tsuggs has quit [Quit: No Ping reply in 180 seconds.]
tsuggs has joined #neo900
itsNotMe has joined #neo900
paulk-collins has quit [Remote host closed the connection]
rootman has quit [Ping timeout: 265 seconds]
_whitelogger_ has joined #neo900
jonsger has quit [Remote host closed the connection]
jonsger has joined #neo900
itsNotMe has quit [Ping timeout: 260 seconds]
jonsger1 has joined #neo900
jonsger has quit [Remote host closed the connection]
jonsger1 is now known as jonsger
jurov has quit [*.net *.split]
misv has quit [*.net *.split]
heinrich5991 has quit [*.net *.split]
dos1 has quit [*.net *.split]
misv has joined #neo900
heinrich5991 has joined #neo900
jurov has joined #neo900
jonsger has quit [Remote host closed the connection]
Oksana has quit [Ping timeout: 283 seconds]
jonsger has joined #neo900
DocScrutinizer05 has quit [Remote host closed the connection]
DocScrutinizer05 has joined #neo900
Oksana has joined #neo900
<Joerg-Neo900>
atk: the N9? it was a good phone though I never really touched it thanks to Aegis crap. Now it's not a good phone anymore thanks to same Aegis crap and Nokia went down
<Joerg-Neo900>
IOW you can't install stuff from alternative repos, and you can't install form Nokia's repos for obvious reasons - they're gone
dos1 has joined #neo900
<Joerg-Neo900>
atk: I don't know how to unlock a simlocked N900
<Joerg-Neo900>
I *think* (unless you have a way to receive the unlock code from original issuer of the lock) you will get away with standard unlock tools for Nokia BB5 phones
<bencoh>
Joerg-Neo900: iiuc there are mirrors for nokia n9 repositories
<bencoh>
and I think there is a way to point there, somehow
<bencoh>
(even with a freshly flashed device)
<Joerg-Neo900>
bencoh: on a freshly flashed device aiui you first need to "enable developer mode" or something, and even that will already fail since the repos to download the additional tools are amiss - and without dev-mode no tweaking of repo pointers I'm pretty sure
<Joerg-Neo900>
but honestly after the N9 gave me the Aegis stinky finger several times, I didn't touch it anymore
<Joerg-Neo900>
I don't want a device I need to *fight* against
<Joerg-Neo900>
>>make sure that the platform meets the requirements set by third party software that requires a safe execution environment<< explicitly means you have no means to touch and mess with programs of "third parties"
<Joerg-Neo900>
which puts whole unix concept upside down
<Joerg-Neo900>
bash is a malicious program - it can do stuff the inventors of aegis (policies) considered detrimental to above mentioned "safe execution environment"
<Joerg-Neo900>
so if you force execution of bash, aegis literally deliberately kills your device
<Joerg-Neo900>
I get an anaphylactic shock from touching such stuff
<Joerg-Neo900>
to make it utterly clear: "safe execution environment" means your media player has absolute control over what you may and may not play back, and any streamed content is blocked on the AV output *by the mediaplayer* and you can't override that, so that there's no risk anybody is recording the content
<Joerg-Neo900>
I still hate the N9 for aegis, but... this info at least seems to actually do exactly what it says: resurrect N9
<Joerg-Neo900>
not only for aegis but for the complete security policy. Also "no downgrade of firmware" for example
<Joerg-Neo900>
an absolute nogo particularly for devels
<Joerg-Neo900>
of course for third parties like netflix or *pay (NFC) or iTunes et al, or any arbitrary commercial software that thinks it needs to protect tough against copying or runtime extension of the licensed executable, any method to downgrade firmware to a possibly "vulnerable" and "insecure" environment is also a nogo. So what I really hate in N9 is the approach to deprive owner of device from their control over what's running on their hardware
dl2s4 has quit [Ping timeout: 258 seconds]
arcean has quit [Ping timeout: 246 seconds]
<Joerg-Neo900>
think whatsapp
dl2s4 has joined #neo900
<Joerg-Neo900>
either you're the customer or you're the product. On HARM you clearly are the product
itsNotMe has joined #neo900
Zero_Chaos has joined #neo900
jonsger has quit [Remote host closed the connection]
jonsger has joined #neo900
Pali has joined #neo900
paulk-collins has joined #neo900
<Pali>
atk: N900 cannot be SIM locked
<Pali>
every N900 is unlocked
<Joerg-Neo900>
no, I actually heard of simlocked N900
<Joerg-Neo900>
and all N900 have a function to unlock simlocks
<Joerg-Neo900>
I think some british provider sold some simlocked N900
<Joerg-Neo900>
(function to unlock) see settings->menu: "unlock provider lock" OWTTE
<Joerg-Neo900>
after all the modem of N900 is a very common Nokia BB5, which is used in many of their phones, so why should it be impossible to SIMlock it?
<Joerg-Neo900>
what worries me is that Neo900's modem has a SIMlock feature open to lock by inwary users, and there's no master key to unlock if they do
<Joerg-Neo900>
now we could lock the simlock to a wildcard "allow all" lock, before shipping. If only there existed such "allow all" wildcard
<Joerg-Neo900>
iirc the lock is on MLN (network code) which is 3 digits. I don't think we could create a lock for `seq 0 999`, that's most probably too long a string to fit even into the cmdline interface buffer
<Joerg-Neo900>
HMMMM, I guess we could lock customer-PIN by entering ten times the wrong one
<Joerg-Neo900>
this should lock the SIMlock so it can't get changed, and with a data (aka MCC.MNC list) of empty string
<Joerg-Neo900>
meh, prolly AT^SCSL="PN",1,"12345678","" should have a similar effect, just not locking the PIN
<Joerg-Neo900>
so user is protected from any malware locking his simlock, but they still may read the correct PIN (and PUK) from a letter in a closed envelope, shipped with device
<Joerg-Neo900>
to be evaluated
xmn has joined #neo900
<atk>
Pali: really? so if it's on ebay saying (O2) (in case you don't know: O2 is a network in the UK) this means that it's not actually simlocked to O2?
<DocScrutinizer51>
see above
<Pali>
I never heard of SIM locked n900... but Joerg-Neo900 wrote there are some...
<DocScrutinizer51>
btw O2 is also in germany
<DocScrutinizer51>
and actaully been bought by an itali*n provider the name of which I forgot
<atk>
Joerg-Neo900: so don't all unlocked phones have this issue of the end user being able to technically lock their own phone?
<Joerg-Neo900>
I don't know
<Joerg-Neo900>
I guess usually this feature is not implemented in end user devices
<Joerg-Neo900>
or locked
<atk>
would it be prohibitively expensive/impossible to just get the makers of the modem to disable the feature in the firmware?
<atk>
Or actually, thinking about this, I'm sure that stuff has to be certified and all sorts... Probably prohibitively expensive.
<DocScrutinizer51>
yes
<DocScrutinizer51>
no, since this isn't changing the OTA properties, it doesn't neesd re-cert
<DocScrutinizer51>
it's a tad of a gray zone
<DocScrutinizer51>
at OM we were allowed to change stuff in AT interpreter and hardware interface, we had no sources and thus no way to mess with the radio stack, of the TI calypso modem
<DocScrutinizer51>
and I think there was no issue with cert as long as the radio stack stayed untainted
<DocScrutinizer51>
generally the cert applies to a model with certain properties. The manuf may apply changes as long as there's clearly no change in those properties. The checked properties are not related to e:g: AT interpreter
<DocScrutinizer51>
as long as the AT interpreter for example doesn't allow simple change of IMEI, which *is* a property checked by cert
<atk>
so if you can change the AT interface, why not simply remove the command to set the sim lock?
<atk>
Joerg-Neo900: I don't have the phone, I was considering bidding on it :P
<Joerg-Neo900>
we can't change the AT interface of the cinterion midule
<Joerg-Neo900>
Cinterion/Gemalto could, without need to re-cert. But they for sure won't, for a few hundred modules
<atk>
Hmm
<Joerg-Neo900>
as long as user has access to the PUK (device specific), there's no real risk
<Joerg-Neo900>
the problem rather is that users neither will know where they put the envelope with the PUK, after a year or more when they possibly need it. Nor do other users want the PUK being printed to a label attached to the device to be visible to thieves etc
<Joerg-Neo900>
with the unique PUK you always can unlock a SIMlock
<atk>
ah, but I don't mean a simlock, I mean a operator lock
<Joerg-Neo900>
that's the same
<Joerg-Neo900>
basically
<atk>
operator lock can be removed with the PUK?
<Joerg-Neo900>
yes
<Joerg-Neo900>
not *THE* PUK, the SIMlock PUK
<atk>
right
<Joerg-Neo900>
the simlock PUK is device specific, while what you think about is prolly the SIM PUK printed on your SIMcard envelope or frame
<Joerg-Neo900>
then there's also device lock which is the notorios 1234 for N900, unless changed
_whitelogger has joined #neo900
PeperPots_ has joined #neo900
<Joerg-Neo900>
re your simlocked N900: worst case give O2 GB a call and ask them for the unlock code, they are supposed to provide it
<Joerg-Neo900>
there's a legal obligation in (afaik) whole EU to provide unlock of SIMlocks after 2 years after purchase
<Joerg-Neo900>
for the N900 is should be trivial to 'prove' that the device been purchased more than 2 years ago
<Joerg-Neo900>
make sure they explain *in detail* which procedure to use and what to enter, since I think some modems will seal SIMlock forever when you enter wrong unlock code 10 times
<Joerg-Neo900>
or rather, you'd need the PUK then, not only the PIN, and I think they won't hand that one out
<Joerg-Neo900>
also make sure no SIM is inserted when unlocking. I think this is mandatory for some modems
knttl has quit [Quit: WeeChat 1.5]
knttl has joined #neo900
<freemangordon>
Joerg-Neo900: are you sure default lock is 1234?