Things to come... - Page 2 - GSM-Forum

german gsm team · 01-24-2009, 18:40

And RPL with given simlock definition file (*.sim) would be great because of warranty cases!

Bph&co · 01-24-2009, 19:14

Hi,

Solution is with credits. The advantage is that is standalone, no internet
required.

Regarding simlocks, you know very well that is not possible since private
RSA key is required to make such a file.

You can lock with any table with upcoming new version of the DCT4Plus
tool for Genie.

BR

german gsm team · 01-24-2009, 19:21

Quote:

Originally Posted by Bph&co

Hi,

Regarding simlocks, you know very well that is not possible since private
RSA key is required to make such a file.

BR

I thought you perhaps extract private RSA key from ASIC.

Al · 01-24-2009, 20:18

Quote:

Originally Posted by german gsm team

I thought you perhaps extract private RSA key from ASIC.

It's not possible, since RSA private key only Nokia has (it has nothing with ASIC). Public key is in phone software and isn't covered with flash check, so can be easily changed to any other (seems it's the way as Genie DCT4+ unlocker works)

.:GSM International:. · 01-24-2009, 20:38

Quote:

Originally Posted by Al

It's not possible, since RSA private key only Nokia has (it has nothing with ASIC). Public key is in phone software and isn't covered with flash check, so can be easily changed to any other (seems it's the way as Genie DCT4+ unlocker works)

Really?

Then how do other teams do it?

Al · 01-24-2009, 20:40

Quote:

Originally Posted by .:GSM International:.

Really?

Then how do other teams do it?

Just stupid software patch which can be done easily now on DCT4, even not RSA patch

german gsm team · 01-24-2009, 20:50

Quote:

Originally Posted by Al

It's not possible, since RSA private key only Nokia has (it has nothing with ASIC). Public key is in phone software and isn't covered with flash check, so can be easily changed to any other (seems it's the way as Genie DCT4+ unlocker works)

As far as I understand DCT4+ simlock table is RSA signed.

When you enter correct unlock code, phone writes simlock table and signs it. So private RSA key must be in ASIC.

Al · 01-24-2009, 21:01

Quote:

Originally Posted by german gsm team

As far as I understand DCT4+ simlock table is RSA signed.

When you enter correct unlock code, phone writes simlock table and signs it. So private RSA key must be in ASIC.

You're wrong, in latest DCT4+ simlock table is signed with RSA key, BUT never updated in flash. When unlock code entered, phone does unlock-on-the-fly of current simlock table, and if all is good - unlock code is stored in phone PM, so on each power-on phone does unlock-on-the-fly with that stored code. So phone don't need to store unlocked simlock table since phone just unlocks itself with stored code each time when needed. BTW nice simlock server, why so much time needed to include it to BB5...

PS sorry for off-topic

german gsm team · 01-24-2009, 21:19

Thanks for this nice explanation. So I hope Alex will be able to implement a solution based on a special idea....

Bph&co · 01-24-2009, 21:22

Quote:

Originally Posted by Al

Public key is in phone software and isn't covered with flash check, so can be easily changed to any other

Unfortunately it's in the protected space, but there is a fix for this too. Too
bad people come and complain about this soft without even recognizing how
much work was to make this solution.

BR

moldovan · 01-24-2009, 21:27

Quote:

Originally Posted by Bph&co

Hi,

Isn't it pretty obvious from the screenshot ?

BR

Can we calculate from file ?
WBR !

Al · 01-24-2009, 21:30

Quote:

Originally Posted by Bph&co

Unfortunately it's in the protected space, but there is a fix for this too. Too
bad people come and complain about this soft without even recognizing how
much work was to make this solution.

BR

Yep, and unfortunately that fix to 'unprotect' protected space is known to many people now, and they use it for their purpose 'without even recognizing how much work was to make this solution'...

Bph&co · 01-24-2009, 21:39

Quote:

Originally Posted by Al

Yep, and unfortunately that fix to 'unprotect' protected space is known to many people now, and they use it for their purpose 'without even recognizing how much work was to make this solution'...

Well,

Every programmer has to decide at certain point is he doing it for fame or for
the money. I made my choice long time ago. I don't mind if UB is using something
from us, and claiming as theirs, or as you say other too (which i am not aware
of).

Anyway, there will be always new challenges and countless months of work.

moldovan:

Yes could be done to read ask file, but seems pointless because UEM imei
is not included in ask data. You just need imei, that's it.

german gsm team:

You and other people were pushing me for non patch solution for dct4+ for
a long time. I work on this in my spare time, so if i have something, i will
let you know.

BR

german gsm team · 01-24-2009, 22:08

Quote:

Originally Posted by Al

You're wrong, in latest DCT4+ simlock table is signed with RSA key, BUT never updated in flash. When unlock code entered, phone does unlock-on-the-fly of current simlock table, and if all is good - unlock code is stored in phone PM, so on each power-on phone does unlock-on-the-fly with that stored code. So phone don't need to store unlocked simlock table since phone just unlocks itself with stored code each time when needed. BTW nice simlock server, why so much time needed to include it to BB5...

PS sorry for off-topic

Is the PM section where unlock code is stored after entering readable without firmware patch? If yes, which number?

Al · 01-24-2009, 22:14

Quote:

Originally Posted by german gsm team

Is the PM section where unlock code is stored after entering readable without firmware patch? If yes, which number?

Unlock code stored in sub-section in the same section where simlock and it's not readable without firmware patch.

Similar Threads
thread	Thread Starter	Forum	Replies	Last Post
Its time to pay some thing to this team too	mvtamele	Infinity-Box	2	03-28-2010 18:12
How to Be Your Little Man's Dad: 365 Things to Do with Your Son	IPMART	ipmart WebShop	0	10-13-2009 14:00
Nokia 5510 need to do what for it to come back to life?	aalicex	Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L )	3	10-22-2006 17:25
please do some thing to your server !	GSM SNIPER	SagMaster Team OLD Products	1	01-26-2006 10:33
An annoying thing to everyone who has already made full backs!	masterID	Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L )	9	10-10-2001 21:49

01-24-2009, 18:40	#16 (permalink)
german gsm team No Life Poster Join Date: Mar 2002 Location: Somewhere in the World Age: 54 Posts: 1,425 Member: 9848 Status: Offline Thanks Meter: 144	And RPL with given simlock definition file (*.sim) would be great because of warranty cases!

01-24-2009, 19:14	#17 (permalink)
Bph&co No Life Poster Join Date: Feb 2000 Location: UK Posts: 3,186 Member: 1024 Status: Offline Thanks Meter: 5,510	Hi, Solution is with credits. The advantage is that is standalone, no internet required. Regarding simlocks, you know very well that is not possible since private RSA key is required to make such a file. You can lock with any table with upcoming new version of the DCT4Plus tool for Genie. BR

01-24-2009, 21:19	#24 (permalink)
german gsm team No Life Poster Join Date: Mar 2002 Location: Somewhere in the World Age: 54 Posts: 1,425 Member: 9848 Status: Offline Thanks Meter: 144	Thanks for this nice explanation. So I hope Alex will be able to implement a solution based on a special idea....