Re: Loosing your moko
On Thursday 10 April 2008 01:17:51 Denis wrote: Centralized database is evil. I'm going to use my own server for tracking my Neo. I think it's the only way to keep privacy. I don't know if it was already mentioned, but encryption of the GPS data might be a solution to keep privacy. Sven ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Sven Klomp wrote: On Thursday 10 April 2008 01:17:51 Denis wrote: Centralized database is evil. I'm going to use my own server for tracking my Neo. I think it's the only way to keep privacy. I don't know if it was already mentioned, but encryption of the GPS data might be a solution to keep privacy. Sven This doesn't solve it all... Let's assume that the decryption key is given to the user with its Neo. It sill means that Openmoko created that key (and thus knows it)... Didier ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On Thursday 10 April 2008 10:19:22 Didier Raboud wrote: Sven Klomp wrote: On Thursday 10 April 2008 01:17:51 Denis wrote: Centralized database is evil. I'm going to use my own server for tracking my Neo. I think it's the only way to keep privacy. I don't know if it was already mentioned, but encryption of the GPS data might be a solution to keep privacy. Sven This doesn't solve it all... Let's assume that the decryption key is given to the user with its Neo. It sill means that Openmoko created that key (and thus knows it)... Hm, I thought about something like GPG: You create a key and put the public key on your Freerunner. The Freerunner encrypts the data and sends it to the publish server. If you need the data (in case of a stolen/lost device, what ever) you download the data and decrypt it on your desktop with your private key. OK, applications like friends next to you won't work... Sven ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Sven Klomp wrote: On Thursday 10 April 2008 10:19:22 Didier Raboud wrote: Sven Klomp wrote: On Thursday 10 April 2008 01:17:51 Denis wrote: Centralized database is evil. I'm going to use my own server for tracking my Neo. I think it's the only way to keep privacy. I don't know if it was already mentioned, but encryption of the GPS data might be a solution to keep privacy. Sven This doesn't solve it all... Let's assume that the decryption key is given to the user with its Neo. It sill means that Openmoko created that key (and thus knows it)... Hm, I thought about something like GPG: You create a key and put the public key on your Freerunner. The Freerunner encrypts the data and sends it to the publish server. If you need the data (in case of a stolen/lost device, what ever) you download the data and decrypt it on your desktop with your private key. OK, applications like friends next to you won't work... Sven The problem is the reflash... My idea was that any Neo would _by default_ track its coordinates to a central server. This is the only way which would resist to /default/ reflashing and basic hijacking... ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
you can see my bolg http://blog.chinaunix.net/u/13385/ , it may be help you -- my Blog : http://blog.chinaunix.net/u/13385/ ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Flemming Richter Mikkelsen wrote: On 4/7/08, Didier Raboud [EMAIL PROTECTED] wrote: * If I loose or let my Moko being stolen, I can find my connection parameters (on the paper) and go to track.openmoko.com and there I can find 24 coordinates a day. This could help me find it back or help the police find it back. Of course, if the Moko is turned off, it won't be possible to track it. But as soon as it is turned on again (even if flashed with default image), it will restart to send coordinates to the default server with its SIM-change and flash-change prone ID. There is only one problem with this. If the phone is flashed, the the flash will be erased/overwritten and the program to transmit the coordinates will be gone. Actually, (wondering, because I have no technical skills undergoing my theory...) if the _standard_ image (the one you get after flashing [0], the standard one you would get from openmoko.[com|org|whatever]) contains that software, it would be resistant to people not able to build an own image. The whole idea is there : build this anti-steal program INTO the standard openmoko image, so that the _default_ behavior of any Neo would be to send its coordinates to an openmoko server. The access to this server would be granted by the paper sent _with_ the Neo, linked to the serial (non-modifiable) number of it. (This assumes that this precious paper would not be lost/stolen with the Neo.) This needs strong intrusion of OpenMoko (or its community) into the standard image to be shipped with the Neos. Anyway, as I see it, it _should work_ :) Regards, Didier [0] I understand flashing as for a certain number of devices : reset the original image = if this original image contains the tracker, we're OK. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Denis wrote: Then why on Earth would a hijacker use standard image? Because the Neos will always be one particular phone in a sea of other phones (even in an ocean of other phone _types_). I was assuming that the hijacker were only random hijackers targetting all possible phones to just resell them... The way of properly flash a Neo with a custom image actually needs and will probably need particular hardware and skills - things that a lambda hijacker will probably not have (he will only if he specifically targets Neos...). Anyway, I agree that there is no easy solution to this particular problem. I always thought that the IMEI was used (by lawly authorised persons) to track all the mobile phones geographically - if this is the case, it should exist for the Neos. Regards, Didier ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Yes, i think a normal hijacker has no skills to flash the image - it is unusual with normal phones. I think nearly all of them don't know about a function like the one we are discussing here. But i think there is another problem: I don't know if it legal to track the position of a person without his/her permission - even if he/she has stolen my phone... Will the cops be allowed to use this information? There are lots of crazy laws... Is a lawyer here on this list? cheers Sebatsian Am Mittwoch, den 09.04.2008, 13:59 +0200 schrieb Didier Raboud: Denis wrote: Then why on Earth would a hijacker use standard image? Because the Neos will always be one particular phone in a sea of other phones (even in an ocean of other phone _types_). I was assuming that the hijacker were only random hijackers targetting all possible phones to just resell them... The way of properly flash a Neo with a custom image actually needs and will probably need particular hardware and skills - things that a lambda hijacker will probably not have (he will only if he specifically targets Neos...). Anyway, I agree that there is no easy solution to this particular problem. I always thought that the IMEI was used (by lawly authorised persons) to track all the mobile phones geographically - if this is the case, it should exist for the Neos. Regards, Didier ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community Ich aktzeptiere keine MS Office Dokumente, weil sie 1. kein ISO Standard sind, 2. bewusst schlecht entwickelt sind und 3. nicht für alle zugänglich sind! Benutze bitte das Open Document Format - jeder kann es kostenlos öffnen - auch noch in tausenden von Jahren! signature.asc Description: Dies ist ein digital signierter Nachrichtenteil ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On 4/9/08, Sebastian Billaudelle [EMAIL PROTECTED] wrote: Yes, i think a normal hijacker has no skills to flash the image - it is unusual with normal phones. I think nearly all of them don't know about a function like the one we are discussing here. But i think there is another problem: I don't know if it legal to track the position of a person without his/her permission - even if he/she has stolen my phone... Will the cops be allowed to use this information? There are lots of crazy laws... Is a lawyer here on this list? It depends on which country you are in. -- Please don't send me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html Join the FSF as an Associate Member at: URL:http://www.fsf.org/register_form?referrer=5774 ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
RE: Loosing your moko
Well I don't know about many other Countries, but in the US an owner of a laptop has the right to install a software package that calls mother-ship when it boots. The laptop is registered with a provider and should the laptop come up missing, the owner contact the police and the provider works with the police to retrieve it for the legal owner. So I would think that if the legal owner of the phone (I hate phone the Neo is so much more) understands the risk and privacy issues it is my business. I still think it is a great idea and can't wait for the next release so I can hack around on it. It would be kind of fun walking down the street and having the phone notify me another OM community member is approaching. We could start the OM High Five as we pass each other. :-) _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sebastian Billaudelle Sent: Wednesday, April 09, 2008 8:39 AM To: List for Openmoko community discussion Subject: Re: Loosing your moko Yes, i think a normal hijacker has no skills to flash the image - it is unusual with normal phones. I think nearly all of them don't know about a function like the one we are discussing here. But i think there is another problem: I don't know if it legal to track the position of a person without his/her permission - even if he/she has stolen my phone... Will the cops be allowed to use this information? There are lots of crazy laws... Is a lawyer here on this list? cheers Sebatsian Am Mittwoch, den 09.04.2008, 13:59 +0200 schrieb Didier Raboud: Denis wrote: Then why on Earth would a hijacker use standard image? Because the Neos will always be one particular phone in a sea of other phones (even in an ocean of other phone _types_). I was assuming that the hijacker were only random hijackers targetting all possible phones to just resell them... The way of properly flash a Neo with a custom image actually needs and will probably need particular hardware and skills - things that a lambda hijacker will probably not have (he will only if he specifically targets Neos...). Anyway, I agree that there is no easy solution to this particular problem. I always thought that the IMEI was used (by lawly authorised persons) to track all the mobile phones geographically - if this is the case, it should exist for the Neos. Regards, Didier ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community Ich aktzeptiere keine MS Office Dokumente, weil sie 1. kein ISO Standard sind, 2. bewusst schlecht entwickelt sind und 3. nicht für alle zugänglich sind! Benutze bitte das Open Document Format - jeder kann es kostenlos öffnen - auch noch in tausenden von Jahren! ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Flemming Richter Mikkelsen wrote: | On 4/9/08, Sebastian Billaudelle [EMAIL PROTECTED] wrote: | Yes, i think a normal hijacker has no skills to flash the image - it is | unusual with normal phones. I think nearly all of them don't know about a | function like the one we are discussing here. | But i think there is another problem: I don't know if it legal to track | the position of a person without his/her permission - even if he/she has | stolen my phone... | Will the cops be allowed to use this information? There are lots of crazy | laws... Is a lawyer here on this list? | | | It depends on which country you are in. | | I would guess it falls under the same rules as LoJack (the car tracking GPS), which seems to be perfectly legal in the US at least. Also, you aren't technically tracking the person so much as you're tracking your phone. - --Bert -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH/NK8VfxFjPpfJ3oRAiluAJ9IWdrOk47U+P8klrtTb+54HOky0QCfScQT oB5JFIeBq8k0iIWl2zWFNu8= =ySg9 -END PGP SIGNATURE- ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On Wed, April 9, 2008 2:39 pm, Sebastian Billaudelle wrote: Yes, i think a normal hijacker has no skills to flash the image - it is unusual with normal phones. I think nearly all of them don't know about a function like the one we are discussing here. But i think there is another problem: I don't know if it legal to track the position of a person without his/her permission - even if he/she has stolen my phone... Will the cops be allowed to use this information? There are lots of crazy laws... Is a lawyer here on this list? Yes, i think a normal hijacker has no skills to flash the image - it is unusual with normal phones. I think nearly all of them don't know about a function like the one we are discussing here. But i think there is another problem: I don't know if it legal to track the position of a person without his/her permission - even if he/she has stolen my phone... Will the cops be allowed to use this information? There are lots of crazy laws... Is a lawyer here on this list? I am not a lawyer, this is my amateur analysis: As I see it, there are three issues to contend with: 1. Is it legal or ethical for openmoko to keep a database of where users are and have been without their explicit consent? 2. In what circumstances should law enforcement be granted access to the database of where users are? 3. In what circumstances should the owner of a phone be able to tell where it is? The first issue is about big scary companies keeping big brother like databases on all their users. We all tend to think of openmoko as a friendly community effort with no ill intent, but pretend for a moment, that the phone comes from someone big and scary like Microsoft or Verzon. Would you be happy about them tracking you by default? Over the years some tech publications like www.theregister.co.uk have published scandals and trade conspiracies to reduce consumer choice, invade privacy and create vendor lock in. I dare say they would have bad things to say about this plan unless strong safegards are built in, and we find a way to make this off by default (but still trap anyone who re-flashes the phone). My solution to the privacy problem is this: In the box with a new phone is a card explaining how to create an account with the location DB. The user would normally setup an account with that DB. If they are paranoid about privacy, they can throw away the card without doing anything. In normal operation, the phone contacts the location DB from time to time with its serial number and current position, however if the phones owner has not registered, the DB informs the phone that it is not registered. The phone will store that setting in non volatile memory, and will never contact the location DB again. That way, for users who are concerned about their privacy, or who just dont read the instructions, Only one location will ever be released. If the user later changes their mind the DB registration site will have instructions on how to manually flip the send locations parameter back to true, via a deeply hidden menu or config file. If someone re-flashes the phone, then the parameter will be automatically reset. If it is stolen the rightful owner would have to quickly register with the DB before the phone is re-flashed. The second issue is about law enforcement access to the database. If a bad guy such as a drug dealer is using an openmoko equipped phone, then the police might legitimately want access to the database to find out where they have been. Likewise if there has been a serous crime such as a murder, then the police would want to know who was at the crime scene during the crime. I think that most community members would agree that a request for information in these circumstances should be granted. On the other hand, many people are concerned about warantless wiretaps in the United States at the moment, and worry that the police might make big dragnet like requests to invade privacy. For example issuing speeding tickets automatically if the DB showed that you where moving faster than the posted limit. In some circumstances the owner of the phone might want access to the database to prove their innocence for example to establish an alibi, or to prove that they where not speeding. I would suggest that a good compromise would be for the DB admin to give out to the police information about the movements of any specific user, or all users who where in a specified area for a specified period of time, if the request is made by the registered owner or suitably senor police officer or judge. There is a problem that some law enforcement agencies might try to bypass any privacy rules we setup, and try to get a court order for the entire database. To prevent this we should setup the database in a country with strong privacy laws, and a strong tradition of police who obey the rule of law. We need to make sure that the DB admins are based in that country, and that no one else has root access to the DB,
RE: Loosing your moko
-Original Message- From: David Pottage [EMAIL PROTECTED] Sent: Wednesday, April 09, 2008 8:15 AM To: List for Openmoko community discussion community@lists.openmoko.org Subject: Re: Loosing your moko On Wed, April 9, 2008 2:39 pm, Sebastian Billaudelle wrote: Yes, i think a normal hijacker has no skills to flash the image - it is unusual with normal phones. I think nearly all of them don't know about a function like the one we are discussing here. But i think there is another problem: I don't know if it legal to track the position of a person without his/her permission - even if he/she has stolen my phone... Will the cops be allowed to use this information? There are lots of crazy laws... Is a lawyer here on this list? Yes, i think a normal hijacker has no skills to flash the image - it is unusual with normal phones. I think nearly all of them don't know about a function like the one we are discussing here. But i think there is another problem: I don't know if it legal to track the position of a person without his/her permission - even if he/she has stolen my phone... Will the cops be allowed to use this information? There are lots of crazy laws... Is a lawyer here on this list? I am not a lawyer, this is my amateur analysis: As I see it, there are three issues to contend with: 1. Is it legal or ethical for openmoko to keep a database of where users are and have been without their explicit consent? 2. In what circumstances should law enforcement be granted access to the database of where users are? 3. In what circumstances should the owner of a phone be able to tell where it is? The first issue is about big scary companies keeping big brother like databases on all their users. We all tend to think of openmoko as a friendly community effort with no ill intent, but pretend for a moment, that the phone comes from someone big and scary like Microsoft or Verzon. Would you be happy about them tracking you by default? Over the years some tech publications like www.theregister.co.uk have published scandals and trade conspiracies to reduce consumer choice, invade privacy and create vendor lock in. I dare say they would have bad things to say about this plan unless strong safegards are built in, and we find a way to make this off by default (but still trap anyone who re-flashes the phone). My solution to the privacy problem is this: In the box with a new phone is a card explaining how to create an account with the location DB. The user would normally setup an account with that DB. If they are paranoid about privacy, they can throw away the card without doing anything. In normal operation, the phone contacts the location DB from time to time with its serial number and current position, however if the phones owner has not registered, the DB informs the phone that it is not registered. The phone will store that setting in non volatile memory, and will never contact the location DB again. That way, for users who are concerned about their privacy, or who just dont read the instructions, Only one location will ever be released. If the user later changes their mind the DB registration site will have instructions on how to manually flip the send locations parameter back to true, via a deeply hidden menu or config file. If someone re-flashes the phone, then the parameter will be automatically reset. If it is stolen the rightful owner would have to quickly register with the DB before the phone is re-flashed. The second issue is about law enforcement access to the database. If a bad guy such as a drug dealer is using an openmoko equipped phone, then the police might legitimately want access to the database to find out where they have been. Likewise if there has been a serous crime such as a murder, then the police would want to know who was at the crime scene during the crime. I think that most community members would agree that a request for information in these circumstances should be granted. On the other hand, many people are concerned about warantless wiretaps in the United States at the moment, and worry that the police might make big dragnet like requests to invade privacy. For example issuing speeding tickets automatically if the DB showed that you where moving faster than the posted limit. In some circumstances the owner of the phone might want access to the database to prove their innocence for example to establish an alibi, or to prove that they where not speeding. I would suggest that a good compromise would be for the DB admin to give out to the police information about the movements of any specific user, or all users who where in a specified area for a specified period of time, if the request is made by the registered owner or suitably senor police officer or judge. There is a problem that some law enforcement agencies might try to bypass any privacy rules we setup, and try to get a court order for the entire database. To prevent this we should setup the database
Re: Loosing your moko
Some information about the users (like GPS tracks) can in some countries be illegal unless the user wants this (even if the user is the thief). Information retrieved illegally can not be used to put the thief in jail and I believe that in some places in the US, the thief might put you through a lawsuit and win (you always hear crazy stories from the US legal system). In Norway, we have something called Datatilsynet. Their main task is to protect peoples privacy, and they are run by the government. I can ask them if this would be legal in Norway. But for the other places, I think people just need to figure out. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
ke, 2008-04-09 kello 22:48 +0200, Flemming Richter Mikkelsen kirjoitti: Some information about the users (like GPS tracks) can in some countries be illegal unless the user wants this (even if the user is the thief). Information retrieved illegally can not be used to put the thief in jail and I believe that in some places in the US, the thief might put you through a lawsuit and win (you always hear crazy stories from the US legal system). While we're being not completely US-centric, I'll remind that illegally acquired information being inadmissible isn't a global loophole either. -- Mikko Rauhala - [EMAIL PROTECTED] - URL:http://www.iki.fi/mjr/ Transhumanist - WTA member - URL:http://www.transhumanism.org/ Singularitarian - SIAI supporter - URL:http://www.singinst.org/ ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Tim Newsom pisze: [...] On Wed, April 9, 2008 2:39 pm, Sebastian Billaudelle wrote: Yes, i think a normal hijacker has no skills to flash the image - But hijacker most probably will turn the Neo off once he gets it into his dirty hands. Then he will sell it to some fence. And fence could have skills like this or know some person who does if he is in trading with hot mobiles. [...] I don't know if it legal to track the position of a person without his/her permission - even if he/she has stolen my phone... If it is legal in your country to use some tracking system in cars (both for stolen vehicles recovering or fleet car tracking) it is probably also legal to use this kind of software in phone. Remember that your intention is to track the device not the person who is, illegally, in its possession. regards ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Centralized database is evil. I'm going to use my own server for tracking my Neo. I think it's the only way to keep privacy. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On 4/7/08, Didier Raboud [EMAIL PROTECTED] wrote: * If I loose or let my Moko being stolen, I can find my connection parameters (on the paper) and go to track.openmoko.com and there I can find 24 coordinates a day. This could help me find it back or help the police find it back. Of course, if the Moko is turned off, it won't be possible to track it. But as soon as it is turned on again (even if flashed with default image), it will restart to send coordinates to the default server with its SIM-change and flash-change prone ID. There is only one problem with this. If the phone is flashed, the the flash will be erased/overwritten and the program to transmit the coordinates will be gone. -- Please don't send me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html Join the FSF as an Associate Member at: URL:http://www.fsf.org/register_form?referrer=5774 ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
RE: Loosing your moko
Just my 2C. I have been following this thread for some time. I think the idea is GREAT...Knowing I have phones somewhere, 2 in the US, 1 in Germany and I think one in the UK. What if we start it out simple? Each device owner can choose to register their MAC, modem serial number or other unique component ID that will not change unless hardware is reconfigured. Then if the device is lost or stolen, the registered owner can request a track with the registered units ID. Even if the device is re-flashed at some time in the device's life, I am sure the new user(s) or lucky finder will attempt to use it as intended and connect via WiFi and broadcast. It will at least get the ball rolling. As the tracking development gathers more interested users, the tracker can start to gather may be SIM info, New SIM info, user call log, send me it's new number so I can call it, etc., but it all starts with the unique component ID if there is one :-) _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Flemming Richter Mikkelsen Sent: Tuesday, April 08, 2008 11:13 AM To: List for Openmoko community discussion Subject: Re: Loosing your moko On 4/7/08, Didier Raboud [EMAIL PROTECTED] wrote: * If I loose or let my Moko being stolen, I can find my connection parameters (on the paper) and go to track.openmoko.com and there I can find 24 coordinates a day. This could help me find it back or help the police find it back. Of course, if the Moko is turned off, it won't be possible to track it. But as soon as it is turned on again (even if flashed with default image), it will restart to send coordinates to the default server with its SIM-change and flash-change prone ID. There is only one problem with this. If the phone is flashed, the the flash will be erased/overwritten and the program to transmit the coordinates will be gone. -- Please don't send me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html Join the FSF as an Associate Member at: URL:http://www.fsf.org/register_form?referrer=5774 ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian Hi, My view on the topic is the following : 1) Passive GPS tracker - saves the position each hour (e.g.) 2) sends these positions each day (e.g.) in combination with IMEI (or anything constant to the phone (no matter the flash or the SIM) 3) to a server (OpenMoko of user's) 4) via SMS/GPRS (if possible : free) [maybe try each way...] 5) should be configurable, but have a working in-flash configuration with default destination server (track.openmoko.com ?) 6) The default destination server would allow access to the original buyer which will have received its connection settings on paper with his phone. Details : 2) allows a phone-unique identification and low network overhead 4) The way (and the frequency) should be configurable by the user so as to minimize its impact on communication costs. The default configuration should silently try even without SIM on all possible network accesses. 5)+3) should allow a skilled user (or communities) to install their own server if they don't trust OpenMoko enough [free software] 6) would need a default install by OpenMoko and a link from hardware to the material being finally sent. So... I don't know if this is coherent, but I think it would be the more resistant way of being steal-proof. * If I loose or let my Moko being stolen, I can find my connection parameters (on the paper) and go to track.openmoko.com and there I can find 24 coordinates a day. This could help me find it back or help the police find it back. Of course, if the Moko is turned off, it won't be possible to track it. But as soon as it is turned on again (even if flashed with default image), it will restart to send coordinates to the default server with its SIM-change and flash-change prone ID. * I as user can take the freedom to deactivate it to protect my positions and/or save money (depending on the costs induced by the GPS tracker) Regards, Didier Raboud ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
It sounds like these anti-theft measures are more likely to confuse the ordinary user. They sound quite ingenious, but are still not going to be an impenetrable barrier to theft - and probably not worth the effort. The thread is concerning the loss of the Moko, and I am reminded of those beeping keyrings you can buy - you press a button and your keys will begin beeping and flashing, enabling you to find them located under the couch or wherever. Can anyone answer as to whether tracking the Moko via GPS/sending an SMS is possible? Sean. On Fri, 2008-04-04 at 22:54 +, Denis wrote: We can also set up a fake-reflashing button so that we will be able to get information from the device even after 'reflashing'. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On Sat, Apr 5, 2008 at 8:19 AM, Sean Anderson [EMAIL PROTECTED] wrote: It sounds like these anti-theft measures are more likely to confuse the ordinary user. They sound quite ingenious, but are still not going to be an impenetrable barrier to theft - and probably not worth the effort. It'd make sense to make any such security system a user-installable package. That way they know what they're getting into. -- H. Lally Singh Ph.D. Candidate, Computer Science Virginia Tech ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On Fri, Apr 04, 2008 at 12:36:48AM +0800, Sean Moss-Pultz wrote: Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. Hehe...sounds fun. I think more along the lines of: On startup a process runs, if it recognises the sim it shuts down, if it doesn't recognise the sim it continues in the background until an ip connection is established and it takes the data from current sim and uploads it $somewhere, or if that takes too long, takes the phone number from current sim and smses that to a nominated phone number. Hello, Police? Yea, the person who has my stolen phone has this phone number: xx and is located here: y could you please get it back for me? Steve /.. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On Fri, Apr 4, 2008 at 12:43 PM, Alexey Feldgendler [EMAIL PROTECTED] wrote: On Fri, 04 Apr 2008 07:35:17 +0200, Michele Renda [EMAIL PROTECTED] wrote: When I steal the phone, the first thing that I will do is to turn off the phone. Then because I am afraid to be detected by cell I will change the internal sim, before to turn on it. This is also what happens in Russia. The majority of cell phones are stolen or robbed of people by junkies. They immediately turn the phone off and throw away the SIM card. Without turning the phone on, they bring several phones they've collected during the night to a buyer-up who pays them maybe a tenth of what the phone is worth, and that's enough for them to get their needle. The bulk of stolen phones then goes to some phone repair workshops who run an underground business of preparing them to be sold. They reflash the phone or reset it to a clean state because nobody wants to sell a phone with someone's data on it that would be crying out loud I'm a stolen phone. They also unlock it if it's locked to an operator, and change the IMEI in those models where it's possible. The next stop for a stolen phone is a second hand mobile phone shop whose owner allegedly has no idea that the phones that strange people bring, a whole box of them at a time, are in fact stolen. Because rampant mobile phone theft brings them to the second hand market where they are priced for less than half of what they're worth, it makes them affordable to people who would otherwise not be able to buy a phone. Of course, this happens at the expense of those people from whom the phones are stolen, and who usually buy themselves a new one. Because of this situation, the cell operators in Russia are reluctant to use the IMEI (which is often impossible to change) to track down or at least deny service to phones reported as stolen -- that would shrink their own market. -- Alexey Feldgendler [EMAIL PROTECTED] [ICQ: 115226275] http://feldgendler.livejournal.com ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community As cool as all the solutions sound, we have to think of some problems/implications: 1) What happens if the sim gets changed? 2) What happens if the phone gets flashed? 3) What's with my data (stored e-mail passwords, wifi-passwods, web history, session cookies, e-mails, and so on)? 4) What if I only loose the phone? 5) What if I lend the phone to a friend? Do I have to follow a two-hour setup procedure to avoid my phone calling the police? There are many solutions, but each one has it's flaws. The idea that the phone reports back in some way is pretty cool: at each sim change, send an sms to a preconfigured number, saying Hi, i'm name, this is my new number. A good utility for keeping your buddies up to date, and for having always the newest number. another good idea is to have configure the phone to play some sort of alarm and encrypt the files (but still allowing access to the phone, so that the thief keeps on using it) when it's more then.. 2 meters away from a configured bluetooth device (your headset/bluetooth keyboard/whatever). An intresting idea is to trace the gps position each minute, store them, and send a log per e-mail as soon as a connection is possible (open wifi, gprs, logged in into wifi, ..). Also a program that sends to all bluetooth devices it reaches wich accept it something like Help Me! I'm a stolen phone. I belong to $name, $adress. My actual phone number is $number, please contact the police. One out of many people maybe will contact the police. Also the client/server setup is an intresting idea, allowing one to install its own server, and sending coordinates and phone number in periodical intervals. Maybe one could even make a buisness providing this client/server setup. And if the card is taken out, and the phone flashed? Well.. if the phone is already shut down, you've lost your phone. The only possibility would be to have some sort of trackback of the serial numbers of all flashed devices.. but the security and privacy implications of this would be too great.. Just my two cents -- My corner of the web: http://blog.ramsesoriginal.org ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
RE: Loosing your moko
An application only tx/rx'ing periodic and small amounts of data may work better running on top of sms. Matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marco Trevisan (Treviño) Sent: Thursday, April 03, 2008 6:10 PM To: community@lists.openmoko.org Subject: Re: Loosing your moko Mike Baroukh wrote: Very good Idea ! just : if it has been stolen, the sim card will be changed. So may be, each time the sim card is changed, an sms could automatically be send to another number (so you have the new phone number and can continue to communicate with it ...). Or, if gprs works, maybe a post can be made to a server ... Of course, with GPS position, if available! Just a question: can I have a passive GPRS connection: I mean, I call my or newer number asking it to connect to somewhere... -- Treviño's World - Life and Linux http://www.3v1n0.net/ ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Michele Renda ha scritto: When I steal the phone, the first thing that I will do is to turn off the phone. Then because I am afraid to be detected by cell I will change the internal sim, before to turn on it. Well, this is true but sending data on next power-on could help. BTW, here we're talking about stealing; this is an important issue, but thread talked generally about loosing, so I think that we should first implement non-paranoia features that simply you could use when you can't find your phone but it's alive and ringing (reachable via GPS at least). I think (hope) it will be more used than an anti-theft feature. About data securyt... I've already mentioned, but isn't there a way to use an encrypted filesystem by default on Openmoko? Actually they perform like the standard filesystems [1], but they would give us more security if someone has taken our phone and he wants to access to our data. Another gain of using a such thing would be that we don't need to create a security feature for each used application. Of course, I guess there's a bad thing: if you have an already running phone you can't block the user to access to some data (am I right, isn't it?). [1] http://tinyurl.com/657wmo -- Treviño's World - Life and Linux http://www.3v1n0.net/ ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
It's certainly prudent to realise that this is far from a full-proof phone theft prevention system. I realise it's a little redundant to say aaw, but no security is airtight anyway!, but it's worth pointing out nonetheless. Encrypted data, a device that phones home... these are all flawed but noticeable barriers for the potential thief. It is also worth noting that the data stored on a phone like the Moko (emails, passwords, ssh keys) is significantly more valuable than the type of data stored on ordinary cellphones at the moment (hey, how r u? 3 x 500, some pictures of people being hit by bins) so it is more important that the owners of the devices, and the developers, think more seriously about how to protect the valuable data that is being stored. The Moko has the hardware and the flexibility, so I doubt it would be a great deal of trouble to implement a little GPS app that phones home when it gets lost. My main point: the system may also be useful if the user has simply misplaced the phone and would like to find out if they've left it at a friend's house or at the pub. GPS is getting accurate enough to determine which area of the house it is in. It could eliminate the possibility of it being stolen if it turns up in a familiar location. How is the Moko user going to tell if they have dropped their phone on the train and it is sitting unclaimed at the lost found depot of the train station? GPS, of course :) Sean. On Fri, 2008-04-04 at 12:43 +0200, Alexey Feldgendler wrote: On Fri, 04 Apr 2008 07:35:17 +0200, Michele Renda [EMAIL PROTECTED] wrote: When I steal the phone, the first thing that I will do is to turn off the phone. Then because I am afraid to be detected by cell I will change the internal sim, before to turn on it. This is also what happens in Russia. The majority of cell phones are stolen or robbed of people by junkies. They immediately turn the phone off and throw away the SIM card. Without turning the phone on, they bring several phones they've collected during the night to a buyer-up who pays them maybe a tenth of what the phone is worth, and that's enough for them to get their needle. The bulk of stolen phones then goes to some phone repair workshops who run an underground business of preparing them to be sold. They reflash the phone or reset it to a clean state because nobody wants to sell a phone with someone's data on it that would be crying out loud “I'm a stolen phone”. They also unlock it if it's locked to an operator, and change the IMEI in those models where it's possible. The next stop for a stolen phone is a second hand mobile phone shop whose owner allegedly has no idea that the phones that strange people bring, a whole box of them at a time, are in fact stolen. Because rampant mobile phone theft brings them to the second hand market where they are priced for less than half of what they're worth, it makes them affordable to people who would otherwise not be able to buy a phone. Of course, this happens at the expense of those people from whom the phones are stolen, and who usually buy themselves a new one. Because of this situation, the cell operators in Russia are reluctant to use the IMEI (which is often impossible to change) to track down or at least deny service to phones reported as stolen -- that would shrink their own market. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On Fri, Apr 4, 2008 at 4:45 PM, Sean Anderson [EMAIL PROTECTED] wrote: It's certainly prudent to realise that this is far from a full-proof phone theft prevention system. I realise it's a little redundant to say aaw, but no security is airtight anyway!, but it's worth pointing out nonetheless. Encrypted data, a device that phones home... these are all flawed but noticeable barriers for the potential thief. It is also worth noting that the data stored on a phone like the Moko (emails, passwords, ssh keys) is significantly more valuable than the type of data stored on ordinary cellphones at the moment (hey, how r u? 3 x 500, some pictures of people being hit by bins) so it is more important that the owners of the devices, and the developers, think more seriously about how to protect the valuable data that is being stored. The Moko has the hardware and the flexibility, so I doubt it would be a great deal of trouble to implement a little GPS app that phones home when it gets lost. My main point: the system may also be useful if the user has simply misplaced the phone and would like to find out if they've left it at a friend's house or at the pub. GPS is getting accurate enough to determine which area of the house it is in. It could eliminate the possibility of it being stolen if it turns up in a familiar location. How is the Moko user going to tell if they have dropped their phone on the train and it is sitting unclaimed at the lost found depot of the train station? GPS, of course :) Sean. On Fri, 2008-04-04 at 12:43 +0200, Alexey Feldgendler wrote: On Fri, 04 Apr 2008 07:35:17 +0200, Michele Renda [EMAIL PROTECTED] wrote: When I steal the phone, the first thing that I will do is to turn off the phone. Then because I am afraid to be detected by cell I will change the internal sim, before to turn on it. This is also what happens in Russia. The majority of cell phones are stolen or robbed of people by junkies. They immediately turn the phone off and throw away the SIM card. Without turning the phone on, they bring several phones they've collected during the night to a buyer-up who pays them maybe a tenth of what the phone is worth, and that's enough for them to get their needle. The bulk of stolen phones then goes to some phone repair workshops who run an underground business of preparing them to be sold. They reflash the phone or reset it to a clean state because nobody wants to sell a phone with someone's data on it that would be crying out loud I'm a stolen phone. They also unlock it if it's locked to an operator, and change the IMEI in those models where it's possible. The next stop for a stolen phone is a second hand mobile phone shop whose owner allegedly has no idea that the phones that strange people bring, a whole box of them at a time, are in fact stolen. Because rampant mobile phone theft brings them to the second hand market where they are priced for less than half of what they're worth, it makes them affordable to people who would otherwise not be able to buy a phone. Of course, this happens at the expense of those people from whom the phones are stolen, and who usually buy themselves a new one. Because of this situation, the cell operators in Russia are reluctant to use the IMEI (which is often impossible to change) to track down or at least deny service to phones reported as stolen -- that would shrink their own market. I'm not an expert of the matter, but if it's possible to detect the distance of some bluetooth-device, then a simple headset (remains always on your ear) or even a bacon in your wallet is enough to prevent loosing/getting your phone stolen: if more then 2 meters distance, make a loud noise. That's it. -- My corner of the web: http://blog.ramsesoriginal.org ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
I don't want to say this is the solution for all the problems: As cool as all the solutions sound, we have to think of some problems/implications: 1) What happens if the sim gets changed? It continue to run, because the program is not sim related. Whe it see a tcp/ip connection it send a data packet to openmoko serve. The sim credential is used only to identify who use the phone. 2) What happens if the phone gets flashed? To this, I think we can do nothing. I hope it is sold without to be flashed. Freerunner is not a so common phone for now. 3) What's with my data (stored e-mail passwords, wifi-passwods, web history, session cookies, e-mails, and so on)? Is possible to implement a system to get all these data to the server (one time it is allarmed) and to delete the phone copy. 4) What if I only loose the phone? You can access to openmoko server without make a stealt alarm, but only a lose allarm 5) What if I lend the phone to a friend? Do I have to follow a two-hour setup procedure to avoid my phone calling the police? Is forbidden to call policy with an automatic system There are many solutions, but each one has it's flaws. The idea that the phone reports back in some way is pretty cool: at each sim change, send an sms to a preconfigured number, saying Hi, i'm name, this is my new number. A good utility for keeping your buddies up to date, and for having always the newest number. another good idea is to have configure the phone to play some sort of alarm and encrypt the files (but still allowing access to the phone, so that the thief keeps on using it) when it's more then.. 2 meters away from a configured bluetooth device (your headset/bluetooth keyboard/whatever). An intresting idea is to trace the gps position each minute, store them, and send a log per e-mail as soon as a connection is possible (open wifi, gprs, logged in into wifi, ..). Also a program that sends to all bluetooth devices it reaches wich accept it something like Help Me! I'm a stolen phone. I belong to $name, $adress. My actual phone number is $number, please contact the police. One out of many people maybe will contact the police. Also the client/server setup is an intresting idea, allowing one to install its own server, and sending coordinates and phone number in periodical intervals. Maybe one could even make a buisness providing this client/server setup. And if the card is taken out, and the phone flashed? Well.. if the phone is already shut down, you've lost your phone. The only possibility would be to have some sort of trackback of the serial numbers of all flashed devices.. but the security and privacy implications of this would be too great.. Just my two cents Yes, I think your ideas are good! ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Hello I am a programmer, and I possible I will have some of the technical capacity to develop something like this. I don't have any experience about OpenMoko programming, so, is very possible I will not have success. But I will try to do, when I will buy my first FreeRunner ( I hope it will come out as soon as possible). I will try, if I will not have sucess, no one will know! :) Sean Anderson wrote: I think this thread of discussion is getting a little bit bogged down with random ideas (not that I haven't contributed to that, it's fun!) but does anyone have any technical insight into how easily these ideas could be implemented on the Moko? You know, if all else fails, it would probably be pretty cool. Most GPS-related things are. Sean. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
RE: Loosing your moko
A phone can always receive a call. The number itself is information and can be acted on, without answering the call. I think there's a couple of ways to send a cue in a similar way, maybe. Matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marco Trevisan (Treviño) Sent: Friday, April 04, 2008 10:14 AM To: community@lists.openmoko.org Subject: Re: Loosing your moko Crane, Matthew ha scritto: An application only tx/rx'ing periodic and small amounts of data may work better running on top of sms. Well, ok... Btw the question remains... Since I haven't a GPRS/SMS/Call flat I'd like the phone to send such informations only if I've requested them remotely... A way to make this possible? SMS of course, then (to get also a ssh connection, for example)? -- Treviño's World - Life and Linux http://www.3v1n0.net/ ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
I too am (some sort of) developer. I tried to mess around a bit with soem simple openmoko programming some months ago (pre-GTA01), but since then we've gotten a long way. as far as I can understand it, most of this options ould'nt be difficult, and if the correct bindings are provided, could even be handled by some lines of python/ruby/... On Fri, Apr 4, 2008 at 6:45 PM, Michele Renda [EMAIL PROTECTED] wrote: Hello I am a programmer, and I possible I will have some of the technical capacity to develop something like this. I don't have any experience about OpenMoko programming, so, is very possible I will not have success. But I will try to do, when I will buy my first FreeRunner ( I hope it will come out as soon as possible). I will try, if I will not have sucess, no one will know! :) Sean Anderson wrote: I think this thread of discussion is getting a little bit bogged down with random ideas (not that I haven't contributed to that, it's fun!) but does anyone have any technical insight into how easily these ideas could be implemented on the Moko? You know, if all else fails, it would probably be pretty cool. Most GPS-related things are. Sean. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community -- My corner of the web: http://blog.ramsesoriginal.org ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
According you is possible to prepare it with an qemu emulated system? Or is necessary to have the true hardware? ramsesoriginal wrote: I too am (some sort of) developer. I tried to mess around a bit with soem simple openmoko programming some months ago (pre-GTA01), but since then we've gotten a long way. as far as I can understand it, most of this options ould'nt be difficult, and if the correct bindings are provided, could even be handled by some lines of python/ruby/... On Fri, Apr 4, 2008 at 6:45 PM, Michele Renda [EMAIL PROTECTED] wrote: Hello I am a programmer, and I possible I will have some of the technical capacity to develop something like this. I don't have any experience about OpenMoko programming, so, is very possible I will not have success. But I will try to do, when I will buy my first FreeRunner ( I hope it will come out as soon as possible). I will try, if I will not have sucess, no one will know! :) Sean Anderson wrote: I think this thread of discussion is getting a little bit bogged down with random ideas (not that I haven't contributed to that, it's fun!) but does anyone have any technical insight into how easily these ideas could be implemented on the Moko? You know, if all else fails, it would probably be pretty cool. Most GPS-related things are. Sean. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
The phone needs an application where we can configure which of all these ideas we want to use (sending coordinates phone no, detecting if out of reach from BT device, etc). I would like my phone to log the GPS info + current phone no to my server, where the information would be stored in a mysql DB with a timestamp. It should always send the information when free internet is available. I would also like it to send the same information over an SMS to a preconfigured phone no if current_sim is not in the allowed_sim_cards list allowed=0; for (i=0;inum_of_legal_sim_cards: i++){ if (current_sim == legal_sim_cards[i]) allowed++; } if (!allowed) send_edata_sms(receiver_no); On 4/4/08, Federico Lorenzi [EMAIL PROTECTED] wrote: One of the really cool ideas is the bluetooth one as mentioned before. You can pick up a cheap bluetooth headset for next to nothing, and all you do is carry it around with you. When / if the neo detects it is out of range / past a specific RSSI, then it will start making noise. Not necessarily screaming 'I AM BEING STOLEN' but maybe play a song at full volume and start vibrating like crazy. You could also have it so if it goes past a specific RSSI it sends a message to the headset, to be discrete :) Cheers, Federico If we should use this, we should not delete the data on the server. It is much better to use a versioning system like svn or cvs on the server for two reasons: 1) If you mess up some config files or delete something, you can always get it back 2) It would be less information to sync Setting up a svn server is very easy. -- Please don't send me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html Join the FSF as an Associate Member at: URL:http://www.fsf.org/register_form?referrer=5774 ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Sorry for replying to my own post. I just noticed that I quoted the wrong mail:( What I meant to quote was: Is possible to implement a system to get all these data to the server (one time it is allarmed) and to delete the phone copy. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
About the we can do nothing if the phone is turned off by the thief immediately - maybe we can do at least something: - implement the regular shutdown via a hidden menu entry, maybe with a password - if the phone is instead turned off via the (hardware) power button of the Neo we just fake a power-off by displaying a shutdown animation and turn off the LCD and speaker. In this case it's even an advantage if the thief tried to turn off the phone because then we can be really sure that the phone is in illegitimate hands (as it might be that a good soul finds your lost phone and tries to return it to you/the police). After the fake-shutdown, the phone sets the THEFT_IN_PROGRESS flag and does all the fancy things you mentioned before: - encrypting/uploading/erasing the data - calling owner/police with GPS/GSM-cell location etc... Some more (exotic) things which came to my mind: - record and upload ambience to maybe catch the voice of the thief - setting volume to max and play a The holder of this phone is currently stealing it, the rightful owner and the police have been called 15 minutes ago and know about your current location - drop it now and run like hell or face the consequences :o) - auto-accept a voice-call and make hanging-up impossible - that way you might get the chance to talk him out of stealing your phone Of course - if he rips out the battery right after he finds it we really can't do much about it but if someone is paranoid enough he could probably make it very hard to open the case (- superglue ;o) And if the thief does not turn off the phone, we could still trigger the THEFT_IN_PROGRESS mode by a coded SMS message. I'm pretty sure that the Neo could be made one of the hardest-to-steal phones ever :o) -- beren ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Michele Renda ha scritto: According you is possible to prepare it with an qemu emulated system? Or is necessary to have the true hardware? AFAIK you can simply install Openmoko stack in any hardware, also in a standard PC, simply follow the wiki [1]! [1] http://tinyurl.com/6bkfpj -- Treviño's World - Life and Linux http://www.3v1n0.net/ ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Some days ago I was thinking something about this. My idea was this: 1. An application to install (who want) on openmoko. It is running as a deamon. Configure very simple like username, password, server. 2. If it is running, check if there is connection. If yes, it send his mac and gps coordinates to a server, that can be hosted to openmoko.org 3. every person can access to a web application, on openmoko.org where a person can set the stealt allarm. It there is the stealt allarm, openmoko.org will keep all the gps position received every time that the freerunner is online. else if clean all the position after 7 day (I think is a reasonable time a person will know if a phone was stealt) 4. If a person didn't gave a stealt allarm, the person can not to access to position logs (to avoid privacy violation) It can run because who steal a phone, usually he can sell. And an openmoko phone is very suitable to go online, so if someone go online, he will send as soon info about his position. Is possible to think that it will send the inserted sim number or s/n. This is my idea Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. Hehe...sounds fun. -Sean ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Hi. Very good Idea ! just : if it has been stolen, the sim card will be changed. So may be, each time the sim card is changed, an sms could automatically be send to another number (so you have the new phone number and can continue to communicate with it ...). Or, if gprs works, maybe a post can be made to a server ... Mike Sebastian Billaudelle a écrit : Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. Hehe...sounds fun. The real fun is when you ssh in to wipe the contents and set the battery to always fast charge so the new owner gets some surprises when they plug it into their charger... ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Sean Moss-Pultz wrote: I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find your moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. Hehe...sounds fun. For sure. But there are two approaches; this one assumes the bad guy won't change (or just remove) the SIM card, which is possible but not likely. The other one (which I thought of ages ago but which Michele Renda just explained again quite well) still works if the BG changes the SIM, as long as there's a SIM card in place (or if you have a FreeRunner if you're in WiFi coverage). But of course neither will work if the bad guy is tech-savvy enough to reload the flash. And we won't say any more because those guys know how to use Google! ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Or it could be programmed to send this GPS-locating message to the server each time the SIM card is changed, for the ultra-paranoid. Matt On Thu, Apr 3, 2008 at 12:57 PM, Ian Darwin [EMAIL PROTECTED] wrote: Sean Moss-Pultz wrote: I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find your moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. Hehe...sounds fun. For sure. But there are two approaches; this one assumes the bad guy won't change (or just remove) the SIM card, which is possible but not likely. The other one (which I thought of ages ago but which Michele Renda just explained again quite well) still works if the BG changes the SIM, as long as there's a SIM card in place (or if you have a FreeRunner if you're in WiFi coverage). But of course neither will work if the bad guy is tech-savvy enough to reload the flash. And we won't say any more because those guys know how to use Google! ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
I think it would be quite likely that a phone thief/finder would change the SIM, either because they want to use it themselves, or because they want to sell it. I'd do the following: Set up a script so that the phone regularly connects to a server you control, downloads the contents of a folder executes them. Say once every six hours, just for argument's sake. The contents of this folder would usually be empty, but as soon as you realised that your phone was missing you upload the GPS/SMS/mass deletion script that you've been saving for months. That way, it doesn't matter about whatever the bad folk has done to your phone (as long as the flash hasn't been wiped); it will connect up (you'll discover it's IP address - likely to be useful) and will execute the commands you want. This is something I'm probably going to look into implementing within a corporate environment within the near future. Joseph On 03/04/2008, Ian Darwin [EMAIL PROTECTED] wrote: Sean Moss-Pultz wrote: I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find your moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. Hehe...sounds fun. For sure. But there are two approaches; this one assumes the bad guy won't change (or just remove) the SIM card, which is possible but not likely. The other one (which I thought of ages ago but which Michele Renda just explained again quite well) still works if the BG changes the SIM, as long as there's a SIM card in place (or if you have a FreeRunner if you're in WiFi coverage). But of course neither will work if the bad guy is tech-savvy enough to reload the flash. And we won't say any more because those guys know how to use Google! ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
True, but frankly there's a lot of bad stuff that could happen if someone malicious got that level of access to our servers... On 03/04/2008, andy [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joseph Reeves wrote: I think it would be quite likely that a phone thief/finder would change the SIM, either because they want to use it themselves, or because they want to sell it. I'd do the following: Set up a script so that the phone regularly connects to a server you control, downloads the contents of a folder executes them. Say once every six hours, just for argument's sake. The contents of this folder would usually be empty, but as soon as you realised that your phone was missing you upload the GPS/SMS/mass deletion script that you've been saving for months. That way, it doesn't matter about whatever the bad folk has done to your phone (as long as the flash hasn't been wiped); it will connect up (you'll discover it's IP address - likely to be useful) and will execute the commands you want. This is something I'm probably going to look into implementing within a corporate environment within the near future. Joseph Only problem with that is that if someone hacked into that folder, he could wipe all your neo's in one move :) 2c worth Andy -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH9RdgauMjEM4rxIQRAuWEAJ46VdnU2Xk5ar6CNFIMaU8Ftiy9DACgjZ+1 CCvhtSh3T+QXVY4U2gUOvBU= =2Asi -END PGP SIGNATURE- ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Why not merge all this ideas? Could anyone try to implement this? If not, I'll do it in summer (when I'll buy a freerunner;-))... cheers Sebastian Am Donnerstag, den 03.04.2008, 19:01 +0100 schrieb Joseph Reeves: True, but frankly there's a lot of bad stuff that could happen if someone malicious got that level of access to our servers... On 03/04/2008, andy [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joseph Reeves wrote: I think it would be quite likely that a phone thief/finder would change the SIM, either because they want to use it themselves, or because they want to sell it. I'd do the following: Set up a script so that the phone regularly connects to a server you control, downloads the contents of a folder executes them. Say once every six hours, just for argument's sake. The contents of this folder would usually be empty, but as soon as you realised that your phone was missing you upload the GPS/SMS/mass deletion script that you've been saving for months. That way, it doesn't matter about whatever the bad folk has done to your phone (as long as the flash hasn't been wiped); it will connect up (you'll discover it's IP address - likely to be useful) and will execute the commands you want. This is something I'm probably going to look into implementing within a corporate environment within the near future. Joseph Only problem with that is that if someone hacked into that folder, he could wipe all your neo's in one move :) 2c worth Andy -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH9RdgauMjEM4rxIQRAuWEAJ46VdnU2Xk5ar6CNFIMaU8Ftiy9DACgjZ+1 CCvhtSh3T+QXVY4U2gUOvBU= =2Asi -END PGP SIGNATURE- ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community Ich aktzeptiere keine MS Office Dokumente, weil sie 1. kein ISO Standard sind, 2. bewusst schlecht entwickelt sind und 3. nicht für alle zugänglich sind! Benutze bitte das Open Document Format - jeder kann es kostenlos öffnen - auch noch in tausenden von Jahren! signature.asc Description: Dies ist ein digital signierter Nachrichtenteil ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Some days ago I was thinking something about this. My idea was this: 1. An application to install (who want) on openmoko. It is running as a deamon. Configure very simple like username, password, server. 2. If it is running, check if there is connection. If yes, it send his mac and gps coordinates to a server, that can be hosted to openmoko.org 3. every person can access to a web application, on openmoko.org where a person can set the stealt allarm. It there is the stealt allarm, openmoko.org will keep all the gps position received every time that the freerunner is online. else if clean all the position after 7 day (I think is a reasonable time a person will know if a phone was stealt) 4. If a person didn't gave a stealt allarm, the person can not to access to position logs (to avoid privacy violation) It can run because who steal a phone, usually he can sell. And an openmoko phone is very suitable to go online, so if someone go online, he will send as soon info about his position. Is possible to think that it will send the inserted sim number or s/n. This is my idea Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
On jue, 2008-04-03 at 18:30 +0200, Michele Renda wrote: Some days ago I was thinking something about this. My idea was this: 1. An application to install (who want) on openmoko. It is running as a deamon. Configure very simple like username, password, server. 2. If it is running, check if there is connection. If yes, it send his mac and gps coordinates to a server, that can be hosted to openmoko.org Using this approximation the centralised server could be used to many more things: Ex. Measure the distance between two FreeRunners, so you can find a friend in a party :) (In the centralised server at openmoko.org you can set who can see you location). 3. every person can access to a web application, on openmoko.org where a person can set the stealt allarm. It there is the stealt allarm, openmoko.org will keep all the gps position received every time that the freerunner is online. else if clean all the position after 7 day (I think is a reasonable time a person will know if a phone was stealt) 4. If a person didn't gave a stealt allarm, the person can not to access to position logs (to avoid privacy violation) It can run because who steal a phone, usually he can sell. And an openmoko phone is very suitable to go online, so if someone go online, he will send as soon info about his position. Is possible to think that it will send the inserted sim number or s/n. This is my idea Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community -- Diego Fdez. Durán [EMAIL PROTECTED] | http://www.goedi.net GPG : 925C 9A21 7A11 3B13 6E43 50DB F579 D119 90D2 66BB signature.asc Description: Esta parte del mensaje está firmada digitalmente ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Lets not forget, you should be able to download the server software too, and run it on your own server :) /me points to the GPS location sharing project and thinks it could suite the task with authentication. Cheers, Federico Reply Header Subject:Re: Loosing your moko Author: Diego Fdez. Durán [EMAIL PROTECTED] Date: 03rd April 2008 9:00 pm On jue, 2008-04-03 at 18:30 +0200, Michele Renda wrote: Some days ago I was thinking something about this. My idea was this: 1. An application to install (who want) on openmoko. It is running as a deamon. Configure very simple like username, password, server. 2. If it is running, check if there is connection. If yes, it send his mac and gps coordinates to a server, that can be hosted to openmoko.org Using this approximation the centralised server could be used to many more things: Ex. Measure the distance between two FreeRunners, so you can find a friend in a party :) (In the centralised server at openmoko.org you can set who can see you location). 3. every person can access to a web application, on openmoko.org where a person can set the stealt allarm. It there is the stealt allarm, openmoko.org will keep all the gps position received every time that the freerunner is online. else if clean all the position after 7 day (I think is a reasonable time a person will know if a phone was stealt) 4. If a person didn't gave a stealt allarm, the person can not to access to position logs (to avoid privacy violation) It can run because who steal a phone, usually he can sell. And an openmoko phone is very suitable to go online, so if someone go online, he will send as soon info about his position. Is possible to think that it will send the inserted sim number or s/n. This is my idea Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community -- Diego Fdez. Durán [EMAIL PROTECTED] | http://www.goedi.net GPG : 925C 9A21 7A11 3B13 6E43 50DB F579 D119 90D2 66BB ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Mike Baroukh wrote: Very good Idea ! just : if it has been stolen, the sim card will be changed. So may be, each time the sim card is changed, an sms could automatically be send to another number (so you have the new phone number and can continue to communicate with it ...). Or, if gprs works, maybe a post can be made to a server ... Of course, with GPS position, if available! Just a question: can I have a passive GPRS connection: I mean, I call my or newer number asking it to connect to somewhere... -- Treviño's World - Life and Linux http://www.3v1n0.net/ ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
I would also recommend that some form of authentication and (optionally) encryption be used on the data, in case you don't want the whole world to know your location. That way, you could have your phone report home its position by default, and if it gets stolen you just need to look to see where it is. Also, you could choose to share your data with anyone by sharing your public key. My apologies if someone mentioned it already, but something like openDMTP (http://www.opendmtp.org/) might be a good starting point. Cheers, Matt Lets not forget, you should be able to download the server software too, and run it on your own server :) /me points to the GPS location sharing project and thinks it could suite the task with authentication. Cheers, Federico Reply Header Subject: Re: Loosing your moko Author:Diego Fdez. Durán [EMAIL PROTECTED] Date: 03rd April 2008 9:00 pm On jue, 2008-04-03 at 18:30 +0200, Michele Renda wrote: Some days ago I was thinking something about this. My idea was this: 1. An application to install (who want) on openmoko. It is running as a deamon. Configure very simple like username, password, server. 2. If it is running, check if there is connection. If yes, it send his mac and gps coordinates to a server, that can be hosted to openmoko.org Using this approximation the centralised server could be used to many more things: Ex. Measure the distance between two FreeRunners, so you can find a friend in a party :) (In the centralised server at openmoko.org you can set who can see you location). 3. every person can access to a web application, on openmoko.org where a person can set the stealt allarm. It there is the stealt allarm, openmoko.org will keep all the gps position received every time that the freerunner is online. else if clean all the position after 7 day (I think is a reasonable time a person will know if a phone was stealt) 4. If a person didn't gave a stealt allarm, the person can not to access to position logs (to avoid privacy violation) It can run because who steal a phone, usually he can sell. And an openmoko phone is very suitable to go online, so if someone go online, he will send as soon info about his position. Is possible to think that it will send the inserted sim number or s/n. This is my idea Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community -- Diego Fdez. Durán [EMAIL PROTECTED] | http://www.goedi.net GPG : 925C 9A21 7A11 3B13 6E43 50DB F579 D119 90D2 66BB ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
I think the original idea was a sensible one, but I doubt many would be willing to risk losing all their data for the rare situation where it would be a security advantage. I think there is something to be said for nifty GPS features. I've lost my phone... why not SMS it and ask it to email me its location? :) Security-wise, however, it's a patchy strategy despite how cool it sounds. It isn't going to stop the physical phone being stolen, but to what extent can the Moko be encrypted to protect your data? Sean. On Thu, 2008-04-03 at 18:11 +0200, Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
The idea of a homing beacon is pretty cool. I have to say, however that havign a centralized place for this information to be stored is... as politely as possible, stupid. Asking Can we do something expresses creativity but requires a should we do something. We know the device CAN do that, figuring out how to impliment it and keep the user in control of that data should always be first and foremost. A client/server setup, that anyone with a PC or server can setup makes a lot of sense. And just remember, serial numbers physically etched on the device and a report to your insurance agency can go a long way with mitigating the loss if you ever loose your Neo. -Kevin On Thu, Apr 3, 2008 at 9:12 PM, Sean Anderson [EMAIL PROTECTED] wrote: I think the original idea was a sensible one, but I doubt many would be willing to risk losing all their data for the rare situation where it would be a security advantage. I think there is something to be said for nifty GPS features. I've lost my phone... why not SMS it and ask it to email me its location? :) Security-wise, however, it's a patchy strategy despite how cool it sounds. It isn't going to stop the physical phone being stolen, but to what extent can the Moko be encrypted to protect your data? Sean. On Thu, 2008-04-03 at 18:11 +0200, Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
Thank you It seem to be what I was searching for: to follow a standard is always a good idea :) [EMAIL PROTECTED] wrote: I would also recommend that some form of authentication and (optionally) encryption be used on the data, in case you don't want the whole world to know your location. That way, you could have your phone report home its position by default, and if it gets stolen you just need to look to see where it is. Also, you could choose to share your data with anyone by sharing your public key. My apologies if someone mentioned it already, but something like openDMTP (http://www.opendmtp.org/) might be a good starting point. Cheers, Matt Lets not forget, you should be able to download the server software too, and run it on your own server :) /me points to the GPS location sharing project and thinks it could suite the task with authentication. Cheers, Federico Reply Header Subject:Re: Loosing your moko Author: Diego Fdez. Durán [EMAIL PROTECTED] Date: 03rd April 2008 9:00 pm On jue, 2008-04-03 at 18:30 +0200, Michele Renda wrote: Some days ago I was thinking something about this. My idea was this: 1. An application to install (who want) on openmoko. It is running as a deamon. Configure very simple like username, password, server. 2. If it is running, check if there is connection. If yes, it send his mac and gps coordinates to a server, that can be hosted to openmoko.org Using this approximation the centralised server could be used to many more things: Ex. Measure the distance between two FreeRunners, so you can find a friend in a party :) (In the centralised server at openmoko.org you can set who can see you location). 3. every person can access to a web application, on openmoko.org where a person can set the stealt allarm. It there is the stealt allarm, openmoko.org will keep all the gps position received every time that the freerunner is online. else if clean all the position after 7 day (I think is a reasonable time a person will know if a phone was stealt) 4. If a person didn't gave a stealt allarm, the person can not to access to position logs (to avoid privacy violation) It can run because who steal a phone, usually he can sell. And an openmoko phone is very suitable to go online, so if someone go online, he will send as soon info about his position. Is possible to think that it will send the inserted sim number or s/n. This is my idea Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community -- Diego Fdez. Durán [EMAIL PROTECTED] | http://www.goedi.net GPG : 925C 9A21 7A11 3B13 6E43 50DB F579 D119 90D2 66BB ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Loosing your moko
According me the sms or email solution is not ok for this reason: When I steal the phone, the first thing that I will do is to turn off the phone. Then because I am afraid to be detected by cell I will change the internal sim, before to turn on it. So: we need something that periodically send to a server well known, some info, crypted. The data trasmitted will be very little, only sim number/serial, gps position. The server had to store it for a week, and to show to the owner of the phone: it can be useful to show the position to Google maps (I don't think it will be a problem with google api). It can be also implemented the function, that if the server send an alarm to the phone, it start an emergency upload of contact list and messages, to recover at least the phonebook and the sms. Sean Anderson wrote: I think the original idea was a sensible one, but I doubt many would be willing to risk losing all their data for the rare situation where it would be a security advantage. I think there is something to be said for nifty GPS features. I've lost my phone... why not SMS it and ask it to email me its location? :) Security-wise, however, it's a patchy strategy despite how cool it sounds. It isn't going to stop the physical phone being stolen, but to what extent can the Moko be encrypted to protect your data? Sean. On Thu, 2008-04-03 at 18:11 +0200, Sebastian Billaudelle wrote: Hi there! I thought about the risk of loosing the moko or of getting it stolen... I got the following idea: If you can't find you moko, you only have to send an SMS with a special keyword/passphrase to your moko. It recognises the special text and sends the current coordinates to a server. So you can see it's position. cheers Sebastian ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community