Smartphone lost or stolen is a "nightmare" of many people, because you not only lost a device attached to you but also lost Important data contained on it.*If you are using a smartphone running Android, then you don't worry about loosing it because there are some solutions to find it again if you lost your Android smartphone.*
*Using the smartphone location feature built into Android*Google has built into its Android platform the "Find My Device" feature, allowing users to determine the location of smartphone, lock or delete all data on smartphones running Android platform in case your phone is lost or lost.This phone search feature by default will be activated when users log into their email account when activating and using Android-powered smartphones for the first time.*To ensure the device search feature has been activated on your smartphone (or tablet), go to the settings section of the smartphone, then select "Google -> Security" from the menu that appears.
Next, click on "Find device" and make sure this feature is enabled.*Also some Android phones doesn't have it, instead it has "Security and location", then select "Find device" from the list that appears to check whether this feature is enabled on your device.Some smartphone vendors such as Samsung also have their own device specific features to locate the device, but users can activate and use the built-in Google location feature on Android. enough.*
In case your smartphone is lost or lost and you need to determine the location of the device, you can access the website to locate the smartphone provided by Google.Next log in to the email account you used to log in and declare on your Android smartphone.*After logging in, you will be redirected to the website that displays the list of smartphones that you have used this email address to log in from before.*In case it is possible to determine the current location of a stolen smartphone, users should not arbitrarily find the location determined to reclaim the smartphone, but should seek help from the authorities or find a way to contact to redeem the phone to avoid any potential scandals or disputes.
This is what I do if I lost my Android smartphone. But I hope you guys may have better solution than this. If so, let me know.
I think you can also go to police, since each phone has installed tracking device (I really don't remember its name). Police can easily track modern phones. I just hope you have a box left from it.
AmTom12 said:
I think you can also go to police, since each phone has installed tracking device (I really don't remember its name). Police can easily track modern phones. I just hope you have a box left from it.
Click to expand...
Click to collapse
well i thought that only for the movies because in my country the police can't do anything when someone reported that his/her phone was lost
Related
So after starting this thread it has raised a stir. And I wanted to point out why the data that Google collects from Android devices is in my own opinion not at all "anonymous" although it is claimed to be.
The WSJ article fully explains. Please read it in full but I'm just going to cite a short passage here and embolden a few words:
...an HTC Android phone collected its location every few seconds and transmitted the data to Google at least several times an hour. It also transmitted the name, location and signal strength of any nearby Wi-Fi networks, as well as a unique phone identifier.
Click to expand...
Click to collapse
Apple does not collect the unique phone identifier in the data that they collect.
So Google is collecting location, unique ID, and if you sign into Google services they have your full account information and all within it. This means, via your phone ID that Google could very easily associate YOU PERSONALLY with the location data if they so choose. I know, they say they don't but it's one heck of a data mining marketer's dream to do it!
So I stop Android from phoning home.
I agree i own both a iPhone and a Droid but the difference is the Unique Identifier being sent from some Droid phones ... The real question is what is this unique identifier that is being sent is it the IMEI or MAC address
Looks like Google claims it's not the IMEI, according to this article: Google Responds To Smartphone Location Tracking Uproar, Says Android Is Opt-In
From the article:
Google explains that when a phone transmits data back to its servers some location data is actually assigned a unique identification number, but it says that this number is in no way associated with the device’s IMEI, the user’s name, or other information. In other words, they’d have a hard time associating a user with that data.
Click to expand...
Click to collapse
That makes me wonder, why must they create this "unique identification number" at the device level in the first place? If they simply want a unique value in their database for incoming data, it's much cheaper and easier to assign the value inside Google within their own databases as each new report comes in. (RowID for example. You who do any database level programing know what I'm talking about.) Than to assign each device a "unique" identifier that is sent with other data each time. The fact the device is sending some sort of "unique" identifier is troubling. And it's the researchers that found the value sent is unique and could be used to identify a phone. So do I believe the researchers who first told us exactly what is being sent or Google, since Google didn't tell us exactly what was being sent till the researchers uncovered it? I suspect if anyone could overcome that "hard time associating", Google could, but that's that my opinion. They know what method they used to create the supposedly unique value and they know how "unique" it is in relation to a specific device. In all my years of software engineering, I can't see how it would be so "hard" for Google to associate all the data they're pulling in with a specific device and person.
I'll just keep my device from phoning such data to Google and leave it at that. I'm also finding my battery life and GPS lock times have improved since stopping Android from phoning home.
ROMs need to address this directly
Darnell_Chat_TN said:
So Google is collecting location, unique ID, and if you sign into Google services they have your full account information and all within it. This means, via your phone ID that Google could very easily associate YOU PERSONALLY with the location data if they so choose.
Click to expand...
Click to collapse
Thanks for starting this thread. This is definitely an issue that we should be concerned about. I wasn't aware that Google was collecting more data than Apple, and your above point is very worrying!
I've asked this on the previous thread too, but I'm keen to see if/how ROM developers can directly manipulate Android to remove this malicious transmission to Google. How can we pressure them to do so? Beyond that, Google themselves need to be held accountable for this,
It actually makes perfect sense; when you're collecting all of this data from random phones, you need a way to vet the quality of the data. If some joker starts having fun and injecting bogus data into the uploads, they can eventually identify which phone the bad data came from and remove it all from their database. If the data is purely anonymous, with no ID tag whatsoever, it's much more difficult to maintain the quality of the data.
highlandsun said:
It actually makes perfect sense; when you're collecting all of this data from random phones, you need a way to vet the quality of the data. If some joker starts having fun and injecting bogus data into the uploads, they can eventually identify which phone the bad data came from and remove it all from their database. If the data is purely anonymous, with no ID tag whatsoever, it's much more difficult to maintain the quality of the data.
Click to expand...
Click to collapse
So, is there a way of "injecting" bogus data deliberately by phones to degrade Google's database? I've also read a report from a NCSU research team creating an application called TISSA for turning off or deliberately feeding misleading info for apps that try to read and transmit personal data. It says with development, this app will be launched on the Android market. Can such methods be used to 'rein in' Google?
Sent from my HTC Incredible S
Of course there is. Just disable the phone-home connection while accumulating data in the cache (using iptables/DroidWall). Then edit the cache files, putting whatever you want in them, and then reenable the connection. The phone won't be able to send the data before you edit it, if you keep the connection locked down.
Sent from my TP2 using Tapatalk
Apple has banned certain hackers from their app store. I'm not trying to send any bogus data to Google, because that might be the tipping point for them to try and ban my device.
Interestingly enough, Steve Jobs himself has come out to proclaim Apple does not track anyone, but he claims Android does: Steve Jobs: Apple doesn't track anyone
Don't iPhones have IMEIs too? Apple have denied using it. So have Google. As far as Google services go, Apple have your info through their store. What's the difference?
deejaylobo said:
Don't iPhones have IMEIs too? Apple have denied using it. So have Google. As far as Google services go, Apple have your info through their store. What's the difference?
Click to expand...
Click to collapse
Read through the earlier posts for details.
Darnell_Chat_TN said:
Read through the earlier posts for details.
Click to expand...
Click to collapse
Yes, and despite Google denying using unique identifiers with their data you are of the opinion that they do. But, you believe that Apple does not use unique identifiers based on what? Them saying so?
Nexus SuperAosp
deejaylobo said:
Yes, and despite Google denying using unique identifiers with their data you are of the opinion that they do. But, you believe that Apple does not use unique identifiers based on what? Them saying so?
Nexus SuperAosp
Click to expand...
Click to collapse
Not based on them saying so at all. Please read in full the article that I've cited, which is the account of 3rd party researchers who looked into what the devices are actually sending. Read the article and view the video on that page as well. Both provide details into the research that was performed and the findings of that research.
Darnell_Chat_TN said:
Not based on them saying so at all. Please read in full the article that I've cited, which is the account of 3rd party researchers who looked into what the devices are actually sending. Read the article and view the video on that page as well. Both provide details into the research that was performed and the findings of that research.
Click to expand...
Click to collapse
Just a small update. Once again, Google deny using unique identifiers.
http://online.wsj.com/article/SB10001424052748703387904576279451001593760.html?mod=googlenews_wsj
I wonder what came of TISSA? I can't find any release information on it. Just the paper:
http://t.co/Rsuq4L2
Also TaintDroid code is still not widely available in custom kernels or as an add-on module, which is quite sad.
We all know the Android privacy and security are quite bad and all Google does is clean up after-the-fact.
Are there any new developments in this arena that users can deploy themselves?
thanks for this info and the iptables tip above. I think I'll add a log and check it after about a week. I'm real curious as to what info my device is sending out and how much.
Unfortunly I have recently lost one of my beloved gadgets, and after that situation I came up with this idea. I presents you an anti-thef system. I don't have the technical skills to develop it, neither I have the time, that's why I decided to post it here and if you consider this idea viable, may some of you want to involve in this tiny project with me
The idea:
Motivations: Most people don’t think about recovering their gadgets until they lose them. There are plenty of applications in Google Play dedicated to this purpose, however they are useless in most of the circumstances, specially if we attend to the fact that except in some exceptions, these apps don’t survive a factory reset
Idea: I propose to develop a system with wide acceptance among developers which in a transparent way for users allows them to gather information if their gadgets have been lost. This system would activate after downloading an application using this technology. This application would gather information about the gadget (permanent data such serial number of IMEI and volatile data such email address or phone number) and send it to a database usable only by the gadget's owner
Design: The system would have two parts:
An API - This API must be extremely simple and it could be integrated in all the applications in Google Play without efforts. The more wide accepted it is, the more effective the system will be. That’s why in my opinion this should be developed by a community like this in order to achieve a great acceptance quickly
The code will run the first time the application is executed. In that moment it gathers all the required information and it is sent to the database
A Web Service - The web service basically is a data base with two user interfaces - One interface designed to receive the data sent by the application - and another interface designed to return the information of a given gadget identified by its serial number. I have been wondering how to verified the ownership of an user, and I there are several ways, however it's an open discussion subject
Advantages of the system:
It’s totally transparent for the user
It’s a reset-proofing system, because as soon as the “new user” downloads a “marked” application, the database will receive helpful information in order to get the gadget returned to the real owner
It has more chances than the traditional applications to have the “thief” triggering events which runs the code
With a minimum cost we can offer something new to the market
Let’s see an example
A nice guy with a new gadget (let’s say a new phone), he downloads some applications, most of them marked with this system. In this situation the database collect the information of this new phone and indexes it using its serial number.
Few days later this nice guy forget his phone in a plane and the person who finds it forces a factory reset. As soon as the phone downloads one application the database stores the new information. Five minutes later our nice guy connects to the web site and discovers the name and the phone number of the person using his phone. They get in touch and the phone is returned to our nice guy
pls take a look @ ceberusapp.com . hope this is what u looking for.
Sent from my GT-I8150 using xda app-developers app
just add an app to /system which want the user to insert a code every 10 minutes when screen is on. after 3 wrong tries device will make wuiuiiiui and run away, hum?
Example: Chuck Norris have a new Phone. He Never Loose it. End.
Example 2: Justin Bieber have a new Phone. He loose it. Haters Destroy it and don't download applications. End.
Example 3: Jader132245324239 has got Xperia arc S and loose it. Jader13254 Find it and reflash Software and remove SIM. Jader1322u45324u239 will not Find it. End.
What Do You Think About?? If The User Wipe the Device & Reflash Software + Removed SIM, there would be no way to remember the Owner..
Cerberus is nice, in fact I use Cerberus on my mobile phone, however it has the problem I mentioned, it depends on the user to install it, and most users won't install anything because they don't even think in losing its mobile.
The system I proposed doesn't depend on the user, it automatically gathers the permanent information (for instance the serial number) and sends it to a database.
The main advantage of this system is that the thief, even after wiping the telephone, will probably download an application and then database will have information about this person.
What do you think?
Not a development thread - moved to General.
Okay, so, I summed up some 5 articles on this subject - in the hope of starting a discussion about device security. I hope you will find this interesting and meaningful and perhaps you will find out about some of the risks of using Android.
2 months ago Juniper Networks, one of the two biggest network equipment manufactures, published a blog post (1) about an intensive research their mobile threat department had on the Android market place.
In essence they analyzed over 1.7 million apps in Google Play, revealing frightening results and prompting a hard reality check for all of us.
One of the worrying findings is that a significant number of applications contain capabilities that could expose sensitive information to 3rd parties. For example, neither Apple nor Google requires apps to ask permission to access some forms of the device ID, or to send it to outsiders. A Wall Street Journal examination (2) of 101 popular Android (and iPhone) apps found that showed that 56 — that's half — of the apps tested transmitted the phone's unique device ID to other companies without users' awareness or consent. 47 apps — again, almost a half — transmitted the phone's location to other companies.
That means that the apps installed in your phone are 50% likely to clandestinely collect and sell information about you without your knowledge nor your consent. For example when you give permission to an app to see your location, most apps don't disclose if they will pass the location to ad companies.
Moving on to more severe Android vulnerabilities. Many applications perform functions not needed for the apps to work — and they do it under the radar! The lack of transparency about who is collecting information and how it is used is a big problem for us.
Juniper warns, that some apps request permission to clandestinely initiate outgoing calls, send SMS messages and use a device camera. An application that can clandestinely initiate a phone call could be used to silently listen to ambient conversations within hearing distance of a mobile device. I am of course talking about the famous and infamous US Navy PlaceRaider (3).
Thankfully the Navy hasn't released this code but who knows if someone hadn't already jumped on the wagon and started making their own pocket sp?. CIO magazine (4) somewhat reassures us though, that the "highly curated nature of [smartphone] application stores makes it far less likely that such an app would "sneak through" and be available for download."
A summary by The Register (5) of the Juniper Networks audit reads that Juniper discovered that free applications are five times more likely to track user location and a whopping 314 percent more likely to access user address books than paid counterparts. 314%!!!
1 in 40 (2.64%) of free apps request permission to send text messages without notifying users, 5.53 per cent of free apps have permission to access the device camera and 6.4 per cent of free apps have permission to clandestinely initiate background calls. Who knows, someone might just be recording you right now, or submitting your photo to some covert database in Czech Republic — without you even knowing that your personal identity is being compromised.
Google, by the way, is the biggest data recipient — so says The Wall Street Journal. Its AdMob, AdSense, Analytics and DoubleClick units collected data from 40% of the apps they audited. Google's main mobile-ad network is AdMob, which lets advertisers target phone users by location, type of device and "demographic data," including gender or age group.
To quote the The Register on the subjec, the issue of mobile app privacy is not new. However Juniper's research is one of the most comprehensive looks at the state of privacy across the entire Google Android application ecosystem. Don't get me wrong. I love using Google's services and I appreciate the positive effect this company has had over how I live my life. However, with a shady reputation like Google's and with it's troubling attitude towards privacy (Google Maps/Earth, Picasa's nonexistent privacy and the list goes on) I sincerely hope that after reading this you will at least think twice before installing any app.
Links: (please excuse my links I'm a new user and cannot post links)
(1) forums.juniper net/t5/Security-Mobility-Now/Exposing-Your-Personal-Information-There-s-An-App-for-That/ba-p/166058
(2) online.wsj com/article/SB10001424052748704694004576020083703574602.html
(3) technologyreview com/view/509116/best-of-2012-placeraider-the-military-smartphone-malware-designed-to-steal-your-life/
(4) cio com/article/718580/PlaceRaider_Shows_Why_Android_Phones_Are_a_Major_Security_Risk?page=2&taxonomyId=3067
(5) theregister co.uk/2012/11/01/android_app_privacy_audit/
____________________________________________________________________________________________
Now I am proposing a discussion. Starting with - do we have the possibility to monitor device activity on the phone? By monitoring device activity, such as outgoing SMSs and phone calls in the background, the camera functions and so on we can tell if our phone is being abused under the radar and against our consent. What do you think?
.
I am finding it sad and troubling but even more so ironic that nobody here cares about this stuff.
Pdroid allows you to tailor your apps and what permissions your device actually allows on a per app basis. Requires some setup, and the GUI is nothing fancy.. but for those worried about permissions, it is quite ideal.
Edit : http://forum.xda-developers.com/showthread.php?t=1357056
Great project, be sure to thank the dev
Sent from my ADR6425LVW using Tapatalk 2
DontPushButtons said:
Pdroid allows you to tailor your apps and what permissions your device actually allows on a per app basis
Click to expand...
Click to collapse
Sounds good for a start, I'll look it up
pilau said:
Sounds good for a start, I'll look it up
Click to expand...
Click to collapse
Okay, so I looked it up, and Pdroid does look like a fantastic solution to control what apps have access to what information on your droid.
However, it doesn't cover monitoring hardware functions such as texts being sent, calls being placed etc. as described in the OP. Besides, it only works in Gingerbread as far as I could gather.
EDIT: looking at PDroid 2.0, it does exactly what I originally asked
pilau said:
Okay, so I looked it up, and Pdroid does look like a fantastic solution a control what apps have access to what information on you droid.
However, it doesn't cover monitoring hardware functions such as texts being sent, calls being placed etc. as described in the OP. Besides, it only works in Gingerbread as far as I could gather.
Click to expand...
Click to collapse
I actually first found out about it on an ics rom, so it's definitely not just gb. As for monitoring, no clue. Any sort of extra process logging would likely bog down resources or space eventually.
Sent from my ADR6425LVW using Tapatalk 2
DontPushButtons said:
Any sort of extra process logging would likely bog down resources or space eventually.
Click to expand...
Click to collapse
I definitely wouldn't know. This solution looks very complicated in first impression but on the Google play page it says 100% no performance effects.
Anyway, I looked up PDroid 2.0 here on XDA, which is the rightful successor of the original app. It does everything the original app does and also monitors many device activities! Here is the full list of features. I would add a working link but I'm still a n00b and I am restricted from doing so. Sigh....
forum.xda-developers com/showthread.php?t=1923576
PDroid 2.0 allows blocking access for any installed application to the following data separately:
Device ID (IMEI/MEID/ESN)
Subscriber ID (IMSI)
SIM serial (ICCID)
Phone and mailbox number
Incoming call number
Outgoing call number
GPS location
Network location
List of accounts (including your google e-mail address)
Account auth tokens
Contacts
Call logs
Calendar
SMS
MMS
Browser bookmarks and history
System logs
SIM info (operator, country)
Network info (operator, country)
IP Tables(until now only for Java process)
Android ID
Call Phone
Send SMS
Send MMS
Record Audio
Access Camera
Force online state (fake online state to permanent online)
Wifi Info
ICC Access (integrated circuit-card access, for reading/writing sms on ICC)
Switch network state (e.g. mobile network)
Switch Wifi State
Start on Boot (prevents that application gets the INTENT_BOOT_COMPLETE Broadcast)
I've always had the luxury of someone else integrating it into the Rom, then I just had to set it up through the app. It is time-consuming, but not very difficult at all. I say give it a shot and see if that's what you had in mind. Maybe the logging is less detrimental than I had previously thought.
I'm sure you could get your post count up by asking for some tips in that thread. Every forum on xda has at least one person that's EXCESSIVELY helpful, frequently more. So have a ball
Sent from my ADR6425LVW using Tapatalk 2
LookPoint is an application which could benefit a user in many life circumstances that location matters. The LookPoint does not need any internet connection except in a case that it runs the "Maps" application to find a target location point on the live Google "Maps" and analyze possible routes and ways. Sometimes, the "Maps" application could be used offline as well for some countries, therefore in this condition, naturally the internet consumption of your device would be zero.
All communications between LookPoint users are made by encrypted SMSs and one cheap SMS or dependent on a operator’s subscription policy, a free SMS is used to perform an operation (Submission or Request)!
Moreover, even if the user closes the LookPoint or restarts the phone, it still can accomplish the tasks perfectly!
Also, if the GPS of the target device is OFF or inaccessible within one minute, the LookPoint will access his/her location from SIMCARD's network operator.
The LookPoint consumes the phone battery in an efficient manner. You can feel free to keep the location hardware of your device always ON, because the LookPoint does not activated it unnecessarily. (In the new android versions, You have to keep the location part always ON for a normal operation and it is controlled by the android operation system itself).
Note: The LookPoint application does not require any registration and never share your personal information such as location, name, number … anywhere without your desire.
Note: Use the latest version of the Google "Maps" application and keep it updated.
Note: The customer satisfaction is important for us. Please feel free to contact us before you leave any feedback.
To get more detailed information about how to use the LookPoint, don't forget to watch the "Video Manual" through the below link:
The LookPoint application could benefit the user in many scenarios such as:
1) You lost your phone but you have no idea where it might be or if it is stolen.
2) You got lost and you are unable to describe where exactly you are.
3) Your kid possibly got lost or annoyed by somebody and unfortunately does not respond to your calls. You do not know where you should look for him.
4) You want to reach somewhere but you don't know the destination point and the best route to get there.
5) You face or are a witness of an accident and you want to inform others or emergency about its exact location.
6) You are on a trip (car, bus, train, airplane ...) and you want to inform others about your location or your relatives want to know where you are at the moment.
7) You run a transportation company and are interested to get informed about the location of your trucks.
8) You own a catering company (Food, Pizza ....) and delivery staff have difficulties in locating customers.
9) You run a taxi service company and location monitoring of your fleet is interesting for you.
and ......
No download link, thread closed.
Hello everyone,
1. I would like to know if a hacker got my cell phone information such as the IMEI or the serial number and my dialing number (i.e number that people dial to call me), is it enough for him to spy/hack my phone? Can he just use any of these information separately or all combined and starts hacking my phone?
Or does he need to interact with my phone by any means such as sending me fake/virused link and once i press this link i get hacked?
2. What about the company that provides me the sim card, telecommunication and internet service? I guess they (employees) already know the websites i visit for example, but could they know that I'm the one who posted this thread for example? If yes, how about information such as creating a facebook account or writing specific comments on a youtube vedio or buying a product from Amazon using Amazon app (not the regular browser), could they possibly know these information as long as they work at the company and therefore have access to my internet history?
3. How about Whatsapp conversations and emails? Are they really encrypted and secure? How about if yes they are secure, but can the hacker literally see what is going on my screen and even record it? I mean he cannot access my email inbox and compose emails instead of me but he can still read my emails and conversions as long as he got access to view my screen, i.e whatever going on my screen can see it?
4. If it is enough for the hacker to get my device IMEI & serial number & my dialing number, then I guess no need to format my device, right?
5. Does it differ for the telecommunication company or the hacker if device is android, windows or apple? I mean is iphone more secure than Samsung for example?
Someone would ask how possibly could a hacker know these info in the first place? Well, most devices have their own IMEI & Serial number listed on their backsides and even printed clearly on the box that came with.
So, let's suppose that this hacker knows you personally or he acted as if wants to make a phone call because he's out of credits and he captured the backside of your device which has these info, etc etc etc.
Sorry if i made my question this long, but i hoped i could make it as very clear as possible.
Thanks a lot.
Hacking a phone requires it's Android is rooted and/or it's bootloader is unlocked and/or ADB is enabled.
Knowing the IMEI, SN & dialing number aren't useful for a hacker in this context, but phone's IP-address may be so he/she can access the phone wirelessly.
Thanks a lot for your reply.
I heard these terms before, "rooted" and "bootloader is unlocked" and "ADB is enabled" ... and i believe the hacker then should has the phone physically and make these options himself coz brand new phones don't come with these status when they are manufactured, right?
I mean it could be only done to used phones as long as i don't know if they are rooted, bootloader is unlocked, ABD is enabled, and cannot be done to new phones, right?
How about the telecommunication company that provides me with Internet service, can they know any username i created for facebook or email, comments i typed on YouTube videos, products i bought over different apps because they can log to my internet history?
And in general, if the hacker could already hack my phone, can he records what is going on my screen , or it is a matter of just reaching passwords & files and can only deal with them as copy paste delete options?
Thanks again.