Interesting findings about WCDMA Cell ID

I have lately received quite a few feedbacks about my GSM tracker. In case you have not used it before, here is the link. I myself rarely use it these days since it does not have much to do with my job, but I used to learn about everything related in the days when Symbian phones were very popular all over the world and here are two interesting findings I discovered a few years back.

As you may know, 4G network is already very popular in developed nations like US and Western Europe. We here is also switching to LTE networks although 3G is not universally deployed. But 2G is the absolute mainstream when Nokia phone is dominating the market, and I still recall the  network apps I used, fieldtest, CellTrack91 etc.

When I first used a 3G card in my Samsung I550W phone, I found that the Cell ID I got from fieldtest 10.09 (118960471) is quite different from the drive test (12631). In fact Nokia introduced certificate system into Symbian S60V3 and many software for S60V2 stopped working and I had to make a few changes to make it work again. So first I think maybe there’s something wrong with the app.

However I changed my mind later when I discussed it with some people I met on the forum. According to him, in 2G mode the value I got is Cell ID, but in UMTS mode the value is actually another parameter and you need to perform a mod transfer to get the real Cell ID.

Since the Cell ID value ranges from 0 to 65536, you can use below formula

Cell ID = mod(118960471,65536)

Open up excel and use above formula you will get 12631. By the way, RNC id=int

Another difference between 2G and 3G, to the best of my knowledge, at least here is that we use 4-digit Cell ID in 2G cell sites, and 7-digit Cell ID in 3G base stations. So sometimes you could not find the GPS coordinates of certain Cell IDs obtained from some app. In my case it’s CellTrack91.

For example, I once used CellTrack91 to test one cell towers and got the Cell ID 10796, but I just could not find the latitude and longitude. Then I tried another app and got 190130732. As you may know apps always turn hex into decimal, so we need to reverse engineer it, haha.

10796        ->2A2C
190130732 ->B552A2C

It became quite obvious to me that the first 3 digits were omitted for whatever reason. If you try 190130732, my GSM tracker works perfect. If you are experiencing the same issue, these two findings might help.

The mobile industry and technology is advancing quickly, we all need to learn to keep up with the new developments, so are the apps. What about you? Let me know your thoughts or opinions on Facebook or Google Plus. I just do not have the time to go through the numerous spam comments to find the really useful and inspiring points left by visitors like you, sorry.

2014-Oct-Fri | Category: Others | Tags:

Handset makers promise to protect our mobile devices

Over the past months, I have found that New York law enforcements lead the cell phone tracking field (you know it if you have liked this), they are always trying their best to ask for cooperation from carriers in tracking the lost mobile devices. This time, it’s not the carrier but the handset manufacturers’ turn to make the changes.

New York Attorney General Eric Schneiderman and San Francisco prosecutor George Gascon were quoted as saying this Thursday that the Korea based tech giant Samsung had promised to add new features (some say it’s kill switch, I am not sure yet) to its Smartphones so that the handset owners can lock their devices remotely. Schneiderman made this remark on a Smartphone summit participated by various mobile phone manufacturers.

Schneiderman noted that starting 1st July, Samsung will include anti-theft features in its mobile devices. The new feature will keep thieves away from any stolen or lost Samsung handsets, even when the SIM card is changed or the software is hacked. Samsung has declined to make any comments so far.

Lock your handset

In fact, Samsung is not the first to take actions. At WWDC2013, Apple announced to release new anti-theft functionality in iOS7 which is called activation lock. In the new OS, one needs to enter the correct Apple ID and passcode to disable Find My iPhone or erase or activate it.

You may think there’s still another option, flash it. Well you still need the Apple ID and Password to use the device. I do not own any Apple device, so I am not sure if downgrade the OS will help since the new feature is not present in iOS6 and earlier versions.

The law enforcement and manufacturers hope these actions could prevent the thieves from stealing or robbing mobile devices which usually turn violent. Those thieves make a profit from reselling the lost or stolen handsets. However will these moves help? We need to wait and see.

I personally think that technology alone is simply not enough as people can always find counter-measures. Take Android for example, you can easily flash any third-party OS to get rid of any restrictions. Even if BootLoader is locked, we can still flash any modified official OS. However, the good news is that the cell phone makers are aware of it and working on a thorough plan, forced upon them by the Secure Our Smartphones Initiative set up by Schneiderman and other law enforcement, safety activists and Attorneys General etc.

Anyways, more details about these anti-theft measures will become available soon, I will keep you updated as soon as possible.

Update. It seems that progresses have been made by Apple and Samsung, their representatives have showed to San Francisco’s district attorney their improvements. In a word, Apple’s measure is that an user ID and password is required to activate a locked or wiped phone, while Samsung is going to install ‘Lojack for Mobile Devices’ to its future Galaxy S4 handsets. However we are still waiting to hear from Microsoft and Google. More details here.

2013-Jun-Sat | Category: Others | Tags: ,

Can you stay anonymous in the digital world?

We have always tried hard to protect our privacy in both the real world and virtual world while there are others or companies or government want to pry into or take advantage of our private data for whatever purposes. In today’s digital world, while we enjoy the great pleasure and convenience brought by those electronic devices, we are also sacrificing part of our privacy (or whole) which is harder than ever to save.

In the virtual world everything is messed up and people can expose their private information easily. In order to start your cyber life, an IP address is essential. You can either have a static IP address or a dynamic one which changes every time you restart your router. However IP address also expose your location. A physical address is linked to an IP address and you can find it by using this IP online query tool. In the meantime, your can find the ISP as well who knows the real address of the user. When you access a website, it could request your location which could use your IP address to track your (or WiFi access point MAC address) location. Of course you can always disapprove that.

Well you can always use a proxy to hide your real IP address. But a website can still figure out your real IP address until you use a highly anonymous proxy or more than 2 proxies. VPN is a better choice which can totally hide your real IP.

Although an IP address can change, a device’s (PC or mobile device) MAC address is unique and permanent. So usually a MAC address can be used to identify a device. But it’s still a question if any website can obtain a PC’s MAC address without installing any program. But again you can change your MAC address without much trouble for security reasons.

In addition to IP and MAC address which you can fake, there are some more characteristics about your PC and browser, and many people would not notice its existence. These little bits of information are called fingerprint and can be used to identify what kind of person you are if your fingerprint is unique enough. To find out your browser and system fingerprints, check this out, hit test me and it will compile a list for your in no time.

In my test I can see that I am running this test using Firefox, I have American English, French, Germany, Italian and Spanish language enabled. Generally most people only have one language enabled which can be used to identify where he / she resides. Actually you can find more information here, and you will get a clearer picture if you have enough samples data. But again, corporations like Google and EBay etc can make the most out of these data. Some even think PayPal use these data to link one account to another and close them. Of course, people can change their browser fingerprints by reinstalling just everything from the OS to the browser and plugins.

When you access a website, the fingerprint can be easily obtained. However that’s not all. The website, if it wish can still use cookies to collect your preference data such as what you viewed or may be interested for marketing purposes. Again you can say no to those kinds of cookies by sending a do not track message which is to be supported by more web browsers. However you could not avoid all cookies because otherwise you may not have anything to do in the cyber world.

Our online fingerprint includes more, actually. People usually have many accounts, information of which is publicly available. For example, you need Email address and account to post on forums and social networking website, your search on Google and Bing etc, these data all point to your interests, intentions and needs which are valuable. These data (include text, photos, videos) tells a long story about a person.

But what about the real world? Well it’s less optimistic too. As Smartphone gets popularized, people carry their mobile device every time everywhere, which form the mobile location fingerprint. According to a new research by MIT, anonymous location data reveals who you are. The theory is that, people all live in a predictable movement pattern, we visit certain places repeatedly, such as home, school, church, home etc. These activities will form an unique fingerprint to figure out who a person is.

These location data can be obtained by either GPS or cell towers or WiFi access points. Your carrier, the OS maker (and its advertisers) could get them, the app maker whose app you install can get them, and the one who gets / tricks you into install an app can get them too.

It’s easier than ever to track an person, especially when he / she uses modern technology. If you are one of them, you should know that privacy is not easy saved.

2013-Apr-Fri | Category: Others | Tags:

A nontechnical way to find missing iPhone

This is probably my last post in 2012 – the end of the world, since we will say goodbye to it in two days -:). So happy we all survive and live one. To all my friends and visitors, Merry Christmas and happy New Year.

I have been writing many technical things this year, so somehow I decide to put an end to it with a post about a nontechnical yet feasible way to track down missing iPhone. I seldom write about Apple and iOS devices as I could hardly afford them. I even post on forums complaining that Apple charge top dollar here, which of course serves no purpose. However I do have friends own iOS devices, and sometimes they could ask me certain questions about how to locate their handsets. We here do not have insurance, so if you lose your handset, you need to buy a new one. And that’s why this post is here.

OK enough off-topic talking. There are two situations in which we need to locate an iPhone:

1. You misplaced your handset. For example, you leave it in a drawer or in your office and could not remember. In this case, try using our cell phone finder to call it online if you do not have another device at hand. Try Find My iPhone if you could not hear your ringtone by calling it. Generally you can find your handset without much difficulty.

2. Your iOS device gets stolen. This is really serious. If you ever enable Find My iPhone whether when activating it or later, simply use another iPhone or login to Apple server to locate it. This usually works, a lot. However it does not work if the thief knows too much about Apple products. The thief could shut down the phone, or remove the battery. If you call your number, you will know it.

In this case, we need this nontechnical way to find the missing mobile device, and it works a lot too. But we need a little social engineering knowledge. Yeah, social engineering, which is used by numerous hackers to attack others’ PC. For example, somebody is trying to crack his competitor’s Email password; brutal-force attack needs way too much time and computing power if the password is strong. Here we could use some social engineering tricks. Nowadays simple passwords are widely used, many people use simple combinations like 12345, asdfg, birthdates, social security number or cell phone number and their combinations as passwords. Or you can click on forget password, and reset the password by answering a few simple questions. This is how social engineering works.

So how we could use social engineering here? In general a thief would wipe the iPhone he steals for money, so he needs to reset the device and remove all information stored. However, normally we use pattern to lock the Smartphone, which could not be easily figured out. So the thief needs to send it to some authorized repair shops for various reasons so that warranty won’t void. And the new phone needs reactivation with a SIM card.

When activating an iOS device, the Apple server will log the ICCID number. ICCID stands for Integrate circuit card identity; it is flashed into SIM card which is unique and can’t be changed. Gives your carrier this number and they can tell you which cell phone number is associated with it, and even information about the owner in some countries. Now call a police and hopefully you can get your handset back. You can use your serial number to query this ICCID from Apple server in the past; however Apple blocked access this July, which is a pity. However some people can still get the ICCID number from Apple for a few bucks or even for free. Since I do not own any iOS device, I never research it and have no clue about how.

Even if you could not get the details of the mobile number from your carrier, there is another method. Once you get the number, try searching it, or using cell phone lookup service. You usually will know the proximate location of the number, like XX city, and in some cases Facebook, Twitter or Email information. This without doubt can help recover your handset.

What if the search just returns the rough location information? We early mentioned that the thief could send the device to Apple authorized repair shops for the sake of warranty (we won’t buy second-hand device without warranty, right?). So go to Apple website and find the repair shops, and call them one by one for repairing record. Give them as much information as you can, they may happen to have your device sent by the thief. Rush to the store with all your documents and call a police on your way. Even your handset has been picked up by the thief; they can assist you getting your handset back.

What if the thief uses your SIM card to reactivate your device? Well bad luck, next time remember to report loss to your carrier earlier.

2012-Dec-Sat | Category: Others | Tags: ,

How to find and change the IMEI number

Please note, changing your handset’s IMEI number may void warranty or break the law. As far as I know, it’s strictly prohibited to change any phone’s IMEI number in the UK. So always refer to your user manual and local law, you are responsible for any action you take.

Please also note this post is not complete yet, I still need to modify it or add more content. In the meantime, please contact me if you have any comment or findings. I will be more than happy to hear from you regarding this post or others. You can post a comment or send a message to me either on Facebook, or Twitter, or Google Plus which can be found on the about page.

OK, I will begin with two stories. The first one is short but a little complicated. One of my friends owns an Android device, and he likes those little apps very much, especially games and mobile social apps. However his account for one social network (neither FB nor Twitter) got closed the other day for no reason specified. He then got a new account and tried to login. To his surprise, he failed. Then he asked for my account, still no luck on his device. So he called the service person found in the app, no explanation.

We finally managed to figure out that his IMEI number was blocked. The app denies access once it finds a blacklisted IMEI number is trying to sign in. I do not know why and if this is legal since no laws exists regarding acquiring and utilizing IMEI number to deny service. In fact, almost all apps can obtain a mobile device’s IMEI number through Android API, and I find this function ‘TelephonyManager.getDeviceId’ does the job exactly, however always remember to add this code ” to AndroidManifest.xml first if you use it in your own app, which grants it the right. See reference here.

So we changed the IMEI number, and this time it worked like a charm. LOL

Here’s the second story. We used to play with Smartphone OS like Symbian and Windows Mobile. Windows Mobile excels for it’s highly customizable. Then came Android. Every time Google releases an upgrade, we flash the new firmware, and then root it. We remove as many system apps as possible, and change almost everything possible to make it more personalized. Someone get their phone bricked when flashing custom ROMs, and some lose the baseband and IMEI which means no network on the phone and even worse.

OK, another friend owns a Galaxy Nexus and the IMEI number changes to 004999010640000 after he tries to flash official Android 4.02 back. He goes back to 2.3.6 and then tries 4.04; the original IMEI just could not be restored.

Well these two stories are all related to IMEI number. As we all know, IMEI stands for International Mobile Station Equipment Identity. It has various applications as it differentiates one phone from another, it’s just unique. To find your IMEI, simply type *#06#, or go to settings->about phone and phone identity (for Android 4.1.2). Many apps could show your IMEI number as well. The IMEI number is generally stored in EEPROM, short for Electrically Erasable Programmable Read-Only Memory. If it sounds kind of familiar to you, chances are that you know a lot about computer BIOS. Electrically Erasable Programmable means the data store in an EEPROM can be erased or programmed (rewritten), usually with a higher than working voltage. Since I am in the chip industry, I know it all well. We generally use a special equipment to write to the integrated circuit, not computer. So how come someone lose the IMEI number simply by flashing ROMs??

Well it’s not the only case. I know some people have been changing the IMEI number for profits because of shortcomings of the manufacturers’ warranty policy. Usually someone buys a handset with warranty, he or she types *#06# and submits the IMEI number to the manufacturers’ official website, and things seem nice. Then a different IMEI is found when using third-party apps. That is, a phone has two IMEI numbers. Type *#06# you see one IMEI number, and from third-party apps you see another. This is just weird. My guess is that some programs only change the IMEI stored somewhere else, while others change the one in EEPROM or some system files.

Back to the second story. We finally find out that the IMEI number has something to do with two files in the factory folder called nv_data.bin and nv_data.bin.md5. Fortunately the system has those two files backed up for whatever reason. We however decide to try the two files from somebody else on the forum who has the same phone. We find upon rebooting that my friend’s IMEI number changes to the same as that phone whose files we use. So we copy the backup to the factory folder, and not surprisingly the IMEI number restores.

So it seems to me that the IMEI number we change is the one store in the nv_data.bin file, not the one store in EEPROM. In fact, you can change the IMEI stored in this file to any number you wish but it’s a little complicated (if you do not backup then this method sure helps). This is still how we solve the issue in the first story too, we provide another IMEI number to the app and it accepts that, it works flawlessly!

Some, however say that Samsung handset has a code that can restore data stored in EEPROM which helps to find if your handset’s IMEI has been changed, and the code is *2767*3855#. Although this might be possible, I highly doubt it. We do give it a try, and everything is gone. In our case the IMEI remains unchanged, which means either our IMEI number never has been changed or it simply does not work. We do not recommend anyone try it, and always remember to backup if you do wanna see what it can cause on your handset.

But the whole thing proves nothing, we just know this is how the IMEI number is handled in the Samsung Galaxy series, it may not apply to other models from Samsung, not to mention Android devices made by other manufacturers. Neither do I know anything about iPhone, Windows phone, BlackBerry and Symbian…

In theory, we need higher voltage to rewrite the EEPROM to change the IMEI number; I have no idea if apps alone could achieve that. However there are apps out there claiming that they can change the IMEI in EEPROM which I will provide a list later. I do not know for sure since I do not try them. But there are hardware can do that job, which really changes the IMEI thoroughly. For example, Jtag box is one of them, which costs less. If you or your friend ever brick a phone (bootloader’s not working which means no hardware damage), then Jtag is need to fix it. In fact this piece of hardware can be used to change IMEI too.

Why is it important? Well it rests with the people who use it. Generally normal users would not care about IMEI, but those who lose the IMEI number cares. IMEI has certain effect on mobile device, the first story is a case in point, and there’s more. But criminals care the most, because they need to change the IMEI to resell the device they steal, and they always know more than us.

In the meantime, we all know IMEI number is unique to any mobile device, so carriers and police can use IMEI number to block or track stolen mobile devices. Each time a SIM card register itself on mobile operators’ network, the MSC and VLR request the IMEI number from the cell phone. If the IMEI number is blacklisted, the handset will be blocked or tracked. However, if IMEI number is not unique at all, then the criminals can change the IMEI number of any mobile device they steal, and sell them for huge profits.

It’s still unknown how the IMEI number transmitted to the carrier is obtained. If it’s the same thing as typing *#06# on your phone, then the whole situation worsens. But there’s a solution to this problem. The solution is to create two databases, with one containing IMEI and the other IMSI, and each IMEI is linked to an IMSI. An IMEI is valid only it’s linked to the correct IMSI. However I do not know if it’s cost effective since many things need to be done.

At the end, here is the list. I do not try them myself, if you need any of them to restore your IMEI, contact me for details. And again, use any of them with caution.

1. HyperTermina for Android
2. Easy imei changer
3. HD3 imei for windows mobile
4. MML for BlackBerry
5. FLP_IMEI_WriteCode
6. ZiPhone for iPhone
7. aWizard-V1_3 for windows mobile

For Android, there is an app called PDroid which enables you to provide any IMEI number to apps require it (does not change it). But you need to unlock bootloader and root your handset first. This surely is not for beginners. For iOS devices, there is a similar app called UDIDFaker can do the same job. Both apps do not change the IMEI number, but provide a fake IMEI number.

2012-Dec-Fri | Category: Others | Tags:

How can your calls be intercepted, possibly

I have received dozens of text messages and Emails from unknown sources claiming that I can listen to any call from any handset, as long as I provide the cell phone number to them, and of course money. I myself know clearly that these are just scams; the only purpose is to trick my money to their account -:). After went through a few of those messages; however I decided to find if anyone ever fell victim of those scams.

So I searched one of those numbers and did find one lady really paid those guys a few times to track here husband. Of course she got nothing. I could not believe that people really believe in that bullshit.

But this is not the end of this post, because it’s true, you calls can be eavesdropped, but not using the phone number, and here is how.

You should remember about a while back security expert from German called Karsten Nohl showed us in Chaos Computer Club Congress how he managed to listen in on calls made by people present with a device called IMSI catcher.

We need to know how the GSM network works and how it’s secured in order to figure out how it’s even possible, and I will make it as simple as possible. Generally when you get a mobile phone number from your carrier or its dealer, they give you a SIM card. This SIM card, as thin as it is, contains a serial number, an IMSI number and a 128-bit secret key called Ki. These data together with your number is store in carrier’s database as well. When you switch on your handset, the device will send your IMSI number to the mobile operator, which will query this number and get its phone number and the Ki key. Then the mobile operator will generate a random number and sent it to your handset. Your mobile device will transfer the random number to your SIM card, which will use the in-built Ki key to calculate a 32-bit signed response called Res, and a 64-bit secret session key called Kc which is used to encrypt any call made by your handset subsequently. In the meantime, your carrier will use the same Ki to generate the same Res and Kc. Once the mobile operator receives and conforms the Res sent by your handset, your handset or your SIM will be granted connection to the network, then you can make or receive calls, text messages or browse the internet. This 64-bit key Kc changes every time you turn on your handset, and the mobile operator may demand another authentication which will change it.

Generally, you connection to the cell tower is encrypted, using the A5 encryption algorithm, which was strong enough, now could not withstand the scaring computing power. Once the cell tower receives your data, it decrypts them and sends them in plaintext to the rest of network. Since not all links between the base station and carrier’s network is using wire (in other words it’s wireless connection), attackers gained access to it could easily eavesdrop on any call in the area. And this is not a difficult task, as long as your have the right equipment, which generally is only available to law enforcement and secret agencies.

And that’s not the only vulnerability. Remember the IMSI catcher I mentioned above? This IMEI catcher is in fact a base station; it can force any mobile device in the vicinity to connect to it other than the legitimate cell tower. How could this happen? Because the GSM network makes it this way, a network requires authentication from any mobile device, but the mobile devices do not ask the network to authenticate to them. So your mobile device has no idea if it’s connected to the legitimate network (try open BTS and verify that for yourself or watch the video below). The IMSI catcher will be able to find the IMSI and IMEI number of any handset connected to it. Generally the IMSI catcher is also capable of listening to any calls made by the phone, which will subsequently be transmitted to the real network so that its owner won’t notice any differences. With a fake base station and a laptop, anyone can intercept any calls. These devices were only used by law enforcement but now more commercial equipments are on the market for sale. Ad long as you have enough money (I am already seeing someone’s researching and making a much less expensive one), you can get one possibly.

In addition, there are other possible exploits. I said earlier that your call is encrypted using a 64-bit key Kc, which is generated using the 128-bit secret key Ki. This key is essential since all Res and Kc is generated using it. If anyone can crack it, then he will be able to eavesdrop on your calls too. Experiment has already proved this really works. In the experiment, the SIM card was inserted into a Smartcard reader, which in turn is inserted into a laptop. The laptop made some 150.000 challenges to the SIM card, which used the challenges to produce the Res and Kc. After 8 hours with 6.25 queries was performed each second, the experiment was successfully finished, of course with some computing which won’t take long.

So with physical access to your SIM card for up to hours, the attacker could later eavesdrop on your calls anytime everywhere, he could even make calls at your expense. Luckily the GSM network does not allow two SIM card with the same IMSI number connected at the same time. But what if you shutdown your phone at night?

It’s said it’s also possible for attackers to clone a SIM card without physical access, but it does take much longer and requires the very SIM card connected to the cell tower set up by the attacker.

The encryption algorithm the GSM network uses now becomes weaker and weaker and I doubt with the computing power we own and to develop in the future, it won’t withstand brute-force attack anymore.


2012-Nov-Wed | Category: Others | Tags: ,

How Google remotely installs or removes apps from your phone

If you ever use Android phone, you should know Google Android market, the now Google Play has two versions, mobile version and desktop version. Whatever version, you need to register a Gmail account and enter that account on your handset during the setup process or later. Otherwise you would not be able to use any Google service such as Gmail, Google Play, Google Maps, and Latitude etc.

It’s quite easy to install apps from the mobile Google Play, you log in, you search an app, then tap install and it will appear on your handset. However the most unbelievable thing is installing apps from the desktop version. Open Google Play in your browser, search an app, and then click install. Your carrier and phone model will appear after logging into Gmail, and Google Play will check the compatibility. If it’s available to your handset, one further click will prompt your Android device to download and install the app. Just one simply click!

That’s not the whole story. Not only can Google remotely install apps into any Android phone, but the search engine can also remotely remove any app from citizens’ phone. A security researcher called Oberheide actually experienced the whole process.  Oberheide developed an app RootStrap to show how easy it is to bootstrap a rootkit onto Android mobile devices. Then he uploaded it to Android market and had a few hundred downloads. Google finally managed to know this by way of a Forbes article. Although the app posed no threat to Android phones, Google asked Oberheide to remove the app from the then Android market and used the remote removal feature to clean up the app from all Android devices installed the app without the owners’ consent.

And that is called kill switch. Google is not alone. Apple has such power over the iOS devices it sells, and Microsoft is said to be introducing this into their Windows operating system as well.

According to Oberheide, Google is able to remotely install and remove apps from Android device with two powerful tools, INSTALL_ASSET and REMOTE_ASSET. Google maintains a persistent TCP/SSL/XMPP connection to all Android phones. Once you click install on any app on Google Play, it will trigger Google’s servers to push an INSTALL_ASSET message down the GTalkService pipe. Then your handset will automatically download and install the app.

There are some misleading information about GTalkService and GTalkService.apk file. It’s easy for people to think of it as Google’s IM GTalk, an app for people to chat online. However it’s not. I came across this thread at the beginning of this year. The OP had a problem with GTalkService kept running on its own even though he’s not signed onto Gtalk and killed this process from time to time. I also saw someone asking for others to send him the GTalkService.apk file as he’s not able to install any apps from Android market. That’s right, GTalkService is used to install apps, not chat with others.

If you are willing to dig a little bit more into the GTalkService thing, and what happens when you click install on Google Play, check this post out. It might be boring, but it provides insightful information.

The remote install and remove apps feature might be the last resort if virus or malware floods the Android phones. Google can use it to remove those apps quickly. However it’s still unknown if Google can use it to uninstall apps downloaded from other app market other than Google Play. Even so, people may feel upset about it. Anyways, we do not want others to have such a powerful control over hour handsets, not even Google especially when it comes to the fact that Google does a terrible job over peoples’ privacy.

Furthermore, Google’s INSTALL-ASSET and REMOVE_ASSET functionality has no encryption about the messages it delivers except for the SSL connection. If GTalkService’s ever comprised, the malicious apps will impact millions of Android mobile devices. It would be a nightmare!!

Update, I would for reference recommend an article from Apple Developer Documentation, which details how an iOS device initiates and maintains a TLS link to Apple APN sserver for pushing notifications. Please note TLS is more secure than SSL.

2012-Jun-Fri | Category: Others | Tags: ,

Copyright © 2009 Profone Tracking by Alex Zaah. All Rights Reserved.