have stolen nokia "call home" with its ip address
 

I modified a bash script from here

http://snippets.dzone.com/search/get_results?q=callhome

By having crond run this script hourly, it will make your Nokia "call home" by securely copying a file with its current IP address and other info to a site of your choosing that is set up to accept ssh connections. This is useful in case your Nokia gets stolen; you can track it down by it's current IP if the thief manages to connect to the internet.

You will need to have installed and functioning correctly
bash shell
sed
wget
traceroute
ssh
crond
whois
ifconfig
who <--- not really necessary - can be cut from script

The script below should be modified with the correct paths to the various files. You can change the base directory for various files as well as the name of the file that gets sent via scp in the first two lines of code.

The last line of the script does a secure copy to send the information to your site. It assumes that you have set up ssh to work without the need for a password by using a private-public keypair.

Replace the parts of the script between the [...] with relevant variables for your situation (and REMOVE the brackets []). If it works correctly, you should find the hidden file ~/.locate-laptop at your ssh receiving site, updated hourly with your wayward Nokia's current IP address.


Jim



#!/bin/bash
#script to have nokia tablet "call home" hourly with its current ip address
#"calling home" means securely copying a file with ip info to a computer set up to receive this file

base="/home/user/"
rfile=".locate-laptop"
rm -f $base$rfile
date > $base$rfile
who >> $base$rfile
ipnameit=$(wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//')
echo "My IP address is $ipnameit" >> $base$rfile
/usr/local/bin/whois $ipnameit | egrep -A 8 'OrgName|Email' 2>&1 >> $base$rfile
/sbin/ifconfig -a 2>&1 >> $base$rfile
/usr/sbin/traceroute [put a known, static ip address here] 2>&1 | head -15 >> $base$rfile
scp -q -i $base.ssh/[path to private key] $base$rfile [username]@[ssh receiving ip address]:~

#make this script executable <gain root then chmod +x> and put it into /etc/cron.hourly
#I hope you never have to use it...

Re: have stolen nokia "call home" with its ip address
 

Looks useful! Would be nice if we had an automatic 'mugshot' funtion as well.

Re: have stolen nokia "call home" with its ip address
 

It can be done easier by using the fact that sshd (and httpd) record the addresses whence connections originate. So most of your script can be replaced by a simple ssh (or wget) to a server that you can read its logs.

Re: have stolen nokia "call home" with its ip address
 

In case of N810, the GPS last known position might be useful information. Doesn't the A-GPS save the coordinates to some file that could be read and reported back?

Re: have stolen nokia "call home" with its ip address
 

Awesome, I was just about to suggest the same thing. GPS coordiantes would be a really nice add-on for n810 users. This is a great idea by the way. I agree that I hope I never have to use it.

Good job!

Re: have stolen nokia "call home" with its ip address
 

Great idea! I will look into that and try to implement it.

Re: have stolen nokia "call home" with its ip address
 

Thanks. You're right - Simpler is better. I thought that it would be useful to have all of that information in the file that arrives via ssh so you could get to work immediately tracking the thing down.

Re: have stolen nokia "call home" with its ip address
 

I think it would be torturous to have the IP of my stolen NIT but unable to do a thing about it. Don't say that you could inform the authorities, ya right. Perhaps if you could set a flag at the server end that when set would do something useful on the NIT when it phoned home. The NIT ssh connection could be setup to allow that to happen securely. I can think of a lot of things but I'll leave that to your imagination.

Re: have stolen nokia "call home" with its ip address
 

Ha! I'll have to think about that - get the camera to take a picture of the scoundrel and send it along with the other file.

BTW: here is an example of the info that gets sent when the script executes:

Fri Jul 11 15:27:01 CDT 2008
USER TTY IDLE TIME HOST
My IP address is 168.7.209.45
OrgName: Rice University-Sesquinet
OrgID: SESQ
Address: Networking MS 119
Address: 6100 Main Street
City: Houston
StateProv: TX
PostalCode: 77005
Country: US

--
RAbuseEmail: ipadmin@rice.edu

RNOCHandle: RUH-ORG-ARIN
RNOCName: Rice University Networking
RNOCPhone: +1-713-348-4989
RNOCEmail: ipadmin@rice.edu

RTechHandle: RUH-ORG-ARIN
RTechName: Rice University Networking
RTechPhone: +1-713-348-4989
RTechEmail: ipadmin@rice.edu

OrgAbuseHandle: RUH-ORG-ARIN
OrgAbuseName: Rice University Networking
OrgAbusePhone: +1-713-348-4989
OrgAbuseEmail: ipadmin@rice.edu

OrgNOCHandle: RUH-ORG-ARIN
OrgNOCName: Rice University Networking
OrgNOCPhone: +1-713-348-4989
OrgNOCEmail: ipadmin@rice.edu

OrgTechHandle: RUH-ORG-ARIN
OrgTechName: Rice University Networking
OrgTechPhone: +1-713-348-4989
OrgTechEmail: ipadmin@rice.edu

# ARIN WHOIS database, last updated 2008-07-10 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:41832 errors:0 dropped:0 overruns:0 frame:0
TX packets:41832 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2099431 (2.0 MiB) TX bytes:2099431 (2.0 MiB)

wlan0 Link encap:Ethernet HWaddr xxxxxxxxxxxxxx
inet addr:172.16.31.233 Bcast:172.16.31.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6212 errors:0 dropped:0 overruns:0 frame:0
TX packets:4447 errors:5 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:971277 (948.5 KiB) TX bytes:729225 (712.1 KiB)

traceroute to 128.42.206.11 (128.42.206.11), 64 hops max, 40 byte packets
1 10.72.65.253 (10.72.65.253) 7 ms 7 ms 7 ms
2 172.16.48.233 (172.16.48.233) [MPLS: Label 329 Exp 0] More labels 8 ms More labels 8 ms More labels 8 ms
3 172.16.0.246 (172.16.0.246) [MPLS: Label 357 Exp 0] More labels 8 ms More labels 8 ms More labels 8 ms
4 128.42.206.254 (128.42.206.254) 8 ms 7 ms 7 ms
5 128.42.206.11 (128.42.206.11) 7 ms 7 ms 7 ms

Re: have stolen nokia "call home" with its ip address
 

Now that's a good idea. Perhaps a poison pill that somehow locks or disables the NIT once that file arrives.

You know this suggests a simpler solution: password protect the NIT so that you have to login to use it. At least that way, the thief would have to work hard to be able to do anything with it.

Re: have stolen nokia "call home" with its ip address
 

I think it would be better to have the device remain operational. If it locks up, the thief would probably flash it or throw it away. As long as it is functioning, the thief might use it himself or sell it to someone, so it'll keep popping up in the network and sending location data. I'm fairly confident the authorities would in fact act on this if I had a good trace of the device. After all, you don't know how much other stolen things you'd find from the perpetrator.

Re: have stolen nokia "call home" with its ip address
 

You're probably right. At least that way you could track it. I am working on one of the earlier suggestions to incorporate gps latitude/longitude data in the file that is sent home. I think it will work, but one problem is that the gps on the N810 takes a long time to get a fix on the satellites, so you would have to turn on the gps from the command line which can be done, but it would have to be on for a long time before you could get the data, and the thief might notice the icon that indicates that the gps is on.

Re: have stolen nokia "call home" with its ip address
 

That's why I suggested to send "last known" position, instead of trying to get a GPS fix. If somebody stole it they are almost certain to use the Map at some point of time... and would wait the GPS to have fix. Then the app can just read the coordinates data and possibly time stamp with it. Then it would not draw the thief attention he's being spied/watched.

If the "call home" applet reports every few minutes, you could even draw the router the thief was driving, assuming he had active internet connection.

Re: have stolen nokia "call home" with its ip address
 

KernelPanic was working on something like this over in this thread:

http://www.internettablettalk.com/fo...ad.php?t=20593

Only a little bit more advanced... however development seems to have ceased.

Re: have stolen nokia "call home" with its ip address
 

I am working on this suggestion. You can turn on the gps from within the bash script, but here is where the lousy gps on the N810 really interferes with what should be an easy solution. You can grep the output of the gps for the latitude and longitude, but it takes forever for it to get a fix. Additionally, when you turn on the gps from within the shell script, the gps icon shows up in the tray. This might not be noticeable by the thief or it might be ignored, but the long time to get a fix is the real problem. Otherwise, you could easily get the current latitude and longitude and put it in the file that is sent home.

Re: have stolen nokia "call home" with its ip address
 

I am not sure that the gps saves it last known position in a file somewhere. If it did, that would be great. I think that you have to turn it on and log the output to a file. Does anybody know if the last known position is saved somewhere automatically?

Re: have stolen nokia "call home" with its ip address
 

Few thoughts... First - how about phoning home when ever the network is connected instead of a hourly cron job? That way it would send the data even on short times of online connectivity.

If this feature is finished, it should be something that can't be installed and removed through the application manager. There should be as little chance as possible of an unauthorized user finding out it is there.

It would be great if the traffic between "server" and tablet could be encrypted. SSL maybe? I wouldn't want some eavesdropper knowing where I roam when the device isn't stolen.

You'd think that the last known coordinates aren't that hard to come by. Maybe polling the gpsd for location every now and then, and writing it to some file if you get a location?

I don't have much of programming skills for tablets, but I'm pretty good with PHP, so I can help in collecting and browsing the data if needed.

Re: have stolen nokia "call home" with its ip address
 

I'll work on trying to get it to check on the network connection. This would probably mean that it has to run at boot and be always running in the background.

Maybe the program could be a hidden file: .callhome

You're right about the current version sending info unencrypted. As it stands now it sends the file whenever you are connected. I'm not that good at doing ssl, but I can look into it.

It would be fairly easy to grab the gps info and store it in a file. Once again, though, the problem is the time it takes to get a fix once the gps is turned on. It can take 5 minutes or more to get a fix, so this will have to be factored into the solution. :(

I already made progress on turning the gps on from the shell script and filtering the messages to get the latitude and longitude. The problem remains waiting for the gps to get a fix so you can store this location or add it to the file that is sent home.

Thanks for the offer. I'll continue to work on this.

Re: have stolen nokia "call home" with its ip address
 

by saving the script to /etc/network.d/if-up.d/ it will be executed every time when network connection is brought up.

And isn't the script using scp, which is encrypted.

Re: have stolen nokia "call home" with its ip address
 

Thanks for the help. I think it is /etc/network/if-up.d (no network.d). Yes, you are right, it is using scp so it is encrypted. I'll try putting the script in /etc/network/if-up.d

One problem that I am running into in trying to incorporate the current latitude and longitude from gps into the file that is sent home is that I can redirect the output from gps into a file, but once I execute the statement to do this from within a shell script:
/usr/libexec/navicore-gpsd-helper | grep GPGGA >> where_ami.log

I can never get past that statement because it just continues to pour the data into the log file. Even if I put that statement in a loop, it never gets past that statement. The only way to stop it is to kill the gps program, but that would have to be done from another script. Can anybody suggest another way to get past that statement ot to log the gps data?

I am thinking that as soon as the NIT boots, the gps gets turned on with a script that logs the gps data into a log file. Maybe it exports an environment variable that has the time it was started. Another script that also gets started at boot reads that environment variable and waits for some specified period of time to let the gps get a fix (5 minutes?), then it kills the gps, parses the gps log file for the latitude and longitude, and writes those to the file that is being "sent home" along with all of the IP data.

Any help on this?

Re: have stolen nokia "call home" with its ip address
 

Sorry, I don't think you're being realistic here.

How are you going to phone home if the thief or user doesn't have an Internet connection? He might have some WiFi and BT passwords but those aren't neccesary useful unless he/she lives near your WiFi APs, or also got your phone.

A car gets stolen from West Europe and 12 hours later its already out of Europe. The car at whole, or nowadays: in parts. Small electronical devices like this get stolen and resold quickly. The person who ends up with it will be a poor smuck who can't afford it new. He/she bought it 2nd hand, knowing or not it was stolen. The higher the difference between regular 2nd hand and the price its being sold, the higher the chance is its a stolen device.

A script like this is a great idea, but IMO it is part of a bigger plan. Its better to prevent a device like this to be stolen. Don't walk around with it in the big city, like a tourist looking at his/her uberexpensive GPS device, this attracts certain people. For example this weekend I've been in Amsterdam and I usually kept my NIT in my moneybelt. I have 2 good locks for my bicycle which is the minimum, I lock my bicycle always properly (2 locks, in a way pissing off the burglar as much as possible to slow him/her off), and my bicycle looks old. Also, if you expect a device to be stolen, use encrypted partitions like TrueCrypt or LUKS. Activate these during boot, and disable swap (or use encrypted swap).

There are, basically, stupid thieves and smart thieves. The stupid ones are already jailed. The smarter ones are still floating around. You can protect yourself from the stupid ones, but the smarter ones is more difficult. Therefore, while I'm not saying the feature is useless, I highly doubt the thief would use the device. The difference between a bike and a device like this is that the thief cannot know what the device is, and what its features are. He'd probably think its a weird phone (because its a Nokia). This'd also be one of the reasons the first thing he'll do is putting the thing off and getting the SIM the hell outa there. Because he or she knows about tracking via 2G cell tower. I think the first the he does is putting it off, and then figuring out how much they go 2nd hand, going a bit under the normal price but not too much so it doesn't look sneaky, or if his customer base knows its stolen he gives it for a friend price (say 50 EUR).

And, I know for sure cops don't give a SHlT about a stolen bike or mobile phone. They don't have the manpower for this, and it doesn't earn them any cash either. They write it down in their database, but nothing will get done except maybe later for profiling if the thief strikes again. The chances these people get caught are, in my country very low. IIRC less than 20%. Heck, they have a hard time jailing people dealing harddrugs while they always do it in the same neighborhood, even same places approx too.

There is another program linked to here on ITT about a message at boot up which shows whatever text you prefer like an e-mail message. Its more effective against honest finders.

Just some viewpoints.. :) cheers

Addendum: When setting up a defense barrier it is important to first define who and what you're trying to protect yourself from, and then implement one or more ways against this/these attack vector(s).

When I walk with my NIT I also put my left hand under it, using the thing it should stand on around my left hand with my fingers around the device on the right top. Then finger or stylus from the right hand. This way it is also harder to accidentally drop the device.

That said, I will probably use VPN + FTP + a write only directory to which the IP and current GPS data will be send to, but I would do this via crontab, and only set this on when I'd go to a risky area to save CPU cycles. Maybe it'd be useful to have some kind of authentication every X days, verifying the user is still authentic. If not, it goes into phone home mode. I'm pretty sure some proprietary software works like that ;)

Re: have stolen nokia "call home" with its ip address
 

Trying to do something quick and simple to at least give you a chance of getting your machine located and back to you is better than doing nothing at all.

We had a short discussion on irc about this thread and I went hunting for a google maps api which should keep historical tracks of your device if its required.

Once you get the functionality to tell the server where your device is (whether once per session or every few minutes) then many additional data processing options can be used :)

http://conversationswithmyself.com/m...apTracker.html

It would be really good to add this server side functionality into maemo.org * and have the client software pre-configured to go to your account there.

Obviously all private unless specified and can be reconfigured to any server.


*mainly because not everyone has their own cputime and webspace available.

Re: have stolen nokia "call home" with its ip address
 

I was thinking more in terms of sysadmins than cops. In some cases, sysadmins might offer some help if you could show that the ip addresses and gps location were in their network.

As far as the thief getting access to the internet with the stolen device, all s/he has to do is walk into a place with free WIFI and connect the device. S/he doesn't need any of your passwords to do this and get connected.

I personally would rather at least try to recover my $500 investment than do nothing, especially if I knew where the thing was connecting. You might be right that nobody along the line would care enough or have enough time to lend a hand, but again, it's probably worth at least a try.

Re: have stolen nokia "call home" with its ip address
 

This is a great idea. It would be optional - if you wanted to register the location of your device at some central or distributed server at boot, that could be enabled and only disabled with a password or ssh key.

Re: have stolen nokia "call home" with its ip address
 

OK, I don't get it.

This whole thing seems to be based entirely on the supposition that the N8xx is stolen as opposed to just being lost (and eventually found) - a far more likely scenario, non?

I'm not sure why you wouldn't just want to replace the start-up splash screen with your name and contact (email) info and a short message asking for the 'return of the unit if this screen appears since you would remove it it you'd sold or given it away'.

Or have the screen splash, after, say, 40 minutes automatically after start-up to avoid a thief first playing with the N8xx a bit before trying to pawn it off so someone who would see it would at least *know* it is either missing/stolen?

I mean, I don't see why you can think a thief is going to spend much time with this unit. S/He might as well get rid of it quickly as possible since anyone who actually *knows* anything about these Nokia units will know that the tablet is missing the recharger and the usb cord. And if the thief tries to pawn it off to some idiot who *doesn't* know what the hell s/he's getting, the thief would have to have as full a battery as possible to razzle-dazzle a potential buyer.

At that point, it really is up to the person in possession of the unit whether to go through the process to get it back to you but at least that person *knows* the unit has been lost/stolen as opposed to your method which seems to endlessly track the unit with no way to either inform the new 'owner' or give the new 'owner' a chance to get the unit back to you.

Alternatively, if I was so concerned about theft, I'd just etch an email address on the back plastic and if it does go missing, at least you can post signs up or tell local internet forums to look out for it.

I dunno. I've worked in tourism in the past and I've been in a job position where a lot of incredibly interesting things that are genuinely lost come across my desk and the first thing I try to do before I give it to the Lost & Found Department is to find an obvious method the owner has left for me to contact them and, um, your method is not obvious.

In fact, in iTunes, my iPod is actually named a specific email address and the contact information on it is also linked to an email address (if I'm traveling in Europe, I can't reasonably expect someone to phone me back in North America just to tell me they've found my iPod and, well, I'd still be traveling in Europe, anyway. Email is a much quicker, much freer method of contact).

However, you give an N8xx with this thing on the unit to your girlfriend/boyfriend and I guess you can become a stalker? If you can track people with those iPod+Nike units, why not the Nokia N8xx's?

Re: have stolen nokia "call home" with its ip address
 

Many ways to solve the problem.

Re: have stolen nokia "call home" with its ip address
 

Gotta admit... your way is way cooler, though :cool:

Me? I'm Ms. Practicality (and not much of a stalker) :D

Re: have stolen nokia "call home" with its ip address
 

I'm just going to stick a spanner in this...

Earlier this year I had my XBox 360 stolen. Last month I got a call from Microsoft saying someone had tried to re-register it on Live. I passed this on to the police and the police and Microsoft started talking to each other. Unfortunately, in the words of a MS support person I spoke to "we've never had anyone stupid enough to turn on a stolen XBox before" and neither them nor the police had a clue what to do.

It's all very interesting making your N800 tell you it's been turned on after it's been stolen... it might even be interesting taking a photo of the person operating it. But you'll probably only end up with a picture of the poor sod who bought it cheap from a 2nd hand pawn shop, not the person who stole it.

Also... so you're giving the new 'owner' of my N800 SSH access to my PC? That doesn't seem so wise.

And I can say from personal experience, it's damn frustrating knowing that your stolen property is being used *right now* by someone who shouldn't have it, and you're powerless to do a thing about it. It's actually better not knowing.

The GPS wouldn't be a workable solution either... have you seen how long it takes to get a lock outdoors? "I think I might be stolen. Please stand still for 20 minutes while I get a lock on your location, thanks"... not going to happen.

Re: have stolen nokia "call home" with its ip address
 

Piku,
You would not need to give them ssh access to anywhere.
Simply ping a URL on some public webserver you have.
Pass the location as parameters to the page and have the page store the location in a database.

Nothing more, nothing less.

We aren't saying we can get the machine back but at least knowing where it is might help.

You are right about the gps lag time, but since we can send the last known location it at least narrows down the search. depending on how they use it and what is logged you should get a good idea of location more than simply an ip address ping.

Also, I believe you overestimate the intelligence of your common criminal, watch My Name is Earl for examples ;)

Re: have stolen nokia "call home" with its ip address
 

Adeona is an open source application doing just this, and more.

Re: have stolen nokia "call home" with its ip address
 

Will it run on a Nokia?

Re: have stolen nokia "call home" with its ip address
 

Yeah it will probably run on a NIT. The dependancies aren't that complex. But it isn't compiled, and I don't have a SB on a fast computer ready yet.

I'm not suggesting one has to run this. I'm more sharing it because I stumbled upon it, because it might be an alternative, or it may inspire you what (not) to do. It was posted on Slashdot, and many users stated they were simply using wget in a crontab.

Re: have stolen nokia "call home" with its ip address
 

If you put the script that I posted here in /etc/network/if-up.d/, give it 755 permissions and REMOVE THE SHEBANG FROM THE FIRST LINE OF THE SCRIPT (#!/bin/bash), then it will execute and send the file "home" each time that a connection is made. In my case it is the wireless wlan0. Whenever this interface is brought up, the script executes and the NIT "calls home" with its current ip info. This removes the need to set it up as a cron job. So with this latest arrangement, the "calls home" are not every hour as with cron, but only sporadically as the interface comes up.

I am still working on incorporating the gps location data - as noted in an earlier post, wait times for getting a gps fix can be very long. Unfortunately, I am stuck at this point because I can start the gps daemon and have it log its data to a file, but the only way to stop the program is to kill it from another shell. I can start gps at boot so that it does not just magically appear in the system tray at some random time as with cron, but extracting the actual position to cat to the file that is securely copied home is proving more difficult.

Re: have stolen nokia "call home" with its ip address
 

dannemil:

Take a look at this thread.

Re: have stolen nokia "call home" with its ip address
 

Exactly, Mara. I was going to post the same link.

It seems more reasonable to wait until the 'new owner' connects voluntary to GPS and then gather the info to send with the next Internet connection than forcing a connection that will be at least suspicious and probably inducing the thief to flash the device.

Additionally, I would only take a picture if the red LED can be disable.

Re: have stolen nokia "call home" with its ip address
 

There is of course another way...

Just wait until the new user uses the camera (install the app beforehand) and save any images taken with it :)

Re: have stolen nokia "call home" with its ip address
 

That could take ages. I barely use the camera. Why would use it the 'new owner'?

Re: have stolen nokia "call home" with its ip address
 

Thanks for the lead. I looked at that thread, but I can't find the function that reads the gps_last_saved_report.

Does anybody know how to parse this file to get the location data?

Re: have stolen nokia "call home" with its ip address
 

In the US.

A friend of mine lost an Iphone. I found one on craigslist that seemed to match the profile and went to the place to meet.

First called the non-emergency police number and they told me to verify it was the model, then if it was, call back and they would meet the person and retrieve the stolen item with some proof of purchase.

I met the person and the esn didn't match, but it was a good lesson in our rights on these devices.

It is also very important to create a police report.

my $.02

Re: have stolen nokia "call home" with its ip address
 

If a thief stole it or the person who bought it from thief/whatever, then they would know nothing about the camera. Like how bad it is (:P). So they would try it out.