Created A Phone-To-Computer Command System. What Next?

[Asheekay]

Here's the complete story.

On a website about cyber tech I saw a tutorial about how to turn off your computer through your cellphone by sending an email and setting up your outlook express. I thought I could improve the plan. So I worked on the idea of creating a system of controlling [partially] a computer through a cellphone which would have more options and would not require any outlook thing or such.

It took me more than a month but I was finally able to develop that system with visual basic 6 and php.

It works like this:

you install the visual basic application on your computer

you open up a website on your cellphone [or another computer]

you select commands from that website dropdown list and send them

those commands are executed on your computer through the application

Thing is, I don't know what to do with all of this system now that its finished.

Any ideas?

[MrFancypants]

You could use it as a kind of private cloud. Suppose you're at work and need access to some files on your PC at home. Open your app, browser through your files and copy them to your phone or maybe a usb drive connected to your phone.

[The-Bleh-Bleh]

Use phone as a remote for watching movies on your monitor (play/pause, volume).
Make buttons for controlling a massive botnet in case you ever become a wanted hacker on the run.

[Goody.]

Quote:

Originally Posted by The-Bleh-Bleh

Use phone as a remote for watching movies on your monitor (play/pause, volume).

Unified Remote app is brilliant for that amongst a few dozen more brilliant things and it does it all my PC's and server

[Asheekay]

Quote:

Originally Posted by MrFancypants

You could use it as a kind of private cloud. Suppose you're at work and need access to some files on your PC at home. Open your app, browser through your files and copy them to your phone or maybe a usb drive connected to your phone.

Oh waaa. I didn't put files uploading/downloading in that. It would be particularly hard to implement for me [an intermediate level programmer].

Quote:

Use phone as a remote for watching movies on your monitor (play/pause, volume).
Make buttons for controlling a massive botnet in case you ever become a wanted hacker on the run.

lol, thats too easy [already implemented]. I don't know what are botnets though and what they do with them.

To be honest, I did it as a possible commercial project. But didn't get even a single account request [you get your own dedicated application and a login account at the website so that only you can control your computer]. I then lost interest in it and as I write this, I checked the website where I had uploaded the php files [login and commands intake system] and I found out that the website registration has expired. Thankfully all the system still resides on my hard disk. The website was Daera.net btw.

Do you people think this project has the potential of being a commercial service? Should I register a website again and host the system or just let it stay and rot on my hard disk. I can't even put it on my CV [my bachelor degree is in philosophy and political science. I develop programming projects as a hobby].

[D3matt]

If you can make it secure and easy, possibly, but you have to consider the age-old question: Why would anyone want to use my solution instead of one of the other solutions already out there?

[Asheekay]

the age old question is easy to answer because the application offers something very unique. The main problem is about making it secure. I mean sending it to all antivirus companies with a full explanation of it and digital signatures and security certificates and that stuff. Thats what I don't know how to do.

[D3matt]

Quote:

Originally Posted by Asheekay

the age old question is easy to answer because the application offers something very unique. The main problem is about making it secure. I mean sending it to all antivirus companies with a full explanation of it and digital signatures and security certificates and that stuff. Thats what I don't know how to do.

Not really. There are other remote access services that offer smartphone apps that can do way more.

And that's not making it secure. Making it secure is making sure the connection between your server and their computer is secure, login database is secure, etc. Since I'm assuming you're not going to ask everyone who uses this to know their own IP address and open port 80 on their router.

[Nemmerle]

Assuming I understand you correctly: you set up a website which sends an email to their computer which is interpreted by some program on their computer to execute a specific command.

So: phone -> website -> Email -> computer ...

I think the first thing I'd do would be to set it up so that it doesn't need a website/email sitting in the middle. The second thing I'd do would be to digitally sign all your commands so that people can't just send an email/command to your computer and spoof the sender to get it to do what they want.

But honestly, if you're looking at this as a commercial thing, universal remote is already quite good - and there are other remote desktop applications out there. Unless you can think of an advantage you could take over one of them it's probably not worth exploring from a commercial angle.

[Asheekay]

I think the system is already pretty hard to hack, although of course not impossible or any such. No login information is stored on the hard disk [you enter your account information to the application on every boot time by yourself] so that reverse engineering the application would not compromise the security of the system.

The commands pass from the database to the computer in encrypted form, so that middleman would get no information if the data is hijacked.

The data enter process on the website itself is insecure. I mean its a simple http website. The one I made for my system that is. Its not https or something.

And no. It doesn't involve any mailing at any stage. Its mail-free. It goes like this:

you run application on the computer

you login at the website

you enter your commands at the website

website sends that command directly to the software in encrypted state

software implements that command

its user friendly. Even idiot-friendly i'd say. Nothing technical for the user to do.

The main issue is that if you run the application on your computer you'd get freaked up with the messages from your antivirus. Here are some that I got with different antivirus:

application cell2pc is trying to establish an unidentified tcp/ip connection to 86.25.34.6 [website server]. Do you want to authenticate it?

Application cell2pc does not contain digital signatures from a trusted publisher. Are you sure you want to execute this application?

Application cell2pc ip trying to access the network. This is an insecure connection. Are you sure you want to authorise it?