Loosing your moko

ramsesoriginal ramsesoriginal at gmail.com
Fri Apr 4 13:36:44 CEST 2008


On Fri, Apr 4, 2008 at 12:43 PM, Alexey Feldgendler
<alexey at feldgendler.ru> wrote:
> On Fri, 04 Apr 2008 07:35:17 +0200, Michele Renda <michele.renda at gmail.com>
> wrote:
>
>
> > When I steal the phone, the first thing that I will do is to turn off the
> phone. Then because I am afraid to be detected by cell I will change the
> internal sim, before to turn on it.
> >
>
>  This is also what happens in Russia. The majority of cell phones are stolen
> or robbed of people by junkies. They immediately turn the phone off and
> throw away the SIM card. Without turning the phone on, they bring several
> phones they've collected during the night to a buyer-up who pays them maybe
> a tenth of what the phone is worth, and that's enough for them to get their
> needle.
>
>  The bulk of stolen phones then goes to some phone repair workshops who run
> an underground business of preparing them to be sold. They reflash the phone
> or reset it to a clean state because nobody wants to sell a phone with
> someone's data on it that would be crying out loud "I'm a stolen phone".
> They also unlock it if it's locked to an operator, and change the IMEI in
> those models where it's possible. The next stop for a stolen phone is a
> second hand mobile phone shop whose owner allegedly has no idea that the
> phones that strange people bring, a whole box of them at a time, are in fact
> stolen.
>
>  Because rampant mobile phone theft brings them to the second hand market
> where they are priced for less than half of what they're worth, it makes
> them affordable to people who would otherwise not be able to buy a phone. Of
> course, this happens at the expense of those people from whom the phones are
> stolen, and who usually buy themselves a new one. Because of this situation,
> the cell operators in Russia are reluctant to use the IMEI (which is often
> impossible to change) to track down or at least deny service to phones
> reported as stolen -- that would shrink their own market.
>
>
>  --
>  Alexey Feldgendler <alexey at feldgendler.ru>
>  [ICQ: 115226275] http://feldgendler.livejournal.com
>
>
>
>  _______________________________________________
>  Openmoko community mailing list
>  community at lists.openmoko.org
>  http://lists.openmoko.org/mailman/listinfo/community
>

As cool as all the solutions sound, we have to think of some
problems/implications:
1) What happens if the sim gets changed?
2) What happens if the phone gets flashed?
3) What's with my data (stored e-mail passwords, wifi-passwods, web
history, session cookies, e-mails, and so on)?
4) What if I only loose the phone?
5) What if I lend the phone to a friend? Do I have to follow a
two-hour setup procedure to avoid my phone calling the police?

There are many solutions, but each one has it's flaws. The idea that
the phone reports back in some way is pretty cool: at each sim change,
send an sms to a preconfigured number, saying "Hi, i'm name, this is
my new number". A good utility for keeping your buddies up to date,
and for having always the newest number. another good idea is to have
configure the phone to play some sort of alarm and encrypt the files
(but still allowing access to the phone, so that the thief keeps on
using it) when it's more then.. 2 meters away from a configured
bluetooth device (your headset/bluetooth keyboard/whatever). An
intresting idea is to trace the gps position each minute, store them,
and send a log per e-mail as soon as a connection is possible (open
wifi, gprs, logged in into wifi, ..). Also a program that sends to all
bluetooth devices it reaches wich accept it something like "Help Me!
I'm a stolen phone. I belong to $name, $adress. My actual phone number
is $number, please contact the police". One out of many people maybe
will contact the police. Also the client/server setup is an intresting
idea, allowing one to install its own server, and sending coordinates
and phone number in periodical intervals. Maybe one could even make a
buisness providing this client/server setup.
And if the card is taken out, and the phone flashed? Well.. if the
phone is already shut down, you've lost your phone. The only
possibility would be to have some sort of trackback of the serial
numbers of all flashed devices.. but the security and privacy
implications of this would be too great..

Just my two cents

-- 
My corner of the web: http://blog.ramsesoriginal.org




More information about the community mailing list