NewLC - Symbian Platform Security - hacked? - Comments

Re: Symbian Platform Security - hacked?

alh — Mon, 05 Nov 2007 09:25:56 +0100

And.. the smart developer develops for whatever phone system that sells at the moment, and doesn't lock himself to one system...
Right now it is still quite easy to decide what smartphone system to put the most focus on though.
Check the numbers for symbian phones vs windows mobile and linux...

But of course, never forget to keep your eye on the horizon....

But all this "this system is better then that" is mostly amusing for anyone with some insight in the business...

Re: Symbian Platform Security - hacked?

free_f9999 — Mon, 05 Nov 2007 00:02:45 +0100

Hi, Eric! "name just one good ... Linux" It is bored. I think you are clever enough to google it. But if you wish, look at this wiki.xda-developers.com for example. I am not going to compare symbian and microsoft phones. I just remember words from one user. After inserting 2 Gb card, phones are freezing for time. User said that it is faster and cheaper to use P535 with 4Gb card. For me, symbian is not the best, and now sertificates do not let programmers to do it better.
I think it will be like Sun Microsystems and solaris. After losing everything, they will open symbian, but it will be too late.
By the way, I was a symbian developer for 3 years(3650(my own old phone),6600,P800,6630...). I remember a lot of bugs and disadvantages of symbian. I used your site too, it was very usful. But now I stop any symbian development and begin to learn windows and linux mobile. You can do what ever you want, remove my comment for example. It is up to you.

Re: Symbian Platform Security - hacked?

eric — Sun, 04 Nov 2007 20:22:13 +0100

Can you name just one good and reliable smartphone running Linux ? (not a feature phone running java apps only, not a developer preview model, just a smartphone for average user).

And considering that Windows Mobile is fast compared to Symbian OS is probably just a joke (Or we never used the same phone - but I admit that I don't know the P535 - which can be fast it has a 520MHz processor in it....).

Re: Symbian Platform Security - hacked?

tote — Sat, 03 Nov 2007 23:11:41 +0100

Yep, you're right! Having read your comment I think I'll forget all those joyful years that I've spent with Symbian development and change to other better operational (sic!) systems. Damn, why does such an idiot comment an article that doesn't even know what he's talking about?

Re: Symbian Platform Security - hacked?

free_f9999 — Sat, 03 Nov 2007 22:37:03 +0100

Hi! To my mind you need not to hack symbian. Just throw away this slow and stupid operational system and buy linux or windows communicator, like ASUS P535 etc.

Re: Symbian Platform Security - hacked?

twmd — Wed, 31 Oct 2007 21:17:35 +0100

It's a failing in Nokia's firmware update format which will be addressed quickly no doubt now that it's public.
It doesn't break the capability model.

No technology solution to security will ever be 100% secure because there are humans involved in the chain. An ex nokia empoyee who is familiar with the flashing mechanism could also "turn bad".

Hacks like this are not mainstream problems for the casual user. But they totally undermine the use of platsec for enforcing DRM.
I can now write some code which will stream the PCM audio from a DRM codec into a file and then dump it as an MP3 yay!

Re: Symbian Platform Security - hacked?

wl — Wed, 31 Oct 2007 13:55:22 +0100

not exactly, davinci team flashes (and unlock) FW to almost any Sony Ericsson phone. Hacked FW for UIQ3 just one of options.

Re: Symbian Platform Security - hacked?

tote — Wed, 31 Oct 2007 13:43:47 +0100

Wow, they're selling the hack, that's amusing! Or not?

Re: Symbian Platform Security - hacked?

wl — Wed, 31 Oct 2007 11:27:02 +0100

btw, for UIQ3 was made the same long time ago:
http://www.seuniverse.com/forums/thread9850.html

Re: Symbian Platform Security - hacked?

alh — Mon, 29 Oct 2007 16:04:35 +0100

Yes, it is indeed bad, of course a malicious person could hand out patched updates...

One immediately ask, even if they don't encrypt the flash image data as suggested, shouldn't they at least have a signed checksum? or any checksum?
From the description, it seems there is no such checks... not even an unsigned checksum.
I should be able to use this for a lot more advanced hacks then just changing installer settings.

Even the flash updates to my old calculator has signed checksums...

Edit: There seems to be some checks, judging from the comments with people who have turned their N-phones into bricks...

Re: Symbian Platform Security - hacked?

tote — Mon, 29 Oct 2007 11:56:58 +0100

Well, you can't grant any capabilities with your DevCert, unless you have a (VeriSign) Publisher ID that enables you to do so. You know, the most powerful capabilities are still phone manufacturer dependent. On the other hand, as I'm sure you know Symbian signing will change considerably: you can't have a DevCert w/o (TrustCenter) Publisher ID. In other words, for a hacked firmware package you don't have to be "traceable", for a new DevCert you do.

And I'm unsure if it's a local problem, either. I haven't updated the firmware of my phone, so my assumption can be very easily wrong, but: can I hack a firmware update package (say, for N95) and then make it downloadable for others?

Re: Symbian Platform Security - hacked?

alh — Mon, 29 Oct 2007 11:25:13 +0100

At least you have to modify your phone firmware to do this, so it isn't really much more useful then a DevCert, which also grants you any capabilities for a given phone.
And it also does not mean a security breach that could be used by a malicious attacker.

Re: Symbian Platform Security - hacked?

paul — Mon, 29 Oct 2007 11:05:19 +0100

There was a very similar problem with the first Windows Smartphone models (SPV's) - there was a proviisioning file in the root that specified the security model and this could be updated in the ROM image on the pc then reflashed.

Certainly sounds plausable.

Symbian Platform Security - hacked?

tote — Mon, 29 Oct 2007 09:25:37 +0100

Platform Security hacked?! According to Symbaali, it is, so even AllFiles and DRM are grantable. Read on for more details!