MPx200 has absolutely no security, is that normal ?
The PocketTV Team
The security on the AT&T Motorola MPx200 is *totally* non-existent!
On this device, unsigned-applications are capable of switching all their
threads to Kernel mode (using SetKMode(TRUE), thus gaining access to all
privileged API's :)
I did not think that was possible at all!
My understanding was that even un-locked Smartphones had a certain level of
security (touted by MSFT). I thought that privileged API's could not be
used and applications were restricted to User Mode unless signed with a
privileged certificate.
But PocketTV Classic is not signed at all (not even with the regular
Smartphone certificate from Geotrust), and it can run in Kernel mode on the
MPx200 phone!!! nice! so basically an malicious app could read all your
contact info and send it to anyone without you knowing. something to keep in
mind!
Yes, I double-checked... PocketTV Classic can execute privileged ARM
instructions, access privileged API's like KernelIoControl etc. No question
about that!
Some people at AT&T and Motorola will be on hot seat pretty soon :)
The other things that we discovered are:
- SPI_GETOEMINFO (which is sipposed to return a string the identifies the
make a model) returns only "Motorola, Inc." (they forgot to include an
identifier for the model in SPI_GETOEMINFO, so applications will have to
"guess" - not problem as long as there is only one Motorola Smartphone out
there!
- The Default Thread Quantum is set to 25 (ms). This seems quite low.
Usually the Default Thread Quantum is set to 75 or 100, which would increase
the performances of the device by avoiding too frequent thread switching.
Not sure if they used such a low thread quantum on purpose, or if they just
made a mistake - most likely the later, from our experience with OEM's!
jlowap
.sounds like a bit of f**k up to me!
james
"The PocketTV Team" <do-not-rep...@pockettv.com> wrote in message
news:OCkPp1nq...@TK2MSFTNGP10.phx.gbl...
The PocketTV Team
we'll see when they wake-up later today... :)
it would be nice if our observations could be independently confirmed.
anyone ?
Jen WB
is it a fault with the AT and T secuirty policy or is its a failure of
implementation by motorola ?
This could be interesting we could see the first Smartphone virus on AT and
T which could mean lots of very upset customers
this does not bode well
"The PocketTV Team" <do-not-rep...@pockettv.com> wrote in message
news:%23rKNmop...@TK2MSFTNGP12.phx.gbl...
The PocketTV Team
>
>
> is it a fault with the AT and T secuirty policy or is its a failure of
> implementation by motorola ?
don't know...
> This could be interesting we could see the first Smartphone virus on AT
and
> T which could mean lots of very upset customers
>
> this does not bode well
I just know that a MPx200 user has sent us a trace produced by PocketTV
Classic that clearly shows total lack of security (i.e. our non-signed app
turning itself into Kernel mode and successfully using privileged API's).
It's the first time I ever see that with a Smartphone.
Normally we see that with Pocket PC's (since there is no security policy on
Pocket PC and any app can turn itself root and do anything they want).
But on Smartphone the security is (supposed to) be much stronger.
Even with the Red-e development Smartphone, we cannot do that unless we sign
it with a privileged certificate.
Jen WB
definately set "trust anything signed or not" as a policy on the phone, the
default is as you state, priviledged apis are locked, but I guess AT and T
thought it best to leave everything open, really they should have unlocked
to the same level of Orange ................................................
"The PocketTV Team" <do-not-rep...@pockettv.com> wrote in message
news:%238fp3Jq...@TK2MSFTNGP11.phx.gbl...
The PocketTV Team
news:ukY6VOqq...@tk2msftngp13.phx.gbl...
> Maybe AT and T "over rode" the feature with there security policy, you
can
> definately set "trust anything signed or not" as a policy on the phone,
the
> default is as you state, priviledged apis are locked, but I guess AT and T
> thought it best to leave everything open, really they should have unlocked
> to the same level of Orange
................................................
So you think that's on purpose ?
Cool for developers, but a bit dangerous for the user... ?
We'll see what people say.
David Hanson
Wake up Neil
"Jen WB" <jen_Wo...@hotmail.com> wrote in message news:<ukY6VOqq...@tk2msftngp13.phx.gbl>...
Jen WB
its not an OS issues as such but an operator choice then its not really for
MS to comment on.
Serioulsy I believe that AT&T having seen the flack that Oange received for
launching a completely locked phone (one that needed signed apps to do
anything rather than one which needed signed apps to make privileded api
calls: a "developer phone") just did what people asked for an unlocked
phone, which because its completely open is a security risk to the user and
the network.
Priviledged apis should be locked down, there misuse could costs a user a
significant amount of money, tie up network resource and lead to a whole lot
of unhappiness. The smartphone virus will happen :o( and as a community we
need to help strengthen the security of the phones against application
abuse, for this developers, operators, OEMS and MS have to get together in
workgroups, each area bring its own special set of expertease and everyone
needs to be involved.
I am concerned for users who have purchased this phone ...... I worry .....
no protestion from malicious usage and it hits you where it hurts, the
pocket.
AT&T or Motorola are unlikely to respond publically but I wouldn't be
suprised if there was an OTA update soon .............
"David Hanson" <davidh...@hotmail.com> wrote in message
news:162f54ff.03111...@posting.google.com...