PR1.2 compulsory My Nokia subscription

The N900's Maemo 5 update PR1.2 contains a new feature called "My Nokia". This is a text message (SMS) subscription service, which you can register for and receive information texts from Nokia periodically.

The implementation of the feature is rather controversial, and some consider it a privacy breach. This document describes the problem and suggests some ways to work around it.

See also the related talk.maemo.org thread and bugs.maemo.org bug.

Contents

The problem

In the PR1.2 update, Nokia included a feature to automatically register users with their MyNokia service. However, they did not allow an opt-out so all devices upgraded to PR1.2 are automatically subscribed to My Nokia. This involves a text (SMS) being sent from the device to Nokia, which might be at the owner's expense, and then receiving texts from Nokia. In normal circumstances, it is not possible to use the upgraded operating system without agreeing to subscribe to My Nokia.

Although users can unsubscribe after the installation is completed, Nokia have not said what data is sent in the registration SMS, they make no promises to remove their data, nor do they refund any costs and it is possible that the some courts may consider that the legal agreement they presented during the process was in some way binding on the user.

How to avoid the compulsory registration while upgrading to PR1.2

To avoid the compulsory registration, i.e. to avoid the device sending a text to Nokia and breaching privacy, it is most important to stop the /usr/bin/cherry app from running. It would also be nice to remove the My Nokia applet from Settings, but at least that should not subscribe you without asking.

Automatic method

Install the notmynokia package from the extras-devel repository. As long as this package remains installed, it checks at every re-boot that the My Nokia registration program (cherry) will not run.

The package should be installed before the upgrade to PR1.2 takes place, and should remain installed afterwards. The package is believed to be effective for "over the air" (OTA) upgrades and should also work if the software is re-flashed (but the package should be re-installed as soon as possible afterwards).

However, if the eMMC is reflashed then protection is lost. See the notes on the manual method below for possible workrounds in this case.

Note: if you later decide you want to allow the registration, simply remove the notmynokia package.

Manual method

As you will see from the technical analysis below, creating a file called /home/user/.cherry_state should stop /usr/bin/cherry from running. This file lives in the eMMC, so if your PR1.2 upgrade procedure doesn't involve flashing eMMC, then you can create that file before you upgrade and it should still be there after the upgrade. That means that you should avoid running /usr/bin/cherry. To create that file, type:

touch ~/.cherry_state

If, on your first boot into PR1.2, you see the Ny Nokia registration screen, see the "Recovery" section below.

If your upgrade method to PR1.2 involved flashing eMMC, this will mean that you cannot create the /home/user/.cherry_state file before booting into PR1.2. See the section below for how to deal with that case.

Recovering

If the cherry process runs and displays the terms and conditions screen, it is not too late to avoid the registration as long as you have not clicked on the Done button to allow it to proceed. Simply turn the phone off by holding down the power button for a few seconds, remove the SIM card, and turn the phone back on again. Then, start X Terminal and type in the commands:

touch ~/.cherry_state
sync

Note: if you have Wi-Fi network connectivity, you can install notmynokia instead of typing those commands if you wish.

Then turn the phone off again, reinsert the SIM card and turn it back on. The registration screen should not appear. You may want to still install notmynokia as soon as possible to help protect you in case the file somehow gets deleted.

If you have clicked to allow the registration process to continue, it is probably too late to stop it. Cherry will tell the CSD daemon, through CSD's libcsd-sms.so module, to send the SMS directly, bypassing Telepathy and RTCOMM so the SMS is not visible in your Messaging history.

If the SMS cannot be sent (no balance on SIM card, no network coverage), the SMS may still be on the phone waiting to be sent. You can check to see if there are any files in /var/spool/sms/outgoing and check to see if /var/spool/sms/regs_out.txt contains an entry. If you haven't sent any other SMSes, it's a safe bet that this message scheduled to go out is the one produced by Cherry. Removing the file in /var/spool/sms/outgoing and the entry from regs_out.txt is safe, but make a backup just in case.

If the SMS has been sent, then all you can do is to use the Settings/My Nokia to unregister. Note that, in this case, Nokia makes no promises to discard your registration data (see the Terms and Conditions for whatever promises it makes, if any).

Technical analysis

In PR1.2, the My Nokia feature is enabled by the "cherry" package. The package is closed source, but it can still be analysed to an extent. The package can be downloaded on any N900 (even those that have not been upgraded to PR1.2). Downloading the package as described here does not install it, so is safe. For some reason, trying to wget the package from a Linux desktop machine doesn't work.

First you need to install "wget", which doesn't appear in Application Manager but can be installed using:

apt-get install wget

Then you can obtain the cherry package using:

cd ~/MyDocs 
wget --no-check-certificate https://qa9recEP:Pat2UGuP@downloads.maemo.nokia.com/fremantle/ssu/mr0/cherry_0.20-2+0m5_armel.deb

You should find the cherry_0.20-2+0m5_armel.deb in your MyDocs folder, which appears as N900 in File Manager, and can be accessed via USB and transferred to a desktop computer running Linux, where it is easier to analyse.

In that package, we see that it installs a script at /etc/X11/Xsession.d/34cherry (which is run every time the device boots) containing:

#!/bin/sh
 
# Cherry checks for .cherry_state anyway, but testing here makes it faster
if [ ! -f /home/user/.cherry_state ] ; then
  . /etc/X11/Xsession.d/04b_start_matchbox
  /usr/bin/cherry 1>&2
  . /etc/X11/Xsession.d/06stop_matchbox
fi

The package also installs a script at /etc/osso-cud-scripts/cherry-clean.sh (which it is thought is run when the user does "Restore Original Settings" from the menu in the Settings app) containing:

#!/bin/sh
/bin/rm -f $HOME/.cherry_state

From this it would seem that although the main /usr/bin/cherry binary is closed source and difficult to analysis, it can be largely neutralised by creating a file /home/user/.cherry_state.

The /usr/bin/cherry program brings up the warning that is seen on first booting the device after PR1.2 is installed. There is also /usr/lib/hildon-control-panel/libcpcherry.so and an associated /usr/share/applications/hildon-control-panel/cpcherry.desktop file which puts the My Nokia icon into the Settings app.

The package also contains a ChangeLog, which makes interesting reading as to how the package developed over time.

The package is not optified, contributing to the rootfs compressed terms files of about 1.3MB.

Nokia's response

Nokia responded to the Community Council on this:

“Nokia Corporation respects applicable laws and regulations and has carefully reviewed the content in your mail. The latest Nokia devices are no longer traditional mobile phones. Instead they are mobile computers that include sophisticated services such as messaging, games, as well as capability to access online services, download applications, take pictures and video as well as to process text. Such devices should be seen more as portable computers with phone functionality rather than traditional mobile phones mainly capable making a phone call. N900 belongs to this category of mobile computers.
The first use of the latest software for Nokia mobile computers include functionality preparing the device for the service use on behalf of the consumer. In this connection Nokia also provides the consumer with the possibility to receive support messages to assist the consumer get the most out of the purchased Nokia mobile computer. These messages include tips on the capabilities and features of the Nokia devices and available services and features. We believe that these support messages are for the benefit of the consumer and help those consumers who are not yet fully aware of the possibilities their devices offer to make the most out of their purchase.
Nokia informs the user about this support feature and the cost of the SMS on the cover of the sales box and in the Nokia device user interface through the terms and conditions. Any personal information (including any information in the SMS) needed for the service is dealt with in accordance with Nokia's privacy policy available at http://www.nokia.com/privacy-policy.
We have not found any grounds to assume that the My Nokia service would in any way breach the UK Computer Misuse Act, which is 'An Act to make provision for securing computer material against unauthorised access or modification; and for connected purposes'. Please provide further information if you feel a more detailed analysis is needed.
In case you wish to know what personal data we hold about you or you wish to replenish, rectify, anonymize or delete any incomplete, incorrect or outdated personal data, or you wish us to cease processing your personal data for the purpose of sending promotional materials or direct marketing or for the performance of market research or on other compelling legal grounds, you may, as appropriate and in accordance with applicable law, exercise such rights by contacting us through the contact points referred to in Nokia’s privacy policy.”