Search This Blog

Monday, February 25, 2008

Mobile Open Source Opreating System

Peace be upon you
How are you guys? I hope that you are all OK, today I want to talk about something extremely cool, there is nothing better than open source platform, so let us begin,
Halo Moto, I was always saying that it is cool :D.
Actually Motorola did something that is very cool, it releases some of its mobile operating system source code, here is list of the Mobile Platforms that is released by Motorola
https://opensource.motorola.com/sf/sfmain/do/listProjects
Now, I am working on the Rokr E6, actually I respect this device very much, it has a very huge capability, such thing is very useful to develop your own, Security module if you are worry about the hackability of GSM and such thing, in same time, there is hell of ideas that is used in hacking, such device is optimum tool for hackers, imagine, if the device has some capabilities with its WiFi, then it's OK for this device to hack WiFi :D, if the device has Monitor mood (on it's WiFi chip) that get things from the air, then it is really done, simple tools that do analysis against the captured data and the guy will get "Access Granted" on any WiFi network, also as much as hardware good, this thing could be a very good tool in GOOD or EVIL, so it is all about ethics ;), anyways I just wanted to take your attention to this nice link, I have this link long time ago, actually I have downloaded some from it :D, but I didn't use it, I will try to have piece of Rockr :D, By the way most of Motorola stuff is based on Linux, I forgot to mention that :)

Thanks for your time.

BR
Ahmed Essam

Saturday, February 23, 2008

Hack Windows Mobile ROM

Peace be upon you

How are you? This post will be short but it will be valuable, for people who do windows mobile development, I found something that may look good for most of them.
While I was missing up with the Platform builder files, some files catch my eyes, files like
romldr.h
This file seem to be related to ROM issues, as you know there is memory types in Windows mobile, Extended ROM, and after that there is file has attribute "FILE_ATTRIBUTE_INROM", until now I don't if this header file will help to extract files from ROM or not, but I am sure the this file will need DeviceIoControl, because all this file have is constants like this
IOCTL_BIN_GET_E32
IOCTL_BIN_GET_O32
IOCTL_BIN_GET_XIP_PAGES
IOCTL_BIN_SET_E32
IOCTL_BIN_SET_O32
IOCTL_BIN_GET_ROMHDR
The problem now is how to find the appropriate structs that help in dealing with it with no problems, you know if you tried missing up with this stuff you may lose a device, I don't know how bad the damage will catch your device if you miss use them, Thanks to GOD we have emulator :D, but it still not safe to miss up with such functions on real device.

one more thing that is really cool, Windows mobile have partitions concept to spread data between ROM and extended ROM and memory, what I mean that there is partition where the extended ROM placed, how do I know that, just check this link, it is for reference called "Bootpart Reference "
http://msdn2.microsoft.com/en-us/library/aa911532.aspx

I hope that this post was informative.

BR
Ahmed Essam
P.S: I think the only one who may find it useful is someone trying to hack Windows Mobile ROM.

The First MDC ever, MDC 2003

Peace be upon you,

How are you guys? I hope that there is everything is going OK with all of you, today I am going to talk about something little bit historical, also this thing is some kind of my happiness days every year, the days I am talking about is MDC days, MDC stands for "Mideast Developer Conference", this conference held ever year in Egypt, This conference is very important to me, Why? because it is the only 4 whole days we talk about technical issues, no TASKS, no RULES, no THINGS that I hate, just cool people who is talking about new technologies, also there is plenty of sessions so I attend what I really like to attend, the time line of MDC, first see the MDC first logo and note sheet:



That was the logo for MDC 2003


this is the notepad that was given by Microsoft


I attend all the MDC's, but of course I don't carry this thing for all that time, here is the time line for the MDC


MDC 2003 -> First MDC I was in 3rd grade at institute, it was AMAZING, Mohamed ALaa was a start in this MDC, all people likes him, he give some sessions he talked about Smart devices, he shows us some tools, at this days there was only VS.NET 2002, with .NET framework 1.0, he also show us some add-ins and tools for VS.NET, I was totally alone, I know no one there, the only thing that I have got there is Mohamed Alaa Card, I called him and I ask him for help, he was very nice, he ask me to have a visit to Microsoft Egypt, he gave a beta copy of VS.NET DVD, I really like this guy, I hope that I have chance to meet him :), I think he is the golden guy at Microsoft Egypt.

MDC 2004 -> Bill gates was going to say a keynote for Egyptian developers, unfortunately I couldn't attend the first day, of course I missed his keynote, but I attend the other days, it was very good, I was sick (FLU), I don't remember anything.

MDC 2005 -> for the second year on consecutively Bill Gates come and have the keynote to Egyptian Developers, this time I attend (haa :D), I was one the front lines, I met the Arab team guys, it was the best year Ever, I got about 30 friend there, there is Remarkable friends there I can't forget, they are always on my mind and my heart, they are my brothers, here is listing of them
Ahmed Ezz
Belal Younes
Mohamed Abd Aliem
Mohamed Hossam
Mohamed Milligy
Mohamed Tanna
Tarek Ibrahim

There is many guys, I met there but I don't remember all of them, but this guys are remarkable and unforgettable, They are truly my brothers, It was the best MDC for me

MDC 2006-> this year was so reach, the give us VS.NET 2005, at this time I was admired with ASP.NET 2.0, so I wrote my book that was talking about ASP.NET 2.0 for my Arabian development brothers :D, I also got a very cool friend there, he is Patrick Hynds, he is a very good guy, who cares about security, just like me :D, I took his card and I contact him.

MDC 2007-> really it was so repeated, we hardly got new information from it.

Common things that is happen in MDC, is Raffle, every year they do raffle and they give very good gifts, Mohamed Milligy wins twice :D, also we used to get Downtown and have some fun with Arab Team guys


At the end we are now waiting for the beloved MDC, there is no clear date for it, but there is Expectation that it will be with ICT 2008

Thanks for your time
BR
Ahmed Essam

Monday, February 18, 2008

SIM card and Mobile

Peace be upon you

How are you guys? today I am going to talk deeper about the mobile security, I will take it from windows mobile side, because this what I have experience in, I am sure that there is similar in other mobile operating systems, first let us see this next picture,



This is image for smashed SIM card(I was done of it :D), here what is inside it, can u see the small chip, well it is real any SIM, has a very small processor with very small amount of memory, this cards called Smart cards, there is many many types of it, but let us get back to our point, SIM card is a type of smart cards that has processor and memory, for now it is OK, this thing has also something called Card OS, it is very small operating system, simply what it does is, it receive requests from the card reader, this card do the operation and reply back to the reader, the reader takes it and that's it, now what happens when Mobile starts up and try to have the signal from the mobile service provider, there is some kind authentication conversation must be done between the SIM and the Mobile network, what your device do is being a middle man, it takes result from SIM and give it to network, and take what network says and give it to Sim, that's cool for now.
The SIM card is divided into files, some files are protected and not readable by the reader, and some are password protected and some are open to be read with any kind of reader, I will try to add sample that explain all of that, here is some API's that may help any one to do SIM application related using windows mobile platform
To be continued
I hope that this post was informative and helpful.
Thanks for your time.
BR
Ahmed Essam

Sunday, February 17, 2008

Modu and the upcoming wave of mobiles

Peace be upon you

How are you guys? I hope that everyone is OK, today I am going talk about something very new and amazing, it is Modu Mobile, here is its picture,


also here is link for its web site http://www.modumobile.com/
the phone is fully hardware pluggable, what I mean that this mobile is like puzzle, you collect it with some stuff together then you have new mobile, I recommend that you check out the web site it is very creative and nice.
fortunately they have lot of open opportunities for developers, when I saw that I was so happy :D i was going to apply there, but when I check where is the company i found that it is located in Israel, for me I don't like this place :D, anyways I think this device will make some kind of deep effect on the mobile market,
thanks for your time
BR
Ahmed Essam

Friday, February 15, 2008

My first open-source project

Peace be upon you
How are you guys? I hope that everything with everyone is going fine and OK, today I am going to show you something you will like.
today I have released my first Open-source project, finally after long time of thinking I decided to take that risk, this project will eat some of my time, but it's OK, I have to do something.
Let us talk about the project for while, the project is "WM_SupportArabic" I call it that for 2 reasons "WM = Windows Mobile" & "WM= Window Message" :D did u got it, anyways, The project aim to add Arabic support for Windows Mobile platform without need for third party application, currently the available Arabic solution are so limited(Imaginet Arabizer(Currently MOBiDIV), FJE (Informobility), and some free application I didn't get it until now )
for me, I am not satisfied at all for this solution, I am talking as user, there is many points they didn't see, I can't say anything about this guys, they are all doing great work, such thing may take life and it will never end, but sometimes simple idea can solve the problem without need for life to be gone in same thing, what I am doing by this project is looking for this thing, and I hope that I find it,
Also I want any one who have knowledge about this issue to join me, of course it is not allowed for people who work in companies that produce Arabic solution to join, because some how it is not ethical,
I was working at Imaginet, but I never touch the Arabizer, I swear that I know nothing about it or even it's project architect, some people may say that I was working there and it is violating what I am saying, as I explained, I never work in this project.

here is the link of the project
https://sourceforge.net/projects/wm-arabic/

Wednesday, February 13, 2008

Turning Windows Mobile device to Spying device

Peace be upon you

how are you guys? I hope that all of you is OK, Today I am going to show you something little EVIL, it is turning the windows mobile device into spying device, somehow this thing is not right because it kills the privacy, I put it to just tell you how much it is dangerous to use any "anonymous" application on your device, first see the video and I have a lot to tell you about it.

English Demo
Link : http://www.youtube.com/watch?v=hESMx8zs8lM


Arabic Demo
Link : http://www.youtube.com/watch?v=ydotWSkX8PA



After you saw it, I think you are sure that it is possible to anyone have some knowledge, can easily do utility apllication for free and attach such thing in this application, I decide to reveal all I know about it, for 2 reason I do that, the first reason that the resources is so hard to get, you can't imagine how much I suffer until I got this thing work, all people I know refused gently to help me and give me such resources, resources like some files from platform builder, some how I managed to get a FULL copy of platform builder :D, which some how make me free, also the learning material is so hard to get, the only resource I found for this topic was in Korean Language(Thanks to google), the second reason the one who want to do such thing has enough motivation to comlete it, here is the details.
Technical detailsin this trick I used something called (RIL APIs), RIL stand for "Radio Interface Layer", this thing is made to serve anything related to network on the Windows mobile powered devices, it is also called RIL proxy because some how it is a mini driver that is implemented by the manufacturer, the functions that I have used was so simple
RIL_Initialize
RIL_EnableNotifications
RIL_Answer
This trick takes about 15 to 20 lines of code, this thing can be used in two sides, for good, you can do many useful application like "Incoming Blocker" or "Answer Machine" also there is endless list you can do using this simple APIs,for evil there also tons of ideas that can be done for it, by the way this thing can work over anything, I mean it can moitor GPRS, SMS, ... etc
Ideas for protectionI though that there is some way to protect the device owner from being attacked that way,so here is my idea, the idea is based on how windows works, as I know about windows, when you have a handle for something "File, Device, Resource, ... etc" this handles is called Kernel Object as long as it has security attribute in it's creation parameter, but in this case we have no creation parameter which make me step back for and think , we can hook on the "ril.dll", so we will be like the middle man, this thing is great but hooking in windows mobile is not that easy, it require alot to have something working without trubles or delaying the system, the alternative way is little amateur, it is to loop through open processes and see if any of its loaded module is "ril.dll", if you find something then notify the user, but this one is very performance consuming because you will have to do check every few second or minutes, which has some problems, if you have long period (the idea is gone, becuase any application that uses ril.dll could work for long time, while your portection application is not working) if you make it short period you will face the performance issue.

I hope that this topic was informative to you, thanks for your time



BR
Ahmed Essam

P.S: This articl is based on personal research, so it is not evolved in any application I have worked on before.

Tuesday, February 12, 2008

Projects that I like at Microsoft Research

Peace be upon you

Today I am just going to point to some cool project at Microsoft research, this project are very useful if you from the point where you take it's concept, here is listing for the projects:

SecPAL : Security Policy Assertion Language
http://research.microsoft.com/projects/secpal/
http://www.codeplex.com/secpal

Singularity :build a highly-dependable operating system in which the kernel, device drivers, and applications are all written in managed code, Imagine Opreating System based on something like dot NET framework.
http://research.microsoft.com/os/singularity/?0sr=a
http://en.wikipedia.org/wiki/Singularity_%28operating_system%29



Audio Watermarking tool
http://research.microsoft.com/research/downloads/Details/885bb5c4-ae6d-418b-97f9-adc9da8d48bd/Details.aspx



Detours
http://research.microsoft.com/sn/detours/

transactional memory
http://research.microsoft.com/Users/simonpj/papers/stm/?0sr=a

Thanks for your time.

BR
Ahmed Essam

Saturday, February 09, 2008

iPhone Development

Peace be upon you

how are you guys? I hope that you are all fine, today I am going to talk about something, something that mobile developers will like very much, it is iPhone Development, lets begin.

- Old days Development and Stef Announcement

if you are following the iPhone, you will find that there was no SDK for developers to do native application for iPhone, but there was a simple replacement which was for sure not enough, this replacement was the browser based development, it was all about Java script and some other HTML things, some of iPhone developers start to find things that give them more strength in their work they used something called (OpenLaszlo , for more information about OpenLaszlo see their website) for now there is nothing exciting, the exciting thing that in Mac-World 2008 conference Stef Jobs had announced that "Apple will release iPhone SDK by Feb 2008", which means that all guys who is waiting will got it in their hands very soon.

-Unofficial SDK
Same as what happen with
Android (Google platform for Mobile) there was a release for native SDK it was some kind of toolchain called (Sourcery) , I don't know much details about it, but some people at Android Group have done some work with it.
same story had been repeated with iPhone, some people has done some (
iPhone Atlas ) has publish a topic "The unofficial iPhone SDK: Guide to writing native iPhone applications" it has some stuff about the SDK, also some people release some applications using this SDK.

-Requirement
for know all information about the Requirement are a round using XCode as the development environment of course as long as you are using XCode you will need one of Apple Machines, but I think this problem is gone, for all windows user they can have OS X on their Machines, there is some "torrents" that let you download a copy of the Operating System, I think it is produced by someone called "JaS", this version has lot of videos on how to install it and use it, after downloading it, you will have to download the XCode, then you will need to install the other tools that is mentioned in "iPhone Atlas"

some helpful references
http://developer.apple.com/iphone/
http://www.iphoneatlas.com
http://www.tuaw.com


At the end, thanks for your time.
BR
Ahmed Essam