HOME

TheInfoList



Click Here for Items Related To - Phoning Home
OR:
Phoning Home on:   [Wikipedia]   [Google]   [Amazon]

In computing, phoning home is a term often used to refer to the behavior of security systems that report network location, username, or other such data to another computer. Phoning home may be useful for the proprietor in tracking a missing or stolen computer. This type of phoning home is frequently used on mobile computers at corporations. It typically involves a software agent which is difficult to detect or remove. However, there are malicious types of phoning homes such as surreptitious communication between applications or hardware installed at end-user sites and their manufacturers or developers. The traffic may be encrypted to make it difficult or impractical for the end-user to determine what data are being transmitted. The Stuxnet attack on Iran's nuclear facilities was facilitated by phone home technology as reported by The New York Times.


Legal phoning home

There are some uses for the phoning home practice that are legal in some countries. For example, phoning home could be for purposes of access restriction, such as transmitting an authorization key. This is done with the Adobe Creative Suite. Each time one of the programs is opened, it phones home with the serial number. If the serial number is listed as being already in use, or a fake, then the program will present the user with the option of inputting the correct serial number. If the user refuses, the next time the program loads, it will operate in trial mode until a valid serial number has been input. However, the method can be thwarted by either disabling the internet connection when starting the program or adding a firewall or Hosts file rule to prevent the program from communicating with the verification server. Phoning home could also be for marketing purposes, such as the " Sony BMG Rootkit", which transmits a hash of the currently playing CD back to Sony, or a
digital video recorder A digital video recorder (DVR) is an electronic device that records video in a digital format to a disk drive, USB flash drive, SD memory card, SSD or other local or networked mass storage device. The term includes set-top boxes with direct to d ...
(DVR) reporting on viewing habits. High-end computing systems such as mainframes have had 'phone home' capabilities for many years, to alert the manufacturer of hardware problems with the mainframes or disk storage subsystems (this enables repair or maintenance to be performed quickly and even proactively under the maintenance contract). Similarly, high-volume copy machines have long been equipped with phone-home capabilities, both for billing and for preventive/ predictive maintenance purposes. In research computing, phoning home is used to track the daily usage of open source academic software. This phoning is used to develop logs for the purposes of justification in grant proposals to support the ongoing funding of such projects. Aside from malicious software phoning home, phoning home may be done to track computer assets—especially mobile computers. One of the most well-known software applications that leverage phoning home for tracking is Absolute Software's
CompuTrace Absolute Home & Office (originally known as CompuTrace, and LoJack for Laptops) is a proprietary laptop theft recovery software ( laptop tracking software). The persistent security features are built into the firmware of devices. ''Absolute Home & ...
. This software employs an agent which calls into an Absolute-managed server on regular intervals with information companies or the police can use to locate a missing computer.


More phone-home uses

Other than phoning the home (website) of the applications' authors, applications can allow their documents to do the same thing, thus allowing the documents' authors to trigger (essentially anonymous) tracking by setting up a connection that is intended to be logged. Such behavior, for example, caused v7.0.5 of Adobe Reader to add an interactive notification whenever a
PDF Portable Document Format (PDF), standardized as ISO 32000, is a file format developed by Adobe in 1992 to present documents, including text formatting and images, in a manner independent of application software, hardware, and operating systems. ...
file tries phoning (to its author's) home. HTML e-mail messages can easily implement a form of "phoning home". Images and other files required by the e-mail body may generate extra requests to a remote
web server A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiate ...
before they can be viewed. The IP address of the user's own computer is sent to the webserver (an unavoidable process if a reply is required), and further details embedded in request
URL A Uniform Resource Locator (URL), colloquially termed as a web address, is a reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it. A URL is a specific type of Uniform Resource Identifie ...
s can further identify the user by e-mail address, marketing campaign, etc. Such extra page resources have been referred to as " web bugs" and they can also be used to track off-line viewing and other uses of ordinary web pages. So as to prevent the activation of these requests, many e-mail clients do not load images or other web resources when HTML e-mails are first viewed, giving users the option to load the images only if the e-mail is from a trusted source.


Malicious phoning home

There are many
malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...
applications that can "phone home" to gather and store information about a person's machine. For example, the Pushdo Trojan shows the new complexity of modern malware applications and the phoning home capabilities of these systems. Pushdo has 421 executables available to be sent to an infected Windows client. Surveillance cameras Foscam have been reported by security researcher Brian Krebs to secretly phone home to the manufacturer.


See also

*
Digital Rights Management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures (TPM) such as access control technologies can restrict the use of proprietary hardware and copyrighted works. ...
(DRM) * Product activation * Spyware *
Internet of Things The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other comm ...


References

{{DEFAULTSORT:Phoning Home Computer network security Spyware Internet privacy