01-20-2009, 07:35 PM
|
|
VIP Member
Offline
Location: Fargo ND
|
|
Join Date: Aug 2007
Posts: 5,114
Mentioned: 8 Post(s)
Tagged: 0 Thread(s)
|
|
Re: New XIP for 21109 sys with working encryption
Quote:
Originally Posted by FormerPalmOS
The above might work, but to be absolutely sure, un-hide the control panel aplet (HKLM\ControlPanel\Encryption\Hide=0) then un-check it there. It will default to encrypted in my XIP, but you can add the above to your .rgu in _scrosler and that should over-ride the XIP. The SDMemory profile isn't loaded during boot - only after OS load - so you should be able to change settings for SDMemory without changing the XIP.
The kicker with encryption is how well it works. If you save stuff to your storage card via ActiveSync or via the WM6 device in any way, and encryption is enabled, it is encrypted using a unique key stored on your device and re-generated with every hard reset (or re-flash). If you use an external reader/writer to write to the card (I have a Micro-SD to SD adapter and use that to read-write stuff I don't want encrypted like cab files) then those remain unencrypted.
As for removing it, the way I am doing this requires moving each and every DLL module loaded in the XIP - you have to move each one to a new address. It's a somewhat manual process that takes time. Granted, just removing it (and the associated registry keys and re-compiling boot.v and re-building XIP and re-inserting it into os.payload.nb) doesn't involve re-allocating addresses - OK to just leave a gap. But removing it wouldn't make the XIP space any smaller - so you really wouldn't buy anything by removing it. This is my understanding - those with more XIP experience may disagree.
By all means feel free to use this in future kitchens - but make the above changes in the .rgu file in _scrosler (unhide the control panel aplet and default it to not encrypt) so folks can see the control panel aplet and check / uncheck it as they please. I've made the change to default to not encrypt by default in my local copy - if I do this again, I'll do it to default to no encryption.
|
The key I posted was good. I checked it and removed the hide encryption entry. All was well.
__________________
Donations always accepted but never expected!
|