Overview

Mozilla Device Manager is a project that aims to provide users with a web utility to manage devices that are currently tied to their Sync account. The device manager should provide the user with a way to remotely wipe data from a device as well as track the location of the device.

Requirements

• Service must be high-availability (five nines?)
• Android client must use very little memory when not checking in.
• Both wipe and tracking will require explicit opt-in
• Wipe command must rely on a shared secret to prevent a mass wipe of users

Project

Engineers

• Jason Voll
• Philipp von Weitershausen

Milestones

• September 2011: Track a device
  • Android app (background service)
  • Web service
  • Web page for tracking

• October 2011: Wiping phone data
  • access to Fennec profile?
  • wipe whole phone (reset to factory), brick it?
  • figure out shared secret

• November 2011: Authentication / registration
  • BrowserID?
  • Sync account?

• December 2011: Package/deploy
  • beta channel?
  • server instance

Meetings

First Prototype

The first prototype will consist of the following:

• a basic web app that shows a single device with:
  • button to wipe the device
  • button to obtain last known GPS coordinates of the device
  • a text display to indicate success/failure of a wipe and show coordinates
• a basic android client with:
  • a polling mechanism that regularly checks with the server to see if the device should be wiped
  • a push mechanism that checks in with server to let it know its most recent location
• a data exchange server
  • a Python server application that handles requests and facilitates communication between devices (REST API?)

This prototype will ignore the following issues:

• security
• authentication
• showing a Google map with location of the device
• opt-in
• selecting from multiple devices
• secret code for wipe
• memory usage on mobile device
• high availability

Design

Web app:

• Written using TBD
• Makes calls to REST API when user wants to wipe or find the device's location

Android app == trivial polling mechanism making calls to data exchange server's REST API

Data Exchange Server

• Python app using Bottle
• REST API consisting of functions for the following:
  • WipeDevice(params: device_id): Called by the web app to initiate a device wipe
  • GetDeviceStatus(params: device_id): Called by the web app to get a device's coordinates and wiped status
  • CheckWipeRequested(params: device_id): Called by the Android app to check if a request has arrived at the server to initiate a wipe
  • UpdateWipeStatus(params: device_id, wipe_status): Called by the Android app to let it know that a wipe has succeeded/failed
  • UpdateLocation(params: device_id, latitude, longitude): Called by the Android app to notify the server of its latest location

Second Prototype

Now we have some basic communication working so handle some of the issues ignored in the first prototype!