Find your Device with an SMS or online with the help of FMDServer. This applications goal is to track your device when it’s lost and should be a…

  • NuXCOM_90Percent@lemmy.zip
    link
    fedilink
    arrow-up
    22
    arrow-down
    34
    ·
    edit-2
    5 months ago

    Took a bit to figure out what it was even claiming to do

    When enabled your phone constantly sends e2e encrypted your location to the server where you can than access it from a webbrowser.

    God no. Just take a hatchet to my battery and be done with it.

    Also: Until a month or two ago, sure. But google finally got their shit together-ish and set up a tracking network the same as apple and samsung. And that is what you are sacrificing your privacy for. Yes, you give Big Tech tracking information… that they already have. In exchange you can actually have peace of mind of knowing your luggage is in the same airport or even where you parked. And you can’t really self-host a crowd-sourced network.

      • NuXCOM_90Percent@lemmy.zip
        link
        fedilink
        arrow-up
        11
        ·
        5 months ago

        I guess. But it is really going to depend on where you live and just how frequently it does dial home.

        My personal use for these networks is luggage tags. But a friend lost her phone on a hike a few years back and the find my phone stuff was more or less useless due to poor reception and ever dwindling battery.

        The real benefit is the low energy bluetooth magic and OTHER devices to do the phoning home. Because maybe I have shit reception but someone hiking a hundred feet away has good reception and updates the ping.

        • Semperverus@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          3
          ·
          edit-2
          5 months ago

          I dont want to be part of that spy network.

          “Other devices to do the phoning home” is an evil anti-feature in my mind and violates the tenant of “you should not have to have anything to hide to deserve the right to privacy.” Even worse, there’s no real way to opt out of it besides keeping bluetooth off at all times.

          • NuXCOM_90Percent@lemmy.zip
            link
            fedilink
            arrow-up
            3
            arrow-down
            3
            ·
            edit-2
            5 months ago

            I mean… bluetooth is literally broadcasting your position (sort of/it depends on the implementation). It is not at all a stretch that you should turn that off if you care about privacy. Same with not scanning for what wifi networks are available or even pinging GPS satellites (because that leaves a log). Hell… cell tower logs are a treat for cops/TLAs for a reason.

            Aside from that? Good for you. If you actually follow through on that I can respect it. My point is more that this particular solution seems like the worst of all worlds.

            Either you are demolishing your battery with regular phone homes to a server you hopefully control or you are relying on a push via SMS and the hope that you lose your phone somewhere you havea reception. And you still only have YOUR phone and YOUR network to track it which has significant drawbacks if you travel.

            • sunstoned@lemmus.org
              link
              fedilink
              English
              arrow-up
              2
              ·
              5 months ago

              Chiming in to note that GNSS communications are actually receive only. A typical phone can’t physically broadcast a strong enough signal into mid-earth orbit (where most of those satellites typically are) to achieve the “pinging GPS satellites” issue.

              Note this only refers to how that signal physically hits your phone. Once your position is deduced and digitized there’s an entirely different attack surface.

              The other concerns (especially cell tower data tracking) are valid though.

            • peregus@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              5 months ago

              or even pinging GPS satellites (because that leaves a log)

              What logs does it leave and where? Satellite is a one way communication system, the devices just receive the satellites signal and calculate the position by themselves.

            • Semperverus@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              5 months ago

              Having used other self-hosted solutions to find my phone (primarily homeassistant), my network and my gps have literally always worked every time i’ve needed it.

              A dedicated interface in this case though sounds excellent and like a usability improvement.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      21
      arrow-down
      3
      ·
      edit-2
      5 months ago

      God no. Just take a hatchet to my battery and be done with it.

      You’d be surprised what little impact on battery it actually has. I find this type of swift casting aside of something you’ve not even tried to be rather disingenuous.

      Also, if your device has a cellular modem with an active connection, your provider is already tracking your location constantly and selling your personal information to the highest bidder anyways (including law enforcement and governments), so IMO it’s a bit pointless to worry so much about that.

    • merde alors@sh.itjust.works
      link
      fedilink
      arrow-up
      7
      ·
      edit-2
      5 months ago

      if you don’t use the server it has practically no load on your battery. it sleeps until you trigger it to send information.

    • asudox@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      5 months ago

      A simple task such as sending a request with GPS information constantly won’t do shit. You’d be surprised how much android sends in the background.

    • GolfNovemberUniform@lemmy.ml
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      5 months ago

      They can have data about your past but if you care about privacy, you can limit data collection a lot and outdated data is useless in many cases. Sacrificing privacy is a questionable choice and won’t give a conscious person peace of mind at all lol but everyone makes their own decisions.

      • NuXCOM_90Percent@lemmy.zip
        link
        fedilink
        arrow-up
        5
        ·
        edit-2
        5 months ago

        If people truly change their lives and focus on it, you can do a lot. But it does not take much, at all, to become compromised to one degree or another and people vastly underestimate the amount of redundancy. Or even the impact of a sibling or partner or even friend.

        Instead, the common case is people will tweak one small aspect and think that does anything other than inconvenience them. Or, worse, they’ll watch a youtube and decide to put EVERYTHING through their vpn which… defeats the purpose because they are still one easily collated set of profiles/cookies that can trivially reveal that “Fred Smith in Afghanistan” is really “Fred Smith in North Carolina”

        Which is why my approach is that there is data I very much want to protect and data I know I can’t. So I focus on understanding the former while doing what I can with the latter.

        And something like this? There are probably specific niche use cases for this. But it is a product/service that fundamentally requires aggregated data. And, depending on the implementation, it is going to fuck with your battery hard.

        • GolfNovemberUniform@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          5 months ago

          TL;DR You need a realistic threat model.

          Well that’s true but ehh still it doesn’t happen too often. If you want to keep your data away from the government then it is a danger. If you just want not to give the unethical advertising and data mining companies your data for free so they don’t have profit (like I do), you don’t need to focus that much. And if you’re concerned about your partners and friends getting the data, you have to reconsider their role in your life ngl.

          That’s why you get a separate identity or device for everything that requires your real name and NEVER EVER tell your real name online (they even teach it in schools nowadays if you didn’t know).

          If you want a public life with posting everything that happens to you, you can’t protect much except the metadata. Other than that there is some data you can’t protect but my previous points help with it and, once again, it depends on who you want to protect it from.

          GPS ftw.

        • merde alors@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          arrow-down
          2
          ·
          5 months ago

          you don’t need to use the server. You can set it to be triggered only by sms and there wouldn’t be any “aggregated information”

      • refalo@programming.dev
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        If you have an active cellular connection, you cannot really limit data collection, including the tracking and selling of your location data.

        • GolfNovemberUniform@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          5 months ago

          GPS on a secure device is the answer. Also read my long explanation. I recommend using 2 devices and identities to avoid similar issues

            • GolfNovemberUniform@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              5 months ago

              That’s really overkill for my threat model. For me it’s a device with a degoogled FOSS ROM, no proprietary software, no sim card and with correct settings

    • peregus@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      I’ve been sending my position to my server (with Traccar and GPSlogger) for years and I haven’t had any problems with the battery. It sends out the position every 5 seconds (excessive, I know!!! 🙈) and every 69 seconds when the battery is below 25% and only when it’s not connected to a WiFi network.

      But I’m with you about the new Google tracking system. I haven’t had the chance to check: does it work like Apple and can track devices that have been turned off?

    • helenslunch@feddit.nl
      link
      fedilink
      arrow-up
      3
      arrow-down
      2
      ·
      5 months ago

      Yes, you give Big Tech tracking information… that they already have.

      Don’t know about you but Google sure as shit is not tracking my location.

      • refalo@programming.dev
        link
        fedilink
        arrow-up
        3
        arrow-down
        4
        ·
        5 months ago

        If you think google and your provider don’t already have your location… lol. lmao even

          • Semperverus@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            1
            ·
            edit-2
            5 months ago

            You may want to explain to them why this is the case. There are a lot of reasons google wouldnt have your location:

            1. You are an iPhone user without any Google apps

            2. You are a custom ROM user and have specifically gone out of your way to not install Google Play Services or any Google apps (this is me!)

            3. You are a PinePhone or Librem 5 user and are using Arch (btw) or another distro like Phosh

            4. You don’t have a mobile phone and communicate completely via desktop/laptop and/or landline phone

            5. You genuinely think Google doesn’t harvest your location 8 ways to sunday on stock Android (in which case you are factually and completely wrong - opt-out toggles should be treated as illusory on locked down proprietary systems like Google Play Services).

        • efstajas@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          Please explain how Google would get my location if I don’t run a phone with Google location services and / or don’t allow Google services and apps to access my location. Sure, they may know where you are roughly based on your IP, but that’s just within a very broad region, and can easily be obfuscated by a VPN. Google siphons a shitton of information from everywhere they can, but it’s not like they’ve secretly implanted everyone with a tracking chip either… And neither can they get around any device’s OS-level location permission system.

    • How does googles network work I assumed every phone know its own location and can relay location of nearby devices combined with multiple devices and some triangulation and maybe WiFi ssid tracking u can locate almost anything. Now that raises the major concern mainly google will know the location of every single device I’m sure its doing Bluetooth scanning so I doubt even I on graphene will be getting tracked. Surly there is a better decentralised anonymous solution here.

      • NuXCOM_90Percent@lemmy.zip
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        Not sure if google is particularly different but the way this works for the other services is basically low energy bluetooth scanning coupled with the phones providing their location*. So basically all the devices on that scanning/spy network periodically ping/listen for nearby devices/trackers. When it finds one, it sends a quick message to the servers with that phone’s location and the ID of the tracker. Get enough of those pings and you can triangulate the position of the tracker pretty precisely.

        Which… is why this fundamentally does not work with “hacker” solutions that allegedly emphasize privacy. Because you just don’t have enough devices listening. This was painfully obvious with tile back in the day and is still an issue with Samsung in some countries.

        *: Via a combination of gps, cell tower, and wifi network scanning. The less obvious part of that being wifi networks which is the majority of how interior positioning works.

        • efstajas@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          Vast majority of people do, and on iOS and Android these days turning it “off” really just keeps it from connecting to peripherals. It’s still scanning even when “off”.

        • optissima@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          5 months ago

          Turning off your bluetooth doesn’t mean it’s off until you turn it on Bluetooth is on at all times on modern androids/iOS, as of android 13 due to location services features.

          Edit, inaccurate phrasing on my part

            • optissima@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              5 months ago

              Hmm the article I read about it previously seems to be eluding me, I’m going to keep looking for it. From what I remember of the other article, the short of it is, in android, location services can turn on your bluetooth at any point and does every time it gets pinged by google without you turning it on, and they are rolling out a new feature to automatically turn it back on next version. Here’s an adjacent article that talks about one of the future android features, where you can have your phone found even when powered off, and that is using location services, which does involve bluetooth.

              • merde alors@sh.itjust.works
                link
                fedilink
                arrow-up
                1
                ·
                5 months ago

                where you can have your phone found even when powered off, and that is using location services, which does involve bluetooth.

                at that time they should just stop using the term “power off”