Re: Changing IMEI of Freerunner with Firmware Flash

2015-05-11 Thread Spacefalcon the Outlaw
Rash ras...@milacom.de wrote:

 is it possible for data protection reason to change the IMEI of the
 freerunner via firmware?

The instructions are right here:

https://www.freecalypso.org/leo2moko/ffs-edit-kit.html

Please also note that the FreeCalypso community now has its own
general info website (www.freecalypso.org) and its own mailing list:

https://www.freecalypso.org/mailman/listinfo/community

Viva la Revolucion,
SF

___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-21 Thread Neal H. Walfield
At Thu, 20 Feb 2014 16:31:46 +0100,
joerg Reisenweber wrote:
 On Thu 20 February 2014 15:27:33 Neal H. Walfield wrote:
  Why do you think the only use for a mobile phone is to make calls?  If
  I only make a data connection and am careful to tunnel all of my data
  via Tor, then this identification method is useful.
  
  Neal
 
 Err, right. For that usecase it might work - until you do *anything* that 
 gives away your ID, which is even more easy in internet than in a GSM call 
 (think searching for 2 or 3 topics on google which are specific to you. Or 
 visiting 2 or 3 specific websites, maybe even in a certain specific usage 
 pattern. Obviously you can't use email or anything like that. And google [and 
 others] might be able to identify you from your typing style and rhythm into 
 the search term textfield already).
 
 And no, you probably can't use a VPN to have only encrypted data transferred 
 over the air. I don't think there are any free and open VPN endpoints 
 available.

Using Tor avoids this problem.  Check it out:
https://www.torproject.org/

Neal

___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-21 Thread joerg Reisenweber
On Fri 21 February 2014 10:17:26 Neal H. Walfield wrote:
  And no, you probably can't use a VPN to have only encrypted data
  transferred  over the air. I don't think there are any free and open VPN
  endpoints available.
 
 Using Tor avoids this problem.  Check it out:
 https://www.torproject.org/

This would rely on all communication between your local device and Tor's entry 
node being completely and securely encrypted so nobody can spy on it, not even 
by profiling and correlation methods. Do you think that's warranted, *always*?

But honestly, the Freerunner probably isn't the device you want to use for 
data only, in an absolutely track-safe mode, to do... what exactly? VoIP? 
Hardly! For stealth access to internet there are for sure better solutions 
than the one we're talking about here. And initially we talked about _calls_ 
iirc.

/j
-- 
()  ascii ribbon campaign - against html e-mail 
/\  www.asciiribbon.org   - against proprietary attachments
(alas the above page got scrapped due to resignation(!!), so here some 
supplementary links:)
http://www.georgedillon.com/web/html_email_is_evil.shtml  
http://www.nonhtmlmail.org/campaign.html
http://www.georgedillon.com/web/html_email_is_evil_still.shtml
http://www.gerstbach.at/2004/ascii/ (German)


signature.asc
Description: This is a digitally signed message part.
___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-20 Thread joerg Reisenweber
On Thu 20 February 2014 12:05:00 Christoph Pulster wrote:
 Hi,
 
 @joerg: sorry we mis-communicate.

No we don't. Or at least I don't. ;-)

 I am not talking about tracking  
 (location of caller), 

me neither since that's absolutely trivial


 but identification of caller.

me too


 If I buy a mobile, name is registered and connected with IMEI.

Depends. 


 Using a Openmoko and changing IMEI with Michaels tool does make a new  
 device out of it. Logfiles cant be law prooven evident of my identity.

Sorry, that's a dangerous misconception. 
Again, just in case I still didn't manage to make it clear enough: there is 
nobody else but you on this earth calling those 3 phone numbers (unless you 
call numbers that are getting called by 0.5mio users per day).
Simply compare who called number A during last year, and who also called 
number B during last year already reduces number of individuals to max 10. 
Then check which of those 10 individuals doesn't use her/his old IMEI anymore 
and here you are: old IMEI linked to new fake IMEI. With only 2 calls done 
from your new SIM and IMEI to your wife and your mother (or any other 
arbitrary two normal phone numbers you called before). This will hold for 
evidence on any court, better than fingerprints.

/j
-- 
()  ascii ribbon campaign - against html e-mail 
/\  www.asciiribbon.org   - against proprietary attachments
(alas the above page got scrapped due to resignation(!!), so here some 
supplementary links:)
http://www.georgedillon.com/web/html_email_is_evil.shtml  
http://www.nonhtmlmail.org/campaign.html
http://www.georgedillon.com/web/html_email_is_evil_still.shtml
http://www.gerstbach.at/2004/ascii/ (German)


signature.asc
Description: This is a digitally signed message part.
___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-20 Thread Neal H. Walfield
At Thu, 20 Feb 2014 14:11:33 +0100,
joerg Reisenweber wrote:
 
 On Thu 20 February 2014 12:05:00 Christoph Pulster wrote:
  Hi,
  
  @joerg: sorry we mis-communicate.
 
 No we don't. Or at least I don't. ;-)
 
  I am not talking about tracking  
  (location of caller), 
 
 me neither since that's absolutely trivial
 
 
  but identification of caller.
 
 me too
 
 
  If I buy a mobile, name is registered and connected with IMEI.
 
 Depends. 
 
 
  Using a Openmoko and changing IMEI with Michaels tool does make a new  
  device out of it. Logfiles cant be law prooven evident of my identity.
 
 Sorry, that's a dangerous misconception. 
 Again, just in case I still didn't manage to make it clear enough: there is 
 nobody else but you on this earth calling those 3 phone numbers (unless you 
 call numbers that are getting called by 0.5mio users per day).
 Simply compare who called number A during last year, and who also called 
 number B during last year already reduces number of individuals to max 10. 
 Then check which of those 10 individuals doesn't use her/his old IMEI anymore 
 and here you are: old IMEI linked to new fake IMEI. With only 2 calls done 
 from your new SIM and IMEI to your wife and your mother (or any other 
 arbitrary two normal phone numbers you called before). This will hold for 
 evidence on any court, better than fingerprints.

Why do you think the only use for a mobile phone is to make calls?  If
I only make a data connection and am careful to tunnel all of my data
via Tor, then this identification method is useful.

Neal

___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-20 Thread joerg Reisenweber
On Thu 20 February 2014 15:27:33 Neal H. Walfield wrote:
 Why do you think the only use for a mobile phone is to make calls?  If
 I only make a data connection and am careful to tunnel all of my data
 via Tor, then this identification method is useful.
 
 Neal

Err, right. For that usecase it might work - until you do *anything* that 
gives away your ID, which is even more easy in internet than in a GSM call 
(think searching for 2 or 3 topics on google which are specific to you. Or 
visiting 2 or 3 specific websites, maybe even in a certain specific usage 
pattern. Obviously you can't use email or anything like that. And google [and 
others] might be able to identify you from your typing style and rhythm into 
the search term textfield already).

And no, you probably can't use a VPN to have only encrypted data transferred 
over the air. I don't think there are any free and open VPN endpoints 
available.

/j
-- 
()  ascii ribbon campaign - against html e-mail 
/\  www.asciiribbon.org   - against proprietary attachments
(alas the above page got scrapped due to resignation(!!), so here some 
supplementary links:)
http://www.georgedillon.com/web/html_email_is_evil.shtml  
http://www.nonhtmlmail.org/campaign.html
http://www.georgedillon.com/web/html_email_is_evil_still.shtml
http://www.gerstbach.at/2004/ascii/ (German)


signature.asc
Description: This is a digitally signed message part.
___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-20 Thread elhennig

 Why do you think the only use for a mobile phone is to make calls? If
 I only make a data connection and am careful to tunnel all of my data
 via Tor, then this identification method is useful.

Maybe because we are talking about a GSM modem?

--
n...@el-hennig.de

Lubarsky's Law of Cybernetic Entomology:
There's always one more bug.___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-20 Thread joerg Reisenweber
On Thu 20 February 2014 15:27:33 Neal H. Walfield wrote:
 and am careful to tunnel all of my data
 via Tor

Recent tests have revealed that at least 20 nodes in Tor are trying to break 
into your encrypted data transmission.
It'd widely known that Tor is infiltrated by agencies.

/j
-- 
()  ascii ribbon campaign - against html e-mail 
/\  www.asciiribbon.org   - against proprietary attachments
(alas the above page got scrapped due to resignation(!!), so here some 
supplementary links:)
http://www.georgedillon.com/web/html_email_is_evil.shtml  
http://www.nonhtmlmail.org/campaign.html
http://www.georgedillon.com/web/html_email_is_evil_still.shtml
http://www.gerstbach.at/2004/ascii/ (German)


signature.asc
Description: This is a digitally signed message part.
___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-20 Thread Nick
joerg Reisenweber wrote:
 On Thu 20 February 2014 15:27:33 Neal H. Walfield wrote:
  and am careful to tunnel all of my data
  via Tor

 Err, right. For that usecase it might work - until you do
 *anything* that gives away your ID

You still have location anonymity though. An adversary may identify
that someone is accessing an email account through the Tor network,
but not where they are.

 Recent tests have revealed that at least 20 nodes in Tor are trying to break 
 into your encrypted data transmission.

That issue was explained in more detail at:
https://blog.torproject.org/blog/what-spoiled-onions-paper-means-tor-users
The bad relays were blocked as soon as they were discovered. The Tor
project is damn good at discussing and presenting vulnerabilities in
the open, and figuring out best ways of mitigating / defeating them.

 It'd widely known that Tor is infiltrated by agencies.

From the Snowden disclosures so far, they actually have not been
very successful at breaking Tor at all. Far less so than most
people expected, really.

___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community


Re: changing IMEI

2014-02-20 Thread Andreas Kemnade
Hi,

On 20 Feb 2014 12:05:00 +0100
openm...@pulster.de (Christoph Pulster) wrote:


 I remember adverts of Openmoko in capitals 100% FREE mobile.
 that this was a false promise comes evident afterwards.
 the knowledge about NDA restrictions of GSM components is still today  
 only in some geek's mind.
 As long as there are big players like government and companys, a 100%  
 open mobile will never happen. Never.
 
100% of what? That is the question here. You can see 100% of the
software running of the application processor, 100% of everything
running on some coprocessors. 100% of pcb schematics available, 100% of
documentation available. 100% of inner layouts of microchips +
microcode. Freedom to use 100% of available phone radio natworks
(including the areas where no 2G but 3G is available.


Greetings
Andreas Kemnade


signature.asc
Description: PGP signature
___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community