Taking back your mobile phone

Remember 10 years ago when you were happy if your phone had the Snake game[0] or a color screen?  Now we’ve got all sorts of smart phones loaded with applications, media and functionality.  Recent news has shown these apps aren’t without a cost to privacy[1] and in other cases not so trivial to even get onto the phone, with some platforms dictating very strict rules[2].  As I’ve got an older phone that doesn’t support much beyond voice and text, I’ve always been a bit jealous of those who can do fancy things with their iDroid900’s.  So I started thinking about ways to add a bit more functionality to my phone without the costly upgrade, required data plan or potential loss of privacy.  Using the way my cellular provider has SMS setup, I was able to build a no-cost system that allows me run basic applications (text only thusfar) simply by sending commands in a text message.

The foundation for my system is a gateway my cellular service provider has setup that allows regular SMS messages to be sent as emails, and conversely emails being sent over SMS[3].  By sending an email from my phone to an account I controlled,  was able to see that the email address was both predictable and unique in the format: 5555555555@sms.provider.net.  (For the lazy, there’s also publicly maintained list of providers and their addresses.[4])  Next, I set up an email account for the purpose of a communication channel, cmd@network.com.  Once I had verified that the email/sms gateway was a viable pipe, I did some testing to find ways send and identify commands as well as do basic authentication.  Using the results of this testing I was able to write a backend script in python and added it to my crontab.  The script automates logging into the pop3 account, reading and processing the messages, and if appropriate, responding to the sender.  I’m still working on cleaning up this code so it acts a bit more like a framework, but for now I’ve got a great proof of concept.

Based on this model, I’m able to offload processing to a device I more directly control.  This provides me with a more flexible and powerful system to do the heavy work and all the mobile device has to worry about is sending and receiving messages.  This also allows me to work in whichever language makes the most sense, rather than possibly being stuck using a specific, and probably unfamiliar, language[5].  By doing the actual processing on my server, I’m also able to hide any personal information or passwords[6] from the mobile device, the app itself[7] and all the other apps running on it.[8,9]  By using a rented server or running one from your home (any device with internet connectivity during the times you’d use the app will work), you essentially turn your phone into a thin-client and run a homebrew “cloud” server for mobile applications.  Leveraging slightly more advanced features of your phone, such as the camera and/or GPS can further empower your server-side applications by sending more data.

In my experimentation I have come across a few issues with the way this all works, some of which may be problems inherent in the system itself.  With relation to widespread use, this requires a moderate to high level of experience to setup.  Additionally the interface, the native SMS application on the user’s phone, isn’t particularly full-featured.  This means the user would have to type out long commands.  Text-recognition software or other image processing tools could be used along with the phone’s camera to help add to the ease of use.  If you’re not tinfoilhat paranoid like I am and feel comfortable using a hosted service, there are a number already out there to provide a lot of the functionality i discuss in this post.[10]

One of the major drawbacks with this is, since almost everything is generated directly by the user rather than code behind a click-button, the protocol is plain-text.  While passwords and other sensitive information would be stored on the server, commands and authentication information would be sent in the clear.  One possible solution could be a 2 factor system that involved a code being requested from the server and sent to the phone, but I’ve not fully explored this yet so I’m unsure if it solves all the problems.

During my research and experimentation I’ve come up with a few possible “SMS applications”, a few of which I’ve implemented as proof of concepts (indicated by “PoC”.)  My code is still pretty nasty, but if you’d like details on my implementation of the PoC ideas –  leave a comment, post to psych0tik-list or find me on the IRC .

*An IRC-SMS gateway which will forward messages to a specific user to my mobile phone.  This uses ii to keep a persistent connection and a cron job to periodically check and send the message.  (PoC)

*Googlemaps lookups using geotagging (GPS required) and the camera function.  By enabling geotagging on the camera, the longitude and latitude at which the picture was taken are embedded into the exif portion of an image.  By sending the photo along with the desired destination, the server is able to make a look-up and gather text directions to respond with.  I haven’t dug in too deeply to this, but you might be able to send a static image too

*A price lookup application that ties into a few retailers.  Send the name of a product to your server and get an easy price comparison.  Depending on how much time you want to invest into this, you could add the geotagging from above to find the closest better deal

*A Facebook, Twitter, or Flickr app that will post your status update, tweet or image to the site without exposing the password to the app on your phone and anything else on the phone with privileges (or the ability) to access that

*Custom applications to use features of other web services, authenticated or unauthenticated (PoC)

References:

[0]https://secure.wikimedia.org/wikipedia/en/wiki/Snake_%28video_game%29#Snake_on_Nokia_phones

[1] http://online.wsj.com/article/SB10001424052748704694004576020083703574602.html

[2]http://www.minyanville.com/dailyfeed/18-rules-for-submitting-to/

[3]https://secure.wikimedia.org/wikipedia/en/wiki/SMS_gateway

[4]https://secure.wikimedia.org/wikipedia/en/wiki/List_of_SMS_gateways

[5]http://developer.apple.com/technologies/tools/xcode.html

[6]http://threatpost.com/en_us/blogs/wells-fargo-boa-cited-lax-mobile-app-security-110510

[7]http://blog.hudsonhorizons.com/Article/Facebook-Privacy-FB-Apps-Steal-Your-Address–and-Phone-Number.htm

[8]http://venturebeat.com/2010/07/28/android-wallpaper-app-that-steals-your-data-was-downloaded-by-millions/

[9]http://www.cnn.com/2011/TECH/mobile/03/02/google.malware.andriod/

[10]http://www.makeuseof.com/tag/regular-cell-phone-smarter-smsmms-data-plan-required-part-1/

 

About samurai

I like computers... A lot. So I tend to spend a lot of time doing varied things with them. Often you'll find me playing with Python or PHP, fighting with operating systems, ranting about some off-the-wall concept, or preparing for zombies.
This entry was posted in Articles and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *