Active Topics
-
The N900 is now 15 years old! (9)
to Nokia N900 by Arno_11 - 10 hrs, 7 mins ago -
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (4)
to SailfishOS by Maemish - 5 days, 22 hrs ago - more...
| The Following User Says Thank You to byte_76 For This Useful Post: | ||
|
2010-09-05
, 17:34
|
|
Posts: 62 |
Thanked: 6 times |
Joined on Jun 2010
@ Poland
|
#112
|
@ Saturn, digitalvoid.
You can add option, that application is protected by password (you must type password to unlock it) and don't create icon in menu, but if you want to open this app you must go to terminal as a root and typ "run smscon" or something. I think it is a better solution, becouse if your n900 be stolen thieft can found this app and switch it off.
I think You understand my english ;p
You can add option, that application is protected by password (you must type password to unlock it) and don't create icon in menu, but if you want to open this app you must go to terminal as a root and typ "run smscon" or something. I think it is a better solution, becouse if your n900 be stolen thieft can found this app and switch it off.
I think You understand my english ;p
__________________
Maemo Meego Maego!
Maemo Meego Maego!
|
|
2010-09-05
, 17:46
|
|
Posts: 200 |
Thanked: 300 times |
Joined on Nov 2009
@ The Netherlands
|
#113
|
Originally Posted by knypek3
Password protection is needed indeed.
@ Saturn, digitalvoid.
You can add option, that application is protected by password (you must type password to unlock it) and don't create icon in menu, but if you want to open this app you must go to terminal as a root and typ "run smscon" or something. I think it is a better solution, becouse if your n900 be stolen thieft can found this app and switch it off.
I think You understand my english ;p
|
|
2010-09-05
, 19:11
|
|
Posts: 1,341 |
Thanked: 708 times |
Joined on Feb 2010
|
#114
|
Originally Posted by digitalvoid
Haven't read this thread couple of last days, so maybe this has been asked before also or maybe even applied:
Password protection is needed indeed.
The text messages which are used to control the SMScon remotely should have a password included also. There is unnecessary security risks if there is not.
(Maybe there already is, but haven't yet tried the program, because it is not yet in repositories.)
 |
|
2010-09-05
, 19:21
|
|
Posts: 1,648 |
Thanked: 2,122 times |
Joined on Mar 2007
@ UNKLE's Never Never Land
|
#115
|
Originally Posted by zimon
Could you please elaborate more on your thought?
Haven't read this thread couple of last days, so maybe this has been asked before also or maybe even applied:
The text messages which are used to control the SMScon remotely should have a password included also. There is unnecessary security risks if there is not.
(Maybe there already is, but haven't yet tried the program, because it is not yet in repositories.)
Can't imagine any other protection other than:
- locking it to only one other device, i.e. accept commands only from a predefined device. The problem here is that you limit in some cases also the speed you can start tracking you phone in case it gets lost.
- renaming the commands to words only you know. That's there from the first version and will provide a gui later to make it easier.
|
|
2010-09-05
, 19:45
|
|
Posts: 1,341 |
Thanked: 708 times |
Joined on Feb 2010
|
#116
|
Originally Posted by Saturn
Well, for example having the user defined password right after the command as a first parameter. If the password is wrong in a SMS, do nothing. If it is right, take it out from the SMS message and continue parsing the SMS normally and do what it asked.
Could you please elaborate more on your thought?
Can't imagine any other protection other than:
- locking it to only one other device, i.e. accept commands only from a predefined device. The problem here is that you limit in some cases also the speed you can start tracking you phone in case it gets lost.
- renaming the commands to words only you know. That's there from the first version and will provide a gui later to make it easier.
I have a program similar to SMScon in N95 called PhoneGuard.
It can also be controlled remotely by SMS-commands, but they (correctly) require a predefined password.
See page 11 in this:
http://www.symbianguru.com/wp-conten...ser-manual.pdf
|
|
2010-09-05
, 20:08
|
|
Posts: 62 |
Thanked: 6 times |
Joined on Jun 2010
@ Poland
|
#117
|
zimon. In phone guard sms'es are hidden. In this app isn't that possibility without hard sms programing (i think so)
You can change the commands like this - camera change to 1 remoteon change to 2 etc.
There is needed only password for open settings smscon and also i think Hidden icon - that might be running only from console.
You can change the commands like this - camera change to 1 remoteon change to 2 etc.
There is needed only password for open settings smscon and also i think Hidden icon - that might be running only from console.
__________________
Maemo Meego Maego!
Maemo Meego Maego!
|
|
2010-09-05
, 20:48
|
|
Posts: 1,341 |
Thanked: 708 times |
Joined on Feb 2010
|
#118
|
How about just requiring the first word in the SMS to be a predefined password, or SMScon would not parse the SMS futher nor do what the SMS-command would tell.
For example, I would configure a password "foobar". SMS-messages which would work would be something like:
foobar Remoteon
foobar Location
However, if someone tries to send a command with a wrong password "barfoo", the SMScon would ignore that SMS.
barfoo Remooff
barfoo Location
The security risk without this kind of password is in those countries where there is corruption. Someone working in an GSM operator you are using, can fake phone numbers, redirect SMS-messages and all kind of nasty stuff.
Right now if reply SMS and remote-ssh commands are done to only predefined addresses, it may not be a problem, but for example if remote-ssh-command can have a ssh-server's IP-address as a parameter, it is a huge problem already.
Also think if you had "Siren" command to SMScon. So when there is SMS with a command "Siren", the phone would max out the voice volume and make as much noice as it can. Could be usefull in some cases when the phone is just stolen few seconds or minutes ago or you do not remember where you have put it in some messy room. Someone sending "Siren" just to annoy would now work, as SMScon does not require password.
For example, I would configure a password "foobar". SMS-messages which would work would be something like:
foobar Remoteon
foobar Location
However, if someone tries to send a command with a wrong password "barfoo", the SMScon would ignore that SMS.
barfoo Remooff
barfoo Location
The security risk without this kind of password is in those countries where there is corruption. Someone working in an GSM operator you are using, can fake phone numbers, redirect SMS-messages and all kind of nasty stuff.
Right now if reply SMS and remote-ssh commands are done to only predefined addresses, it may not be a problem, but for example if remote-ssh-command can have a ssh-server's IP-address as a parameter, it is a huge problem already.
Also think if you had "Siren" command to SMScon. So when there is SMS with a command "Siren", the phone would max out the voice volume and make as much noice as it can. Could be usefull in some cases when the phone is just stolen few seconds or minutes ago or you do not remember where you have put it in some messy room. Someone sending "Siren" just to annoy would now work, as SMScon does not require password.
 |
|
2010-09-05
, 20:52
|
|
Posts: 91 |
Thanked: 34 times |
Joined on Apr 2010
@ Italy
|
#119
|
Hey digitalvoid, I just stumbled upon this thread. I haven't installed the app yet, but from the looks of it I'd like to say excellent work man!
__________________
Programmer, web designer/developer, abstract artist. Curently working on an experimental next-gen website, http://www.forum2point0.net
Programmer, web designer/developer, abstract artist. Curently working on an experimental next-gen website, http://www.forum2point0.net
|
|
2010-09-05
, 22:17
|
|
Posts: 1,648 |
Thanked: 2,122 times |
Joined on Mar 2007
@ UNKLE's Never Never Land
|
#120
|
Originally Posted by zimon
This functionality is already there.
How about just requiring the first word in the SMS to be a predefined password, or SMScon would not parse the SMS futher nor do what the SMS-command would tell.
For example, I would configure a password "foobar". SMS-messages which would work would be something like:
foobar Remoteon
foobar Location
However, if someone tries to send a command with a wrong password "barfoo", the SMScon would ignore that SMS.
barfoo Remooff
barfoo Location
The security risk without this kind of password is in those countries where there is corruption. Someone working in an GSM operator you are using, can fake phone numbers, redirect SMS-messages and all kind of nasty stuff.
Right now if reply SMS and remote-ssh commands are done to only predefined addresses, it may not be a problem, but for example if remote-ssh-command can have a ssh-server's IP-address as a parameter, it is a huge problem already.
Also think if you had "Siren" command to SMScon. So when there is SMS with a command "Siren", the phone would max out the voice volume and make as much noice as it can. Could be usefull in some cases when the phone is just stolen few seconds or minutes ago or you do not remember where you have put it in some messy room. Someone sending "Siren" just to annoy would now work, as SMScon does not require password.
Just go and rename the commands by prefixing your password.
The only limitation is to not enter spaces.
Cheers.
Good luck with the development and thank you for sharing!