Jetpack log question
CALI0311
Enthusiast - Level 2

Hello, recently got a jetpack HMS900L? (Her Majesty ship) It has preformed well and have no complaints, so far. Due to past experiences, loss of data and hardware, by hackers, security is top priority. I use all the settings, and change those, as well as passwords, as I feel needed. The question I have, may not be an issue at all, just looking for some reassurances of what I think is happening. I have enabled the logging feature, I have noticed that occasionally the LTE signal is lost. When that happens, or the charger is disconnected(which it physically is not, perhaps battery has a full charge) the date goes to 2003 from 2017, and the clock resets, first event comes in around 00:00:35.

[2017/10/27 02:52:04] LTE Connection lost
[2003/10/07 00:00:34] USB Charger: Disconnected

This is, in order from the log:

[2003/10/07 00:02:12] LTE Connection established
[2017/10/27 08:22:18] LTE Connection lost
[2003/10/07 00:00:36] USB Charger: Disconnected
[2003/10/07 00:00:36] Battery Level : 6


Is this just a software glicth from the loss of the LTE signal?

Another concern is how the log deals with the sim lock, it will show:  

PIN Status changed from [PIN] to [NOT_BLOCKED]
[2003/10/07 00:02:10] SIM State changed from [LOCKED] to [READY]

Pretty sure this is just how it shows the sim pin being logged in, the not blocked is what caused the initial  concern, but with the time signature being off, I can not be sure it was when I logged in.

Not sure if I should be concerned about this log entry:

[2003/10/07 00:02:06] Request [LTE USIM Operation]: Operation: 0

I understand this is the " interoperability  between an SAE network, and LTE device and the Universal Subscriber Identity Module (USIM) applications which are running on a Universal Integrated Circuit Card  (UICC)" .
What I don't understand is how it was requested, or why. If the LTE signal was lost, this would not be needed, or help?
The "Operation: 0" means it was not utilized?
This log entry occurs, in the last day or so, within a minute or less, from when I log in to the jetpack/Internet.
So I guess the question is, does this jetpack run on an UICC? Or is something already on my device, trying to make a connection? Or is it a normal operating process. Any help is appreciated. Thanks

0 Likes
Re: Jetpack log question
John_Getzke
Champion - Level 1

> Is this just a software glicth from the loss of the LTE signal?

It would seem so, good find!  To get it officially patched you would have to open a support case with VZW.  VZW would then report it to the hardware manufacturer who would build it into the next firmware update as a solution.  When ready it would be deployed back to your Jetpack from the VZW network or manually installed from the VZW support website.  The hardware manufacturer may contact you to test the firmware before it goes live as confirmation.

> So I guess the question is, does this jetpack run on an UICC? Or is something already on my device, trying to make a connection? Or is it a normal operating process.

The modem is what is responding and creating the logs in this scenario.  Cellular modems themselves are often referred to as circuits, air cards or perhaps in this case a circuit card.  So UICC may be techno jargon for the 4G LTE engineers to help them understand the various commands that are being submitted and completed at the time.  I don't think its anything to worry about and is normal operation.  However a real 4G LTE engineer from the hardware manufacturer would be able to confirm for sure.

I think your best bet to get in contact with the hardware manufacturer is to open a case with Verizon about the date bug.  That's an easy one to identify and repeat.  From here add on your remaining questions about the rest of the logs and see if the manufacturer will respond.  Confirm what you can find for us back here so we can share with others.

0 Likes
Re: Jetpack log question
CALI0311
Enthusiast - Level 2

Thanks John, should get the ball rolling with Verizon within a day or so. I will keep you updated on the progress. Hopefully it will not be a malicious problem. I have become aware that my device has some issues, it seemed to block access to this support page, kept getting NET::ERR_CERT_AUTHORITY_INVALID

and it showed the Verizon cert with a valid expiration date in 2019, it would show a PEM code, when clicking on the NET::ERR

But it would not let me copy. When I clicked on continue away, not sure that is how it was worded, the support page would open, and I was able to log in, but either getting to topic page, or the jetpack page it would go back to the NET::ERR. Or send me back to the log in page. This happened repeatedly for an hour or more. Finally copied the questions I posted to an email, sent it and then used another device to post it here. Not completely sure this is malicious, but have strong concerns it is. The device with the issue, was just returned from the manufacturer, paperwork showed the PBA was replaced. Sent it in, pretty sure it was infected with certifi-gate. It was, according to the recovery log, doing factory resets, when the device was powered off, or was made to appear off, knowing I did not use it and had it off. Anyway after the issue today, I see it has done this a number of times this week. Wondering if the motherboard was not really replaced, and the device was just wiped clean, with something hiding. So I will also be getting back to the manufacture, and most likely sending the device back to them.

See where that goes and if it may have contributed to the issue with the jetpack.

Thanks again, will let you know what fun is in-store.

0 Likes
Re: Jetpack log question
John_Getzke
Champion - Level 1

> NET::ERR_CERT_AUTHORITY_INVALID

This sounds like a cert trust problem between your machine and the Jetpack.  You should be able to add the Jetpacks cert to your store of approved certs to work around this error:

https://social.technet.microsoft.com/Forums/ie/en-US/d35d66e0-bd4a-4367-abac-794f457fb794/ssl-error-...

> So I will also be getting back to the manufacture, and most likely sending the device back to them.

Not a bad idea if you have concerns.  Maybe the original problem wasn't entirely resolved as you have described.  Should be easy for them to evaluate and swap out your device with a new one to resolve any concerns.

0 Likes
Re: Jetpack log question
CALI0311
Enthusiast - Level 2

John

Our device, not the Jetpack, has been returned to the manufacturer, and hopefully will get more information from their IT. People, on what issues were found, and if those issues effected the performance of the Jetpack.

From the device in question, I was having some issues in contacting Verizon, may have been off hours for their chat service, or device related, not sure. Anyway I was able to save copies of the Jetpack log onto another device. Thinking I will wait until the device is returned, to see if the problem still exists, although I am starting to wonder if the Jetpack could of be compromised. From my understanding, which is far from complete, there is nothing I see in the log or behavior that would suggest it had. One thing I have noticed, but think it may be normal operations, is the IP address (for the Jetpack) changes every time it is turned on and connected to.

The device we sent back to the manufacturer is basically the only one used with the Jetpack, so the Jetpack has been powered off and not in use.

I will update new findings as I receive them.

Agian thank you for your assistance.

Re: Jetpack log question
CALI0311
Enthusiast - Level 2

Sorry it has taken so long to report any info on this issue. As I stated in the last correspondent, I waited until the device, using the jetpack, was returned from the manufacturer. Well it will be going back for the forth time, twice the PBA was replaced, but the issue is still there. I suspect they are not seeing the malware, certifi-gate, As I have repeatedly informed them, is over looked, so after they replace the hardware, they flash the same infected software back to the device. Doesn't make much sense, but I can't come up with any reason why it is still on the device. So this is the reason it has taken so long to address the issue with the jetpack. I wish I could offer better info, but after Verizon received copies of the log, I was told they never seen anything like it. So the jetpack is being replaced, and verizon will look deeper into the issue, as well as contacting the manufacturer, to figure out what is going on. As it looks, I am out of that loop, so unless they contact me for more info, I really can't give anything new as far as fixes, causes, if it is a glitch or malicious. I will pass anything, I learn, on here, but not expecting that to happen. Thanks again for the advice.

0 Likes
Re: Jetpack log question
CantBelieveItsTrue

I'm curious what the result of all this was. I'm dealing with some issues/compromises in my home network. I got a new line on a jetpack earlier in the week and am seeing similar behavior on the logs of this thing. Concerned whoever is behind this may be flashing malware to the new jetpack and infecting the machine attached.

[2020/04/08 17:01:57] USB Charger: Connected
[2020/04/08 17:01:57] Battery Level : 2
[2020/04/08 17:02:24] LTE Connection lost
[2003/10/07 00:00:31] USB Charger: Connected
[2003/10/07 00:00:31] Battery Level : 6
[2003/10/07 00:00:33] LTE Connection established

The 2003 year in the log seems concerning. Did you learn anything that may be of help? Do you believe that someone was flashing malware to your devices from the JetPack? Any help is greatly appreciated! 

0 Likes
Re: Jetpack log question
vzw_customer_support
Customer Service Rep

We never want our customers to be worried about their connection using our devices, CantBelieveItsTrue. We are here to help.

 

Reviewing our Jetpack devices, we see that there is no software interaction with the devices that you would connect to it. The device simply facilitates the connection for internet access using our 4G LTE data network. 

 

StevenG_VZW

0 Likes