[maemo-developers] Remotely Nuking a device (was Re: becomeroot once again but with password)

[From: Paul Klapperich]

On 2/22/07, James Grimwood <james at piku.org.uk> wrote:
>
> A remote-wipe program could be useful. Something that runs on the
> tablet, connects using some secure method to your computer at home,
> and then sees if you've logged your device as stolen. If so, it self
> destructs (either totally messing up the flash, or just enough that it
> fails to boot and requires reflashing). To avoid accidental
> destruction you would have to run and authorise the PC side of the
> system, and do it only when your tablet gets stolen.


You could setup pubkey authentication on your home ssh server. Then you
could add a script to the device such that when it connects it runs
something like:
ssh -n -R2022:localhost:22

Then on your local computer you could "ssh user at localhost -p2022" to connect
into your device whenever it's on the internet, regardless of where it's
connected from. You could manually erase the data, something like:
for i in /home/user /media/mmc1 /media/mmc2; do
  rm -rf $i
done

Another trick I've used--actually to update computer labs--is to keep a
script on your server, then have the device use scp to copy that script from
the server and run it whenever it connects. In my case, the script was
simple. In your case the script would do nothing. To nuke your nokia,
replace it with one that erases stuff. This will get it the next time it
connects and wouldn't require you find know when the device connects.

Other options would include writing a lot file to your home machine with the
IP connecting from. This could be used to track your device so you might be
able help police recover it. Or you could delete important system files and
your personal data to make the device worthless without a reflash.

--Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.maemo.org/pipermail/maemo-developers/attachments/20070222/13fb8bf5/attachment.htm