Re: [Announce] SMScon (control your device with SMS)
 

Hi guys,

Not sure if I fully understand your problem but let me just explain the reason behind this feature and how it was intended to work (it is already explained somewhere in this thread too, but too difficult to find it).

Two sets of people/uses only considered:
A) don't care about the contents and don't have a lock - the phone is more valuable to them
B) content is the most valuable but can't be bothered with a lock always kicking in - phone can be spared.

Note: none of them uses a lock code but they have set one.

USAGE:
A) sets the option "do not lock on new SIM"
B) sets the option "lock on new SIM"

- when A loses the phone the phone does not lock whether someone found it or not and the owner tries to recover it.
- when B loses the phone the owner tries to recover it. If the SIM changes it means that someone has already found it and tries to own it. In that case the lock kicks in and (unless he has read this forum) he has some data protected.

That's it. If you want a locked phone, i.e. with an enabled lock in the settings, to be unlocked when a new SIM card is inserted you will need to modify the lock functionality in Maemo. Not so easy..

On the other hand, if the phone can be unlocked by just changing the SIM why did you put the lock code in the first place?

Re: [Announce] SMScon (control your device with SMS)
 

My idea is this:

* set a lock code in the settings, but disable autolock (which includes boot-time check)
* at boot time, have smscon check for SIM change
* if known SIM found, enable autolock (if wanted), possibly checking lock code before continuing boot process
* if unknown SIM found, keep locking disabled (if wanted)

* at shutdown, have smscon disable autolock so the lock code is not checked by the system at next boot

A thief, after changing the SIM, would not be asked for the lock code and (hopefully) would not flash the device. We could try to recover it using smscon. Our data is hopefully encrypted and safe. :)
Does that make any sense?


To prevent buddies from tampering with the device while I'm not in the room, for example. ;)

Re: [Announce] SMScon (control your device with SMS)
 

Because data from mounted TrueCrypt partition are accessible to everyone, even the thief - and we need it to be mounted, to allow normal usage (so, for example, our SMS'es, mails, contacts, photos work as usual, despite being on encrypted partition).

Yet, when lock code kick in, someone need to turn device off to remove lock code - either by flashing, or *if* SMSCON option would work like we expected it to (so, changing simc would disable lock code). This (reboot) makes truecrypt partition unmounted again, with password/keyfiles prompt on new boot.

This way, if someone boot my device, but fail to provide lock code and keyfiles, she/he is presented with device without my contacts, messages, mails, passwords, etc.

It makes sense, but suffer form what I've written above - this way - without lock code kicking in every few minutes, our encrypted, yet mounted TrueCrypt partition's content is exposed to everyone.
---

I just hope, that we'll be able to found a way, that will address people that, at the same time. care about their private files/contacts/etc, and value their device.

/Estel

Re: [Announce] SMScon (control your device with SMS)
 

To prevent misunderstandings: there is no option like (B) yet ;) Currently smscon has a (not working) "UNlock on new SIM" option only.

But whether or not we find a way to change things that device lock on boot suits our needs, a option to "lock on new SIM" makes sense in any case.

Re: [Announce] SMScon (control your device with SMS)
 

Estel, please could you give a brief explanation on how the device lock and device lock code is related to TrueCrypt partitions? Is it enough to know the device lock code to mount and access TrueCrypt partitions or is there a separate password mechanism? And should this be the case, when is that password been asked for?

Re: [Announce] SMScon (control your device with SMS)
 

SMSCON 0.10.1-1 has been queued for loading into fremantle extras-devel repository.

Changes:

• FIX: Wrong access modes for smscon_boot file.
• ADD: New options for SIMUNLOCK to control automatic phone un/locking depending on SIM:
  • "no": Do not automatically change phone lock status. This is the old "unchecked" status of SIMUNLOCK.
  • "yes": Try to UNLOCK the phone if new (or no) SIM is detected. This option is left for downward compatibility only and does probably not work (old "checked" status). Don't use it.
  • "locknewsim" : New: Automatically LOCK the phone if new (or no) SIM is detected.
  • "lockalways" : New: Automatically LOCK the phone regardless of SIM.
  The SIMUNLOCK option is evaluated each time SMSCON re/starts. Locking takes place after the SIM pin has been entered (or was skipped). This means the phone is ready to receive SMSCON commands. A thief or finder is only allowed to shutdown the phone.

This version hopefully provides solutions for the device-lock/sim-lock dilemma. Please test a little and give me some feedback. The idea is, not to shut down the phone in a locked status. This way the phone comes up with SIM code question first. If SIMUNLOCK is set to new "lockalways" option then SMSCON will lock the phone immediately no matter which SIM was present. Since SIM pin was entered already, the notification about new SIM was sent and the phone can be controlled but is locked from finder or thief.

Note: The current version of SMSCON-Editor does not yet support the new option values "locknewsim" and "lockalways" and will reset the SIMUNLOCK value to "no" or "yes". Please be patient and while testing this extras-devel version of smscon and use the xterm command line to set the SIMUNLOCK option like this, for example:
No effort was made to change device-lock settings before shutdown. I found out that this is much too unreliable. Shutdown comes fast and SMSCON usually didn't get a change to prepare things.

Re: [Announce] SMScon (control your device with SMS)
 

SMSCON 0.10.2-1 has been queued for loading into fremantle extras-devel repository.

At a glance:

New option EMAILSENDER fixes some SMTP connection problems. (thanks to Casey aka doctorcolossus).

Changes:

• NEW: New smscon option EMAILSENDER. It is an email address like EMAILFROM.
  If configuration upgrade takes place, the default EMAILSENDER is empty.
  Empty means everything works as usual. Usual means that the meaning of
  settings EMAILFROM and EMAILSENDER is switched for historical reasons:
  * The EMAILFROM setting is used as technical sender in the email's "Sender" field.
  * The "From" field, the logical sender, is generated by SMSCON.
  Unfortunately some SMTP server complain about that generated "From" field.
  This was reason for this fix. In this case you set the new EMAILSENDER
  option. If EMAILSENDER is set to non-empty email address, then both
  settings are used as their names propose:
  * EMAILSENDER is used as technical sender ("Sender" field) and
  * EMAILFROM is used as logical sender ("From" field)
  On SMTP problems try to set both options to the same email address.

Re: [Announce] SMScon (control your device with SMS)
 

Hey, just tried to reboot after the new SMSCON and new SIMUNLOCK setting which I set to "lockalways".

The locking thing works now OK, after smscond has been started, thanks!

But, it doesn't have to send SMS now every time when phone is started and autolocked. Only if the SIM card has been changed. Now it does send SMS every time although the normal use case the phone is just booted up.

Re: [Announce] SMScon (control your device with SMS)
 

You are right. I will change it.

I was going on using the "lockalways" option and found bad news: If the phone gets locked via "lockalways" everything is as expected, namely phone is "SMSCON-able" but finder/thief can't use it because its locked. User can only shutdown+reboot. But in this case, the lock-code question comes first again, before SIM-pin question. Now we are at same point we've been already. Means: For those regular users which make use of device locking et all the "lockalways" option provides only and exactly one more chance to contact the phone in cases where finder/thief reboots it (no matter if with/or without new SIM).

This, I think, is a better situation to them as before. But not perfect. I can imagine even better phone behavior. As far I can see, it ends up in not making use of built-in device lock functionality: A "device lock" we need:

• must behave as a lock concerning our private data which is on the phone.
  Reason is evident.
• must not behave as a lock concerning phone usage (sms, telephony, network, camera, microphone, sound, sensors, etc...).
  Reason: Even SMSCON depends on that stuff.
• must make a finder/thief think that it is not locked.
  Reason: A locked device is unusable and a good reason to turn it off, throw away or re-flash it.

So there is still work to do.

Re: [Announce] SMScon (control your device with SMS)
 

Maybe smscon doesn't have to implement it all. Why not co-operate with TrueCrypt, if user wants to have better security.

When the phone boots, /home/user/ (or /home/user/MyDocs/) would be TrueCrypted.

SMSCON when starts, asks "lock code", which at the same time is TrueCrypt password so /home/user (or /home/user/MyDocs) can be mounted. User can also bypass using "Cancel" button, but then /home/user/MyDocs is not mounted and the device has limited access and workings.

Then again, maybe SMSCON doesn't need to know about TrueCrypt at all. When the device boots, user has to oneself to mount TrueCrypt device by clicking a shortcut in the desktop.

TrueCrypt would make the device's user data really secure also against copying when stolen. Security code itself won't protect data.

But at least if SMSCON would have its own locking mechanism, which when powercycled would still allow SMSCON to be started before the lock code, that would be great.