Re: 'My Account' - a way to store information about the phones owner, so they can be reunited if it's lost.
Ian Stirling napisał(a): Paul Wouters wrote: On Thu, 1 Mar 2007, Ian Stirling wrote: Reflashing never gets you back a different account number, it keys off the IMEI, which is not flashable. (well, perhaps it is, but it's not flashable from the linux side, and AIUI, nobody else knows how at the moment.) I really hope the IMEI number is not available to every application or even The IMEI is readable out of the modem with standard AT commands. There is even a standard across all GSM phones to get it to display it. Guys, guys... IMEI is written on phone's specific component. In older phones there was just eeprom which could be desoldered changed and soldered back. That was the way to disable SIM-Lock too. I used to do it. IMEI is like MAC address. It can be changed. It is granted from special pool to every GSM module manufacturer (just like MAC is). The phone manages IMEI distribution and displaying. If you can program your phone, you can disable IMEI showing to user. It was the primary task after phone theft to change IMEI so GSM network cannot recognize it as stolen. Really, consider it as MAC address. Phone operators actually keep only black list to block stolen phone and not every GSM operator does it. Also if the number is out of the official manufacturer pool (illegal) network won't give access. Ian Stirling says: a standard across all GSM phones to get it to display it. Yes, it is *#06# combination from keypad (try it) and AT commands. But it is the standard, like Ctrl+alt+delete for rebooting (both Linux and MS Products). Showing it to user or applications CAN be disabled. Other thing is GSM network request. GSM network requires the phone to tell it's IMEI otherwise it won't give the phone access to network. This cannot be disabled. Summing: As *we* program Neo 1973 we are managing the use of IMEI number. We can hide it from user. We cannot hide it from GSM network. -- *Bartłomiej Zdanowski* Programista Dział Rozwoju Produktów AutoGuard Insurance Sp. z o.o. Sąd Rejonowy dla m.st. Warszawy, XIII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS: 029534 NIP PL1132219747 ul. Omulewska 27 04-128 Warszawa tel. +48 22 611 69 23 www.autoguard.pl http://www.autoguard.pl begin:vcard fn;quoted-printable:Bart=C5=82omiej Zdanowski n;quoted-printable:Zdanowski;Bart=C5=82omiej org;quoted-printable:AutoGuard Insurance Sp. z o.o.;Dzia=C5=82 Rozwoju Produkt=C3=B3w adr:;;ul. Omulewska 27;Warszawa;;04-128;Polska email;internet:[EMAIL PROTECTED] title:Programista AC2 tel;work:022 611 69 23 tel;cell:603 525 105 x-mozilla-html:TRUE url:http://www.autoguard.pl version:2.1 end:vcard ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: 'My Account' - a way to store information about the phones owner, so they can be reunited if it's lost.
Paul Wouters wrote: On Thu, 1 Mar 2007, Ian Stirling wrote: Reflashing never gets you back a different account number, it keys off the IMEI, which is not flashable. (well, perhaps it is, but it's not flashable from the linux side, and AIUI, nobody else knows how at the moment.) I really hope the IMEI number is not available to every application or even the kernel itself. Perhaps only when booting the phone with some special setting in which case it refuses to use the GSM network, so people cannot be coerced into enabling this identifying mark. We already went through this with the pentium serial number. You don't have to use this scheme. If you choose not to, it may be a minute - at most, reading through a couple of screens explaining why registering may be a good idea, and picking no, and 'don't bother me again.' If anyone picks up your phone, they will simply see In shipping from FIC to user (delivery confirmed) as the last entry. The IMEI is readable out of the modem with standard AT commands. There is even a standard across all GSM phones to get it to display it. It's worse than you think. When you turn the GSM module on, this number uniquely identifies your phone, it can be accurately tracked where you are, and 'they' can even make voices in your head appear. (if you answer it when they call). ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: 'My Account' - a way to store information about the phones owner, so they can be reunited if it's lost.
On Thursday 01 March 2007 13:52:16 Ian Stirling wrote: Briefly, a way for anyone with the phone to access a history of the phone (bought/sold status, reported as stolen, ...), a way for the user to set these as well as contact information for people to return the phone in some way. Thoughts? Seems sensible. Also maybe a sticker in the battery compartment telling buyers of used phones to flash it with new firmware obtained directly from FIC (if there's some way to ensure that the flashing process actually does work even on a totally hacked phone)? pgpdVkoTg1TWf.pgp Description: PGP signature ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: 'My Account' - a way to store information about the phones owner, so they can be reunited if it's lost.
On Thu, 1 Mar 2007, Ian Stirling wrote: http://wiki.openmoko.org/wiki/My_Account is an overview of some ideas. Briefly, a way for anyone with the phone to access a history of the phone (bought/sold status, reported as stolen, ...), a way for the user to set these as well as contact information for people to return the phone in some way. Thoughts? Phone is lost. Someone finds it. If they are honest, they will call the last number and say i just found this, you know who this phone belongs to?. If they are dishonest, they remove SIM and keep using the phone, perhaps reflashing it. The phone is up for sale, either by owner or by thief. Someone buys it. If they are honest, they notice phone is stolen. I doubt many people would return the phone to its owner after having just paid for it. If less honest, they don't care. The only way you could possible do something is to enforce it. Eg ensure people cannot use the phone without your permission. Per definition, any opensource friendly phone cannot have such a feature. You can make it difficult, but not impossible. A block might work while the neo is a niche market phone - not when it becomes a giant success. I would use a combination of making it hard and phoning home regularly with the SIM number and GPS coordinates, perhaps include address entries or camera photos or what not. The idea is to try and leave a trace before the thief/new owner can disable the feature. I would however use a preset of target SMS, target email, or target website address within the phone. I see no advantage to a centrallly run repository. (and I do see disadvantages of such privacy stores. Paul ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: 'My Account' - a way to store information about the phones owner, so they can be reunited if it's lost.
Paul Wouters wrote: On Thu, 1 Mar 2007, Ian Stirling wrote: http://wiki.openmoko.org/wiki/My_Account is an overview of some ideas. Briefly, a way for anyone with the phone to access a history of the phone (bought/sold status, reported as stolen, ...), a way for the user to set these as well as contact information for people to return the phone in some way. Thoughts? Phone is lost. Someone finds it. If they are honest, they will call the last number and say i just found this, you know who this phone belongs to?. If they are dishonest, they remove SIM and keep using the phone, perhaps reflashing it. Reflashing never gets you back a different account number, it keys off the IMEI, which is not flashable. (well, perhaps it is, but it's not flashable from the linux side, and AIUI, nobody else knows how at the moment.) This is of course not a defence against phone theft, completely. It's a means for someone considering buying a phone to moderately easily ensure that it hasn't been stolen, and a way for police - for example, if they come into posession of the phone, to contact you. ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: 'My Account' - a way to store information about the phones owner, so they can be reunited if it's lost.
On Thu, 1 Mar 2007, Ian Stirling wrote: Reflashing never gets you back a different account number, it keys off the IMEI, which is not flashable. (well, perhaps it is, but it's not flashable from the linux side, and AIUI, nobody else knows how at the moment.) I really hope the IMEI number is not available to every application or even the kernel itself. Perhaps only when booting the phone with some special setting in which case it refuses to use the GSM network, so people cannot be coerced into enabling this identifying mark. We already went through this with the pentium serial number. Paul ___ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community