Reformat is one thing.. and I think if you lock yourself out of the device then you pretty much should be forced to wipe (as a reflash or wipe should actually reset the lock code).. thus losing data.

Take my laptop for example, I keep the hard drive encrypted. If someone steals or I lose my laptop - I don't care if they sell it off after wiping my drive so much as I don't want them getting access to my emails, phone numbers, addresses, names of all my friends, software I'm working on (since I should have backups of this anyway), etc.

If they can just plop in a Linux Live-CD and mount my drive and see everything... totally defeats the purpose of the encryption anyway.. and the option may as well not even exist. From what I'm seeing - the "security" code is nothing more than security through obscurity. You're just "hoping" they don't know they can just "crack" it like that.

This is why setting passwords for Outlook PST's or Word files are pointless... even microsoft themselves release "tools" that either remove or crack the password for PST's and word docs because so many people "Forget" their password.

..... So... what was the point again in setting one?

Is the /dev/mtd1 drive accessible when the device is locked over mass storage or any other mode?

Also, it's not so much that DES is weak... it's that the password is only numerical and probably 5 digits. If it was alphanum and 8+ chars it would take eternity to crack for any practical purpose
(Unless you're against the NSA, in which case you shouldn't be trusting only this level of security ... well, and just hide under a rock :P)

That Live-CD thing was meant for the laptop reference... not the N900.

I'm saying if I "encrypted" my drive and yet someone could just pull up the drive anyway.. it's futile.

Maybe considering these devices do have a keyboard... Nokia should implement a "pass phrase" instead of a PIN. Cuz you are correct.. in any algorithm of encryption a brute force of 5-number password will be easy - unless they move to some form of PKI solution.

But again.. all this just means that to me.. "securing" the device is really just to prevent my childish co-workers from setting my background to being a picture of a naked Rick Astley or sending random love texts to my contacts....

It doesn't actually make the device "secure".

Agreed, but it's just like a login or screensaver password, it doesn't encrypt anything and is meant (or at least should be seen only as) to repel annoying behaviors from unscrupulous people.

Actually, even if the password was stronger i doubt it would secure more of the device as it's probably possible to enable some R&D mode... But like any computer, physical access is hard to secure if you don't have full encryption on.

Of course, if it had full root encryption with only a 1% battery drain hit and with the help of a specific co-processor, i'd be much more happy i guess, but that won't happen anytime soon.

And I'd rather be able to recover my password through ssh (which does ask a password too!) than have to send the device back for some security by obscurity proprietary solution from them. :-)

maybe I'm just too dumb, but after installing rootsh, going to xterm, doing sudo gainroot and then executing run-standalone.sh.a.out gets me nothing. I have to say, that auto-lock is not on, but I do not have the lock code (warehouse deal from amazon, someone set it already).
anyone can help?

It should be "run-standalone.sh a.out" (without quotes). If it still doesn't work, make sure you're in the right dir and post the exact error message here.

looks like I misinterpreted prefix here

error message is:
/usr/bin/run-standalone.sh: line 11: a.out: Permission denied

so I thought about: chmod +x a.out, but I cannot change rights...

edit: it's been a long time since I used a shell on linux... just made a copy with root and done works great!

GUys.... i have lost my lock code. please since im not a pro in technologhy, tell me how to get back in my device, i dont want to know my pasword, just want to get in. how do i flash it?

zikmir, you were directed to this thread from this other thread http://talk.maemo.org/showthread.php?t=35998 so you could know how to recover your lock code without having to reflash your device. Then, why are you still asking how to reflash it?

So if you are still interested in recovering your lock code without reflashing, and only if you had installed an openssh server in your N900 so you can remotely access it from your PC, then please read comment #5 of this thread, get your encoded code, transfer it to your PC (scp) and feed it to a DES decoder. A Google search will show you a plenty of linux/windows/mac DES decoders.

Otherwise, if you insist reflasing your device read here or you don't have openssh installed in your N900, presumably then look at this:

http://wiki.maemo.org/Updating_the_tablet_firmware (though you should have been able to find this info by yourself searching the forums, as this has been posted several times)

Good luck.

is there any way you can put these instruction in a dummy format. for some reason the default code does not work on my n900. i sent it to nokia =( they reflashed it but the code still does not work please help out a fellow noob n900 owner thank you