Wednesday, April 18, 2007

A Highly Fortified Virgin

I have discovered that my wireless provider Virgin Mobile (USA), runs a pretty tight networking ship. Which is to say, it's difficult to get arbitrary packets from the mobile handset (Audiovox 8915) to the internet at large. First of all, direct socket connections to the outside internet are blocked. This conclusion is based on using MidpSSH to connect to various ports and failing.

Virgin appears to be running a proxy which intercepts only HTTP traffic and forwards it onward (but only for ports 80, 8080 and 443). Note that this does not mean that arbitrary socket traffic can be sent over port 80, just HTTP traffic. That's still could be interesting since MidpSSH is able to communicate through an HTTP proxy server.

Finally, Virgin seems to have some kind of denial-of-service detector which prevents too many accesses to the same host over a short period of time. Since MidpSSH is an interactive application, it ends up making lots of brief connections to the server in proxy mode. After about five connections in series, the proxy returns a "Network Gremlins" message, which messes up the SSH negotiation process.

In short, there appears to be no way to pass arbitrary data through the Virgin Mobile proxy. That's kind of a bummer, and not so cool.

UPDATE: (20 Apr) by snooping the phone's file system, I discovered the IP address of Virgin's proxy server that the handset talks to when web surfing. It turns out it's just a standard Apache HTTP proxy server running on port 80! I was able to telnet to it using MidpSSH and request random web pages from the Internet. While this doesn't solve the problem, the fact that there's a standard proxy there suggests that one could use the proxy CONNECT command to open a persistent socket connection, at least to port 443, which is what CONNECT was intended for. And it works! I was able to connect to an SSH server. But... after about 10-15 seconds, the socket is closed. I can only assume that Virgin's firewall limits the lifetime of TCP sessions to prevent global firewall resources from being tied up. Sigh, another dead end.

Sunday, April 15, 2007

Connecting to the Audiovox 8915

I recently got a new mobile phone, an Audiovox 8915. In the era of whateverBerry super-smart phones, the Audiovox is just a kinda-smart phone. You can send images from (using the built in camera) and to it, and you can send sounds to it. It can also browse the internet, if you can call interacting with a 128 x 160 pixel screen browsing. I should point out that the interface of this phone, compared to my previous Audiovox 8500, is much improved.

Here are a few things that I have learned. First of all, one can connect a data cable to the handset. I used the FutureDial cable number 19 (which has a built-in Prolific PL2303 USB-serial converter). This is important for connecting to my Mac OS X machine, since there are no Mac drivers compatible with the Curitel USB interface within the phone itself. The Prolific drivers can be found on their web site. There are some people who have hacked the similar Audiovox 8900 and the Virgin Mobile Snapper. They have been able to upload graphics, sounds, and game applets. The graphics and sound part sounds a little strange to me, since I can just message myself with a graphics attachment and save that as a wallpaper or screen-saver.

I was able to decipher the binary phone book formats of my old and new phones enough to be able to download and parse the old phone book entries, and convert and upload the entries to the new phone. Too bad BitPIM doesn't support this phone. The developers seem to have a moratorium on development for it, after seeing enough people with problems. Sigh.

By snooping the phone's file system, I also found a reference to an XML file containing the phone's capabilities. Here are some interesting tidbits:
  • It has an ARM7 processor;
  • It accepts MMS messages up to 100K in size (and graphics 480x640 in dimension);
  • It accepts J2ME java downloadable programs (JVM version VMID 2.0);
  • The networking software is capable of IPv4, SSL-3.0 and TLS-1.0;
  • The web browser does tables but not Java or Javascript;
I'm very interested to see if I can upload Java applets such as Google's map applet or the MidpSSH SSH client, but I'm also wary of bricking my phone.
At least one brave person has tried it and documented how he did it. The hacker in me says, "cool."