maemo.org - Talk - [Fremantle Maemo5] Vector Mine (from extras-testing)

maemo.org - Talk (https://talk.maemo.org/index.php)

- Applications (https://talk.maemo.org/forumdisplay.php?f=41)

- - [M5] Vector Mine (from extras-testing) - just badly written, or spyware? (https://talk.maemo.org/showthread.php?t=93533)

Vector Mine (from extras-testing) - just badly written, or spyware?

This is what I get when trying to run package vectormine (asteroid-shooting game from repositories) on a device with "all telephony functions disabled" error:

Quote:

Traceback (most recent call last):
File "/opt/vectormine/vectormine.py", line 1505, in <module>
main()
File "/opt/vectormine/vectormine.py", line 1490, in main
for index,num in enumerate(str(GetImei())):
File "/opt/vectormine/vectormine.py", line 81, in GetImei
return rpc.rpc_run('com.nokia.phone.SIM', '/com/nokia/phone/SIM/security', 'Phone.Sim.Security', 'get_imei', (), True, True)
File "rpc.pyx", line 73, in osso.rpc.Rpc.rpc_run (osso/rpc.c:2219)
File "helper.pyx", line 65, in osso.rpc._set_exception (osso/rpc.c:1316)
osso.exceptions.OssoRPCException: The name com.nokia.phone.SIM was not provided by any .service files

One thing I'm sure about - no python game about shooting asteroids should get any info about our IMEI or SIM status. Heck, in most countries, it is even illegal to collect such information from other people's devices.

Now, the question is - is it just written sincerely, just using worst coding practices possible ever, or have some malicious purpose? I will refrain from commenting, until people more fluent in python check pointed sources and determine it.

Cheers,
/Estel

Re: Vector Mine (from extras-testinf) - just badly written, or spyware?

Quote:

Originally Posted by Estel (Post 1434592)

First it smells like getting some information but I had a closer look at the code (I am no Python expert), and it seems like these are some rudimental left overs for check software registration with a serial code and the IMEI. In my eyes senseless in python because you can change the code. It is still active. Maybe he wanted to sell serial numbers and for the generation you need to send your IMEI?

Were you able to play when your antenna is on?

To disable this procedure you can try to remove from the "def main():" follow lines.

Code:

    LoadSerial()

    global REGISTERED

    code = 0

    for index,num in enumerate(str(GetImei())):

      code = code + (int(num)+(index*index)) * (index*index)

    LoadSerial()

    if serial_code == hex(code):

and in "def RegisterMenu(screen):" remove:

Code:

 

    global IMEI

    IMEI = str(GetImei())

    .

    ..

    ...

    ren = font.render(("Identify number : %s"%(IMEI)), 1, (255,255, 255))

        screen.blit(ren, (390-ren.get_width()/2, 260))



        code, done = SerialCode(screen, font, events)

        if done:

            SaveSerial()

            return

To remove everything related to IMEI and serial you need to remove also following functions:

def GetImei():
def LoadSerial():
def SaveSerial():
def SerialCode(screen, font, events):

Re: Vector Mine (from extras-testinf) - just badly written, or spyware?

You'd also probably want to remove all the places where it mentions REGISTERED.

Try replacing '/opt/vectormine/vectormine.py' with the one I've attached. I just commented out all the stuff about register and IMEI. I'm definitely not a python expert either but it does run.

Re: Vector Mine (from extras-testinf) - just badly written, or spyware?

Registration that is tied to the device - be it through the IMEI or any other way - is a Bad Idea™ anyway if you ask me. Devices break, get passed on, sold, lost or stolen. If you really want registration, tie it to the user, not the device.