The issue is only known about because F-Secure, a failing and seemingly disreputable company antivirus company, chose to make it public in the desparate attempt to sell security software for a platform that ordinarily doesn't need it.

With respect to Route 66, this was presintalled on the phone under licence from the Route 66 company, for updates you should go to www.66.com

You are posting in a peer-to-peer forum, members here can help you to troubleshoot issues but if you want to raise issue concerning software development, you need to contact Nokia customer services directly.

mcbleue, sorry, but you have no clue about the nokia6110 navigator and the other problem! those are totally wrong answers, you obviously dont know what the problem is.
for the nokia 6110 navigator: nokia has to integrate the updates, as the inbuild nokia-navigator, that is an oem-version of route66mobile8, can ONLY be updated by nokia, it is not installed as separate program here but integrated in the firmware! therefore it is nokias fault, and your answer is wrong. nokia seems to avoid to integrate the updates, probably because route66 is a very strong competitor to nokia maps.

second the issue with 32 character-sender-sms is not only known because of f-secure, the problem is now known for much longer and is not related to f-secure. it can not be fixed by a antivirus-solution, that is totally the wrong way. if you read carefully the problem, this is caused by false threatment in nokia firmwares.

so sorry, but your answers are completely wrong for the two problems! please only post, if you know about what you write.

Message Edited by laxlex on 01-Jan-2009 06:48 PM

why do you ask if you know all the answers. forum users try to be helpful, there is no reason to be rude. we are all here to try to find answers to our questions and share some others with those that may need assistance, that does not mean that we have all the answers all the time.

radical24: first i wanted to mainly WARN people about this huge security problem (sms-bug, denial of service-problem). that was the main idea. i secondly added the request for an update for the nokia6110 navigator (in hope that nokia might read this, as they obviously did not yet read the other topic about all the bugs in 6110navigator for a year now, as most bugs are still remaining since 1 year).
however i was quite unhappy, when i read an "answer", that is as false as the one mentioned before. as it is obvious, that not everyone can know everything about all the nokia phones, those that dont know it right, shouldnt give answers that sound "good" (especially when those people have many posts), which will lead to even more confusion, as others/beginners might think this is really correct.
i am glad nokia survey might now lead to nokia-techs watching at least a few of the topics, so they recognize a few of the problems and can also rectify false-information.

---

02-Jan-2009 02:20 AM
laxlex wrote:
radical24: first i wanted to mainly WARN people about this huge security problem (sms-bug, denial of service-problem). that was the main idea. i secondly added the request for an update for the nokia6110 navigator (in hope that nokia might read this, as they obviously did not yet read the other topic about all the bugs in 6110navigator for a year now, as most bugs are still remaining since 1 year).
however i was quite unhappy, when i read an "answer", that is as false as the one mentioned before. as it is obvious, that not everyone can know everything about all the nokia phones, those that dont know it right, shouldnt give answers that sound "good" (especially when those people have many posts), which will lead to even more confusion, as others/beginners might think this is really correct.
i am glad nokia survey might now lead to nokia-techs watching at least a few of the topics, so they recognize a few of the problems and can also rectify false-information.

---

i think giving the heads up is fine, and it is appreciated however i think we should not be calling it as a bug, because it is actually a loop hole or a backdoor vulnerability that F-secure people found and have been trying to conveniently decimate to the public which makes other people wonder why they go about it, seeing that they are the only ones who will benefit form it...

and one thing that has been noticed on about this vulnerability is that it is being claimed that you only need to send the SMS once and the phone is vulnerable, actual testing have shown that you need to send it like 10 times or more...

It is possible to get rid of the exploit by manually deleting text messages from where they are stored. This means that a hard reset is not required and certainly not reason enough to get F-Secure.

The only thing that this exploit could be bad is that it will force you to delete all of your precious texts. If one deletes his/her txt once in a while though, then it is not that really a big issue...

hello, i havent tried myself this bug (i dont want to hardreset my phone out of fun), however it seems that symbian os 60 version 3.1 and 2.8 actually need 11 sms to be no more able to receive sms/mms, phones with version 2.6 and 3.0 only need 1 single sms according to https://berlin.ccc.de/~tobias/cursesms.txt
and f-secure actually seems not to be the company that discovered the bug, but someone called "tobias engel". f-secure also saw this bug and added that warning to their software.
it is also not possible to manually delete the messages without consequences:
2.6 and 3.0 have to hardreset the phone, else it will always show "not enough memory", even if no message at all is left (a softreboot or softreset doesnt fix the problem).
2.8 and 3.1 can receive after a reboot, however no multiple-sms (quote tobias engel: If it receives a SMS message that is
split up into several parts (...) it is only able to receive the first part and will
display the "not enough memory" warning again. After powercycling the
device again, it can then receive the second part. If there is a third
part, it has to be powercycled again, and so on.(quote end).

reed the report i linked there in my first post, i think nokia already got a few tech-guys there now fixing for all the line this problem, as it might be one of the biggest current problems on a real big number of symbian-phones.

You are not entirely right yourself.

Route 66 is not true OEM in the same way that preinstalled Windows on a PC is. What OEM means in that sense is that if you need customer support, you contact the manufacturer of the device and not the provider of the software (because in return for cheap software licences, the manufacturer agrees to take over support responsibility). This is not the case with Route 66 - Nokia will give basic support in using it ("How do I plan a route", "How to I find my GPS position?" etc.), but full customer support is still provided by Route 66: http://www.66.com/nokia/n6110/index.php?cid=UK&act=0

The reason the 6110N had Route 66 is that it was the first Nokia phone specifically marketed as a navigation phone, and at the time Nokia Maps wasn't ready for all markets. It is highly unlikely that they have an ongoing licence to keep updating the software, since the Route 66 package was bought-in for this device alone. The package sold with the 6110N is is a one-time install with an indefinite licence for the local region maps, If you want a newer version of Route 66, you purchase it from Route 66 and install it - the same goes for map data updates. Nokia Maps has matured into a great package in v2.0, so the chances of Nokia continuing to invest in third-party competition software is slim.

The SMS issue was an absolute non-issue until the big press announcements in the last day or so, because out of the billions of GSM users in the world, very few would even imagine sending e-mail to a GSM number over the SMS system, let alone have need to do it; so I stand by my previous statement that the whole furore is generated by individuals and/or organisations who feel they can gain from generating it.

About route66: it might be, that nokia just had a very limited licence, as that phone was indeed the first with preinstalled navigation-software. nokia maps came afterwards, and route66 was immediately dropped. firmware 4.22 still fixed a problem with the western europe map, where it always showed "not enough memory" even if you just wanted to navigate 10 meters or less. so they had untill then at least the right to update. as there is the way on nokia 6110 navigators to transfer the purcahsed licences in nokia navigator to route66mobile8, at least we can still use the newest program, even if the main navigation-button is mapped to "nokia navigator". i think there is no doubt why nokia dropped route66, nokia maps is their own product...

about the sms-problem: as the information is now out, i guess nokia has to fix it. can they go on with this risk? symbian os 60 3.2 and 3.5 havent got those problems anymore, but the other versions are still the most common versions. there will be certainly guys now doing DoS-attacks against symbian-phones. we will see.