Bell's Mind

I see a lot of forum posts about this and I don’t know if the lawsuit mentioned in my previous post made this any easier but here’s how I got my MSL in less than 30 seconds from Sprint:

Call customer service
Tell them that you’re in the Sprint ADP (Application Developer Program) and that you’d like to get the MSL (Master Subsidy Lock) code to enable your developer certificate
Copy down the 6 digit code they give you and you’re off

I was dumbfounded that they didn’t ask a single question. The woman just started rattling off the numbers and we parted ways. It was the easiest support call I’ve ever had to make. Good luck getting yours! If you run into any resistance you may want to register yourself for the ADP (in case they can check) at the Sprint Developer website. Then call back and try again.

How can any of this be true? Is the world coming to an end? Verizon publicly stated in a press release that they will soon allow any device running any software to run on their network. Sprint was already sued for locking their phones so maybe Verizon is playing this as something they’re doing voluntarily just because they know that eventually it’ll go to court.

Hey, if the DMCA says that I can unlock my phone I think that the carriers should be forced to take any phone I manage to unlock. Otherwise the unlocking provisions of the DMCA are somewhat useless.

GSM operators don’t really have a choice because the important identification information is held on your SIM card and not tied to your phone. Once you have a registered SIM card with a plan you can just pop it into any GSM phone and you’re up and running. CDMA operators don’t utilize technology like this yet so you are forced to register your handset.

Thankfully there is a SIM card like system for CDMA called R-UIM or CSIM. I would much prefer this kind of technology instead of having Verizon getting the chance to register and certify every handset I own. That may come in the future but in the meantime if this actually happens in 2008 it’s definitely a step in the right direction.

What can go wrong (still)? Well, certification could be prohibitively expensive or may require disabling certain hardware features while still allowing any software to be run. Verizon could also charge outrageous rates for these new handsets since they’re just “adding an additional retail option for customers”. However, I think that even if they start to play that game the ball is rolling in the right direction. Pressure from other companies that follow suit may eventually open up the US CDMA networks and spur some innovation so we’re no longer the mobile phone eyesore of the world.

Today I felt I needed to come up with a fun hack to get myself out of a bit of a rut. I recently started messing around XBMC again and wanted to see what it could do and, being a casual phreak, the caller ID script caught my eye.

After digging into it a bit I understood a few basic things about it:

It is a simple Python script that listens for TCP connections on port 10629.
It will display any message I’d like over XBMC and pause whatever is playing.
The messages don’t have to be formatted. The system just displays whatever you send it verbatim.

I’m pretty bad with my phone because it’s never charged, never in the room I’m in, and the ringer is almost always (mysteriously) off. I setup a GrandCentral account for myself a few months ago to combat this problem since I can have GrandCentral ring my Skype or Gizmo numbers which are always running on my laptop. This works pretty well unless I’m taking a break and using XBMC...

Now I started wondering how I could get my GrandCentral caller ID on my XBOX. It actually turns out that in my case it’s pretty easy since I have all of the essential plumbing set up for work. Here’s how my system operates:

My colocated Asterisk box receives the phone call from a VOIP provider on a specific VOIP line
Asterisk then connects to my home server over OpenVPN on TCP port 10629
My home server then forwards the OpenVPN connection to my XBOX via the “portfwd” application also on the TCP port 10629
The XBOX displays the caller ID on the screen and pauses whatever is playing

To do all of this you’ll really just need a VOIP number and an Asterisk box that receives calls on that VOIP number. I won’t go into the basic configuration for that here but free numbers and configuration assistance are available from IPKall and TRX Telecom.

Assuming your Asterisk server and XBOX are on the same network you only have two more steps to go. First, add this new inbound number to your GrandCentral configuration so that it rings simultaneously with your cell phone and/or whatever other phones you have set up. Second, configure your Asterisk box to run these dialplan entries when that number rings:

exten => xyz,1,System(/bin/echo -e "${CALLERID(num)}" | nc xbox 10629)
exten => xyz,2,Hangup

“xyz” should be your VOIP number or whatever other value your dialplan needs to identify this DID. “xbox” should be an entry in your /etc/hosts file that points to your XBOX’s static IP. Here I use netcat (nc) instead of telnet because my Gentoo box didn’t have it installed. It’s also easier to use since it doesn’t expect the session to be interactive. Some implementations of telnet can be a real pain when trying to pipe data to it. Just using netcat gets around all of that potential hassle.

Keep in mind that this number exists only to capture the caller ID and doesn’t need to be answered. If you’d like to answer it and send the call to anything further in the dialplan you can always just remove the hangup line and continue from there.

Anyway, in my setup it wasn’t quite this simple. My XBOX is behind a NAT router but conveniently I do have a home server that has a persistent OpenVPN connection to my Asterisk server. In my case I basically replaced “xbox” above with the OpenVPN IP address of my home server and then set up port forwarding. I didn’t go for kernel port forwarding, instead I just did it in userspace with “portfwd”. In Gentoo my steps were as follows:

1) emerge portfwd
2) Edit /etc/conf.d/portfwd and remove the “-t” option from PORTFWD_OPTS. This option requires transparent proxying to be enabled in your kernel. It doesn’t hurt to remove it since the XBOX doesn’t care who is connecting to it. If your kernel doesn’t have this option portfwd will silently fail.
3) Create a portfwd.cfg file in the /etc directory that contains the following line:

tcp { 10629 { => xbox:10629 } }

So now my home server just forwards all connections on port 10629 to my XBOX. That way when my public Asterisk server connects to what it thinks is my home server’s OpenVPN IP address it’s really just getting sent along to the XBOX. If the XBMC and the caller ID script isn’t running the connection just times out.

In reality my configuration is slightly different so that it only allows connections over the VPN to connect to the XBOX but for the sake of clarity I’ve left that out of the configuration. Here’s video of me getting a spoofed call from the Bell’s Mind number while watching a movie. That will give you an idea of what all this work can actually get you. :)

I’m tired of hearing about it already. It’s not the first phone to have a touch screen (multi-touch, yes), it’s not the first phone to have an on-screen keyboard, it’s not the first phone to support drag and drop, and it’s not the first phone to have an SDK (it doesn’t even have one yet). If you think any of these things then you are completely crazy.

If you’d like examples please see the any of the Windows Mobile PPC or Symbian UIQ phones. Some clueless reporter on CNet is actually reporting that the “LG Voyager is the first phone offered by Verizon Wireless that--like the Apple iPhone--has a large external touch screen”. Unfortunately, I can’t tell who the article is by because it just credits it to Verizon Wireless.

Question #1, how does this qualify as news when it is completely false? Question #2, how can I get this person’s job?

Anyone who has used a cell phone in the US knows that providers are total bastards. They lock down everything so you are basically powerless to use the hardware that you purchased. Sure, people say that the phones are highly subsidized and all that but that’s why I get locked into a contract and pay a termination fee if I leave before my two years are up. I really am paying for the hardware over time so just let me do what it’s designed to do.

Yesterday I started to get really excited about Android, Google’s open-source phone platform. It sounded like just what the cell phone industry in the US needed to really get innovation flowing and get people excited about phones again. Java promised all of this a long time ago but application signing pretty much killed it for all but the biggest developers. How many successful, cross-network, J2ME applications do we have today? Probably zero and it’s because the network providers want it that way. They can’t stand to give up control because they think they’ll lose revenue.

Anyway, Android is backed by Google’s muscle and had a chance to fix this. Unfortunately David Burke, an engineering manager from Google, said “Android will be open, but device makers will be free to limit and reduce it”. Now, with the providers’ stellar track record, who thinks Sprint or Verizon will leave the platform alone and let developers do what they want? I have been given no reason to believe that it is anything but an inevitability that developers will again be left out in the cold.

I’ve got to admit that I’m really more of a computer/software/hardware geek than what I’d typically call a phone phreak. I don’t have quite the knack for scanning and all that jazz that some more well known phreaks do.

That’s why Google’s Android platform is particularly interesting to me. I haven’t looked at the nitty-gritty details yet but you can now watch some videos about the software and hardware platform as well as download the SDK, Essentially Google is promising to deliver an open platform for cell phones that will have great support in the US since it’ll be both GSM and EVDO friendly. In other words developers will have the power to finally deliver applications without depending on the carriers to market, sell, and take a cut of the money that is rightfully theirs.

If the fact that finally some company is delivering an open platform for cell phone development that will run on EVDO networks then maybe the possibility of winning a portion of the $10M in prize money from Google will push you over the limit.

Before I get a slew of e-mail I am painfully aware of the Symbian platform. Overseas it may be nice but in the US here if a phone doesn’t run on Sprint or Verizon it’s hard for me to consider. The GSM coverage in the US is abysmal in most places at best. With Google partnering with at least Sprint on this venture I’m hopeful that I’ll finally be able to get an open phone that runs on a reliable network. Maybe I’ll even be lucky enough to get something that supports EVDO Rev. A. Ok, that’s probably asking too much...

A while ago I was looking to control my phone via Bluetooth. In my travels I found a few files that had all kinds of neat AT commands for a lot of different versions of phones. Here are the most comprehensive PDFs that I kept on the topic:

October 2004 - T68, T68i, T300, T310, T610, Z600,
T230/T238/T226, T630, T290
August 2005 - Z1010, K700 series, S700 series, K500 series, Z500 series, V800 series, Z800 series, K300 series, J300 series, K600 series, V600 series
January 2007 - All Sony Ericsson
September 2003 - P800/P900

It looks like we’ve lost 206-666-BELL. I know that K7 removes them after a month or so of inactivity but we’ve been lucky for a few years now. Finally they killed it though so we’ll need to get another.

If you’re a leet phreak and can get the VMB back for me then let me know.

A long time ago I made a video of me dialing into a COCOT in New Rochelle in front of a Dunkin’ Donuts. An interesting fact about this video is that it was done over VoIP (Packet8 specifically).

Check out the cocot-15 video.

Why is it called 15? Because it took 15 takes to get the audio right.