Re: A new approach to Re: Itch3: Anti-lost/theft protection
The thing has bluetooth so it should be able to connect to the Wiimote. Using one instead of an internal accelerometer makes sense, because when you move your phone around, it's hard to keep looking at the screen. Ortwin On 3/1/07, adrian cockcroft [EMAIL PROTECTED] wrote: I would like to include an accelerometer in a phone design (my own homebrew design or a future Neo perhaps?), then all the Nintendo Wii style interactions become possible. If my phone is locked it asserts that it should be at rest, if someone picks it up it needs a code or a secret gesture on the touchscreen to unlock it or set moving locked mode. if it doesn't get the code it asks to be put down again, if that fails it complains loudly in speakerphone help, I'm being stolen, put me back! or whatever audio you like. It also posts its location to a web service. Should be easy enough to code, I'm just waiting for the hardware to catch up... Adrian On 2/28/07, Attila Csipa [EMAIL PROTECTED] wrote: On Wednesday 28 February 2007 21:44, Steven ** wrote: Caveat emptor. Possession of stolen property is still a crime where I live, even if you didn't do the actual stealing. All I'm saying (IANAL of course) that for many of those items (especially on places like ebay) it is very hard for the buyer to establish whether the good is actually stolen or not (receipts and boxes can be photoshopped all too easy), and he has to rely on a level of reasonable doubt (based on seller rating, price, provided images, etc) to determine whether he is getting the good from a trustworthy source. ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: A new approach to Re: Itch3: Anti-lost/theft protection -THE REAL PROBLEM APPEARED!
On Thursday 01 March 2007 08:41, you wrote: later someone will write a Troyan Horse, some king of dialer (like for application made calls and sent smses. Openmoko kernel should log any What do you think? There are two sides to this problem - one, the origin of software. This has actually been dealt with so we have examples like the Debian repositories which verify (gpg signatures, etc) packages so you know that the thing you are installing actually came from a place/person you trust. The other problem is just as present on regular PC-s, as you have trojans which, when run, change your dialup settings so you dial a high-price number on the other side the globe instead of your regular ISP. The second aspect is protection from malware. There are several solutions on this - proper user rights, virtualization, and filtering on the API level of the phone itself, best to combine all of these, since kernel logging won't help much if the trojan has root access and hides/works in the kernel as a module, for example. ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: A new approach to Re: Itch3: Anti-lost/theft protection
I would like to include an accelerometer in a phone design (my own homebrew design or a future Neo perhaps?), then all the Nintendo Wii style interactions become possible. If my phone is locked it asserts that it should be at rest, if someone picks it up it needs a code or a secret gesture on the touchscreen to unlock it or set moving locked mode. if it doesn't get the code it asks to be put down again, if that fails it complains loudly in speakerphone help, I'm being stolen, put me back! or whatever audio you like. It also posts its location to a web service. Should be easy enough to code, I'm just waiting for the hardware to catch up... Adrian On 2/28/07, Attila Csipa [EMAIL PROTECTED] wrote: On Wednesday 28 February 2007 21:44, Steven ** wrote: Caveat emptor. Possession of stolen property is still a crime where I live, even if you didn't do the actual stealing. All I'm saying (IANAL of course) that for many of those items (especially on places like ebay) it is very hard for the buyer to establish whether the good is actually stolen or not (receipts and boxes can be photoshopped all too easy), and he has to rely on a level of reasonable doubt (based on seller rating, price, provided images, etc) to determine whether he is getting the good from a trustworthy source. ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
A new approach to Re: Itch3: Anti-lost/theft protection
A lot of ideas have been written on anti theft protection, but much of it from a geek/user's standpoint, and almost completely forgetting the possible ramifications of the suggested techniques. First of all, none of the techniques presented PROTECT your phone from being stolen (they fall more to the find-your-lost-phone category). Second, in most countries I know of you cannot act on your own without the help/presence of law enforcement persons. Although this may sound strange and ineffective at first, it makes a lot of sense from a police perspective. What would you do if you confronted a criminal who stole your phone ? What if he is dangerous ? What if you get hurt in the process ? What if the person who has the phone and whom you are shouting at/calling a thief is actually innocent and knows nothing of the origin of the phone ? Which brings us to the next concern - stolen phones usually do not get regularly used by the persons who actually stole them, and most certainly not used by their money - their SIMs are just as stolen. They might drain your account with expensive calls, but chances are high that the phone will soon get sold through ads and/or ebay. If the persons in charge do this 'professionally' they will surely flash the phone (the Neo1973 is here at a little advantage by not being a widespread/common phone). Thus there is no guarantee that you are spending the thiefs money - in fact, it is much more probable that you are tracking and wasting an unsuspecting victims money. How would you feel if you bought a slightly used Neo1973 only to find out that it is sending expensive foreign/roaming SMS-es because the previous owner 'forgot' to turn off a silent alarm/anti theft application ? As you can see the problem of phone theft is not that simple as relaying coordinates back to yourself - a much broader topic must be analysed to tackle this issue - and although the GPS might help a little, it is not really a silver bullet in this matter. ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: A new approach to Re: Itch3: Anti-lost/theft protection
Caveat emptor. Possession of stolen property is still a crime where I live, even if you didn't do the actual stealing. That said, I agree that attempting to rack up a large bill will not prevent theft nor lead to the return of the phone. Any anti-theft mechanisms should focus on locating the phone. We could maybe have the option of disabling the phone. But the only way to disable this open-source phone would be with some hardware lock. I don't particularly like the idea that my phone could be locked. Even if it should only happen to a thief, if it has the capability, it could be abused. We're treading too closely to the blasphemous idea of trusted computing. -Steven On 2/28/07, Attila Csipa [EMAIL PROTECTED] wrote: A lot of ideas have been written on anti theft protection, but much of it from a geek/user's standpoint, and almost completely forgetting the possible ramifications of the suggested techniques. First of all, none of the techniques presented PROTECT your phone from being stolen (they fall more to the find-your-lost-phone category). Second, in most countries I know of you cannot act on your own without the help/presence of law enforcement persons. Although this may sound strange and ineffective at first, it makes a lot of sense from a police perspective. What would you do if you confronted a criminal who stole your phone ? What if he is dangerous ? What if you get hurt in the process ? What if the person who has the phone and whom you are shouting at/calling a thief is actually innocent and knows nothing of the origin of the phone ? Which brings us to the next concern - stolen phones usually do not get regularly used by the persons who actually stole them, and most certainly not used by their money - their SIMs are just as stolen. They might drain your account with expensive calls, but chances are high that the phone will soon get sold through ads and/or ebay. If the persons in charge do this 'professionally' they will surely flash the phone (the Neo1973 is here at a little advantage by not being a widespread/common phone). Thus there is no guarantee that you are spending the thiefs money - in fact, it is much more probable that you are tracking and wasting an unsuspecting victims money. How would you feel if you bought a slightly used Neo1973 only to find out that it is sending expensive foreign/roaming SMS-es because the previous owner 'forgot' to turn off a silent alarm/anti theft application ? As you can see the problem of phone theft is not that simple as relaying coordinates back to yourself - a much broader topic must be analysed to tackle this issue - and although the GPS might help a little, it is not really a silver bullet in this matter. ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: A new approach to Re: Itch3: Anti-lost/theft protection
On Wednesday 28 February 2007 21:29, kkr wrote: out that it is sending expensive foreign/roaming SMS-es because the previous owner 'forgot' to turn off a silent alarm/anti theft application Is the same for car alarm... When you sold something, you do have to do the necessary action (in other case, you're too responsive for the damage) It seems I have been a bit too cryptic - I put the word forgot in '' exactly because that way a Neo seller can fraud you by _intentionally_ doing this. Image the suggestion in a previous message in this context: overtaxed calling number (for the profit of the victim). If someone sells you a phone with that enabled _on purpose_, so he would get both the price of the phone AND some money frauded from the unsuspecting buyer (and claim later that he either did not get any money or that the theft alarm was not on on purpose). If he does this on a small scale, he could even get away unnoticed for months or years sipping a few $ per month from the real victim which is in that case the new owner of the phone. That's one of the main reasons why proactive theft reactions, especially financial, are NOT really an option. In this case, when you buy on ebay, you do have to receive the prove that the phone is not stolen, in other case (even if I'm not a lower), the buyer is too in fault... Since in our case it is already a second hand item proof of purchase is not readily available on most of the ebay items in that category - not many customers keep the papers, or even boxes that came with the phone. Sure, you can say that it is unwise or even illegal, but many of the used items on ebay have absolutely no 'proof of ownership' (do you ask proof of ownership on a garage sale or a flea market ?). ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: A new approach to Re: Itch3: Anti-lost/theft protection
On Wednesday 28 February 2007 21:44, Steven ** wrote: Caveat emptor. Possession of stolen property is still a crime where I live, even if you didn't do the actual stealing. All I'm saying (IANAL of course) that for many of those items (especially on places like ebay) it is very hard for the buyer to establish whether the good is actually stolen or not (receipts and boxes can be photoshopped all too easy), and he has to rely on a level of reasonable doubt (based on seller rating, price, provided images, etc) to determine whether he is getting the good from a trustworthy source. ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
