Related
hey guyz..
the scene is set, dont want to tell anyone where it happened by whom and ofcourse who got robbed but here's the story.
User had an o2 Xda II, customized rom, with IIWPO Theft Control installed in the rom, so that means hard reset wont wipe IIWPO out of the pda.
Robber comes puts a knife on the user's throat takes away cash and the pda, user gives it happily thinking she will get a msg on the other number with all the info of sim changed.
4 days pass by no info come's and the pda is sold or forwarded to someone else or whatever. END OF STORY.
now how did the user not get a msg of the new sim info.
1. SIM WAS NOT CHANGED.
2.SIM CHANGED BUT NO CREDIT IN NEW SIM.
3.BATTERY TAKEN OUT PDA TOTALLY DEAD TILL NEW CUSTOMER GETS IT. ETC ETC.
WHAT CAN BE DONE.
ok guyz this is the part where i would like allll the geeks & gurus to put in some effort, i know it will be tough but i have a feeling its not impossible.
CAN UR,LL UPDATE IIWPO IN SUCH A WAY THAT WHEN WE ARE FEEDING OUR NAME AND OTHER INFO IT WILL ALSO ASK FOR A SECURITY PASS TO BE PUT IN, SO THAT WHEN ROBBER CHANGES SIM THE IIWPO RECOGNIZES THE SIM CHANGE AND LOCK'S THE PDA AND ASKS FOR THE PASS, AND WONT UNLOCK TILL PASS PROVIDED, REBOOT WONT HELP.
Now ofcourse the robber can be anyone, so the robber plans to hard reset and still the device would recognize the sim change and ask for pass now so annoyed he plans to flash the device and what happens after that all of us know.
To prevent this THE GEEKS & GURUS can just build a small security patch that can wont allow flashing of device till pass given, it would work like this, we flash our device for the first time install IIWPO and the NEW SECURITY PATCH (with passwords) device is robbed, robber changes the sim gets pass error he gets pissed and tries to flash the device and that clever software would not flash the device till pass provided, this would prove that all the efforts the robber made to steal the device are gone to waste.
And ofcourse someday someone might put in a sim with credit and we would get the info.
NOT FORGETTING CHARLES WARNER FOR THE GREAT WORK HE'S PUT IN FOR ALL xda-developers.com USERS and also giving the IIWPO to us for free, REALLY APPRECIATE YOUR WORK SIR !! THANKS ALOT.
no one interested in being secured ?
I think the IIWPO idea can definitely be improved, BUT: It will never protect you from being robbed.
The true advantage of IIWPO in its currect form is to be able to get track of the 'new' owner of a nicked device. In the end: someone will put in his/her sim and then its just bing!
All other enhancements will just make sure noone else gets to use the device. Sure an improvement, but less important to me: I just want my device back and get the thief nailed!
Interesting...
But I think you have misunderstood how IIWPO works.
IIWPO does not detect if someone changes the SIM card. It ONLY acts when the someone changes the Owner Information (Start/Settings/Owner Information), so no matter what SIM card there is, as long as it has credit it will send an SMS to the recipient's phone number. That's the beauty of it, that it silently sends the SMS with the 'new' users data so there is a slight chance of knowing who's the 'new' owner.
But! This is by no means fool proof. It's what they call 'protection by obscurity', so if a savvy robber knows how to reflash the device it will get away with it no matter what features we can integrate to IIWPO.
That's one of the cool new features of WM5.0, that we can at least know for sure that our data is SAFE by wiping the info remotely if necessary.
Just a thought.
Rayan
edsub said:
The true advantage of IIWPO in its currect form is to be able to get track of the 'new' owner of a nicked device.I just want my device back and get the thief nailed!
Click to expand...
Click to collapse
Rayan said:
so if a savvy robber knows how to reflash the device it will get away with it no matter what features we can integrate to IIWPO
Click to expand...
Click to collapse
ofcourse this is why we all love IIWPO cause it sends use a msg, and ofcourse even if someone was to modify IIWPO iam sure that this feature would'nt wipe out.god forbid you get robbed u get a msg frm the cell but you for some reason cant track the person or some other c#@p...and the pda is gone....WHY caz it only sends sms it does not block the screen....if you were to have a feature which would jam or freeze the pda on change of the name then the pda would be useless to the robber nothing much he could do....unless he knows how to flash it...now comes a part where we can do something about not flashin the device with out a pass....this would totally make the pda useless to the robber and would also keep sendin us msgs and secondly the robber maybe maybe next time might think twice before robbing a pda and might go for something else
How about a device that would be installed internally to the xda and if it is stolen and a different sim/different user info is entered and the person makes a call it fires a large captive bolt which nails the phone to the head of the user, it then adjusts itself to full volume with all lights flashing and announcing "This is a stolen phone...call an ambulance...or hearse".,
cruisin-thru said:
How about a device that would be installed internally to the xda and if it is stolen and a different sim/different user info is entered and the person makes a call it fires a large captive bolt which nails the phone to the head of the user, it then adjusts itself to full volume with all lights flashing and announcing "This is a stolen phone...call an ambulance...or hearse".,
Click to expand...
Click to collapse
tht would be great..... are u goood enough to build something like tht ?
Rayan said:
But I think you have misunderstood how IIWPO works.
Click to expand...
Click to collapse
I perfectly understands the IIWPO functionality. It was me who put together IIWPO for other devices than Wallaby.
Let me explain how my earlier post should be interpreted: Sure it is triggered by the change of owner info, but most thieves (or buyer from a stolen device) will put in another SIM (simply because they dont have the pin of the stolen sim or because the stolen sim is blocked by the network). Thus: As soon as the 'new' owner puts in a SIM AND he/she has changed the owner info (and every one does that!) the sms is sent.
Also: Eventually a thief might flash a device, but ost certain a thief (or buyer) starts it up to test whether its working or not.
Imho IIWPO can be improved, but practically chances of getting a device back will not significantly improve
edsub said:
Rayan said:
But I think you have misunderstood how IIWPO works.
Click to expand...
Click to collapse
I perfectly understands the IIWPO functionality. It was me who put together IIWPO for other devices than Wallaby.
Let me explain how my earlier post should be interpreted: Sure it is triggered by the change of owner info, but most thieves (or buyer from a stolen device) will put in another SIM (simply because they dont have the pin of the stolen sim or because the stolen sim is blocked by the network). Thus: As soon as the 'new' owner puts in a SIM AND he/she has changed the owner info (and every one does that!) the sms is sent.
Also: Eventually a thief might flash a device, but ost certain a thief (or buyer) starts it up to test whether its working or not.
Imho IIWPO can be improved, but practically chances of getting a device back will not significantly improve
Click to expand...
Click to collapse
Sorry edsub, I should have specified to whom I was refering to (zairyaab) when I wrote that comment.
Best regards,
Rayan
np m8
edsub said:
It was me who put together IIWPO for other devices than Wallaby.
Click to expand...
Click to collapse
Can you explain what should I change in the cab to make it work on other devices (Like ETen M500/Torq P100)?
edsub said:
Imho IIWPO can be improved, but practically chances of getting a device back will not significantly improve.
Click to expand...
Click to collapse
Yeah, but still I would feel somewhat better if I can at least call the thief/buyer and shout some expletives if he/she refuses to cooperate!!! :twisted: :lol:
Best regards,
Rayan
i have my girlfriend's number as my report number.. what if were together and we got robbed both our phones are taken away.. a multiple report number would be a good addition to IIWPO
The changes I'd like to see done to IIWPO include:
a) not using "IIWPO" or 'xda-developer' in the registry (user customisable registry key)
b) user customisable executable file name (IIWPO_startup is like a dead giveaway)
c) not storing owner name & number 'in the clear' (a simple XOR to hide it would be just as effective)
d) a hash of the entire owner info page (not just the last name) so unit will resend an SMS if any info changes
e) a new sms is resent after a preset time (eg: every 24/48/120 hours for example), regardless if owner info has changed or not.
I also like the idea of multiple number reporting.
a,b,c) Considering the concept of IIWPO is 'security by obscurity'; it will help if one could hide it more effectively. (no one is going to bother too much about bluetooth.exe or msn_update.exe in the startup folder for example...)
d) Most people get their name right; then meddle with the other bits of information as time goes on - it'd be good to get 'updated' info as and when it happens.
e) Consider it a 'keep alive' thing, so we'll know the unit is still in use, and can continue to keep in touch with the new owner =) I've no moral issues burning up the credit of someone who refuses to give me back my property either. =P
If nothing else, we'd be able to know when the unit gets reflashed, and can quiety say goodbye to our unit after not hearing from it for a while... =(
Is IIWPO still being maintained by the author, or anyone on xda-developers? If not, is the source available? I might be interested in following up on it (time permitting...)
Edited to add: A really vicious version of the IIWPO would possibly send out:
a) phone numbers stored in the SIM card
b) phone numbers stored in the addres book
c) recently dialed/received phone numbers
d) recently sent/received SMS phone numbers
Not all in one go; but in bits and pieces (eg: every 20 startups; send phone numbers of last 5 SMSs sent/received + last 5 phone calls dialed/received).
That would allow us get in touch with his friends and would possibly aid in getting the unit returned (use your imagination... probably easier to get them tell you who/where he is, rather than to get them convince him to return it...)
Probably this would add too much bloat to IIWPO; but hey, could be useful... =P
WOW, ok.
First of all - I registered 2 this forum less than a week ago,
and great job for doing these kind of things.
second - where can i d/l the prog?
and last another idea: when some1 steals ur pda he's usually gonna sell it over. meaning he made his money.
HOWEVER - if even after a HR after changing sims (maybe even without) there will be a picture message saying:
"You cannot use this phone"
"This phone can only be used by me - *name*"
"However, Im willing to buy this phone back from you. call +......"
there wont be a place on the screen to enter the code.
however - the phones' user knows he can type his password and unlock the phone. you might even integrate a handwriting recognition programm for signature or somthing but that will be super hard, i know.
another option is that when seeing this message user has to touch 4 corners of the screen with the stylus in a specific order, then he'll have a please enter password screen.
any comment?
is it do-able?
http://wiki.xda-developers.com/index.php?pagename=IIWPO
hi guys,
am new to this forum and i just got the HTC touch HD for about 2wks great fone installed a lot of stuff but am trying to develop a program that i can track my phone on a web browser. can anyone help me on how to communicate with my phone and get the gps cordinates.
not sure about this, sorry if i get it wrong but maybe you can have a look at this:
http://forum.xda-developers.com/showthread.php?t=482249
what am actually look for is like sending may be an sms to my phone and getting the gps coordinates really need help pls.
maybe this one?
http://smartphonetracker.blogspot.com/
Sprite are currently doing a special HTC package which includes backup plus a secuirty application which can track your phone using the GPS
SPRITE HTC Special Offer
Just to mention that as far as I know any solution includes comunicating with the SIM card. If you want to track your phone in case it gets stolen, well... forget it. I don't believe any thief will be stupid enough to leave the SIM card in the phone and/or the phone turned on. If you want it for another scenario - MAYBE it will work.
you can buy theese lil tracker things they tiny lil sticker things which u can put on cars/phones etc. They can be tracked and reported to the police.
just want to find a way to communicated with the phone it for a project.
Hi guys, I've found an HTC Wildfire S this morning at the train station. IT has locked SIM and locked Screen. Tried to look in the SD card but there'snothing useful.
Debug USB is not enabled so I can't navigate the system folders to find any clue. What do you suggest to help me find the owner out?
Why didn't you just hand it over to the police?
phishphinger said:
Why didn't you just hand it over to the police?
Click to expand...
Click to collapse
That's the last option. I trust more myself
No, the reason is that is much easyer for the owner if I can directly call him. And also often the loss of a low budget device is not reported to the police, so the owner will never find it.
Just some months ago I forgot my phone on a train and a guy called with it my mum and I was ablo to retrieve it in a couple of days!
try installing the sim card to other phone and see if it works than just wait for the owner to call on that number...
Or
you can make a nandroid backup and extract that backup using your pc find the social apps like facebook or tweeter and you will find the account info for the owner and you can send the message to that account that you have found the phone or whatever you want to send...
santacrab.it said:
Hi guys, I've found an HTC Wildfire S this morning at the train station. IT has locked SIM and locked Screen. Tried to look in the SD card but there'snothing useful.
Debug USB is not enabled so I can't navigate the system folders to find any clue. What do you suggest to help me find the owner out?
Click to expand...
Click to collapse
Take it to the carrier store. They will contact them and i think they might even give reward or something. I believe carriers used to.
santacrab.it said:
That's the last option. I trust more myself
No, the reason is that is much easyer for the owner if I can directly call him. And also often the loss of a low budget device is not reported to the police, so the owner will never find it.
Just some months ago I forgot my phone on a train and a guy called with it my mum and I was ablo to retrieve it in a couple of days!
Click to expand...
Click to collapse
You should be able to see what the network is from the SIM - I'd contact them really. Whoever lost the phone is going ot have to contact them so would be able to get the phone back that way. You could also leave a note with your contact details at the lost property at the train station.
Then contact the service provider of the phone. They will have a record of the device serial number and IMEI, and will know the owner of the phone.
Edit: too slow
Chaitanyapatel8880 said:
try installing the sim card to other phone and see if it works than just wait for the owner to call on that number...
Click to expand...
Click to collapse
The SIM is locked, so it's no use.
Chaitanyapatel8880 said:
you can make a nandroid backup and extract that backup using your pc find the social apps like facebook or tweeter and you will find the account info for the owner and you can send the message to that account that you have found the phone or whatever you want to send...
Click to expand...
Click to collapse
How can I make the nandroid backup with a non rooted device, which have the screen block?
santacrab.it said:
The SIM is locked, so it's no use.
How can I make the nandroid backup with a non rooted device, which have the screen block?
Click to expand...
Click to collapse
ah ok... Sorry... I didnt knew that...
No other "software" solutions?
santacrab.it said:
No other "software" solutions?
Click to expand...
Click to collapse
No other option that I can find...
Power off the device, remove and replace the battery, boot into hboot by pressing volume- and power, --wait-- use volume keys to select recovery. You should now be able to use adb stuff even though usb debugging is disabled. I'm not sure, but it's worth a try. I still think the best option is to return the phone to the carrier.
I think if i lost my phone id be a little upset at someone going so far as a nandroid of my stuff even if trying to return to me. Id just take it to carrier. It's a guarantee it gets to the person. They usually have an email or alternate contact for the person.
There will be a serial no on the Sim Card, so that the carrier people will easily identify the owner. (Same thing for the phone also)
**Much simple**.
Hello all,
Today I found a sIII. I'm trying to figure out how to get into the locked phone (swipe style password). I have no password, pin, or google account information.
Ideally I'd like to unlock the phone and retain the current information so that I can track down the owner. (I don't know why anyone puts passwords on their phones as it's impossible to track down the owner!!) I'm aware of the "bug" that allows you to get into the emergency contact section etc., but I'm not sure that works when the phone does not have service as it says something about service currently unavailable.
If I can't get into it and retain the current info, will a hard reset allow me to bypass the password? Maybe rooting the phone?
Any advice is appreciated.
nnamssorxela said:
Hello all,
Today I found a sIII. I'm trying to figure out how to get into the locked phone (swipe style password). I have no password, pin, or google account information.
Ideally I'd like to unlock the phone and retain the current information so that I can track down the owner. (I don't know why anyone puts passwords on their phones as it's impossible to track down the owner!!) I'm aware of the "bug" that allows you to get into the emergency contact section etc., but I'm not sure that works when the phone does not have service as it says something about service currently unavailable.
If I can't get into it and retain the current info, will a hard reset allow me to bypass the password? Maybe rooting the phone?
Any advice is appreciated.
Click to expand...
Click to collapse
I say you see what provider the phone is for. call the provider and tell them that you found a device. if its a cdma give them the ESN and they should be able to tell the owner of the phone that it has been found. i think that is what you should do.
Get into download more and factory reset is worth a try but if you look hard enough. Or you tubes there's ways to do it I saw a video about that on YouTube the other day but I didn't bother looking at the video.
Sent from my SPH-L710 using XDA Premium App
I don't know how to get pass the lock screen.
However afrer hard reset, although the data will be wiped, u can dial
##786# 》 View 》 mobile number.
For sprint phones, unless u activate this phone on a different account, previous number is stored.
Good luck
Sent from my SPH-L710 using Tapatalk 2
Just take it to a sprint store if its a sprint phone.
Not saying you are because i don't know anythong about you. But even though you said you want to track down the owner. Asking how to get around security measures on a phone makes the thought of keeping it or selling it for $$ pop in my head. Again no offense.
Sent from a planet far far away.
Thanks for the info guys. I know it sounds a little shady, but if I was really trying to keep it I'd say; "LOL forgot my password, pin, and google info hehe I'm a silly gurl plz help!" Problem is I found it on a mountain and I'm out of town and there is no service for me to answer any calls it receives. by the time I drive back down to get service, I'll be too far to turn back to return it.
I'm trying to do the right thing, but if it's going to be next to impossible it might just be a lost cause.
If there was no password on it, it would take me a couple minuted to track down an email or phone number I could track this guy/girl down with, unfortunately, if this is not the case it I might hold onto it.
You're trying too hard to be a good samaritan. This is simple. If it is a Sprint/Verizon/AT&T/TMobile phone, stop by the nearest Sprint/Verizon/AT&T/TMobile store and just simply drop it off saying i found this phone and want it to get back to it's owner. The employees know how to look up the details via ESN and or IMEI and get in touch with the account holder. It is that simple.
All this asking for how to bypass the PIN or lock code is irrelevant....unless you have personal designs on the phone yourself.
nnamssorxela said:
Thanks for the info guys. I know it sounds a little shady, but if I was really trying to keep it I'd say; "LOL forgot my password, pin, and google info hehe I'm a silly gurl plz help!" Problem is I found it on a mountain and I'm out of town and there is no service for me to answer any calls it receives. by the time I drive back down to get service, I'll be too far to turn back to return it.
I'm trying to do the right thing, but if it's going to be next to impossible it might just be a lost cause.
If there was no password on it, it would take me a couple minuted to track down an email or phone number I could track this guy/girl down with, unfortunately, if this is not the case it I might hold onto it.
Click to expand...
Click to collapse
It doesn't have to be the store nearest to where you found the phone. It could be any store. They all have the same computers. And can ship phones.
Sent from a planet far far away.
Please read forum rules before posting
Questions and help issues go in Q&A
Thread moved
Thank you for your cooperation
Friendly Neighborhood Moderator
Wondering if my phone got hacked. I am running infamous rom on tmobile. Tonight my friend received my text messages from another number, and when my friend questioned who he was, he either didnt seem surprised or he was just playing along. If my phone did get hacked, do you guys have any advice like a system format, a setting I can change, or should I call tmobile directly?
Thank in advance
mikatachan said:
Wondering if my phone got hacked. I am running infamous rom on tmobile. Tonight my friend received my text messages from another number, and when my friend questioned who he was, he either didnt seem surprised or he was just playing along. If my phone did get hacked, do you guys have any advice like a system format, a setting I can change, or should I call tmobile directly?
Thank in advance
Click to expand...
Click to collapse
I'd call T-Mo directly and advise them of the situation. You might ask your buddy if he would participate and allow his carrier to use information to find what phone did the spoofing, and they can track the user via the IMEI number that is recorded when transmission is initiated. You MIGHT be required to have a police report to get the tracking done, so you ought to consider making the report to your local PD.
Be SURE your buddy isn't jerking your chain before you do anything, and I'd probably want to SEE the TM before any action on your part.
Aloha and Good Luck!
Bobolinko's advice is correct and the best course of action.
But to answer your specific question about the phoen being hacked...No, wiping it won't help. Neither will installing a different ROM or anything else.
If what your buddy is saying is actually happening, it's most likely not that someone have hacked into your phone and is remotely sending messages from your phone. It's far more likely that someone intercepted your cell signal, hacked the IMEI number (as stated above) and applied your IMEI number to another device, thus cloning your phone.
That message to your buddy came from another device entirely and never went through your phone at all. The problem is that this is very hard to fix. You can't have T Mobile jus tblock your IMEI number because then your phone won't work either. T Mobile can't distinguish between your phone and the cloned fake phone because both are broadcasting the same IMEI number, which is the identifier T Mobile uses to use your phone.
Have you left the United States recently and used your phone in another county? This whole scenario is vey common in Russia and other Eastern European countries. People got there on a vaction, use their phone, and immediately the phone's IMEI is captured and stolen. If you had mobile data turned on or used wifi, the user data on the phone is also likely compromised. Meaning all passwords, etc.
If you haven't left the US, it's much less likely, but still possible this is what happened.
Someone could have also physically looked at your phone, wrote down the IMEI number under the battery, and cloned it that way just to screw with you. No intercepted radio signals or anything. Just good old fashioned "copying the key". In that scenario it's almost certainly someone you know (unless you are in the habit of leaving your phone completely unattended around strangers).