Phoning Home
   HOME

TheInfoList



Click Here for Items Related To - Phoning Home
OR:
Phoning Home on:   [Wikipedia]   [Google]   [Amazon]

In computing, phoning home is a term often used to refer to the behavior of security systems that report network location,
username A user is a person who uses a computer or Computer network, network Service (systems architecture), service. A user often has a user account and is identified to the system by a username (or user name). Some software products provide serv ...
, or other such data to another computer. Phoning home may be useful for the proprietor in tracking a missing or stolen computer. In this way, it is frequently performed by mobile computers at corporations. It typically involves a software agent which is difficult to detect or remove. However, phoning home can also be malicious, as in surreptitious communication between end-user applications or hardware and its manufacturers or developers. The traffic may be encrypted to make it difficult or impractical for the end user to determine what data are being transmitted. The
Stuxnet Stuxnet is a Malware, malicious computer worm first uncovered on June 17, 2010, and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsibl ...
attack on Iran's nuclear facilities was facilitated by phone-home technology, as reported by ''
The New York Times ''The New York Times'' (''NYT'') is an American daily newspaper based in New York City. ''The New York Times'' covers domestic, national, and international news, and publishes opinion pieces, investigative reports, and reviews. As one of ...
''.


Legally phoning home

Some uses for the practice are legal in some countries. For example, phoning home could be for access restriction, such as transmitting an authorization key. This was done with the
Adobe Creative Suite Adobe Creative Suite (CS) is a discontinued software suite of graphic design, video editing, and web development application software, applications developed by Adobe Systems. The last of the Creative Suite versions, Adobe Creative Suite 6 (CS6) ...
: Each time one of the programs is opened, it phones home with the serial number. If the serial number is already in use, or a fake, then the program will present the user with the option of entering the correct serial number. If the user refuses, the next time the program loads, it will operate in trial mode until a valid serial number has been entered. However, the method can be thwarted by either disabling the
internet The Internet (or internet) is the Global network, global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a internetworking, network of networks ...
connection when starting the program or adding a firewall or
Hosts file The computer file hosts is an operating system file that maps hostnames to IP addresses. It is a plain text file. Originally a file named HOSTS.TXT was manually maintained and made available via file sharing by Stanford Research Institute for th ...
rule to prevent the program from communicating with the verification server. Phoning home could also be for marketing purposes, such as the " Sony BMG rootkit", which transmits a hash of the currently playing CD back to Sony, or a
digital video recorder A digital video recorder (DVR), also referred to as a personal video recorder (PVR) particularly in Canadian and British English, is an electronic device that records video in a digital format to a disk drive, USB flash drive, SD memory card, SS ...
(DVR) reporting on viewing habits. High-end computing systems such as mainframes have been able to phone home for many years, to alert the manufacturer of hardware problems with the mainframes or disk storage subsystems (this enables repair or maintenance to be performed quickly and even proactively under the maintenance contract). Similarly, high-volume copy machines have long been equipped with phone-home capabilities, both for billing and for preventative/
predictive maintenance Predictive maintenance techniques are designed to help determine the condition of in-service equipment in order to estimate when maintenance should be performed. This approach claims more cost savings over routine or time-based preventive maint ...
purposes. In research computing, phoning home can track the daily usage of open source academic software. This is used to develop logs for the purposes of justification in grant proposals to support the ongoing funding of such projects. Aside from malicious activity, phoning home may also be done to track computer assets—especially mobile computers. One of the most well-known software applications that leverage phoning home for tracking is Absolute Software's CompuTrace. This software employs an agent which calls into an Absolute-managed server on regular intervals with information companies or the police can use to locate a missing computer.


More uses

Other than phoning the home (website) of the applications' authors, applications can allow their documents to do the same thing, thus allowing the documents' authors to trigger (essentially anonymous) tracking by setting up a connection that is intended to be logged. Such behavior, for example, caused v7.0.5 of
Adobe Reader Adobe Acrobat is a family of application software and web services developed by Adobe Inc. to view, create, manipulate, print and manage Portable Document Format (PDF) files. The family comprises Acrobat Reader (formerly Reader), Acrobat (former ...
to add an interactive notification whenever a
PDF Portable document format (PDF), standardized as ISO 32000, is a file format developed by Adobe Inc., Adobe in 1992 to present documents, including text formatting and images, in a manner independent of application software, computer hardware, ...
file tries phoning home to its author. HTML e-mail messages can easily implement a form of "phoning home". Images and other files required by the e-mail body may generate extra requests to a remote
web server A web server is computer software and underlying Computer hardware, hardware that accepts requests via Hypertext Transfer Protocol, HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, co ...
before they can be viewed. The
IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...
of the user's own computer is sent to the webserver (an unavoidable process if a reply is required), and further details embedded in request
URL A uniform resource locator (URL), colloquially known as an address on the Web, is a reference to a resource that specifies its location on a computer network and a mechanism for retrieving it. A URL is a specific type of Uniform Resource Identi ...
s can further identify the user by e-mail address, marketing campaign, etc. Such extra page resources have been referred to as "
web bug A web beaconAlso called web bug, tracking bug, tag, web tag, page tag, tracking pixel, pixel tag, 1Ă—1 GIF, spy pixel, or clear GIF. is a technique used on web pages and email to unobtrusively (usually invisibly) allow checking that a user has ...
s" and they can also be used to track off-line viewing and other uses of ordinary web pages. So as to prevent the activation of these requests, many
e-mail client An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email. A web app, web application which provides message management, composition, and receptio ...
s do not load images or other web resources when HTML e-mails are first viewed, giving users the option to load the images only if the e-mail is from a trusted source.


Maliciously phoning home

There are many
malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
applications that can "phone home" to gather and store information about a person's machine. For example, the Pushdo Trojan shows the new complexity of modern malware applications and the phoning-home capabilities of these systems. Pushdo has 421 executables available to be sent to an infected Windows client. Surveillance cameras Foscam have been reported by security researcher Brian Krebs to secretly phone home to the manufacturer.


See also

*
Digital rights management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures, such as access control technologies, can restrict the use of proprietary hardware and copyrighted works. DRM ...
(DRM) *
Product activation Product activation is a license validation procedure required by some proprietary software programs. Product activation prevents unlimited free use of copied or replicated software. Unactivated software refuses to fully function until it ''determi ...
*
Spyware Spyware (a portmanteau for spying software) is any malware that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's securit ...
*
Internet of Things Internet of things (IoT) describes devices with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other communication networks. The IoT encompasse ...
*
Telemetry Telemetry is the in situ collection of measurements or other data at remote points and their automatic transmission to receiving equipment (telecommunication) for monitoring. The word is derived from the Greek roots ''tele'', 'far off', an ...


References

{{DEFAULTSORT:Phoning Home Computer network security Spyware Internet privacy