What do you mean by "locked"?
There are a few different things that people might mean when they say their phone is "locked". I wanted to provide this post to help define the different types of lock.
SIM Locked
This typically means that the phone will only work on the network of one specific operator. This is handled by the GSM network and doesn't have anything in particular to do with the Windows Mobile software itself. More info
Bootloader Locked
In many cases, Windows Mobile devices can only be reflashed by the OEM or operator. The "bootloader lock" typically refers to this state. The bootloader is the very first part of the phone that starts up, and it usually has the capability to enter a reflash mode or various other debug or diagnostic modes.
Application Locked
This term is a little bit ambiguous. In the most strict meaning, it means that the device can't run unsigned code and that most settings and the registry entries can't be changed by the end user. Sometimes the term is used to refer to the default settings on a two-tier Smartphone device, where unsigned code runs at the "normal" trust level and only some settings and APIs can't be used. If there is interest, I can do a followup post with more detail on what this means and ways to tweak this state on development devices.
PIN Locked (or Device Locked)
This refers to the device state where you need to enter your PIN (or password) to unlock and use the device. Internally we call it "device lock" but "PIN lock" is probably more clear. There's also "key locked" where most keypresses don't register except the unlock key.
SIM PIN Locked
The SIM itself can require a PIN in order to change settings or use the phone features at all. If the PIN is entered incorrectly enough times, the SIM will lock down and you have to get an unlock code (PUK) from the operator to continue. This functionality is implemented entirely on the SIM - all the Windows Mobile software does is pass the PIN code from you to the SIM
I'm moderating this post, so please don't post links to various unlock sites and resources - I won't post those comments for various different reasons including our partner relationship with OEMs and operators.
Scott
Comments
Anonymous
May 14, 2007
I know automobile analogies are stupid but I can't resist ... Let's say you can buy a certain fancy type of car, but it only allows you to go to a certain groceries store with your mom, would you buy it? And if it was the only way to get to that groceries store?Anonymous
May 15, 2007
Its also interesting to note where these lock codes reside as well. For instance all of the above reside on the phone, except for the PIN Locked code. This can be seen by enabling a PIN lock on the handset, then changing the SIM card to another phone, the lock code will follow the SIM. Also, as a result of entering the PIN code incorrectly too many times there is a PUK code which also resident on the SIM card, and must be obtained from a service provider. PIN lock shouldn't be confused with a Phone Lock which is a code that is resident on the handset and not on the SIM card. -JasperMAnonymous
May 15, 2007
Hi Jasper, You're right, there is another type of lock lurking in there. I named that one "SIM PIN lock" and added it above. The one you're calling "Phone lock" is "Device lock" above. SIM and SIM PIN lock are handled by the SIM. Device Lock , key lock, and application lock (all the security policies) are handled by the operating system. The bootloader lock is handled in the bootloader, which is technically a very small separate operating system.Anonymous
May 15, 2007
You don't have to allow this to post, but I am fairly certain that the Network lock, (NUK or NCK) is device specific and not carried with the SIM card. When a device is unlocked that unlock information is stored on the device itself. You are unlocking the phone, not the SIM. There is a way to SIM lock a SIM to a phone, so that the phone only works with that SIM, but that is different than the Network Lock. -JasperMAnonymous
May 15, 2007
The farther we get away from device security and into GSM and operator networks, the more likely it is that I will be wrong. :)Anonymous
May 15, 2007
Henry, I think this analogy is more accurate. Take your favorite gasoline station. Say that they started reselling cars for a discount. You get the same car as you would have at the dealer, but it costs half as much. The downside is that there's a lock on the gas tank that only allows you to put gas from that company in it. That's what's happening when you buy a phone from a mobile opperator. The MO charges you considerably less than they paid for the phone and expects to make that loss up in you using their service. If you don't like that restriction, you can always go to places like expansys.com and pay full price for an unlocked phone. Beware, though. You might be shocked when you learn what these things really cost. MikeAnonymous
May 15, 2007
Scott, more detail on application locking and ways to tweak the state of application locks on development devices would be most welcome. Thanks.Anonymous
May 16, 2007
The comment has been removedAnonymous
May 16, 2007
The car analogy (first post) is flawed. It is more like this. You can buy some cars that can only travel on roads (locked phone) and others that can go anywhere, eg. 4WD. The reason this analogy is more appropriate, is that some drivers don't want to go off road, as the risk is too great for them. Likewise, some users don't want to be able to run any code, as the risk is too great for them.Anonymous
May 17, 2007
more detail on application locking would be wonderful.Anonymous
May 17, 2007
The comment has been removedAnonymous
May 19, 2007
More details on the application lock would be just lovely.Anonymous
May 20, 2007
The European Union has stipulated that telecom operators must supply an unlock code for subsidised SIM locked devices, upon request, one year after the start of a contract. No such requirement for bootloader locks and application locks. I think that's unfair. Once your contract has expired you should be able to do what you want with your device. Full access to the registry, run unsigned binaries, install Linux, hit it with a sledgehammer etc.Anonymous
May 23, 2007
We talk a lot about security and signing apps, we don’t spend enough time talking about how it all worksAnonymous
May 23, 2007
Thanks for the rundown on locks, Scott. One other lock that is not prevalent: Phone Locked SIM - the SIM cannot be used in phones from a different MO. China Mobile utilizes this.Anonymous
January 03, 2008
Regarding "PIN Lock"... Maybe I'm doing something different to the rest of the universe, but I want a lock which requires me to enter a password if the device is booted or turned on etc, and maybe an auto lock which will kick in after a certain time of in activity has passed. So I think to myself... I'll just set the device lock to zero minutes (given that Windows Mobile doesn't provide independant settings for "boot up" device lock and "time out" device lock like virtually every other mobile phone) and simply remember to turn it off when I've finished using it... but no, zero minutes doesn't mean it only asks me for a PIN when I turn it on, it means "bug me for a PIN every time I stop using the device for a minute". WHY???? And where's the option, even when setting the device to ask for a PIN after a certain period of inactivity, to set the lock function not to kick in while the device is connected to a PC etc? If I've got it connected to a PC with which it has a sync partnership, aren't the chances pretty good that I'm either at home or at work and that I can judge for myself whether I can safely leave the device unlocked until it's disconnected from the PC? The PIN/Device lock function in Windows Mobile is yet another one of those infuriating annoyances that make using a phone running the WM operating system an exercise in frustration.Anonymous
February 13, 2008
I have K-JAM it was working good with debuging in development stuff now I think it got "Application Locked" suddenly, whcih means I can't do anything on it, even simple deploy for the application,, Please I don't know what to do? please adviseAnonymous
July 12, 2008
i locked myself out of my phone by changing the pin code and when i turn my phone on it wont let me in it says phone locked how do i unlock it??Anonymous
November 23, 2008
Hi, Scott Thanks a lot for such useful post. I have further question about PIN lock (Device Lock). Is this feature ment to disable more then just RAPI? Is it possible that when enabled, it blocks WiFi or Cellular connection? In my particular case the VoIP application developed by my team works fine when device is locked. But it will not be able to connect to the server after device will be restarted. The app currently runs over WiFi and uses WinSock to maintain its' SIP and RTP connections. Thanks ahead, DavidAnonymous
November 23, 2008
Hi David, Pin lock definitely doesn't tear down the cell connection, or else you wouldn't ever get new mail while the device is locked. I don't think it has any interaction with wifi either. Maybe it's the power manager turning off the wifi when the device is inactive? I'm not sure.