This is an in progress wiki for findmydevice.
2. π¬ Notifications (SMS support) vs π Server
2.1 π¬ Notifications (SMS support)
FindMyDevice is an Android App that severs as a Free and Open Source alternative to Googleβs FindMyDevice. It allows you track, wipe and issue other commands to your device when its lost.
# π¬ SMS vs β¨οΈ Messages vs π Server
FindMyDevice allows for commands and information to be sent and received via SMS, messaging apps and/or a server, depending on the configuration that has been set up.
Text messages can be configured with a pin or known contact number. With a pin, any number can issue commands and receive information, assuming the pin is correct. With contact whitelisting, any chosen numbers can communicate with FindMyDevice. Both a pin and contact whitelisting can be configured simultaneously. In order for SMS to work, permissions to view SMS messages is required. To view the full list of commands, go to the commands section of this wiki and see those marked with the SMS signal (π¬).
A pin allows you to communicate with fmd with a non-whitelisted contact. If you activate this setting and set a pin you can communicate using a phonenumber that is not added to the whitelist. Just text fmd (pin) and the sender's phone number is put on a temporary whitelist. The session expires after 10 minutes and than no communication is possible anymore. If you need more time, you can reactivate the number with the pin again.
With access to notifications, FindMyDevice can handle messages from other applications. Some applications will not work, but supported messaging apps include Telegram and Whatsapp.
A server can be configured to use a server to issue commands and receive information. When enabled your phone constantly sends end-to-end encrypted your location to the server where you can than access it from a webbrowser. Your data is encrypted on the phone (with a generated private key) and than sent to the server. The server also has the privat key in an encrypted state that will be send to your webbrowser. The webbrowser than decrypts the key with your password and afterwards the data is decrypted and shown to you.
You can run use the defaut server here, or you can a custom sever either writen in Go (the offical implementation) or PHP.
When you register you need to enter a password, this password will be needed on the webpage to decrypt the locationdata. When you are registered, everytime your phone gets located the location will also be transmitted to the FMDServer. After you have registered your phone, please note your custom User ID somewhere safe. You need this User ID to locate your phone. The userid is a generated random ID from the server so the data can be identified as anonymously.
One can also enable FMDServer (the checkbox at the top) that allows the application to constantly send the location to FMDServer (every custom period).
In order to receive a command from the server (locate/ring/etc...) unified push is used, therefore you need to install a distributor (like Gotify-UP or ntfy). When you send a command like ring, the server will communicate with your push-server. The push-sever will notify your phone. If you want to, you can register for my push-server (gotify-instance) (https://push.nulide.de:9094/#/login).
# π₯ Commands
You can set a custom prefix (default is fmd). Commands are:
fmd locate - sends the current location
fmd ring - lets the phone ring
fmd lock - locks the phone
fmd stats - sends device informtions
fmd delete - resets the phone
fmd camera (back/front) - takes a picture and sends it to the server
FMD locate will send you the coordinates of your phone. In order to work, the phone needs Location enabled or this [Permission](PERMISSION WRITE_SECURE_SETTINGS) enabled. The application send the GSM_Informations (MCC, MNC, LAC, CID). These are the information about the cellular_tower you are connected with. You can get the location of this tower by searching on http://www.cell2gps.com/ or if you have added your OpenCellID_API_KEY you can even configure FMD to send you the coordinates. The GPS-Coordinates will be send as soon as they are available to the device.
FMD locate last will send you the last known location
FMD locate gps will only send you the gps coordinates
FMD locate cell will only send you the cell location.
fmd ring lets the phone ring with your default ringtone.
The phone will ring for 15 seconds. If you send fmd ring long it will ring for 3 minutes.
fmd lock locks the device and displays a message that you can configure in the settings. If you lost you device and didn't configured a message you can just write fmd lock (your message) and it will be shown. After locking your phone a splashscreen with your preconfigured or send via sms message will be shown. You are now locked out of your phone and are able to move to the lockscreen of android via the android controls β <. Now you can enter your pin, password, fingerprint or other locking method and unlock your phone.
To display a custom lock message use fmd lock Insert message, for example fmd lock please return this device.
fmd stats shows you the networks available to the lost device. This is helpful when you get desperate, maybe you recognize a network and can find the device than.
fmd delete is capable of deleting you phone. For this you have to configure a pin in the settings and enable this option. When you than send the command you have to add the pin at the end.
For example:
fmd delete <your pin>
fmd camera takes a picture from the camera you selcted(Back/Front) and sends it encrypted to the server. When you log in to the server you will be able to view the picture by presisng the picture icon.
# Settings
Here you can enable or disable the fmd delete command.
You enable this setting, when you activated the device admin, but don't want to remotely reset your phone.
If this option is disabled the device can't be reseted via fmd.
Here you can enter a Pin. The pin is useful for "fmd delete" and for "fmd via pin". If no pin is entered "fmd delete" and "fmd via pin" will not work.
Here you can write a message that can be displayed on the lockscreen when you send the command 'fmd lock'.
Here you can change the default command for communicating with fmd. If you change the command you need to use your custom command for communication.
Here you can add the API-Key from OpenCellID. With their service you can get the coordinates of the celltower you are conected with. Please look at API-Key for instructions.
Add some features by enabling their permission, you can do this by pressing the button, which will open the Permission-Wizard.
# βοΈ Extra Permissions
- For FMD to be able to turn Location Services on or off the special
WRITE_SECURE_SETTINGSpermission is needed.
To grant the permission from a computer via adb (Android Debug Bridge):
- Install
adbon your computer (e.g.sudo apt-get install android-tools-adb) - Enable Developer Settings on you device. Go to "Settings -> About Phone" and than click several times on "Build Number". You will be asked to enter your password if you have one.
- Go to "System -> Developer Options" and enable "USB debugging"
- Plug your phone into the computer
- Open a terminal/cmd on your computer
- Check that your device shows up by entering this command:
adb devices - Grant the permission by entering this command:
adb shell pm grant de.nulide.findmydevice android.permission.WRITE_SECURE_SETTINGS
If adb returns an error like in #15 you can try the following:
- Go to Developer Settings
- Enable USB-Debugging
- Enable Install via USB
- Enable USB-Debugging (Security Settings)
- Rerun
adb shell pm grant de.nulide.findmydevice android.permission.WRITE_SECURE_SETTINGS
If you have a rooted device, you can use any terminal app to grant the permission:
- Open your terminal app of choice
- Run
su -c 'pm grant de.nulide.findmydevice android.permission.WRITE_SECURE_SETTINGS'
To check that it worked:
- Close FMD
- Swipe it away from Recents
- Reopen FMD
Under "Permissions" the entry "Secure Settings" should now be green.
# β Known Issues
FMD Server allows to store the last locations of you phone.
When enabled your phone constantly sends e2e encrypted your location to the server where you can than access it from a webbrowser.
The default server is https://fmd.nulide.de:1008/
Your data is encrypted on the phone(with a generated private key) and than send to the server. The server also has the privated key in an encrypted state that will be send to your webbrowser. The webbrowser than decrypts the key with your password and afterwards the Data.
In order to use the server you need to enter the settings of fmd on your phone. Register on the default server or change the url and register on a custom server.
When you register you need to enter a password, this password will be needed on the webpage to decrypt the locationdata.
When you are registered, everytime your phone gets located the location will also be transmitted to fmdserver.
After you have registered your phone, please note your custom userid somewhere safe. You need this id to locate your phone. The userid is a generated random id from the server so the data can be identified as yours. (Don't worry as long nobody knows whos id it is, nobody nows what data is yours and also it is encrypted)
You can also enable fmdserver(the checkbox at the top) that allows the application to constantly send the location to fmdserver.
Visit the default server https://fmd.nulide.de:1008/ or your custom one.
Enter the id of your device. You will be asked for the password, after you have entered it you can see the last known location and also can navigate through a history of locations.
In order to receive a command from the server (locate/ring/etc...) unified push is used. In order to use it you need to install a distributor (like Gotify-UP or ntfy). When you send a command like ring. The server will communicate with your push-server. The push-sever will notify your phone. If you want to, you can register for my push-server(gotify-instance) (https://push.nulide.de:9094/#/login)
OpenCellID is a collection of celltower and there location. You can register on their page and retrieve an API_KEY. After you've created an account go to Access Tokens and copy the token. (Something like: pk.xxxxx)
Please enter this key to the settings of the application. When you than try to get the location the coordinates of the celltower will be send too.
FMD uses UnifiedPush to receive push notifications. Hence you need to have a distributor app installed on your phone if you want to use push. Then FMD Server will act as the application server, and e.g. ntfy Server will act as the push server.
The recommended one is ntfy, but other UnifiedPush distributor apps should work, too. After installing a push distributor app, remove FMD from the "Recent Apps" switcher by swiping it away, and then reopen it. This forces FMD to retry registering itself with the distributor.
No sensitive data is sent in push notifications, they are only used to wake up FMD.
- Configure the ntfy server in the ntfy app under Settings -> Default Server
- Make sure that you have enabled anonymous write access to
up*topics: https://docs.ntfy.sh/config/#example-unifiedpush
If you have enabled the notification option in fmd this happens automatically.
Since the whitelist cannot be used for identification the pin is needed and has to be set.
Please send the pin with every message right after fmd.
So the command for locate will look like this if communicating via a third party app.
fmd topsecretpin locate
If you are using multiple users on the same device, FMD may not work. To solve this install FMD on all users and allow them to use sms. You can do so in the user-settings. Also if you don't want to receive multiple messages change the fmd_command for every user to a different one.
If you try to message FMD via RCS (Rich Communications System), FMD will not respond. Right now only standard sms are supported, so you need to turn it off at least when you want to message fmd.
If you have more than one SIM-card inserted, please select the default sim for sms-messaging in your settings app, so FMD can automatically send data via SMS.