific.
If you have an Omnia 7 please let me know so that we can test if it's model specific.
Those who have access to a non Windows phone can also generate SMS commands by sending a ring command from here to their number (with the sim card on another phone). It would come clear after we gather few SMS commands for several models what is and what is not specified in these commands.
I've not investigated this (though I'd thought about it before), but I'd be happy to do so (just don't send me the "wipe your phone" command!). There must be *some* degree of security, of course. I assumed that the SMS commands also couldn't be sent from the messaging UI, although with native code access it should now be possible to send them through the raw SMS API...
I don't have an Android phone to test with, though.
Cool
Sounds cool if you provide me with a sms code to ring my phone or something I would love to try it out
Not sure if it is related, but I did investigate the whole provisioning over sms stuff a while back, and the result was very disappointing. The driver that accepts the sms in the first place is in TCB, so that was promising, but it then impersonates a low-privileged account to the real provisioning. Some file-access and registry-access was possible, but nothing really important.
Good luck,
Heathcliff74
I can certainly try this. HTC 7 Pro/Arrive on Sprint.
atm153 said:
I can certainly try this. HTC 7 Pro/Arrive on Sprint.
Click to expand...
Click to collapse
tried on mine it doesnt seem to work
this is kind of interesting, but, i can't use that feature in indonesia
---
btw, can you provide all the commands here? including the "wipe your phone" command
---
eehem, we can troll other wp users if we can get that sms code
aramadsanar said:
this is kind of interesting, but, i can't use that feature in indonesia
---
btw, can you provide all the commands here? including the "wipe your phone" command
---
eehem, we can troll other wp users if we can get that sms code
Click to expand...
Click to collapse
And that, my friend, is why it should not be disclosed hehe.
The world isn't ready for a troll level that high just yet
juzz86 said:
And that, my friend, is why it should not be disclosed hehe.
The world isn't ready for a troll level that high just yet
Click to expand...
Click to collapse
and, seriously, i'm curious about this code, and i definitely won't troll other wp users. i need this for my own purposes
As per the first post edit, I've got an Omnia 7.
No secondary phone though, gave that one away to my sister.
Look what I did today:
http://youtu.be/SSFc41ZvaIo
djtonka said:
Look what I did today:
http://youtu.be/SSFc41ZvaIo
Click to expand...
Click to collapse
r u a real dj
djtonka said:
Look what I did today:
http://youtu.be/SSFc41ZvaIo
Click to expand...
Click to collapse
Could you please share the code?
Code is working only once and only with specific model as Nokia L800 or HTC HD7 from Your list on website.
SkYxAAAxAR626k5CsLvsLiv3PK2cNAxlBoTWMh9ln6uVY87rPTVmRRxGRJKLRC9E8S8R+6Z4g==
Click to expand...
Click to collapse
I am intrested in this idea.
Can you provide me more information?
Maybe I can help you
I wonder if that is the string that is on the computer you sync with in the certificate store... it says "Zune-Tuner:xxxxx" and a random looking value (NOT keys or part of the cert, but in the name)
Heathcliff74 said:
Not sure if it is related, but I did investigate the whole provisioning over sms stuff a while back, and the result was very disappointing. The driver that accepts the sms in the first place is in TCB, so that was promising, but it then impersonates a low-privileged account to the real provisioning. Some file-access and registry-access was possible, but nothing really important.
Good luck,
Heathcliff74
Click to expand...
Click to collapse
This is worth paying attention since for the erase command it surely should grant TCB privileges ... also for 'find my phone'.
Anyway ring command for OMNIA7 is:
SkY#AAAxBuTZmZCZ9DWZYBvARGyQ0auHQcVvMv2c/HqXv1zQccwcQHAC9ErEZ2nuGgy5Wq5FQg==
and for Focus:
SkY#AAAxAzZCeRmCnBJKls6/h1WIZUTNgcipqDPTax0qeiSaDqnXd441bv2JaiixMH8tzjvZUQ==
I have no clue how what code is this but the SkY#AA is the header in all messages and every ring command SMS is unique . Funny, if I send the FOCUS ring command to an Omnia7 it gets delivered( network delivery confirmation) but it doesn't show up in messages, nor does the phone react in any way so it must have an model identifier inside.
Who's good @ decryption here?
Maybe we should gather more commands to try and guess some vallues from inside.
htc9420 said:
This is worth paying attention since for the erase command it surely should grant TCB privileges ... also for 'find my phone'.
Anyway ring command for OMNIA7 is:
SkY#AAAxBuTZmZCZ9DWZYBvARGyQ0auHQcVvMv2c/HqXv1zQccwcQHAC9ErEZ2nuGgy5Wq5FQg==
and for Focus:
SkY#AAAxAzZCeRmCnBJKls6/h1WIZUTNgcipqDPTax0qeiSaDqnXd441bv2JaiixMH8tzjvZUQ==
I have no clue how what code is this but the SkY#AA is the header in all messages and every ring command SMS is unique . Funny, if I send the FOCUS ring command to an Omnia7 it gets delivered( network delivery confirmation) but it doesn't show up in messages, nor does the phone react in any way so it must have an model identifier inside.
Who's good @ decryption here?
Maybe we should gather more commands to try and guess some vallues from inside.
Click to expand...
Click to collapse
Also, note that the phone, upon receipt of the magic SMS would reply back to the short code indicating success or failure, which would ripple back to the website with the status-I stuck a prepaid SIM into a spare phone to capture the ring and wipe requests-in both cases the website said something to the effect of "we couldn't do it right now" (and in the case of the erase, asked if you wanted to keep trying until successful).
speaking of this, did the OP post what short code was being used? I wonder if it's the same between carriers?
There doesnt appear to be one code for Focus and One for HTC whatever etc...
My wife and I both have lumia 900's. I did this first with My SIM, then her's and back to mine. I got 3 different values. So both phones were different and even the same phone was different on two seperate occasions.
It looks like the value the MS messaging system negotiates with their server. Check out the messaging SDK sample projects.