ZTE Open with Firefox OS v1.1 Having Trouble with USSD

My iPhone is still in service center for about 2 weeks now and a MozRep Indonesia is kind enough to lend me Firefox OS phone. Used to all the fancy things iPhone had so far now I have to use a device that doesnt has all that luxury.
It’s a so-so device -compare to my iPhone- (well, the target market is not for people like me), I dont have many comment about it. But this young O/S is fun to play with, specially making mobile app using only HTML5/CSS/JavaScript in the client side.

The only problem, serious problem that I have is the ability to make a USSD call.
USSD is a protocol used by GSM cellular telephones to communicate with the service provider’s servers. USSD can be used for WAP browsing, prepaid callback service, mobile-money services, location-based content services, menu-based information services, and as part of configuring the phone on the network (wikipedia).

For example:
Dial *888# to check your prepaid balance
Dial *266# if you want to activate your roaming package offers.
and many things.

The ZTE Open I’m using now unfortunately having problem with USSD operation.

The symptom is whenever you dial a USSD Code (let say *888#) via dialler,
the app only show you “connecting” status for a while
and after that, dialer app is like closing the connection and back to dial pad screen

open dialer app can make USSD call *888# to my operator to check the prepaid balance

open dialer app can make USSD call *888# to my operator to check the prepaid balance

Call is being made. B number not shown for a while

Call is being made. B number not shown for a while

B number finally shown. But after few seconds, the call will be closed and screen back to the dial pad

B number finally shown. But after few seconds, the call will be closed and screen back to the dial pad

When you’re accessing the STK menu (which is more or less is executing USSD command)
You can get the first menu screen. But when you continue selecting any option from the menu, there’s nothing happen.

USSD Success

It supposed to be displaying this kind of information if the USSD is success

Operator in Indonesia use USSD for most of their services because of the easy to use menu and realtime communication with the backend. That’s why it’s a serious problem for Firefox OS/ZTE Open if this issue still occur.

So, is anybody out there using ZTE Open with Firefox OS v1.1?
Do you have the same problem as I do? I’ve posted a bug at bugzilla, but has no response yet.

Bugs Remote Data Wipe di Samsung Android

Masih ingat masa-masa menggunakan phone that not so smart yet? :P
Ingat kode *#06# ini?
Kode di atas akan menampilkan IMEI ponsel kamu. Kalo *#0000# akan menampilkan software/firmware version.

Nah, kode sejenis ternyata kini menjadi petaka untuk beberapa smartphone. Seperti dilaporkan oleh CNET, pemilik Samsung Galaxy S2 dan S3 harus sangat berhati-hati karena data pribadi mereka dapat dihapus secara remote.

Wow…

Adalah Ravi Borgaonkar, seorang peneliti keamanan dari Technical University Berlin yang mengemukakan fakta ini. Menurut dia ada bugs di TouchWiz UI besutan Samsung saat melakukan panggilan USSD. Kalau di handset lain (both smart and not smart), tiap kali pengguna melakukan USSD call harus diikuti dengan menekan tombol SEND atau OK. Nah kalo di Samsung ternyata tidak. Jika pengguna tidak sadar mengetikkan ‘kode USSD’ yang sudah dimodifikasi, maka otomatis kode ini akan mentriger proses factory reset tanpa ada konfirmasi lagi.

Nah, kode-kode berbahaya tadi dapat disamarkan menjadi web link, QR Code, koneksi NFC atau bahkan SMS. Dengan satu klik saja, ga sadar kita melakukan factory reset handset kita sendiri. Nah lho….

Saat ini menurut Ravi hanya Samsung aja yang terancam karena behaviour TouchWiz UI nya itu. Solusi sementara buat pengguna Samsung adalah mematikan setingan ‘service loading’ serta mematikan aplikasi QR Code dan NFC.

Berikut ini adalah video saat Ravi mendemonstrasikan temuannya di Ekoparty security conference, Argentina

Jadi teringat 2 tahun lalu saya harus berdebat soal embedding USSD code ke weblink dengan rekan kerja. Sayangnya dia ngga pernah melakukan riset dulu mendalam soal pro cons hal ini. Apple saja dah ‘mengharamkan’ fitur ini di iOS. Beberapa pabrikan lain juga. Selain soal keamanan, naruh USSD di web link itu ga jalan buat semua ponsel.