Image Image Image Image Image Image Image Image Image Image

| August 28, 2014

Scroll to top

Top

Who is Heathcliff74 - Homebrew Developer Interview |

7 Comments

wp7 Root Tools

wp7 Root Tools


Today we will be interviewing one of the legends on the Windows Phone Homebrew Scene Heathcliff74, this guys has got some great apps for the homebrew community the most known one has to be Windows Phone root Tools an app that all homebrewers should install. So lets try and figure out a bit more about this “Heathcliff74″ shall we ..

Hi tell us a bit about yourself .

I’m 37 years old, married and proud father of 2 kids. I have a bachelor degree in Software Engineering. I live in the Netherlands.

Hey you are not that Dutch hacker who held all those jailbroken iPhones hostage for €5 are you ? ( just kidding ) … well are you ?

Why Heathcliff74 ?

I chose Heathcliff74 as nickname because at the time I was watching the Heathcliff cartoon cat (long time ago). ’74 is my birth-year, which I added because on every forum there already is a “Heathcliff” :-)

are you sure it has nothing to do with lasagna ?

What do you do ?

I have been working for my current employer for almost 15 years now and we develop ERP software quite successfully. But I’d like to move to mobile technology professionally too. So I will see if this is possible with my current employer, or else I might consider a career-switch.

What phone did you own before jumping on to Windows Phone ? Were you a hacker on that platform as well ? Any other platform you work with ?

Before Windows Phone I had a Symbian device. I did not hack it at all, because I was not attracted to it in terms of development. I bought my first Windows Phone device, because I wanted to develop homebrew apps with Silverlight. At that moment the Chevron-team already published their developer unlock. I’ve always been interested in low-level-coding, but not for hacking. That all began when I thought my touch-screen-calibration was a little bit off and I wanted to see if I could do anything about it. I was disappointed to find out that all low-level access to the system (filesystem, registry, etc) was protected for the users. I started to research possibilities to gain access to the Windows Phone OS.

What windows phone gear do you own ?

Samsung Omnia 7 and Nokia Lumia 800. I have borrowed an HTC HD7 for testing purposes. I will receive my own HTC HD2 very soon (then I can return the HD7 to its owner).

Why involve yourself with Windows Phone Hacking ? How did u get involved with it?

I guess I already answered that question for the most part. Once I started hacking I really enjoyed it. It’s kind of like “advanced puzzling”. And it’s also a challenge to out-smart the pro’s.

Well it looks like you are doing a darn good job :)

Do you think unlock on Windows Phone will ( directly / indirectly ) lead to piracy of apps and games ? What is your take on that ?

I certainly do not support piracy. I think it is a good model to have two versions for apps; one free, with ads, and one paid, without ads. People can choose whether they pay for the software and the developer will make a profit either way. Everybody will need to protect their intellectual property. And also Microsoft has a big part in that. But I think Microsoft should really reconsider their position on homebrew. People who create and use homebrew software are often the most enthusiastic users of a platform. Every platform needs these kinds of users. Closing up a system for the purpose of protection of intellectual properties is good, but it should not interfere too much with homebew development. I understand that’s a very difficult task, but it is really important to work that out properly, because we want to have control over our devices. And some things do not even need high-level access to the system. For example, the start-menu is in startmenu.dll; a binary that was created using UIX (I think that is a branch of Silverlight Embedded, which will compile XAML and C++ code behind to a completely native library). If Microsoft would have chosen to use a normal MVVM approach with separate XAML resources that can be developed or changed by the user, you could create stunning startmenu-customisations without needing to hack the system at all. That alone would give developers something cool to do with the Windows Phone OS. And I’m sure Microsoft could think of other cool things that homebrew developers could do with the OS. The main thing is that WE want control over OUR devices. And Microsoft should figure out a way for us to do that without giving in on the copyright-protections.

WP7 Root Tools is one of the major tools homebrew users use .. tell us about that . what does it offer to users and other developers ?

WP7 Root Tools is a set of tools to manage low-level system-settings melted together in one app. In addition to that, it can perform certain types of unlocks, depending on system brand and configuration. In short, it can unlock Silverlight apps on devices that have Interop Unlock. Unlocked apps can operate outside the sandbox in which they normally operate. This unlock is called Policy Unlock (more about those unlocks here: http://www.wp7roottools.com/index.php/guides/unlocks-explained). Policy Unlock allows the apps (including WP7 Root Tools itself) to read and write to parts of the system that are usually denied access to. WP7 Root Tools has a file-explorer, registry-editor, certificate-installer and policy-editor. More features are planned for future versions. The file-explorer and registry-editor have access to the entire system, so you can use WP7 Root Tools to perform all types of tweaks manually. The Policy Editor is made to be able to give Root Access to other homebrew apps. Actually, I could have made the unlocks so that the entire system is unlocked at once (much like Fully Unlocked custom ROM’s), but there is a big security issue with that. It would mean that any potentially rogue app that is installed has full access to the entire system. For that reason alone, I would never use a fully unlocked system as my daily-use-phone. Private data is most vulnerable that way. So I created a Policy Editor to let the user in-control of the permissions. An app that is trusted can be given Root Access and other apps will continue running in their own sandbox. I try to unlock the system as gentle as possible, without compromising security too much. For developers, to make homebrew apps that make use of Root Access, is not an easy task. You need to write native code (C++) to get access to the important system API’s (I have written a guide for that here: http://www.wp7roottools.com/index.php/guides/native-code) So, in addition to the WP7 Root Tools app I have released an SDK for developers. (Read more here: http://www.wp7roottools.com/index.php/developer-blog/83-new-version-of-wp7-root-tools-sdk-released) This allows developers to access the system without having to write native code. The most commonly used system-functions (like access to the filesystem and registry) are available in the SDK through a managed interface that can be used in normal C# code.

WP7 Root Tools does not support some devices like Dell, is there any plans to expand to those .. can you talk a bit about the future of WP7 Root Tools ?

I’m always doing research to find new exploits and to support for more devices. Previous versions of WP7 Root Tools only supported first-generation Samsung devices. The last version added support for a lot more devices. That is the result of long research that I’ve done in the months before the release. I’ve also done research on Dell devices, but so far that has been unsuccessful. Currently my focus is mainly on finding support for new HTC and NOKIA devices. And I’m always looking for exploits that are not specific to a certain OEM brand. But this really time-consuming. And it is impossible to predict if or when I succeed to find such exploits. In the past I’ve been quite successful in finding such exploits. But Microsoft and the OEM’s are doing a better job in protecting the system more and more. Microsoft added Interop Lock in Mango and the OEM’s are protecting their drivers. Also I have to devide my available time in searching for exploits, adding new features to WP7 Root Tools and supporting my work by answering questions in the forums and by mail. New features for the next version of WP7 Root Tools will be much improved performance and many extra features for the file explorer. I have a lot more ideas for WP7 Root Tools, like browsing files and registry from the PC, browsing the certificate store, adding tweaks, etc. I hope to add that as soon as possible.

What are a few homebrew apps you recommend?

I keep a list of homebrew apps here: http://www.wp7roottools.com/index.php/featured-apps. Most of them make use of the WP7 Root Tools SDK. I’m very proud of that, because that means that my work is really boosting the homebrew scene. And that was my intention to begin with. Some of the apps I really like:

- MyRingtone2SMS ( xda )
- CacheClearer
- Root Webserver
- Lock Widgets ( wphacker )
- Screen Capturer ( xda )

Who do you consider to be some of the best hackers on Windows Phone ?

  • Bootloaders: There is only one hacker that has successfully patched bootloaders to load custom ROM’s: Cotulla. There has been work done on Nokia’s but so far this only using unlocked bootloaders from Nokia. There were no successful pathed bootloaders so far. Hacking a bootloader is quite difficult, because you don’t have references to system API’s that can help you figure out what a certain piece of code does. The result of a hacked bootloader is that you can load custom ROM’s. With a custom unsigned ROM the possibilities are endless. But still you’d need to hack more system binaries to get a working unlock in an OS.
  • Binary unlocks: If a custom ROM can be flashed to a phone you can alter system-binaries. This will let you patch security algorithms which will lead to certain types of unlocks. The most widely used packages are the “Full Unlock” packages that are created by Cotulla and Ultrashot.
  • Custom ROM Kitchens: This not real hacking, but it is very close related. To create custom ROM’s you need to create ROM-images. The structures and formats that are used in these ROM images are very complex. To create such images you need advanced software (also called ROM kitchens) that allow you to build all binary packages into a ROM image. These ROM kitchen tools are created by Barin, Ultrashot and Andim.
  • ROM chefs: People who create custom ROM’s are usually not just packing together some binaries. A lot of testing needs to be done to get a ROM working. Countless runs of flashing test ROM’s are being done. There are many good ROM chefs. Among the best are: CeesHeim, HD2Owner, xb0xm0d and AndrewSh.
  • Software hackers: With software hackers I mean hacking stock ROM’s and trying to unlock the OS without altering system binaries, like Interop Unlock and Policy Unlock. This is my field of expertise. Other hackers in here are: YukiXDA, Jaxbot, Ondraster, Fiinix and GoodDayToDie.
  • Tell us 5 apps and 5 games that you love on your Windows Phone ( no stock apps like bing, calendar, etc )

    Apps:
    - WhatsApp
    - Mehdoh
    - Navigon ( USA ) ( Europe )
    - Skype Marketplace Link
    - Amazing Weather Marketplace Link

    Games:
    - Taptitude
    - geoDefence
    - Wordfeud
    - Angry Birds
    - Full House Poker

    hmmm our 1800PocketPC App didn’t make your list .. we gotta work on that answer again ;)

    What are your thoughts on Windows Phone as a mobile OS ? How does it stack up against the other players?

    Obviously is has a long way ahead to catch up with the competition. But I think Windows Phone has a very good chance to become a major player. The marriage between Microsoft and Nokia was an important decision. Nokia will boost Windows Phone sales, especially in emerging markets with relatively cheap devices. Microsoft needs that. From a development perspective, I can say that probably every developer will be super-enthusiastic about the development tools from Microsoft, once they get in touch with them. They are undoubtedly among the best development tools in the market. I hope that more and more developers will try it and come to the same conclusions. That would give app-development a boost; not only new apps, but also in software-houses that develop popular apps and games for other platforms, so that Windows Phone users can use and play the same apps and games as iPhone and Android users. I believe Microsoft and Nokia are already working on that.

    Any predictions on Windows Phone 8 ?

    Microsoft is really holding the cards to themselves on that one. So it’s hard to say. I expect them to harden security even more. Almost all the weak spots are in the OEM software. To be honest I don’t understand why they didn’t use their advanced Least-Privileged-based policy-engine to protect the OEM drivers. That would be really easy to implement and it would make security on that much better. So I expect that Microsoft will address that. On the other hand, I do hope they open up some parts of the system for better customization. Their policy-engine can be used for that too, but it would also need some redesign. I would really hope, that they introduce: ID_CAP_MODIFYSYSTEMXAML (or something like that), to allow certain apps to customize the look and feel of the system. Also policies for other parts of the system could easily be loosened-up without compromising security on intellectual property. Microsoft designed the policies from a Least-Privileged-perspective, which is all very well for security. But here’s where Microsoft should think: “What is the best working security policy, what is the necessary security policy AND what policy would a homebrew developer want.” And then make a serious decision on what will be the best policy for a certain system-resource. Their decisions on this part of the system can make or break the enthusiasm of developers.

    You have a website now for your homebrew tools, tell us about that .. what are the other channels users can follow your work.

    I created my own site, because all my work was shattered everywhere on the XDA forums. With my own site I can refer to my work more easily. I can just say: Look at wp7roottools.com. I’m also on the WP7 Hacking forum on XDA: http://forum.xda-developers.com/forumdisplay.php?f=606. And you can follow me on twitter: @Heathcliff74XDA

    Thanks a lot of chatting to us Heathcliff74 . Good luck with your new website and we hope to see more amazing work from you.

    Comments

    1. JacksonT

      Nice to see homebrew developers geeing some spotlight

    2. Oh.. I would never hold any phone hostage for money :-P I’m a white-hat-hacker! And I earn my money white-handed :-) Anyway, thanks for doing the interview!

    3. Nice to read!
      Good and interesting interview with excellent professional.
      Thanx Heathcliff74, thanx Saijo

    4. “I could have made the unlocks so that the entire system is unlocked at once (much like Fully Unlocked custom ROM’s), but there is a big security issue with that. It would mean that any potentially rogue app that is installed has full access to the entire system. For that reason alone, I would never use a fully unlocked system as my daily-use-phone.” Quoted from article Okay, 1800pocketpc and Heathcliff, this having been said in the interview, tell me again why I should unlock my Windows Phone? ANd how I can do it safely but still have control over functionality, privacy and yet still customize and control my phone?

      • MikeC, first of all, not all types of unlocks work on all devices. If you want to read about different types of unlocks, read here: http://www.wp7roottools.com/index.php/guides/unlocks-explained

        Having said that, and you want to “safely” unlock your device, you should not flash a custom ROM with Full Unlock. Because Full Unlock means that you give potential rogue apps all freedom there is on your device.

        Instead use Interop Unlock and then use Policy Unlock by WP7 Root Tools. Using the Policy Editor in WP7 Root Tools you can give Root Access to apps that need this access. You can decide which app is trusted. All other apps will remain in their sandbox and can’t do any harm. This means that if you would download and install a rogue app, it still can’t do any harm until you give the app explicit permission to access your system.

    5. I really wanted to read about Heathcliff74′s background to be honest, to find out how he became so good at hacking and what his background was. Luckily I stumbled across this article! Really great :)

    Submit a Comment