The ROMkitchen now offers theft protection in ROM

Thanks to Charles Warner, who answered our call for a coding volunteer, we now have an advanced theft protection system. It's called IIWPO, which stands for Interesting Interactions With the Previous Owner.

Simply go to the ROMkitchen and create a ROM with the theft protection feature turned on. Enter your name as you will enter it in the 'Owner Information', and a GSM number of a friend that you want to send the messages to.

Then when someone steals your phone, they probably want to either change the name of the owner, or cold boot the phone altogether. Either way, the device detects that the owner name doesn't contain your name at the next wakeup, and sends one or more SMS messages to the number you set. In the best case, the new 'owner' provided address and all other relevant information. If he/she didn't, at least you have the new phone number of your phone.

How it works:

Registry settings:

[HKEY_CURRENT_USER\Software\XDA-developers\IIWPO]

Owner: set to owner name device is tied too (this is the master check, won't send a sms if user changed to this one)
LastOwner: set to owner name device is tied too (this one changes as the user name changes, simply to detect changes)
ReportNumber: set to phone number to report changes too.


Files:

IIWPO_main.exe goes in \windows
IIWPO_startup.exe goes in \windows\startup

it sends one of two text messages if the owner details are changed, if they are set to "nothing", then it sends :-

"Name not set, will pick up details if user changes name again"

if the name is filled in it sends :-

"Name : <user name> (<company name>), email : <email address>, phone : <phone number>" this string is guaranteed less than 160 characters.

if the Address will fit in the same text message, it is appeneded as ",Add : <address>", otherwise a seperate text message containing the address is sent.

what if they were to cold boot it? wouldnt that erase the s.w? or is it in the rom?

also what if they put a sim in with no cred?

lmk cheers

gaz

If you read the article carefully, you would know... It's directly on the first line: "The ROMkitchen now offers theft protection in ROM" 8)
If they put in a SIM with no credit, no SMS will be sent, I think... :shock:

also what if they put a sim in with no cred?
It will send as soon as it can...

By other words - when the Thief buys a new credit :lol:

This is amazing. Well done once again!!!

I have one additional suggestion. Please see http://www.psiloc.com/?id=prod&nrp=53 for a cool application running on Symbian. If one has access to similar APIs on the XDA to get cell info it would be trivial to include location data in the SMS message sent when the device is stolen. This way it could be actually possible to locate it.

And a question, when the SMS is sent by this hidden process does it still generate Message Sent baloons? It would be good if it did not. Thanks for all your efforts.

[...]This way it could be actually possible to locate it.
We don't yet have an easy way to get the location data without doing really weird things. (ROM 3.19.x GER has it, but it's not easily transplanted to other ROMs). Work is in progress though...

And a question, when the SMS is sent by this hidden process does it still generate Message Sent baloons? It would be good if it did not.
It doesn't. You get to be the first to tell the new 'owner' about the feature.

do u have to re flash ur rom......or can this be integrated into existing roms....without re flashing....if so....what files and reg settings nessecary..


Great idea.....well done!

do u have to re flash ur rom......or can this be integrated into existing roms....without re flashing....if so....what files and reg settings nessecary..
You need to flash the ROM.

I am a little confused about how this works. I went to jeffs kitchen, cooked a rom with the anti theft featur, but it didnt ask any questions of me. I have now flashed the rom to the XDA, am I missing something?

I am a little confused about how this works. I went to jeffs kitchen, cooked a rom with the anti theft featur, but it didnt ask any questions of me. I have now flashed the rom to the XDA, am I missing something?
Try setting the owner name to something other than your own name you set in the kitchen, make the device go to standby, wake it up again, and see if your friend gets the SMS.

I maybe didnt read in the kitchen all the details, I wasnt asked for my owner details there, when the kitchen gets rebuilt I will make a return visit.

All this assumes of course that the thief hasn't heard about XDA-Developers and the means to flash ROMs

All this assumes of course that the thief hasn't heard about XDA-Developers and the means to flash ROMs
Yep. IIWPO builds on the assumption there are significantly more people that do not know about its existence than people that do. It builds on SBO: Security By Obscurity, which is usually not a very good concept for security design. But it is adequate in this circumstance, given that it's very hard to build something which would be secure against a knowing attacker without modifying the hardware or messing with bootloader and OS in such a way that the attacker cannot load a new OS. But then the attacker could just use JTAG. And even if he she could not: given the cheap supply of units with broken screens which are incredibly expensive to fix, the screen is by far the most valuable part.

Ive cooked a 4.00.05 Rom with this feature.

Ive checked and confirm that the following are installed:
\Windows\IIWPO_main.exe
\Windows\IIWPO_startup.exe
\Windows\StartUp\IIWPO_startup.exe
And In The Registry:
HKEY_CURRENT_USER\Software\XDA-developers\IIWPO\
LastOwner MY Name
Owner My Name
ReportNumber Friend's Mobile No.

To test:
I changed the owner name in Settings\Owner Information to a different name and then
>>Try setting the owner name to something other than your own name you set in the kitchen, make the device go to standby, wake it up again, and see if your friend gets the SMS.
DOES NOT WORK
or
solf reset
DOES NOT WORK

Anyone get this to work? Can you tell me what ive done wrong?

[...]
Anyone get this to work? Can you tell me what ive done wrong?
Everything looks right. Are you sure you have entered your friend's number in international format, starting with a '+' ?

Working now.
Yes its the "+"
Thank You Peter Poelman :D

xda developers...I think the theft protection is not working now in the kitchen??

is there something which could be done to get it up again?? I really love this feature... :D :D

when i reset my xda it sent a text to my dad as i have his number on it...

but now it doesnt send none at all i changed it to my name then i decided um i want to try it out to see if it works so i put in noddy and pressed ok but no text :| so i restarted the xda and it still didnt send no text so i just put it back to normal and left it at that :\

when i reset my xda it sent a text to my dad as i have his number on it...

but now it doesnt send none at all i changed it to my name then i decided um i want to try it out to see if it works so i put in noddy and pressed ok but no text :| so i restarted the xda and it still didnt send no text so i just put it back to normal and left it at that :\

it performs its checks on wakeup, I am unsure if soft-reset (what I figure you mean by restarted) would trigger the check. Change your name to noddy, turn it off, and turn it back on again.

I've had my device running at least a month now without hard reset, and just changed name to noddy, turned it off, and back on again, and it sent the relevant text message.

If you are sure it isn't working email me at chuck@spritesoftware.com and we'll find out what the problem is.

..Chuck..

[quote="david beckham"]xda developers...I think the theft protection is not working now in the kitchen??

This feature is great !! The 4.00.16 ROM cooked in Jeff's Kitchen works. However, the 3.17.03 cooked in Jeff's Kitchen did not. The two IIWPO files went to the windows' directory and not in the startup. Any comment ?

I installed the theft protection (correctly this time), entered my details and secondary phone number. It is very neat, I got a message from the phone when there was no name in the owner info box, the message sent reads "Name not set, will pick up details if user changes name again", it is a brilliant little program as it supplies the phone number of the resident sim which hopefully enables you to get some details of its whereabouts. Well done to the programmer for this little gem. Even if you couldnt get your phone back, you could drive the person crazy as it will inform you even if the sim is changed again, sms bombing springs to mind. :)

First I flash from kitchen with the IIPWO program
I reflash the rom without the IIPWO and backup my programs with sprite backup program.

Now It comes the message IIPWO_main.exe dont found in c:\windows.

How can I solve it without a cold reset?

There must be a place not the registry and not the startup and not the rom when the program starts, becauses I delete from the windows\startup and windows

Can I write the IIPWO_main.exe , from somewhere ,again to solve it?
Thanks.

can i get a retrofit for pocket pc 2003; it is a great concept. is there a cooked rom for att pc 2003. :(

Just got the XDA II.
Where do I download the IIPWO programs?

How do I write in to the registry? What is the procedure?
How do I transfer the above routines in to the XDA II and burn it in to the ROM?

Thanks,

David

I meant where to download those files from.

Thanks.

Is it possible to put the theft protection as a stand alone program in extended rom on the xda2, then make the extended rom locked again, would that work ok? If yes, where can we get it from? Thanks.

Hi everyone. My first post here. Been reading this forum for ages and have found most of my questions answered... thanks.

Now lets suppose your XDA has been stolen, the txt has been received by your friends phone.
What yer gonna do now??? :shock: :shock: :shock:

Just make sure he never gets any peace.

Just found myself wondering - The only place one can get IIWPO (Theft protection) on their xda is right here on xda-developers (sort of anyway),and it's been around for some 8 months+ now.

So, how many actually do have it enabled in your ROM? Not that we lose our phones every other day, but are there any stories to share so far?

Successfully recovered phones as a result of IIWPO :D ? Finders who are still getting calls every night at 3am till today :twisted: ? or, what I'd really like to know more about - phones with IIWPO that never made it home, and were never heard from again :cry: ...

I think it's an awesome feature, and I've got it on my phone :) ! A big thanks to the the people who made it happen.

i must be lost; i tried checked everything; did a +1 for th phone number;
checked registry settings; checked startup; changed names and i still do not get pone message; i am on wm2003. suggestions?

Hi everyone. My first post here. Been reading this forum for ages and have found most of my questions answered... thanks.

Now lets suppose your XDA has been stolen, the txt has been received by your friends phone.
What yer gonna do now??? :shock: :shock: :shock:

Hopefully the theif sticks his/her name and address into the owner information... you call the police and knock on his door.

..Chuck..

Hi,

Anyone knows an answer on this topic?
http://forum.xda-developers.com/viewtopic.php?t=7837

Thanks,

Sam

I am planning to get this into a CAB in the extended rom of my MDAII.
Just to check, I need to perform following from within the CAB:

Copy files:
\Windows\IIWPO_main.exe
\Windows\IIWPO_startup.exe
\Windows\StartUp\IIWPO_startup.exe

Set registry values:
HKEY_CURRENT_USER\Software\XDA-developers\IIWPO\
LastOwner - empty
Owner - My name
ReportNumber -Telephone number to send sms to (in international format)

This forces an sms to be sent after hard-reset (lastowner <> owner) and when the 'new' owner changes the owner info.

Correct?

Of course this does not work if the 'new' owner flashes the (ExtRom of the) device before changing the owner info . . . .

OK, done it. It works.
See attachment for an 'anonymous' install.
Registry is filled in like:
[HKEY_CURRENT_USER\Software\XDA-developers\IIWPO]
"LastOwner"=""
"Owner"="Me"
"ReportNumber"="+31000000000"

Replace the Me with your name
Replace the +31000000000 with the number to sms to

Preferably apply these changes in the Platformxxx.reg in the CAB file so that when the CAB is put into Extended ROM the devices gets protected again after a hard reset.

Hi,

Thanks for the CAB, but where to find "Platformxxx.reg"? How can this be done to set these registry settings after a hard-reset?

Thanks,

Sam

the reg file is inside the cab. You must use a cab manager like winCE Cab Manager (trial dowload at www.ocpsoftware.com gives you 15 free startups in which you must be able to succeed)

Procedure is
1. extract Platformxxx.reg
2. remove Platformxxx.reg from CAB
3. open it from an editor (ie notepad)
4. edit the indicated lines
5. save Platformxxx.reg
6. import Platformxxx.reg into CAB
7. set location to \windows and check hard-coded
8. save cab
9. save cab in Extended ROM
10. add line in config.txt to start the cab

(dont forget to lock the Extended ROM!!!!)

Now you have 2 choices:
1. Hard reset (maybe a lot of hassle with other applications!)
2. Start the CAB (there is a possibility that your today screen looks strange, re-set the today theme and/or soft-reset to correct this)

Done, youre protected.

Nice one edsub, thanks for that. Worked first time!

yw
When I have time I will try to get this on the wiki pages (IIWPO is lacking there)

OK, This is the Wiki page:

http://wiki.xda-developers.com/wiki/IIWPO

Hopefully IIWPO suprises a lot of thiefs!!!!!

Okay, everything's fine... But what will happen if someone uninstalls the IIWPO from the Remove Programs in control panel before changing the username?

Will it still work?

Can I test my setup using my own phone number in the meantime?

Thanks!

IF they know what IIWPO means, they CAN uninstall it. But: Before they do, they certainly have booted up / woken up the device with the changed contacts.
Remember: after every hard-reset IIWPO gets installed!

But youre right if you state that its not waterproof. Like someone else mentioned: its security by obscurity.

edsub there must be away to remove the ability for this cab to be uninstalled... I have not looked into this side of things yet... but there has to be a way of setting this in the cab as all of the other cabs within the extended rom don't give the ability to uninstall??

BTW: IIWPO is an excellent idea… keep up the good work...

Is it?
It IS!
mmm gotta look into that!

Think we are tricked here by HTC or our operator / ROm supplier.

Every installed app is listed under
HKEY_LOCAL_MACHINE\SOFTWARE\Apps\<Provider> <AppName>

Within these keys, the Uninstall programs dialog looks for a DWORD value Instl; if it is set to 1, then the app is currently installed, and should be listed in the dialog. If it is 0, then the app used to be installed but is no longer, and so won't be listed.

The trick used here is that ALL Extended ROM apps are under the single key
HKEY_LOCAL_MACHINE\SOFTWARE\Apps\Customization Tools

Hence, only the last app (in my case TM_phone_class10.CAB) is listed here.

A solution might be to
a. Set the Instl value to 0, but hey that is too obvious
b. Remove all keys of apps under the indicated registry branch you dont want to get uninstalled in a special CAB started as last from config.txt

Apart from this there seems to be a special command-line parameter (/nouninstall) for WCELOAD (which is processing CAB's) that prevents uninstall, but no clue how to implememnt that.

Is it possible to use this with the PDA2K/MDAIII or will there have to be changes made?

AFAIK the principle and executables are not device specific. I guess my instructions for using it on Himalaya also go for Blue Angel.

Please try it and post your experience.
You cant mess up the device really with this . . .

Got a slight problem can't find config.txt on the PDA2K extendedrom.

Is there a way to make it send to multiple numbers? I tried <number>; <number> but it didn't appear to work.

there should be a config.txt afaik in all HTC devices except the Wallaby.

I think its simply not possible to send the msg to more than one number. Maybe the programmer of IIWPO could implement this (if he still is active on the forum)

there should be a config.txt afaik in all HTC devices except the Wallaby.

Sorry man but there are only four other files other than the various *.cab files
1. Autorun
2. Setup
3. TPDisable
4. TPEnable

Anyone else trying to put IIWPO on their PDA2K/MDAIII?

You sure you have a PDA2K then? The Qtek1010 mentioned in your signature is a Wallaby variant . . .

What is in the Autorun?

Why not try to create a config.txt.

autorun is an exe

The trick used here is that ALL Extended ROM apps are under the single key
HKEY_LOCAL_MACHINE\SOFTWARE\Apps\Customization Tools

Do you mean all, or all the ones which have the key
HKCU\software\htc\Customize set in their CAB ?

I mean all the ones that have in the CAB description as company name Customization and as application name Tools

You sure you have a PDA2K then? The Qtek1010 mentioned in your signature is a Wallaby variant . . .

What is in the Autorun?

Why not try to create a config.txt.

Yep its a PDA2K I just hadn't updated my sig yet.

Can you put up a sample of a config.txt file so that I can know whats supposed to be in there.

Thanx

see teh example

Does this tool work with a HTC Typhoon or Feeler as well?

Actually I'm pretty much interested to use it with a T-Mobile SDA.

Can I just follow the described procedure, or do I have to change anything?

Many thanks!
Chris

afaik it works with all WM2003 Phone Edition devices.
So: If the HTC Typhoon or Feeler or T-Mobile SDA are running WM2003PE (SE doesnt matter) it should work, otherwise it wont.

hi dudez,

there is source release ?!

I did evrerything written in the relevant IIWPO page.

I updated the cab & config.txt put it into extended memory etc.

I finally run the cab to install it immediately without HR.

I am changing the owner name but no SMS is sent whatsoever to the destination number.

I checked the registry and all details seems OK there.

I am able to send SMS regulary flawlessly.

What else could be wrong?

it's working great, one problem ... the installation (cab) put in the uninstall program "XDA Developers IIWOP" even if this in the Extended Rom anyone can remove it from settings->uninstall

I got the IIWPO installed in my XDAII and have this information in my Registry....But, no matter how I changed the Owner Information, I still cannot receive any SMS from my XDAII to the number that I set previously.

Any Idea on how to overcome this problem???

[HKEY_CURRENT_USER\Software\XDA-Developers\IIWPO]
"LastOwner"=""
"Owner"="ykyloveu"
"ReportNumber"="+44XXXXXXXXXX"

which "XXXXXXXXXX" is the UK mobile phone number "0XXXXXXXXXX"


I already got this problem solved, Thanks

it's working great, one problem ... the installation (cab) put in the uninstall program "XDA Developers IIWOP" even if this in the Extended Rom anyone can remove it from settings->uninstall


Yup...It is.
However, every time when the person hard reset the XDAII, the IIWOP will automatically installed in the system (Provided such program is located in the Extended ROM and the "Config.txt" has been amended accordingly)

I did manage to protect a little further.
In the config.txt I addad a cab (after iiwpo.cab!) that sets 0 into the registry:

Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Apps\eDsuBsofT IIWPO by xda-developer
Set value:
Instl = 0

Alternately you can remove the whole key!

IIWPO will no longer be visible in Uninstall programs!

Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Apps\eDsuBsofT IIWPO by xda-developer
Set value:
Instl = 0



I had manually edit the registry of my XDAII using PHM Regedit.
Yup...It is protected now...

But, how can we set that value to be "0" automatically once we hard reset the PPC?? Should we create another CAB to perform such action???

I did all you said Mr.edsub
But im stuck in where i have to unlock my ext.rom
I have wm2003se 2.06 and i dont know how to unlock it
Please help me!

Thanks in Advance

Got it ! , 0x20040305

Thanks

Hey guys ,
I made my own Cab file that will secure it from uninstallaion,
The Job of the cab file is to Change the registry settings from dword=1 to dword=0 (this will disable it from being showed in the uninstall)..Futhermore this Cab file is UNinstallable ..it names itself as ''Phone'' and even if you uninstall it(this CAB), the anti-theft program would never appear!(even though it is still there).. but there is only one problem , i placed it after the installation cab in the extenstion rom and updated my rom few times...its weird even when it installs the theft program first it still appears in the uninstall .. i have also updated the txt file in the extension rom to install it after the installion of the theft program....CAN ANYONE HELP :lol:

THANKS
AMD

These are just ideas, I 'll have to test them to see if they work.
If somebody already tried these, or is faster than me could he post his findings?

1) use the 'Customization Tools' trick:
Change the company & applicaton name in the IIWPO cab, being the same as from a cab that comes after in config.txt.
then the info about installation of IIWPO in the registry & in \windows\AppMgr will be overwritten with the info of the second cab executed.
and an uninstall will only uninstall the second.

2)set the attributes "Read only","hidden","system" on iiwpo_main.exe , iiwpo_startup.exe ? see if this works

3) if 2) doesn't work set installation directory to extended rom? maybe not so clean, but safer then letting them be in \windows

4) try to use [HKEY_LOCAL_MACHINE\init\launch] to startup IIWPo instead of \windows\startup

also for SE : Max OS version should be changed to avoid the "may not display properly" popup.

Hi, I am using an MDA Compact ( Magician), can I use this app too? Can someone give me a clear tutorial for installing this app? I have read the thread several times, but being a newbie on PPC I have no idea how I should install it. Just install the IIWPO files and edit the registry? Or install the IIWPO files and the editted Cab file?

Can you give me a step by step installaton guide? Thanks for your efforts, regards!

koksie, i think thi works on all PPC PE devices.
See the Wiki page on iiwpo for instructions.
The only thing I am unsure of is how to get it into the ExtROM on the Magician. afaik the magician's ExtROM cannot be unlocked (just unhidden)

I did manage to protect a little further.
In the config.txt I addad a cab (after iiwpo.cab!) that sets 0 into the registry:

Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Apps\eDsuBsofT IIWPO by xda-developer
Set value:
Instl = 0

Alternately you can remove the whole key!

IIWPO will no longer be visible in Uninstall programs!

Nice work, I will try this out...thanks! :D

These are just ideas, I 'll have to test them to see if they work.
If somebody already tried these, or is faster than me could he post his findings?

1) use the 'Customization Tools' trick:
Change the company & applicaton name in the IIWPO cab, being the same as from a cab that comes after in config.txt.
then the info about installation of IIWPO in the registry & in \windows\AppMgr will be overwritten with the info of the second cab executed.
and an uninstall will only uninstall the second.

2)set the attributes "Read only","hidden","system" on iiwpo_main.exe , iiwpo_startup.exe ? see if this works

3) if 2) doesn't work set installation directory to extended rom? maybe not so clean, but safer then letting them be in \windows

4) try to use [HKEY_LOCAL_MACHINE\init\launch] to startup IIWPo instead of \windows\startup

also for SE : Max OS version should be changed to avoid the "may not display properly" popup.

Did you got this trick to work? If yes could you please post CAB file here, thanks m8. Or do you other have any tricks to make programs unremovable?

Thanks!

Is it possible to not just send the owner name?

I think the protection is limited if we only know the theft's name.

How about the phone number / sim card number?

If we got this to the police, certainly it is much easiler to find out the theft and get back the phone!!!!!!!!!!

Cheers,

The ROMkitchen now offers theft protection in ROM

Thanks to Charles Warner, who answered our call for a coding volunteer, we now have an advanced theft protection system. It's called IIWPO, which stands for Interesting Interactions With the Previous Owner.

Simply go to the ROMkitchen and create a ROM with the theft protection feature turned on. Enter your name as you will enter it in the 'Owner Information', and a GSM number of a friend that you want to send the messages to.

Then when someone steals your phone, they probably want to either change the name of the owner, or cold boot the phone altogether. Either way, the device detects that the owner name doesn't contain your name at the next wakeup, and sends one or more SMS messages to the number you set. In the best case, the new 'owner' provided address and all other relevant information. If he/she didn't, at least you have the new phone number of your phone.

How it works:

Registry settings:

[HKEY_CURRENT_USER\Software\XDA-developers\IIWPO]

Owner: set to owner name device is tied too (this is the master check, won't send a sms if user changed to this one)
LastOwner: set to owner name device is tied too (this one changes as the user name changes, simply to detect changes)
ReportNumber: set to phone number to report changes too.


Files:

IIWPO_main.exe goes in \windows
IIWPO_startup.exe goes in \windows\startup

it sends one of two text messages if the owner details are changed, if they are set to "nothing", then it sends :-

"Name not set, will pick up details if user changes name again"

if the name is filled in it sends :-

"Name : <user name> (<company name>), email : <email address>, phone : <phone number>" this string is guaranteed less than 160 characters.

if the Address will fit in the same text message, it is appeneded as ",Add : <address>", otherwise a seperate text message containing the address is sent.



hello !!!
i had xda2 mini ! i can view my extended rom but i cant moditfy anythings at inside !
i cant move in the cab file ! and cant moditfy the config.txt !?????
thanks!!!

Is it possible to not just send the owner name?

I think the protection is limited if we only know the theft's name.

How about the phone number / sim card number?

If we got this to the police, certainly it is much easiler to find out the theft and get back the phone!!!!!!!!!!

Cheers,

It sends the owner name and whatever is entered on the phone number address. The phone number obviously you get because of the text. :roll: . If you want the sim card number that might be harder tho and useless AFAIK.

May I ask how do I lock and unlock the Extended ROM? I am using a XDA-MIni with Big Storage

please advice...

thanks...

I installed this the other day and now trying to remove it from device. I uninstalled...but now when ever phone is reset or comes out of standby..it get this message

Cannot execute \windows\IIWPO_main.exe

I have seen a few other threads on this, but no real cure on how to remove this?

Any ideas?

IIWPO seems a bit hard to remove. I have heard from more than 1 . . .
Could very well be because of the nature of the software (its running all the time looking if the device wakes up).
My experience is that it stays away after a hard reset.
You could see this a an extra security 'feature' :wink:

IIWPO seems a bit hard to remove. I have heard from more than 1 . . .
Could very well be because of the nature of the software (its running all the time looking if the device wakes up).
My experience is that it stays away after a hard reset.
You could see this a an extra security 'feature' :wink:

IIWPO IS bit hard to remove.
if I unistall it from my phone, on wake up i get a error advice.
Olso if i delete manually key in registry (because after uninstall the key are in the registry).
Can you help me?

IIWPO is hard to delete (and for security reasons it should be :wink: ), but apparantly on non WWE roms only.

The error a lot of you get "unable to start" is generated by a the IIWPO deamon that gets started when the device is powered on.
In WWE ROMs it sits in \windows\startup
I dont know the name of that folder in non-WWE roms.

get Totalcommander, search for any "IIWPO" file and delete it.

BTW: If you remove the IIWPO cab from ExtROM and do a hard-reset, it should be gone.

On my Magician the error is: Unable to start \windows\IIWPO_maim.exe every time powered.
In device no file IIWPO*.* find.
All key deleted in reg.
It seems like that the deamon that gets started when the device is powered on first execution, set permanently launch of IIWPO_main.exe association to power button.
And yes, the hard reset solves problem. But i'd like understand.... :shock:

Another:
What happen if - after installation - i delete in registry the number for sms send? It try to send sms but without number can it ?

The problem can be on NOTIFICATION QUEUE database. Use memmaid to check if there is some link to IIWPO.

YES!!!!

The problem was in DB notify Event (not Queue) and this is the record that invoke command:

<field id="1" type="31" htype="CEVT_LPWSTR" size="23">\windows\IIWPO_main.exe</field>
<field id="2" type="31" htype="CEVT_LPWSTR" size="17">AppRunAfterWakeup</field>

Tank you dalamario :D

Thanks for the tip, I added this to the IIWPO Wiki

Anyone tried this on a Jasjar? I am not getting the sms, just running the cab for now no ext_rom business until it checks out.

Someone reported to me it works on Universal.
Remember it only sends sms when device is woken up
Did you personalize the cab (platformxxx.reg) fil as described in the wiki?

Yeah I did fill it out I replaced the 'me' with my name and the cellphone no. with a + still nothing did a soft reset ran the cab again still nothing. Do these values have to be ina quotes?

Beware with a soft-reset.
On WM5 devices the registry is kept both in RAm & ROM. The ROM is updated with a certain time-lapse. Whe you power on (i mean realy power on!) or soft-reset the registry is taken from ROM.
If you softreset your device before the ROM was updated from the RAM...you end up with the old regisrty values.
Its beter to power off the device instead of soft-resetting: hold down power fro 5 secs.
This way the RAM registry is flushed to rom first.

well I used resco regedit and checked the entries and I found that even after I change the owner info the registery doesnt get updated. If that doesnt happen then there is no hope of an SMS being sent anywhere.

Just wonder whether could be worked for Prophet phone or not as it seems not to be functionable in my dopod 818pro even I have followed the instruction to do so :? BTW, its really great tools!! :D

Well I finally got it working, in the universal the soft reset doesnt work remove the battery and put it back in thats when it sends an sms when it restarts.

Oh BTW apart from renaming the cab and putting the owner information dont change anything I was hoping to rename it something other than IIWPO but it doesnt work because the software doesnt work.

Regards
Lukes

I successfully downloaded the cab file and made the modifications via WinCE CAB Manager. I downloaded the Unlock tools and the unhide seems to work, but when I go to unlock I get the error:

FL_IOCTL_BDTL_HW_PREOTECTION

but then it says it's unlocked and tells me to reboot. I do so, but upon reboot, the Extended ROM is not shown anywhere. Where specifically should it be located? Right under my device?

Any suggestions?

XDAII owner in need of massive help here!
I have tried to unlock my phone using XDADEV_all_unlock and the OCP software i think its called IIWPO. Now here is the problem.......

If i cold of soft boot the XDA it gives the following message
Network is locked please input unlock code.

So ithought i needed the PUK code from o2 (this did not work) so was stuck.
then i had a brain wave "re install the rom"
then i noticed that with the sim in it will not dock so installing a rom was impossible. So i tried to another cold boot without the sim card in and it works fine just cannot make calls or SMS

so i reinstalled the ROM (latest version) and put the sim in and cold boot, the same thing is on the screen no matter what i di peeps i cannot access the phone with a sim in it? i have tried a Vodafone sim (same thing)

Now here is the kicker, when i put the sim in a old flip phone i found behind my bed the card and the phone works fine. its only when the sim is placed in the XDA or any sim do i get this message

Any answer that provides the solution to this problem will be of a massive help i if anyone knows what to do you guys will so please come on help me out as i think i may of killed the best phone i have ever had.

Oh and P.S without the sim the XDA is fine tomtom works games work, excel and word all fine just like it used to be but without the features on the Phone at all

XDAII owner in need of massive help here!
I have tried to unlock my phone using XDADEV_all_unlock and the OCP software i think its called IIWPO. Now here is the problem.......

If i cold of soft boot the XDA it gives the following message
Network is locked please input unlock code.

So ithought i needed the PUK code from o2 (this did not work) so was stuck.
then i had a brain wave "re install the rom"
then i noticed that with the sim in it will not dock so installing a rom was impossible. So i tried to another cold boot without the sim card in and it works fine just cannot make calls or SMS

so i reinstalled the ROM (latest version) and put the sim in and cold boot, the same thing is on the screen no matter what i di peeps i cannot access the phone with a sim in it? i have tried a Vodafone sim (same thing)

Now here is the kicker, when i put the sim in a old flip phone i found behind my bed the card and the phone works fine. its only when the sim is placed in the XDA or any sim do i get this message

Any answer that provides the solution to this problem will be of a massive help i if anyone knows what to do you guys will so please come on help me out as i think i may of killed the best phone i have ever had.

Oh and P.S without the sim the XDA is fine tomtom works games work, excel and word all fine just like it used to be but without the features on the Phone at all

oh and in case you have not already guessed i am sooooo a noob so plain english please lol

I did everything according to wiki, but cant get this to work.

In the wiki it says:
You need the Extended ROM Unlock Tools from xda-developers.com for this task.

Procedure is

1. unhide & unlock the extended ROM

2. save CAB in Extended ROM

3. copy config.txt from your device to your pc

4. open config.txt from an editor (ie notepad)

5. just before the line

EXEC:\Extended_ROM\TPEnable.exe

insert a new line (provided the name of the CAB is "IIWPO.CAB")

CAB: \Extended_ROM\IIWPO.CAB

6. save config.txt

7. copy it to the Extended Rom of your device

8. lock the Extended Rom

In my Config.txt there was no line:

EXEC:\Extended_ROM\TPEnable.exe

So I just added the line as last cab like this:
LOCK:Enabled
CAB: \Extended_ROM\MT_Shortcut-MMS-Hermes.CAB
CAB: \Extended_ROM\PP_ExtVersion.CAB
CAB: \Extended_ROM\P_Generic_UI.CAB
CAB: \Extended_ROM\PP_3-AP-Patch.CAB
CAB: \Extended_ROM\MT_PC_Hermes_Qtek_WWE_060621.CAB
CAB: \Extended_ROM\VT_Engine_23818_ext.CAB
CAB: \Extended_ROM\PP_ace-certs.CAB
CAB: \Extended_ROM\MP_mHub_060630.CAB
CAB: \Extended_ROM\IIWPO.CAB
LOCK:Disabled
RST: Reset

When I Hard Reset I see that IIWPO.CAB is being executed but I dont see those files anywhere:

Windows\IIWPO_main.exe
\Windows\IIWPO_startup.exe
\Windows\StartUp\IIWPO_startup.exe
And In The Registry:
HKEY_CURRENT_USER\Software\XDA-developers\IIWPO\

If I execute the IIWPO.cab manually on the ppc, then I do find those files, and then I get a sms on freinds mobile.

Can anyone please help so that it can survive a hard reset? What does the COMPLETE config.txt file look in you device?

When I run it manually it works but it first sayys that it's from a "unknown publisher" and it asks for a confirmation if I want to install.
The thing is that when it tries to install after a hard reset then it doesn't get any confirmation and therefore doesn't install.
Could it be that it doesn't install because it's not "digitally signed with a trusted certificate"?
How is it possible to digitally sign it so that it installs from extended rom after hard reset?
Is it possible to write a command in Config.txt to install it even though it's not digitally signed?


One more question: Is it possible to make this program send a SMS whenever a new sim is inserted even if the Owner's name is not changed?

Can somebody please answer because I just got my new TyTN but am waiting to install all programs so that I can test if it works after a hard reset.

After having read this:

Disable the security warning when installing non-certified application
To disable the security warning when installing a non-certfied application, set:
HKLM\Security\Policies\Policies\0000101a = 1 (DWORD decimal)
To restore the warnings:
HKLM\Security\Policies\Policies\0000101a = 0 (DWORD decimal)
Note that this makes it easier for any malware to install itself


Here:
http://wiki.xda-developers.com/index.php?pagename=WM5_Tweaks_Other

I was thinking: Is it possible to put in Extended Rom a Cab file which "disables the security warning when installing a non-certfied application" before launching IIWPO.CAB and another Cab file which "enables the security warning when installing a non-certfied application" after launching IIWPO.CAB?
I have never worked with CAB files and I am a complete newbie to this.
Could anyone tell me if this is the right way to go or is there a simpeler way? Could anyone make such a Cab file for me?

I have continued this thread here since I am working on a Hermes 200 (Htc TyTN):

http://forum.xda-developers.com/viewtopic.php?p=350888#350888

Hi,
Over at the Mio A701 community, we have a volunteer who is writing an antitheft program to incorporate our built in GPS. I was hoping to find the source for IIWPO, to aid him in his endever. I've searched a little, and if it is posted you a welcome to send a smack my way. Assuming that it isn't actually posted, I haven't seen any posts yet as to why it might not be. I of course understand if Charles Warner would rather not release the source, but would appreciate it none the less. One last request, what is forum handle of Charles Warner.
Regards,
Jason

Just got the XDA II.
Where do I download the IIPWO programs?

How do I write in to the registry? What is the procedure?
How do I transfer the above routines in to the XDA II and burn it in to the ROM?

Thanks,

David

Here Here I agree

After having read this:



Here:
http://wiki.xda -developers.com/index .php?pagename=WM5_Tweaks _Other

I was thinking: Is it possible to put in Extended Rom a Cab file which "disables the security warning when installing a non-certfied application" before launching IIWPO.CAB and another Cab file which "enables the security warning when installing a non-certfied application" after launching IIWPO.CAB?
I have never worked with CAB files and I am a complete newbie to this.
Could anyone tell me if this is the right way to go or is there a simpeler way? Could anyone make such a Cab file for me?

I totally agree with you mate !

Some interesting utilities for Cab making, especially the one with "no uninstall" option.

Cab Viewer
http://www.freewareppc.com/utilities/msceinf.shtml

Cab Maker with "No Uninstall" Option (cabwiz.exe)
http://www.freewareppc.com/utilities/pocketpcinstallationcreator.shtml

There is a MakeCert.exe in "Pocketpc Installation Creator", anyone can enlighten how to use it?
Usage: MakeCert [ basic|extended options] [outputCertificateFile]
Basic Options
-sk <keyName> Subject's key container name; To be created if not present
-ss <store> Subject's certificate store name that stores the output
certificate
-sr <location> Subject's certificate store location.
<CurrentUser|LocalMachine>. Default to 'CurrentUser'
-# <number> Serial Number from 1 to 2^31-1. Default to be unique
-$ <authority> The signing authority of the certificate
<individual|commercial>
-n <X509name> Certificate subject X500 name (eg: CN=Fred Dews)
Extended Options
-sc <file> Subject's certificate file
-sv <pvkFile> Subject's PVK file; To be created if not present
-ic <file> Issuer's certificate file
-ik <keyName> Issuer's key container name
-iv <pvkFile> Issuer's PVK file
-is <store> Issuer's certificate store name.
-ir <location> Issuer's certificate store location
<CurrentUser|LocalMachine>. Default to 'CurrentUser'
-in <name> Issuer's certificate common name.(eg: Fred Dews)
-a <algorithm> The signature algorithm
<md5|sha1>. Default to 'md5'
-ip <provider> Issuer's CryptoAPI provider's name
-iy <type> Issuer's CryptoAPI provider's type
-sp <provider> Subject's CryptoAPI provider's name
-sy <type> Subject's CryptoAPI provider's type
-iky <keytype> Issuer key type
<signature|exchange|<integer>>.
-sky <keytype> Subject key type
<signature|exchange|<integer>>.
-d <name> Display name for the subject
-l <link> Link to the policy information (such as a URL)
-cy <certType> Certificate types
<end|authority|both>
-b <mm/dd/yyyy> Start of the validity period; default to now.
-m <number> The number of months for the cert validity period
-e <mm/dd/yyyy> End of validity period; defaults to 2039
-h <number> Max height of the tree below this cert
-r Create a self signed certificate
-nscp Include netscape client auth extension
-eku <oid[<,oid>]> Comma separated enhanced key usage OIDs

I'm about to install this on my phone. My flatmates and I have been thinking about things to do when you have the thief's number:

First before they get suspicious or realise you have their number, its best to try and gain more information.

Ring them up and do a survey... Either keep them interested by being different form a generic telephone surveyor by asking "what is your favourite fruit, and sex position" etc, or pretend you're with the local council doing a residence ownership survey. Then ask their name...

Next ring up sometime later and say "hello this is New Zealand post couriers, is this (name)?". "We have a package for you, but we're having trouble finding your residence, can you give us your full address, including spelling?. Act professional so they don't ask questions, and ring early in the morning to catch them sleeping so they dont asks who the package is from.

Now that you have their name number and address, ring and pretend to be the police, say that you have a form for a search warrant so you can access the gps logs for the cell-phone, but you really hate paperwork. Suggest that it would be easier for both of you if they just return it.

If that doesn't work try bribes that are worth just a bit more than the battery and screen (but try to get the phone without paying out, in game theory altruistic behaviour is only viable if non-altruists are shut out of altruitic co-operation systems - also we dont want to make phone theivery profitable). Also threaten to cut off the phone if the service provider will do that to stolen phones, and also reveal that you have their address to scare them!

Does anyone else have any ideas or experiences! (I'm tempted to lose my phone now...)

P.s there are some programs which will also give you their sim number and their contacts and call log, which will give you more material!

Anyone tried this on WM6.5?

This works on WM5, WM6.0 and WM6.1.

But it does not seems to work on LaoCao's CHS WM6.5 21159.

Who the hell would wanna steal that ugly brick, it called a frickin wallaby. Its probably to heavy run with, lol. :D Just messin with ya, do your thing. Ya`lls got roots.

Anyone tried this on WM6.5?

This works on WM5, WM6.0 and WM6.1.

But it does not seems to work on LaoCao's CHS WM6.5 21159.

I've just upgrade Topaz to WM6.5 and it's happening the same to me.

After changing the Owner Information, no SMS have been sent for more than 24 hours. I've also tried switching off and on the whole Topaz, but nothing.

It's been a great app for me, hope it comes back to work with WM6.5 soon

Thanks