Active Topics
-
Firefox with Leste (10)
to Maemo 7 / Leste by teroyk - 2 days, 17 hrs ago - more...
|
2014-02-06
, 11:25
|
|
Posts: 2,076 |
Thanked: 3,268 times |
Joined on Feb 2011
|
#2
|
Originally Posted by ivir
Boot while pressing volume down, telnet to the device and one of the options should allow you to wipe it clean/reset to factory settings
Unfortunately still don't know how reset device lock without sending to repair facility or brute-force.
| The Following User Says Thank You to szopin For This Useful Post: | ||
|
|
2014-02-06
, 16:41
|
|
Posts: 1,067 |
Thanked: 2,383 times |
Joined on Jan 2012
@ Finland
|
#3
|
Thanks for the bugreport. I'll have to implement slowdown between attempts to make brute force slower.
It's recomended to have 8-10 digit lockcode to make developer mode bruteforcing to take months untill fix arrives.
In the future we would appriciate that if you find weakness in system that you would contact security@jolla.com before posting it publically, so we would have time make a fix for it.
Last edited by rainisto; 2014-02-06 at 17:24.
It's recomended to have 8-10 digit lockcode to make developer mode bruteforcing to take months untill fix arrives.
In the future we would appriciate that if you find weakness in system that you would contact security@jolla.com before posting it publically, so we would have time make a fix for it.
Last edited by rainisto; 2014-02-06 at 17:24.
|
|
2014-02-06
, 17:12
|
|
Posts: 2 |
Thanked: 8 times |
Joined on Feb 2014
|
#4
|
Originally Posted by szopin
Thank you, but reset to factory settings request devicelock code.
Boot while pressing volume down, telnet to the device and one of the options should allow you to wipe it clean/reset to factory settings
Code:
[CLEANUP] Starting cleanup! [CLEANUP] Umounting top volume... [CLEANUP] Deleting /mnt [CLEANUP] Cleanup done. Mounting /dev/mmcblk0p28 on /mnt sh: unlock: unknown operand Type your devicelock code and press [ENTER] key: (please note that the typed numbers won't be shown for security reasons)
|
|
2014-02-06
, 17:12
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#5
|
--imei hmmm sounds interresting ......
|
|
2014-02-06
, 17:26
|
|
Posts: 2,076 |
Thanked: 3,268 times |
Joined on Feb 2011
|
#6
|
Originally Posted by ivir
Oh wow, that's a surprise. My understanding was that lock code is needed for extra features like unlocking bootloader and in cases of forgotten lock code you could still reset it back to factory state (with loss of data, so data protection is kinda in place). Thanks, good to know
Thank you, but reset to factory settings request devicelock code.
So even if I have enabled developer mode there isn't way to restore to factory state without devicelock. Latest update only increase number attemps from 3 to 5.Code:[CLEANUP] Starting cleanup! [CLEANUP] Umounting top volume... [CLEANUP] Deleting /mnt [CLEANUP] Cleanup done. Mounting /dev/mmcblk0p28 on /mnt sh: unlock: unknown operand Type your devicelock code and press [ENTER] key: (please note that the typed numbers won't be shown for security reasons)
|
|
2014-02-06
, 17:33
|
|
Posts: 1,067 |
Thanked: 2,383 times |
Joined on Jan 2012
@ Finland
|
#7
|
Originally Posted by szopin
Its queried for anti-theft, so if your phone is stolen then they cannot just wipe it clean and start using it. So remembering your lockcode is quite important.
Oh wow, that's a surprise. My understanding was that lock code is needed for extra features like unlocking bootloader and in cases of forgotten lock code you could still reset it back to factory state (with loss of data, so data protection is kinda in place). Thanks, good to know
__________________
IRC: jonni@freenode
Sailfish: ¤ Qt5 SailfishTouchExample ¤ Qt5 MultiPointTouchArea Example ¤ ipaddress ¤ stoken ¤ Sailbox (Dropbox client) ¤
Harmattan: ¤ Presence VNC for Harmattan ¤ Live-F1 ¤ BTinput-terminal ¤ BabyLock ¤ BabyLock Trial ¤ QML TextTV ¤
Disclaimer: all my posts in this forum are personal trolling and I never post in any official capacity on behalf of any company.
IRC: jonni@freenode
Sailfish: ¤ Qt5 SailfishTouchExample ¤ Qt5 MultiPointTouchArea Example ¤ ipaddress ¤ stoken ¤ Sailbox (Dropbox client) ¤
Harmattan: ¤ Presence VNC for Harmattan ¤ Live-F1 ¤ BTinput-terminal ¤ BabyLock ¤ BabyLock Trial ¤ QML TextTV ¤
Disclaimer: all my posts in this forum are personal trolling and I never post in any official capacity on behalf of any company.
|
|
2014-02-06
, 17:37
|
|
Posts: 2,076 |
Thanked: 3,268 times |
Joined on Feb 2011
|
#8
|
Originally Posted by rainisto
Is Jolla going to check every device that is sent to them for reflash in the european IMEI DB of stolen phones? Or users should inform Jolla about the theft? Is Jolla able to recover data, or just reflash?
Its queried for anti-theft, so if your phone is stolen then they cannot just wipe it clean and start using it. So remembering your lockcode is quite important.
|
|
2014-02-06
, 18:18
|
|
Posts: 1,067 |
Thanked: 2,383 times |
Joined on Jan 2012
@ Finland
|
#9
|
Originally Posted by szopin
You report theft to your local police, and they will report imei to operators imei db, and they will use blocklist depending what country you are in.
Is Jolla going to check every device that is sent to them for reflash in the european IMEI DB of stolen phones? Or users should inform Jolla about the theft?
__________________
IRC: jonni@freenode
Sailfish: ¤ Qt5 SailfishTouchExample ¤ Qt5 MultiPointTouchArea Example ¤ ipaddress ¤ stoken ¤ Sailbox (Dropbox client) ¤
Harmattan: ¤ Presence VNC for Harmattan ¤ Live-F1 ¤ BTinput-terminal ¤ BabyLock ¤ BabyLock Trial ¤ QML TextTV ¤
Disclaimer: all my posts in this forum are personal trolling and I never post in any official capacity on behalf of any company.
IRC: jonni@freenode
Sailfish: ¤ Qt5 SailfishTouchExample ¤ Qt5 MultiPointTouchArea Example ¤ ipaddress ¤ stoken ¤ Sailbox (Dropbox client) ¤
Harmattan: ¤ Presence VNC for Harmattan ¤ Live-F1 ¤ BTinput-terminal ¤ BabyLock ¤ BabyLock Trial ¤ QML TextTV ¤
Disclaimer: all my posts in this forum are personal trolling and I never post in any official capacity on behalf of any company.
|
|
2014-02-06
, 18:23
|
|
Posts: 2,076 |
Thanked: 3,268 times |
Joined on Feb 2011
|
#10
|
Originally Posted by rainisto
Yeah, that's what usually happens and why stolen phones from europe end up in India and Africa (at least that's what I heard), it seems Jollas are going to make an extra step in Helsinki on the way there, are you going to utilise this occasion to return the Jollas to the owner?
You report theft to your local police, and they will report imei to operators imei db, and they will use blocklist depending what country you are in.
edit: however interesting concept and actual anti-theft measure this looks like not really implementable, problems with identifying the real owner will get only bigger once second hand market revves up
Last edited by szopin; 2014-02-06 at 18:28.
Due I forgot device lock number I figured how you can ask on correct device lock or reset it.
For this purpose is there app /usr/lib/qt5/plugins/devicelock/encpartition
Arguments:
else as standard output.
Configuration is stored at directory /usr/share/lipstick/devicelock/ and encrypted/hash key is stored at /usr/share/lipstick/devicelock/.devicelock.enc, quite interesting are stored texts at binary file encpartition:
41414141, 42424241, 123456789012345 and /dev/block/platform/msm_sdcc.1/by-name/QOTP . More on http://www.onlinedisassembler.com/odaweb/4fDoTf/0
Unfortunately still don't know how reset device lock without sending to repair facility or brute-force.
Test all numbers with length 5 takes less than 3 hours on the phone with utilizing 20% of CPU.