Re: have stolen nokia "call home" with its ip address
 

This is an incredibly potentially useful idea! Nice.

Re: have stolen nokia "call home" with its ip address
 

Thanks. I am close to having a version that also includes the gps location of the nokia. It will turn on the gps at boot and wait until the gps gets a valid fix or until some period of time has passed, then call home the ip address info as well as the latitude and longitude. You could then use google earth to narrow down the location of the nokia.

Re: have stolen nokia "call home" with its ip address
 

I have taken the suggestions offered earlier and incorporated them in this version of the call home script. In particular

1. The gpsd daemon is launched for 8 minutes to try for a fix, and if a fix is obtained, the gps coordinates are written to the file that is sent home. You can change the variable that determines how long it tries for a fix :-( If you get coordinates, you can paste them into Google Earth to get some idea of where your nokia tablet is.

2. The script is now located in /etc/init.d/network/ instead of in a crond directory, so as soon as the network connection is made, the gpsd daemon is launched, and gps/ip information is sent home using secure copy <scp>in the file .locate-nokia once per session.

3. If a gps fix is not obtained, then the last known gps coordinates are sent.

4. I am not a programmer so this code could really use some help and improvement (:) for open source)

Copy the script below into /etc/network/if-up.d/ and chmod 577 the file. If all works as intended, then about 8 minutes after you make a network connection, you should find the file sent to your "home" computer.

[EDITED: I later attached the text file version of the script instead of having to copy and paste the inline version. Just remove the .txt when you cp the script to /etc/network/if-up.d/]

################################################## #######################
#
# (July 23, 2008): adapted from the laptop
# script to call home at http://snippets.dzone.com/posts/show/3693
#
# Script to have Nokia internet tablet "call home" with its
# current ip address and gps coordinates if available.
#
# "Calling home" means securely copying a file with gps/ip info
# to a computer set up to receive this file.
#
#
#======= Notes:============================================ ==============
#
# 1) the version of awk on the N810 does not do exponention
# (e.g. 10^2) so I had to jump through hoops in awk to implement
# a piece of code that called for exponents
#
# 2) This version of the program starts the gpsd daemon and runs
# it for 8 minutes to try for a fix. If it gets a fix, it includes
# the gps coordinates in the file that is sent home. If it doesn't
# get a fix then it sends the most recent coordinates.
# You can change this value by changing the variable $gps_on_time
# below. The running gps data are stored in the file
# /home/user/gps.log. This file consists of NMEA sentences.
# The GPGGA sentences have the latitude, longitude and whether a
# valid fix was obtained.
#
# 3) Assumes that you have a standard install with your home
# directory at /home/user. If not, then change the home directory
# in the variable called $base
#
# 4) The first time it is launched, it will create the file
# /home/user/.last_known as an empty file. If it ever gets a gps
# fix, it will store the current gps coordinates in that file.
#
# 5) Put this script <call_home> in /etc/network/if-up.d/<call_home>
# without the <> brackets, gainroot and chmod 755 the file.
# Whenever the network comes up, the script will execute and send
# the information home after it has tried for a gps fix. Because it
# is squirreled away in this somewhat obscure 3-deep
# directory, I left the name as call_home. If you are particularly
# paranoid, you could rename it something else that would not give
# away its purpose.
#
# 6) The "hidden" file that is sent home is called .locate-nokia.
# This is written locally to your home directory, usually /user/home
#
# 7) There are several variables that you have to define in the ip/system
# section of the script below


#====== set user's home directory; usually /home/user

base="/home/user/"

#====== set period gps tries for fix

gps_on_time="480" #seconds

#====== last known gps coordinates are always written to /home/user/.last_known
#====== check for file's existence; if it exists, leave it alone
#====== if not then create an empty file

if [ -f $base".last_known" ];
then
touch -c $base".last_known"
else
touch $base".last_known"

fi
#====== first remove the previous gps.log data

rm -f $base"gps.log"

#====== start the gpsd daemon, run it for $gps_on_time, then kill it

su user -c /usr/libexec/navicore-gpsd-helper >> $base"gps.log" & sleep $gps_on_time && kill "$(pidof /usr/sbin/gpsd)"

#====== determine whether a valid fix was obtained

fix_state=$(tail -13 $base"gps.log" | grep GPGGA | awk -F',' '{print $7}')


if [ $fix_state -eq "1" ]; then

temp=$(date)

#====== write date and time to .last_known

awk -v varx="$temp" 'BEGIN {print "Date of last gps fix: " varx}' > $base".last_known"

#====== extract the raw latitude and longitude from the NMEA sentences in /home/user/gps.log

raw_lat=$(tail -13 $base"gps.log" | grep GPGGA | awk -F',' '{print $3}')
lat_dir=$(tail -13 $base"gps.log" | grep GPGGA | awk -F',' '{print $4}')
raw_long=$(tail -13 $base"gps.log" | grep GPGGA | awk -F',' '{print $5}')
long_dir=$(tail -13 $base"gps.log" | grep GPGGA | awk -F',' '{print $6}')

#====== The raw latitude and longitude are not very human readable,
#====== so reformat them into deg, min and secs
#====== this is where this implementation of awk lacks exponentiation,
#====== so a tortuous awk workaround was devised (see the for loop)
#====== for doing what should have been 10^(-n) as a series of repeated
#====== divisions by 10

latitude=$(awk -v var1="$raw_lat" -v var2="$lat_dir" 'BEGIN { split(var1,a,"."); b=length(a[1]); if (b==4) ls=2; else ls=3; n=1; for (i=1; i<=length(a[2]); i++) {n=n/10}; print (substr(a[1],1,ls)" deg " substr(a[1],(ls+1),2)" min "a[2]*n*60 " sec " var2 )}')

longitude=$(awk -v var3="$raw_long" -v var4="$long_dir" 'BEGIN { split(var3,a,"."); b=length(a[1]); if (b==4) ls=2; else ls=3; n=1; for (i=1; i<=length(a[2]); i++) {n=n/10}; print (substr(a[1],1,ls)" deg " substr(a[1],(ls+1),2)" min "a[2]*n*60 " sec " var4 )}')

#====== now that latitude and longitude are in human readable form,
#====== write them to .locate-nokia

echo $latitude >> $base".last_known"
echo $longitude >> $base".last_known"
echo $latitude | awk '{print $1" "$3" "$5" "$7" <---paste this into GoogleEarth/My Places/Add/Placemark/Latitude"}' >> $base".last_known"
echo $longitude | awk '{print $1" "$3" "$5" "$7" <---paste this into GoogleEarth/My Places/Add/Placemark/Longitude"}' >> $base".last_known"

else

#====== If no fix was obtained, just log that fact with the date to the
#====== /home/user/.fix-failed.log file
#====== Aside: the gps on the NIT is so crappy that it will almost always fail,
#====== but on the odd occasion when then tablet is turned on outside or near an
#====== open window it might get a fix in 8 minutes

date > $base".fix-failed.log"
echo "fix failed, no gps" >> $base".fix-failed.log"


fi

#====== filename to be written to remote location

rfile=".locate-nokia"

#====== remove previous version of file

rm -f $base$rfile

#====== create the file by redirecting date to it; write
#====== current date and time to file to be sent home

date > $base$rfile

#====== write last known gps coordinates

cat $base".last_known" >> $base$rfile

#================================================= ========================
#====== Next check for and run the ip/system related commands ============
#====== These commands gather info to be sent home =======================
#====== YOU HAVE TO DEFINE SOME VARIABLES FOR THIS TO WORK ===============
#====== Leave quotes " " but remove angle brackets <> ====================

static_ip="<put ip address near you for traceroute>"
private_key="<name of your private key for ssh to remote location where file is sent>"
username="<username for scp command>"
remote_ip="<ip address to receive the scp file>"





#================================================= ========================

#
#====== basic command : command used
#====== case[0] who : who >> $base$rfile
#====== case[1] wget : ipnameit=$(wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//')
#====== case[2] whois : /usr/local/bin/whois $ipnameit 2>&1 >> $base$rfile
#====== case[3] ifconfig : /sbin/ifconfig -a 2>&1 >> $base$rfile
#====== case[4] traceroute : /usr/sbin/traceroute $static_ip 2>&1 | head -15 >> $base$rfile
#====== case[5] scp : scp -q -i $base.ssh/$private_key $base$rfile $username@$remote_ip:~
#
#====== only run the command if the path exists on the user's nokia

for program in who wget whois ifconfig traceroute scp

do

prog_path=$(which $program)


if [ "$prog_path" = "" ];

then
echo "program not found" > /dev/null

else
case $program in

who) $prog_path >> $base$rfile;;

wget) ipnameit=$($prog_path -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//')

if [ $ipnameit!="" ];

then

echo "My IP address is $ipnameit" >> $base$rfile

else

echo "IP address not available" >> $base$rfile

fi;;

whois) if [ -n "$ipnameit" ];

then

$prog_path $ipnameit 2>&1 >> $base$rfile

else

$prog_path "no ip address" 2>&1 >> $base$rfile

fi;;

ifconfig) $prog_path -a 2>&1 >> $base$rfile;;

traceroute) $prog_path $static_ip 2>&1 | head -15 >> $base$rfile;;

scp) $prog_path -q -i $base.ssh/$private_key $base$rfile $username@$remote_ip:~;;

esac



fi

done



#====== I hope you never have to use it...

Re: have stolen nokia "call home" with its ip address
 

Code tags and/or attached file? I'm not sure this one would, but often scripts posted inline like this get mangled, and it's a pain to try to debug... ;)

Re: have stolen nokia "call home" with its ip address
 

Sorry, if it gets mangled. I wasn't sure attached files were allowed. I could certainly repost it as an attachment.

Ah, now I see that attachments are allowed, so I'll repost the script as an attachment.

Here it is again as an attachment. Just remove the .txt before using it.

Re: have stolen nokia "call home" with its ip address
 

Some decent thoughts here but I think it's mostly an unworkable problem.
What type of thieves/losses do you expect:
1. Theft of opportunity as a single item - left on a car seat looks like a GPS.
2. Theft of opportunity because it was it was with other luggage.
3. Calculated theft - someone smart enough to know what it is and want it
4. Loss - whoops I left it on the bus/somewhere.

The lojack/call home concept is good but overkill for what is now a $300 device NEW.
I've only been on this forum for about a year and can only remember about two threads of #1, one of #2, zero of #3 and two of #4.

Perhaps one of the best things would be an easily searchable database here of all "stolen" IT's MAC addresses so when one turns up we could search the list. Also post stolen ones to Craigs list comments.

Add that to a log in screen offering a reward and we could probably cover 95% of the cases.

In any circumstance, keep a good backup.

Re: have stolen nokia "call home" with its ip address
 

Very cool script indeed. Kudos.

If we wanted, SSU could be made to report an identifying number of the device to the Nokia servers (e.g. wlan id). And Nokia servers would be able to store and check that against stolen devices ids and then report the ip addresses. But at least I would feel sending the wlan ids as a privacy issue.

Re: have stolen nokia "call home" with its ip address
 

Konttory ... you already send the wlan mac adress when you download a new firmware :)

Re: have stolen nokia "call home" with its ip address
 

Why not try all of these? The more information there is about its whereabouts, the better. A simple login screen as you say would go a long way toward at least deterring the the person who ends up with your Nokia from "easily" gaining access to any information that you have on there.

I think the MAC address database is an interesting one, but it has some privacy issues involved if every time I make a network connection my ip address shows up on someone else's server (it's different if it shows up on MY server).

As far as it being relatively cheap, I agree that it's not like when your laptop gets stolen, but hey, even cheap cell phones have mechanisms to "lock" them down when they get stolen mostly as a deterrent to losing the information on the phone.

At any rate, all good ideas for at least making an attempt to retrieve the device if it ever gets lifted.

Re: have stolen nokia "call home" with its ip address
 

Yeh, I forgot to mention, as posted in another thread, the machine should be wiped as soon as it's determined to be stolen (3 wrong password or something).

Re: have stolen nokia "call home" with its ip address
 

Hi there.

I have a sort of workish c daemon that stores gps info whenever the gps got a fix from another application, write them on disk if the machine reboots so it can reload them next time it starts, and wait that the internet is available to send them on a remote xmlrpc server (as well as the exact time and date the gps fix occured).

It also takes picture from the cam when the internet connexion is active, next step is to have those picture send to the remote xmlrpc server too.

Currently, this is stored on a completly unrelated garage project's svn, but i may create a specific project once i m sure i can have something that works:

https://garage.maemo.org/plugins/scm...c/?root=sayhoo

Anybody interested in writing the xmlrpc server side ?

I do not feel like writing the full php web site, but i alreay got some xmlrpc things working:

https://garage.maemo.org/plugins/scm...oo&view=markup

Let me know if you are interested.

Re: have stolen nokia "call home" with its ip address
 

As an anti-loss measure, my digital camera has my name and mobile number on an attached sticker. I also have a "locked" photo on my digital camera of a picture which basically says "this camera is property of {myname}. If found please telephone {my mobile} and/or return to {address}, a reward will be paid". When I say locked, just write-protect the file. If someone found the camera and put it into picture preview mode, I'd hope on seeing the camera a fairly honest person would make *some* effort to return it. They definitely couldn't claim that since they were unable to find its rightful owner they kept hold of it.

As an anti-theft measure, I have been running from cron a script on my laptop for a while. It gathers information from its environment using traceroute, whatsmyip.org (or similar), records the MAC address of the default route, any DNS resolver settings that get set etc. It occurs to me that you could use "iwlist" and also bluetooth "hcitool scan" to try and find out other information about the location of the device. Unfortunately my laptop doesn't have a GPS. My script puts all this in a file and uses it as the payload for ping, using hping, so that it generates a very low level of background activity which is much less likely to be spotted/filtered. It sends these pings to my computer at home (static IP on adsl line) and our VPN server at work*.

I'll post the script tomorrow when I fire up my laptop at work.

I think a mixed strategy to "protect" the N800 is required:
1/ a sticky label identifying it
2/ a photo in the gallery and/or the background on the home screen to identify it
3/ a program hidden on the tablet which phones home.
4/ a small explosive device to blow the hands off anyone who steals it!

Palm Pilots have an owner field in their preference screen which comes up when the device is locked. I seem to recall GPE has that too when I ran OpenZaurus/GPE on my zaurus. Can't see why the tablet couldn't have that added as a trivial feature.

Re: have stolen nokia "call home" with its ip address
 

I vote for number 4 - N810 C4 Edition.

There was some work done for adeona on the tablets, but I haven't seen if anything else has been done on it recently.

Re: have stolen nokia "call home" with its ip address
 

Not sure if anyone mentioned this, but gmail will now tell you how many computers are currently logged into your account, as well as the IP address of the last account activity. So this is one reason to make it EASY for finders of your tablet to log into a gmail account. If they do, they'll reveal the tablet's location.

Just a thought...

Re: have stolen nokia "call home" with its ip address
 

Why /usr/libexec/navicore-gpsd-helper is not available on N900?

Re: have stolen nokia "call home" with its ip address
 

If someone could get into a deal with symbianguru to help port their symbian app Phoneguard onto Maemo all would be well. I wouldn't mind buying such an app.

phoneguard works such that you can send sms that consists of a keyword to the device and it would send back the requested data or lock the device or sound the alarm. it also sends back network info like imsi code, sim number is sim has been changed and other data. gps co ordinates can also be sent if the device has acquired lock.

Re: have stolen nokia "call home" with its ip address
 

The code as given in http://talk.maemo.org/showpost.php?p...3&postcount=43 is unsafe and should not be used without modification or specific work to secure your system.

Here's the problem:
Unless you have

• a completely unused box on a separately secured network or
• fully secured this login so that ssh commands can't be issued, files written to locations like ~/.fetchmailrc or /var/adm/cron/crontabs/$username, etc.

you've just given away the box where you're collecting this data, and possibly the network it is on.

The file upload mechanism needs to be changed. It's not important that user be authenticated when sending the files(but see below), but it will be important to limit these files to a safe location (eg not a generic user's home directory), and limit how much can be sent so that your system doesn't get attacked with a denial of service attack via a full hard drive. To be a good network citiizen, you will want to track what's put in your system so that it doesn't get used for exchange point for malware or other nasty stuff -- and this is where having the user authenticate would be useful since it should limit this last problem greatly.

I would take a look at the open source offering mentioned earlier in this thread to see if they've solved the uploead nicely. If not, I personally would look at using a WEBDAV plugin on top of Apache on my home Linux box. As this extension to HTTP will pass through more firewall configurations than ssh or ftp, you'd be more likely to get the files you need to track the miscreants down.

Re: have stolen nokia "call home" with its ip address
 

is there not a way to have the GPS show u in Real Time where your phone is. if the GPS is on. i have seen this in a diff phone ages ago.

also seen this set up on 2 phones. so peeps can see each other

Re: have stolen nokia "call home" with its ip address
 

last few posts should be moved here http://talk.maemo.org/showthread.php...ighlight=theft

Re: have stolen nokia "call home" with its ip address
 

I totally agree with what Alan said, and in addition you have the problem that the the thief theoretically can ssh into your box and erase the files. You want some kind of a write only storage for any info collected from the phone.

Re: have stolen nokia "call home" with its ip address
 

That is a perfectly valid assumption, but what is the likelihood of this happening?

Re: have stolen nokia "call home" with its ip address
 

About same than the thief wanting to do anything with your data? If they're after your passwords or other private data they are surely gonna take a closer look at things like this...

Most thieves want just the hardware, though. And if they're any smart the first thing they do is take the battery out and reflash the device before the tracking software can do anything.

Re: have stolen nokia "call home" with its ip address
 

well then you might as well just not bother recovering you property, call you mobile operator and have then disable the handset via its IMEI number. I am already signed up for this. It basically allows all network operators not only to track the phone when it tries to connect to a network but also make the device a brick.

Re: have stolen nokia "call home" with its ip address
 

Thanks for sharing this with us! :)

Altho it is quite a lengthy process jst to send out an ip/details. Surely an app for this will be out soon.
ill wait for that :-P

Re: have stolen nokia "call home" with its ip address
 

It depends on where you lose your phone. Lose it in a supermarket or on a train to the beach, not too likely. Lose it at in the local computer chain store or the meeting of your local Linux user group, much more likely. In any case it's not a risk *I* would willing to run as losing the phone would be less painful to me than having to clean up after an intrusion to my systems at home.

I took a quick look at the Gnu anti-theft tool mentioned earlier in the thread, and it looks like it has complete approach to the backend storage of the data regarding location.I think adding GPS, camera, etc, to its data gathering is the endpoint we should aim at.

In the meantime, if your risks are different than mine, deploy the current script. But do so with the knowledge of the risk to the system waiting to gather data viassh upload.

Re: have stolen nokia "call home" with its ip address
 

It depends on where you lose your phone. Lose it in a supermarket or on a train to the beach, not too likely. Lose it at in the local computer chain store or the meeting of your local Linux user group, much more likely. In any case it's not a risk *I* would willing to run as losing the phone would be less painful to me than having to clean up after an intrusion to my systems at home.

I took a quick look at the Gnu anti-theft tool mentioned earlier in the thread, and it looks like it has complete approach to the backend storage of the data regarding location.I think adding GPS, camera, etc, to its data gathering is the endpoint we should aim at.

In the meantime, if your risks are different than mine, deploy the current script. But do so with the knowledge of the risk to the system waiting to gather data via ssh upload.

Re: have stolen nokia "call home" with its ip address
 

I think you're all looking at it the wrong way. No need for SCP, FTP anonymous is enough. Just configure your ftpd to only support anonymous writing, and no deletion nor reading (or move have a crontab move the files in the directory to a more secure location, inaccessible from FTP). Give the user a quote of say 10MB per day max.

The problem is that a lot of shared wireless connections don't allow SSH or FTP access. In that case, i would recommend using wget to post the data to a webpage. This is even better, as it allows to view the data for authenticated users, but not the guy who stole your device.

Even if you go with the SCP route, this isn't a security issue. You can create a dedicated user account who can only go to /home/spy and doesn't have execution rights to anything, and also has disk quotas, etc. Even better, set the shell to /sbin/nologin.

Re: have stolen nokia "call home" with its ip address
 

possible to have the front camera activated for a brief capture? :D



in response to thiefs going through data i think the n900 is a bit complex. ive had mine a few weeks and am still not using it to its full potential.

Re: have stolen nokia "call home" with its ip address
 

Ahem, I was saying that scp without additional configuration was a bad idea for security reasons--something I think you (CrashandDir) and I agree on.

That's more work than people should have to do, and if we want anti-theft software to be reasonably available to people we can't

1. depend on them having a Unix box at home up 7x24 and
2. being able to follow the steps you have given.

Exactly, WebDAV has the same advantage.


Do we really think that all N900 users have the skill and the time to do this? Do we think they all have a spare 7x24 Unix box? Even both were true, it certainly won't be true for Maemo 6 -- and wouldn't it be nice to have a future proof solution?

We want a clean client app that runs on the N900, with a minimal set of external dependencies. At first glance, the Adonea app (http://talk.maemo.org/showpost.php?p...9&postcount=30) looked like a good model. Since there appears to be a bit of problem around the supporting OpenDHT storage (http://adeona.cs.washington.edu/faq.html, at the top), it takes a bit more thought. I'm guessing that running this OpenDHT storage doesn't take a lot of resources, but have not investigated.