I want to create an unstealable phone. - General Topics

I want to create an "un-steal-able" phone.
Of course this is impossible, but I want to make it as difficult as possible for thieves to get away with it, and as easy as possible for me to find it.
Assumptions:
Phone has available call and text messaging service.
Phone has internet capabilities and "permanent" Internet access. (We will consider 2G, 3G, or 4G cellular access with a data plan to be permanent. Depending on an open WiFi network to be available at all times is unreliable).
Phone is on and has some charge in its battery. (If the phone is off, we can't do anything).
Phone has an accurate GPS receiver.
Requirements:
Software that relays GPS coordinates via an Internet connection. As a backup for when there is no cellular data signal, software that relay GPS coordinates via SMS
Software cannot be disabled or removed without authentication.
GPS on phone cannot be turned off without authentication (alternative: remote activation of GPS receiver via Internet or SMS)
Cellular data and/or WiFi cannot be turned off without authentication (alternative: remote activation of cellular data via SMS)
Where GPS signal can be used for macro location (within 10 to 30 meters), there must be some method of micro location (within a few feet).
Phone cannot be powered off via any button press, on-screen menu, or removal of battery
Phone cannot be wiped by on-screen menu or by computer cable connection
Now I have approached this solution from two starting points: the iPhone running iOS, or an Android-based smartphone. Both have different advantages and technical details. Let's look at how we can meet each of these requirements one by one.
iOS solution:
Unfortunately, if your iPhone is not jailbroken, your choices are not so great. But FindMyiPhone does do the basic job of relaying GPS coordinates. For a jailbroken iPhone, iCaughtu seems to be the best of the bunch from the research I have done and gives you a bunch of cool anti-theft features.
and
Using the options under Settings -> General -> Restrictions, you can disallow users from deleting apps AND from turning off location services. Of course, you can accomplish something similar by simple setting a password to access your phone. Unfortunately I haven't yet seen any program that allows you to remotely activate the GPS receiver on an iPhone.
Unfortunately I don't think there is anyway to prevent a thief from disabling your cellular connection other than setting a password on the whole phone. This has its advantages and disadvantages.* Similarly, I don't see any way to remotely activate the Cellular Data on an iPhone via SMS.
This is where things start to get more complex and we need to start thinking of actually modding the phone. So far the best RF tracking solution I have found (in terms of size, cost, and effectiveness) is a cheap chinese-made product that I picked up in Asia and cannot find a link to. This one is very similar http://www.amazon.com/Loc8tor-LTD-Loc8torLite-LOC8TOR-Lite/dp/B0012GMDC4/ but the reviews are meh. It is RF-based but does not really give any directional information. Once you are close to the RF transmitter (using the GPS coordinates), you can use the RF receiver to basically play a little game of hot and cold and walk in different directions all while watching if the signal gets stronger or weaker. I've done two real world field test with the similar device and was able to successfully find a purposely concealed bag in a slum twice.
But how do we get this into the phone? If you disassemble the transmitter, it is a very small circuit board, but most phones these days are already packed to the brim. Additionally, these units need power, so you would need to solder it into the phone's power system.
For the iPhone, concerns about a battery-based shutdown are reduced by its "sealed" battery compartment. Of course, with the right tools, someone can get to the battery. But this is not likely to happen quickly and will likely occur in a specific home or shop, from which we can get coordinate data. We only need to delay the thieves long enough to track them. The bad news is that preventing an iPhone from being shutdown via button press is much more difficult. Even with a lockscreen password, anyone can turn off an iPhone with a long power/sleep button press. I found a mod on Cydia that required a password before any shutdown, but it seemed it was only compatible with iOS 5 and I am running iOS 6.
This is the most challenging problem, as the most common method for any experienced phone thief to avoid detection is simply to power off the phone (or disable internet/3G) and as quickly as possible get to a computer and perform a complete wipe using any number of computer programs. A password on the phone can prevent access to the menu options for resetting factory default, but very little can prevent a thief from physically connecting the phone to a computer and wiping it.
Again I turn to physical modding. Would it be possible to modify the iPhone connector in such a way that the pins for power and charging would still work, but the pins for a data connection would require a specially modified cable to conect to the computer? Once my phone is through its initial setup and/or, most anything I need to do as far as data can be accomplished via WiFi. If needed, I would keep my special data cable at my home only and never take it out. But losing the ability to charge from any iPhone cable would be too debilitating to daily usage.
So I ask the experts: how can I improve on or solve these ideas? Is there software out there that I don't know about, either on the App Store or the Cydia Store? Are there ways to remotely control the iPhone's wireless and GPS functions via text? There should be. Any ideas on incorporating a tiny RF transmitter into the iPhone? Is there any way to prevent an iPhone from being shut down via the sleep button? Is there anyway to sabotage the lightning connector in an intelligent way to prevent a computer-based wipe?
*Advantages and Disadvantage of a phone-wide password. Honestly, I would rather not have a lockscreen password on my phone. I'm not a privacy freak and I don't care if a thief sees my pictures of e-mails or Facebook. If my phone is stolen, I'm hoping it is stolen by an idiot and that they WON'T try to wipe the phone. None of my solutions are foolproof. Everything in here is about delaying the thief long enough to track them. If an idiot steals a phone without a password, he MIGHT just use it as is. But if an idiot steals a phone and can't doing ANYTHING with it, he is going to take it to someone who will be smart enough to wipe it MUCH SOONER. Of course, the disadvantage is a loss of privacy, but iCaughtu has a cool solution for that too.
Android solution:
Android phones are much easier to root, and software solutions exist that will work reasonably well even for nonrooted phones. The best software I have seen is Avast! Anti-theft (part of Mobile Security), AndroidLost, and Cerebrus. All of these can report GPS coordinates, and with Avast! at least, you can also see coordinate history online and actually follow the path of your phone through the minutes, hours, and/or days. AndroidLost can report GPS coordinates online OR via SMS!
,
and
Avast! cannot be removed without a pin code. It can also prevent the user from during off Cellular Data and GPS. AndroidLost can be used to activate WiFi, Cellular Data and/or GPS via internet command OR via SMS. There are a ton of other internet-based and SMS commands in AndroidLost as well. Even without an active lockscreen password, a thief would be powerless to disable communication between the tracking software and you. In this department, Android truly outshines the iOS solution.
Getting an RF tracker into an Android-based phone has the same challenges as an iPhone.
I haven't found ANY glimmer of hope for a mode to disable shutdown via a long-button-press on Android. At least I found one mod for iPhone, even if it was the wrong iOS version. This is a huge gap in the goal of building an "unstealable" phone for both operating systems. As for the battery: Android phones come in many flavors. Many have removable batteries, so if you want to make life more difficult for thieves you'll have to limit yourself to a phone with a "sealed" battery compartment such as the HTC One.
A computer-based wipe via USB cable presents the same challenges as an iPhone EXCEPT that we're dealing with a more standard interface so that MIGHT make modding an easier task. Is there any way to make the microUSB jack more "proprietary" so that any normal USB cable can charge it but only a specially one can transmit data?
There is one other detailed I am interested in, but which is, I believe, currently impossible since it would require modifications to the lowest level of the phone's software, and that would be an auto-on feature. If the phone's battery dies for any reason (or any other shutdown that is not user-initiated), I would love for the phone to automatically power back on whenever it receives a new power source (either being plugged into the wall or getting a fresh battery).
Why am I so interested in doing this? I live in a third-world country and I travel to many other third-world countries. For 3 years, I guess I had good luck, but in the past year I have had three phones and a laptop stolen from me on the street and I have been punched in the face. Several of my friends have also had phones stolen during that time, and one friend was even kidnapped and robbed. Maybe crime is getting worse or maybe it is just coincidence. I have tried to be more careful each time, but one should not live life in fear or blame ones carelessness alone. It is time to fight back. Money, time, memories, self-respect, and peace of mind have been taken away from me and from people I care about. These thieves bear the real responsibility for these crimes. And the police and government here is largely unwilling, incapable, uncaring, and/or corrupt. Maybe I can help others as well.
Thanks for your suggestions and input.

Your thoughts are well expressed.
Hopefully something is coming fast to consumers.:good:

Related

trace/track a GSM mobile telephones location

Hi All,
I know it is possibile to trace/track a GSM mobile telephones location all over the world.
I also know some compaines does this for chargeable service.
I am VERY interested in getting this for free! (I bet you are also).
Anyone know how to do this without empty our pockets??
Thanks,
in fact, i have the same interest.
who wouldnt love to know how to do this?
The only information you can get out of your own phone, is the ID of the basestation it is attached to. This is held in a register in the phone internals that can be read via the RIL interface.
It is also stored in the SIM. If the phone is totally powered off it will attempt to connect to the last known good base station on power on. (Quicker than sniffing around all available frequences for an suitable station.)
While a change of basestation could be detected by software running on a phone, only the Telco's database has the location of all active phones, so they can inform the basestation to contact your phone if there is an incoming call or data.
This data is theirs and theirs alone. It is valuable and confidential, hence the charge for any use of it.
In short all you can find out from your phone is where it is. But you know that anyway.
Erm... I just wrote this and then I realized that you want to track the device via GSM and not GPS. This will only work with GPS (can be activated in the background), sorry.
Just look for an application that allows you to track your device if its stolen. Some of the programs still work after changing simcard (which is not really interesting if it did not get stolen in the first place...). If everything is set up, you can easily receive a sms with the current location (you need to activate the programm by sending a sms).
If you need to know the exact position of the device like every second, you can use a jogging-trainer which logs the speed etc. But this will only store the positions on the device (you can upload them to your computer, but this can probably not be done via any wireless connection.
My english is not the best, I am sorry. But I am sure you're gonna understand everything ;D And no, I don't know any programs name because I don't use them.
XphX
Stephj, are You talking about GSM or CDMA? Because for GSM I know for sure that the Telco knows a bit more - at least it is possible to triangulate the user's approximate position using three or more base stations (and probably user's signal strength for each base station too). So the DB should hold more info about the base stations available to user's current position, as for example "ready to go base stations" or something like that.
For tracking the phone, you can try GLympse or LookOut, Look out is better if you loos your phone, it synchronize with their website, and can see the location on the phone anywhere in the world, even can delete your data from your web account on look out.

[Q] Remote Microphone operation for spying

I couldn't find a discussion for this subject around, but we have a situation in our country at the moment where we would really be worried of phone bugging, so please help with an advice.
Is there a way for the government or cellular phone providers to listen to the mobile phone microphone when not in a call?? (in standby)
i read a lot about this, some they it's possible, and some say it's impossible.
and if it's possible, is it so for all phone brands? I am sure that the manufacturer can easily inset an electronic relay to physically disconnect the phone microphone, but do they do it? or not? or they don't need to do it as it's impossible to use the microphone for spying by the government?
please excuse my caution, as we do have a critical situation around here.
No it wouldn't be possible I presume. None of the phone manufacturers would allow that sort of thing. Even if they did I don't think it would be possible unless you were to allow it.
Sure, you don't even see that sort of spying in movies!
Well, they might hide the real technologies in movies to hide it, and put some fiction technologies
Any other ideas regarding this issue?
I say its completely possible. As long as your phone is connected to a cell tower. "Whoever" could very well have access to your phone. For example, internet companies can access your computer remotely and browse inside your computer. I know this for a fact, I got in trouble for downloading movies. Same situation with your phone all it is software, a flip of the switch. But they wont be spying on you unless they have a reason to.
so it is possible to turn the microphone ON remotely, this is bad new.
and in these countries, they don't need good reasons to do so

The Wifi Opportunity

It seems to me there are several opportunities out there that nobody is capitalizing on. Maybe there is a reason that I'm not aware of?
The biggest opportunity I see is the wifi phone. More and more people are looking for ways to ditch their cell phone. Either due to financial reasons, privacy reasons, or just because they are tired of aiding and abetting a monopoly (five companies working in collusion is the same as one company owning it all). And while this potential market is already plenty large enough to make some serious money off of it is set to explode in the near future. All it is going to take is a company to provide the wifi solution and when (it really is a question of when rather than if) the next big privacy snafu (think carrier IQ) happens the wifi phone will go viral.
I recently bought a Samsung Galaxy Player 5.0 with the intent of exploring the possibility of using it as a wifi phone. Here is the state of the wifi phone market as of now:
Google Voice connected to GrooveIp / Talkatone / SIPDroid / Etc.: The main problem with Google Voice is that it has a delay. Not a huge one and sometimes it is barely noticeable but it is enough to cause you to talk over the top of each other so this is a slight problem. Google Voice is the only solution for SMS texting and while it works ok the Google Voice App is really limited and lacks a lot of features.
Skype: No delay and very good voice quality. BUT, the software is crap. And it has always been crap. I tried it back in '08 with a windows phone and couldn't get the sound to come out the correct speaker - same problem today. Boy, they've come a long way huh? Tried the hacked XDA version of the Skype software that is suppose to allow you to manually select which speaker the sound comes out - that didn't work either. Also suffers from no SMS texting solution. So it's really not a contender.
Vonage: This is the new contender. Initially it wasn't available for my device and noticed yesterday it became available. Tried it but no go - you need a cell number just to get it set up. Hello??? That's what I need Vonage for!! The software looks better than Skype but I doubt they will figure out the wifi opportunity.
Other Tools:
Wifi Ruler / Wifi Jumper / Wefi / Etc. These apps allow your phone to connect to closest wifi signal without interaction from the user. Sort of like how your cell phone automatically switches from one cell tower to another. Haven't tried these out much yet but if one of them works it solves the connection problem. Unless you're driving and passing wifi points too quickly.
Google Voice SMS Integration : This app is suppose to integrate Google Voice SMS with the standard SMS Android app. Which would solve the lack of features problem but it requires a cell account so no go either.
Now that there are a great many decent smart phones with wifi ability for sale at a reasonable price hardware is no longer a problem. In fact I'm starting to think I might have better luck with building a wifi phone from an unlocked cell phone than my Samsung Player.
In short, if someone figures out how to do the wifi phone there is a very large market waiting for it!

PSA: Stores using new tech to track us via our phone's wifi

So if you are walking around in public with wifi enabled - you are allowing stores to collect data such as how often and how long you are in their stores.
SOURCE
Wow that's kinda scary. Nice find, thank you.
Why is the right door always locked?
I don't find this nearly as unnerving as the NSA tracking me; if I don't like it, I can take my money elsewhere. We can't "opt out" from government tracking us. Retailers analyzing this data makes them more efficient; has the potential for reducing their advertising and marketing budgets, lowering their costs in one area, helps them lower prices in the long run.
erikoink said:
Retailers analyzing this data makes them more efficient; has the potential for reducing their advertising and marketing budgets, lowering their costs in one area, helps them lower prices in the long run.
Click to expand...
Click to collapse
I agree that to an extent this isn't really a big deal; so Dillards knows that you spend more time shopping for men's clothing than women's shoes.. Who cares right? Problem is, will they stop there? No, they wont. We don't know what information could be (easily) collected (and sold) in the future, that is the problem. Today its "customer 74593654 spent and hour in the store total, 20 minutes in refrigerated goods, 10 minutes in the deli, and 30 minutes in canned foods". But tomorrow, it could be "John Doe who visited our store for an hour today, mostly connects to these two wifi points; they must be his home and work locations. We sell his information to our partners in those areas."
I don't really think that they're tracking (or able to track) that type of information. They're just taking advantage of the way the 802.11 discovery process works.
When a WiFi device is on and not associated with an Access Point (AP), it announces it's presence and attempts to discover a nearby AP. APs respond to these queries with their BSSID and SSID which then gets listed in your device's list of connection options. If it's a "hidden" AP, it will only respond if the discovery query includes a specific SSID. Instead of responding, all it does is log the querying devices MAC Address and timestamps it. Other APs can compare the Rx signal strength and approximate the location of the device.
As far as I know, unless and until your device actually associates with (connects to) the AP, no other communication occurs. If there are any WiFI engineers in here that know of a way to force a device to associate to an AP remotely and request it send data that it isn't configured to send, I'm willing to be corrected.
WiredPirate said:
So if you are walking around in public with wifi enabled - you are allowing stores to collect data such as how often and how long you are in their stores.
SOURCE
Click to expand...
Click to collapse
I'd like to bump because im honestly curious if anyone knows what kind of info they could pull from our phones through this.
erikoink said:
I don't really think that they're tracking (or able to track) that type of information. They're just taking advantage of the way the 802.11 discovery process works.
When a WiFi device is on and not associated with an Access Point (AP), it announces it's presence and attempts to discover a nearby AP. APs respond to these queries with their BSSID and SSID which then gets listed in your device's list of connection options. If it's a "hidden" AP, it will only respond if the discovery query includes a specific SSID. Instead of responding, all it does is log the querying devices MAC Address and timestamps it. Other APs can compare the Rx signal strength and approximate the location of the device.
As far as I know, unless and until your device actually associates with (connects to) the AP, no other communication occurs. If there are any WiFI engineers in here that know of a way to force a device to associate to an AP remotely and request it send data that it isn't configured to send, I'm willing to be corrected.
Click to expand...
Click to collapse
Thank you for explaining that better.
Perhaps you connect to their free wifi, it's tempting if you want to save data or maybe you are in an area with bad reception.. Couldn't they then gather more personal information?
WiredPirate said:
Perhaps you connect to their free wifi, it's tempting if you want to save data or maybe you are in an area with bad reception.. Couldn't they then gather more personal information?
Click to expand...
Click to collapse
See, now if you associate with (connect to) their network, that changes things. But let's explore that hypothetical:
Have you ever heard of a "captive portal"? You see them in airports, hotels, anywhere with a so-called "guest wifi network", whereupon if you connect to their network and try to go to a website, it first redirects you to a page. And this page requires you to enter a password, or answer a survey, or agree to their terms and conditions. I'm sure we've all seen these.
Let's say that part of their terms are you must download their smart phone apps as a condition of connecting to their network and allowing you to be routed onto the global internet. Lets also say that in order to install the app, you have to grant the app certain permissions. Among these reading from areas of your phone, you might not want people reading from. As you suggested in a previous post, your list of saved WiFi networks, etc. Then yes, they could start gathering additional data. In this case, it's still your choice to use their resources, you still have the choice not to. Their network, their rules.
I will say this though.. be careful of how your device is configured. I think the setting is available that tells your device to connect to any available open (unsecured) WiFi network. I would advise anyone to disable this. Once your device connects to any network, and you an IP address on said network, then something could make a connection attempt to a vulnerable/compromised device (whether that be the network owner, or another compromised or rogue device) running some kind of Trojan service that responds to certain requests without you knowing. This of course, would be illegal and if they got caught doing this then they would face a huge backlash from their customers. I doubt they'd attempt something like this.
Mac address is worse enough.
Today's data is aggregated, ALWAYS.
You can buy it you can sell it... There isn't just one source.
Cameras in the shops running track analysis and soon facial recognition, mimics and so on.
Your mac address? Your router knows it.. And so your provider has access to it. He also has your ip.
Your ip? Most websites you visit and some more tracking / advertising sites.
So, as your mac is known, data sold, we assume your owned devices are well known.
Now we don't need anything else than a WLAN to track your GPS like location.. Beside.. This is how android WLAN location service works. Did I say android? Sorry, it is an exclusive google service.
You can:
Adapt your behavior .
Use tor or i2p.
Host your own services.
Encrypt everything.
And again, adapt your behavior... Elseway no onion routing brings any advantage.
So, if you are willing to go the painful road, opt out of most things.. You can't opt out of your phone providers data collection, if you still want a mobile phone.
But still... ANY data reduction is the right way.
The data is and will be more and more widely used, aggregated and abused.
It is time to realize that there won't be any freedom in the modern world - this IS the new world order.
Forgot one freedom: you are free to be a consumer and a product.
And for people arguing with laws... Laws can and will be changed... In the name of safety.
Sent from mobile.

Read SMS on remote Android device / remote control or SMS relay or spyware?

Hi there,
I have been looking for such a tool for while and have tried several things so far. My attempts have not been very satisfactory so now I come here looking for help. Maybe it is very simple and I only need a quick pointer.
I try to achieve the following:
- Read SMS (text message) which arrive on a SIM card in my android phone, which sits in a home WiFi, while I am travelling abroad.
- I have another android device on me, and a laptop with windows, so one of those devices should be able to read such incoming SMS, through an internet connection. Whether I read the native text message, or an email that has been generated from that text, is of no importance.
I need this for home banking, I get transaction codes by SMS, and I have already experienced situations where international roaming is incapable of receiving SMS when I take the SIM card with me (I think Dominican Republic and Cambodia were countries where text messages wouldn't come through). So I try to leave one sim at home and hope to be able to access it on the run. In a number of occasions, I needed a person at home to physically pick up that phone and read that code to me, so I could wire some money somewhere. For obvious reasons I try to automate this, so I can myself get hold of the text message remotely without human assistance.
Requirements:
- Must bee maintenance-free,
- must not require manual interaction with the phone that receives the original text message,
- no requirement about visible or stealthy mode (not important, it's my own phone anyways),
- must be able to wake up the phone,
- must be reliable,
- preferably without a third-party server
- must work through internet connection (no local USB, not the same WiFi etc.)
I would like this to be free, but if there is a cheap paid option (once-off purchase) which does exactly what I need, I'll buy.
What I have tried so far:
- SMS Relay Service / gateway app. I tried several apps which didn't work, sticked with one which worked, but not reliably enough: It wouldn't wake up the phone when a message arrived, so I'd ring the phone when I expected a message and even then sometimes the messages didn't get relayed, sometimes the server app needed a reboot to work again. It worked often, but I am looking for something that works reliably, and when I am nowhere near the phone for a long time (= months).
- TeamViewer Host has been a great option for a long time, and when I had that working, I stopped looking for new alternatives. Reliable server app which worked on one of my phones (an old samsung). But they now decided to arbitrarily stop free non-commercial use by blocking selected accounts, and of course they picked mine straight away and won't reply to my message concerning my use. So TeamViewer is no option any more. I strongly assume that my usage pattern is exactly that of commercial users (device sits unattended for a long long time and then receives a request for remote contol - I assume vending machines with remote maintenance have that pattern also so I can't blame TeamViewer's algorithm to pick up on me)
- AirDroid worked fine while in the same wifi. Remote connection not supported in the free version at least.
My requirements also match the abilities of spyware, so I did a quick search on those. My findings suggested however that spyware might not be for me, because good spyware is costly, free spyware is risky, and spyware in general provides a lot more functionality than I require.
Now I hope somebody can prod me into the right direction for further research and testing.
Thanks a lot in advance!
Yes its an old thread, but I also was looking for same since quite a long time ..
the best solution for your problem is TP link 4g modem MR6500. Link
It will allow you to read and send SMS remotly, when the router is connected to Internet.

Categories

Resources