BlackBerry Forums Support Community
              

Closed Thread
 
LinkBack Thread Tools
Old 03-17-2006, 04:18 PM   #21 (permalink)
Retired BlackBerryForums.com Moderator
 
d_fisher's Avatar
 
Join Date: Oct 2005
Location: Columbus, OH
Model: 9700
OS: SID 6.7
Carrier: AT&T
Posts: 4,455
Post Thanks: 0
Thanked 2 Times in 1 Post
Default

Please Login to Remove!

Quote:
Originally Posted by billyball2
This thread should be a sticky. The inability to remove an IT policy by wiping the unit is a serious flaw in the design of BlackBerry.
I don't agree with that statement. I dont see it as a flaw, I see it as security. If someone steals my BlackBerry, I dont want them to EVER be able to use it. But that is just me, I am a d***head about things like that.
__________________
Doug

Remember, please try searching first!

Need a screenshot? ... Like JavaLoader?
Try using BBscreen .....Use JL_Cmder!
or BBScreenShooter!

[SIGPIC][/SIGPIC]
Offline  
Old 03-17-2006, 07:18 PM   #22 (permalink)
BlackBerry Extraordinaire
 
KonTiki's Avatar
 
Join Date: Jun 2005
Location: NJ, USA
Model: 9650
OS: 6.0.0.524
PIN: 007
Carrier: Verizon
Posts: 2,762
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Well I just got home from work and tried the new policy to see if it would fix the wireless connection problem and unfortunately, it did not work. The phone is obviously still free of an IT policy but when I went to try the Wireless synch it was the same as before. Dan I still want to thank you inmensely for having taken a crack at it.
__________________
BB Tour 9650


Running OS 6.0.0.524
Offline  
Old 03-18-2006, 12:53 AM   #23 (permalink)
Thumbs Must Hurt
 
mobile_pheen's Avatar
 
Join Date: Nov 2005
Location: 416/905
Model: N/A
PIN: 2a3b4c
Carrier: Left Pocket
Posts: 134
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by DaddyRick
I coomend Dan for doing this and he clearly gives a strong statement regarding what KonTiki just posted.

In my case I let a friend borrow my BB, while I used my Palm Treo, he had it connected to his companies BES. His company was of no help neither was Cingular or RIM. My BB was just about rendered useless to me. Now I can use it again.

Thanks Dan!
i read the whole post.. what amazes me is how ur pin matches ur nickname

is that something you made up or is that your real pin?
Offline  
Old 03-19-2006, 06:25 PM   #24 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7230
Posts: 12
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Policies and Bluetooth

Hi, okay it seems that the newer Policy.bin (bt-policy.bin) still isn't enabling Bluetooth.

Does anyone know the Policy.inf syntax to enable bluetooth? I guessed at the following:

DisableBluetooth {policy} = false
DisableWirelessBypass {policy} = false
DisableDesktopConnectivity {policy} = false
DisableDiscoverableMode {policy} = false
DisablePairing {policy} = false
DisableBluetooth {policy} = false

... but this doesn't appear to be working. I'd guess that someone with a newer BES could find this out using the ITPolicy tool.

Sorry the last one didn't work, like I said, I can't test this stuff

Dan.
Offline  
Old 03-19-2006, 07:17 PM   #25 (permalink)
BlackBerry Extraordinaire
 
KonTiki's Avatar
 
Join Date: Jun 2005
Location: NJ, USA
Model: 9650
OS: 6.0.0.524
PIN: 007
Carrier: Verizon
Posts: 2,762
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Dan no need to be sorry, you singlehandedly are doing for so many here what has been a real issue for a long time. Thank You.
__________________
BB Tour 9650


Running OS 6.0.0.524
Offline  
Old 03-19-2006, 07:34 PM   #26 (permalink)
CrackBerry Addict
 
Join Date: May 2005
Location: Golden, CO US
Model: 9700
Carrier: ATT
Posts: 684
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by dan1e1w
Hi, okay it seems that the newer Policy.bin (bt-policy.bin) still isn't enabling Bluetooth.

Does anyone know the Policy.inf syntax to enable bluetooth? I guessed at the following:

DisableBluetooth {policy} = false
DisableWirelessBypass {policy} = false
DisableDesktopConnectivity {policy} = false
DisableDiscoverableMode {policy} = false
DisablePairing {policy} = false
DisableBluetooth {policy} = false

... but this doesn't appear to be working. I'd guess that someone with a newer BES could find this out using the ITPolicy tool.

Sorry the last one didn't work, like I said, I can't test this stuff

Dan.
The ITpolicy tool that came with the 4.0.4 trial wouldn't recognize any of the bluetooth settings but the BES itself certainly does.

Last edited by RemyJ : 03-20-2006 at 08:30 PM.
Offline  
Old 03-20-2006, 03:22 AM   #27 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7230
Posts: 12
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Interesting...

You can actually "force" the ITPolicy tool to recognize those settings by adding them to the keyword.txt file, that's how I added them in the first place... Just need to know the correct keys names. In the Drop Down of Keys (in the menu bar of the ITPolicy tool), is there anything that resembles:

Disable Wireless Bypass

or

Disable Desktop Connectivity

Apparently these are the killer settings

Dan.
Offline  
Old 03-20-2006, 09:52 AM   #28 (permalink)
Knows Where the Search Button Is
 
Join Date: Jan 2005
Location: NYC
Model: 7250
Posts: 30
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by dan1e1w
Just need to know the correct keys names. In the Drop Down of Keys (in the menu bar of the ITPolicy tool), is there anything that resembles:

Disable Wireless Bypass

or

Disable Desktop Connectivity
Dan,

I just took a look at all the options for an IT Policy on our BES and under the "Bluetooth Policy Group" there is an option "Disable Wireless Bypass"

Hope this helps.
Offline  
Old 03-20-2006, 11:27 AM   #29 (permalink)
BlackBerry Extraordinaire
 
KonTiki's Avatar
 
Join Date: Jun 2005
Location: NJ, USA
Model: 9650
OS: 6.0.0.524
PIN: 007
Carrier: Verizon
Posts: 2,762
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by blackberry7750
Dan,

I just took a look at all the options for an IT Policy on our BES and under the "Bluetooth Policy Group" there is an option "Disable Wireless Bypass"

Hope this helps.
If you look at this he already has that as an option unless you mean something else:

DisableBluetooth {policy} = false
DisableWirelessBypass {policy} = false
DisableDesktopConnectivity {policy} = false
DisableDiscoverableMode {policy} = false
DisablePairing {policy} = false
DisableBluetooth {policy} = false
__________________
BB Tour 9650


Running OS 6.0.0.524
Offline  
Old 03-20-2006, 11:45 AM   #30 (permalink)
Knows Where the Search Button Is
 
Join Date: Jan 2005
Location: NYC
Model: 7250
Posts: 30
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

oops - sorry.....than I'm not sure what he's looking for.

(if you already know this then disregard but when going to set either "disable wireless bypass" or "disable desktop connectivity" it says "This rule applies only to Java-based BlackBerry devices version 4.1.0 and higher")
Offline  
Old 03-20-2006, 12:33 PM   #31 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

Dan, the IT Policy generator you are using was released with BES 3.x and has continued to live on through 4.x. In other words, no extra options, even by way of 'forcing' it, will be available.
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 03-20-2006, 12:36 PM   #32 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by billyball2
This thread should be a sticky. The inability to remove an IT policy by wiping the unit is a serious flaw in the design of BlackBerry.

I used the original .bin file and it worked like a charm...
This thread will NEVER be a sticky - heck, it might even be deleted by another moderator at some point in time. To those of us who operate within the corporate world of BlackBerry, we take our security quite seriously. With the way some people on here rant about their corporate policies being pushed down on their handheld and they are looking for a policy.bin file to remove the security from it - that kind of crap really pisses me off.

I do have sympathy for those who purchased handhelds from eBay or left a company or something along those lines, though... that's the only reason I won't delete these kind of threads.
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 03-20-2006, 01:16 PM   #33 (permalink)
Knows Where the Search Button Is
 
Join Date: Jan 2006
Location: Iowa
Model: 7520
Carrier: Boost
Posts: 48
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

if you take security seriously, banning a thread or hiding the obvious from users will not solve the security issue here. Relying on a users ignorance or hiding facts, is not the correct way to impliment security. That's Microsoft's way.

The correct approach should have RIM 1) fixing the security flaw and 2) allow rightful owners to completely wipe the device. If you keep this thread alive, maybe someone at RIM will stumble across it, and maybe it will get fixed.

Also, there is nothing wrong with buying a used item from Ebay. If we use that logic, no one should buy a used car, used computer, used house, or used anything. Everyone should just buy new.

Dan is a hero for providing easy and simple to follow instructions to wiping a blackberry.
Offline  
Old 03-20-2006, 01:32 PM   #34 (permalink)
Thumbs Must Hurt
 
Join Date: Nov 2005
Model: 8300
Carrier: AT&T
Posts: 152
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by madmarvcr
if you take security seriously, banning a thread or hiding the obvious from users will not solve the security issue here. Relying on a users ignorance or hiding facts, is not the correct way to impliment security. That's Microsoft's way.

The correct approach should have RIM 1) fixing the security flaw and 2) allow rightful owners to completely wipe the device. If you keep this thread alive, maybe someone at RIM will stumble across it, and maybe it will get fixed.

Also, there is nothing wrong with buying a used item from Ebay. If we use that logic, no one should buy a used car, used computer, used house, or used anything. Everyone should just buy new.

Dan is a hero for providing easy and simple to follow instructions to wiping a blackberry.
There's two sides here and its unfortuante that they (RIM) haven't determined a way to allow a blackberry to be reset (including policy) that is exposed to the user.

My personal opinion is that those of us (myself included) who are BES Admins need to ensure that we remove restrictive policies from BB's as they are decommisioned. If we did that, we would not have an issue, BB's that were showing up on ebay/etc with restrictive policies would be known to be stolen...

of course, I also think as a user who purchases a device (legitimately), should have the ability to remove these restrictions, since they are the purchaser and ultimate owner of the device.

as a bes admin (as recently mentioned in another thread), if a bb was stolen I could send a restrictive policy and then kill it.. it would be useless to the person who "took" it.. if they know how to remove this policy, they can resell it and its up to the carrier(s) to handle the (cross) reporting of stolen devices..

I guess you can't have your cake and eat it too..

Last edited by tomryan : 03-20-2006 at 06:35 PM.
Offline  
Old 03-20-2006, 02:02 PM   #35 (permalink)
Thumbs Must Hurt
 
ebgreen's Avatar
 
Join Date: Jan 2006
Model: 8700
Posts: 160
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

There is a difference between providing information on a security hole and providing the files to explicitly exploit it. Having said that I can sympathize with people that by a restricted device on Ebay. Even with my sympathy, as an admin in a corporate environment, I would still come down on the side of Caveat Emptor.
Offline  
Old 03-20-2006, 02:05 PM   #36 (permalink)
BlackBerry Extraordinaire
 
KonTiki's Avatar
 
Join Date: Jun 2005
Location: NJ, USA
Model: 9650
OS: 6.0.0.524
PIN: 007
Carrier: Verizon
Posts: 2,762
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I made a promise to someone not to post here any further and continue this but I am sorry for breaking it since I do need to addresss this, and it will be my last post on this topic.

Rim does have to address this issue, it is a legitimate one, and yes if admins made sure that when decomissioned or removed from the BEs that policies be removed we would not be here. But neither of this issues has been addressed well enough otherwise we would not be here.

I have a simple solution that Rim might want to look at: If the concern is the wrong person removing the police and circumventing restrictions, I will tell RIM add one more restriction. If someone removes the IT policy then that device will nto work on the BES any longer unless it was brought back to the IT administrator. This would allow for the policy removal and at the same time wiping the BB ala Kill command so it be useless to anyone wanting to break security, yet allowing a legitimate user the benefit of the full device.

Now if you are trying to break security and remove the policy, then lets see you talk your way out of it with your employer. That would deter anyone without legitimate reasons from trying.
__________________
BB Tour 9650


Running OS 6.0.0.524
Offline  
Old 03-20-2006, 02:08 PM   #37 (permalink)
Thumbs Must Hurt
 
ebgreen's Avatar
 
Join Date: Jan 2006
Model: 8700
Posts: 160
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Except for people selling a stolen device who would still be able to profit from illegal activities.
Offline  
Old 03-20-2006, 04:07 PM   #38 (permalink)
BlackBerry Extraordinaire
 
CanuckBB's Avatar
 
Join Date: Feb 2006
Location: YYZ
Model: 9900
Carrier: Rogers
Posts: 1,183
Post Thanks: 0
Thanked 2 Times in 2 Posts
Default

Removing a device from the BES should automatically wipe it of data and policy. There should also be a way to let RIM know of stolen devices so that they may never be activated again.
Offline  
Old 03-20-2006, 06:10 PM   #39 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7230
Posts: 12
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jibi
Dan, the IT Policy generator you are using was released with BES 3.x and has continued to live on through 4.x. In other words, no extra options, even by way of 'forcing' it, will be available.
This isn't true. Keywords.txt lives in the same directory as ITPolicy.exe - essentially a properties bundle that is used by ITPolicy.exe as the master list of valid key names. Adding another key definition to this list enables you to set that property, and it does make it's way into the bin file.

I guess what I'm trying to say is that the actual tool is the same across versions, only the Keywords.txt changes...

Okay, new question, can someone send, or post/email the contents, or post/email the relevant lines of the latest Keyword.txt file?

Ta, D.
Offline  
Old 03-20-2006, 06:50 PM   #40 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

What I'm saying is that the keywords.txt has been the same from 3.6 base installation to 4.1 base installation - nothing has changed about this since day one. It was not meant for what you're trying to do (meant for legacy desktop-pushed policies only - I would assume for Redirector configurations who didn't have a BES), and I'd dare to say that it won't be updated again. You may be right, but I personally do not think that it will work with the more recently added policy options (VoIP, WLAN, BBMSGR, BT, etc).

We attempted all of this a few months back (when the 7100i was released) with the guessing games - nothing worked.

Bluetooth Sync with 7100i
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

LinkBacks (?)
LinkBack to this Thread: http://www.blackberryforums.com/general-blackberry-discussion/20543-removing-policies-blackberries.html
Posted By For Type Date
HowardForums: Your Mobile Phone Community & Resource - Can't Install Third Party Apps (BB 7290) This thread Refback 10-07-2006 03:40 PM

OVEN VACUUM (Round) LABGO 119
$1825.0
OVEN VACUUM (Round) LABGO 119 pictureOVEN VACUUM (Round) LABGO 103
$1825.0
OVEN VACUUM (Round) LABGO 103 picture500ml Distillation apparatus,Distillation set,vacuum distillation kit lab glass
$39.98
500ml Distillation apparatus,Distillation set,vacuum distillation kit lab glass pictureFuel Pump & Vacuum Tester Gauge Leak Carburetor Pressure Diagnostics w/ A0MD
$18.94
Fuel Pump & Vacuum Tester Gauge Leak Carburetor Pressure Diagnostics w/ A0MD pictureElectric Milking Machine For Farm Cow W/ Bucket Vacuum Piston Pump Canada Seller
$343.54
Electric Milking Machine For Farm Cow W/ Bucket Vacuum Piston Pump Canada Seller picture






Copyright 2004-2016 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.