?

Log in

No account? Create an account
Treo garage door opener - brad's life [entries|archive|friends|userinfo]
Brad Fitzpatrick

[ website | bradfitz.com ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Treo garage door opener [Mar. 17th, 2007|12:47 am]
Brad Fitzpatrick
[Tags|, ]

I wired up:

Treo hot key to URL...
Linksys port forward 443...
Perlbal (speaking SSL), forwarding to...
xinetd listening on random port...
script speaking HTTP, which...
uses "heyu" to send X10 command over serial port, to....
momentarily close a relay, which...
closes the circuit on a new set of garage door wires I ran, which...
opens (or closes) my garage door.

So basically bike home (either bike), pull out phone, hold down the "G" key for 2-3 seconds, browser loads page, and my garage door opens.

Except the treo browser crashes and the phone reboots after I agree that it's a self-signed cert. And the server never gets the HTTP request. If I do it from my real browser, the garage door opens as expected.

So do I....?
  • Fix SSL issues in Perlbal that caused it to crash? But all browsers work on Perlbal, and presumably the Treo "works on all SSL servers". Or something.
  • Run this not over SSL? I'm afraid of T-Mobile pre-fetching my shit "for me" and opening my garage door while I'm at work. Much less chance of that/related crap with SSL. I don't even know if the SSL termination is on my phone or elsewhere.
  • Use stunnel or something? (no fucking way I'm getting near Apache and SSL... I hate that stuff.)
But maybe it's in the end the self-signed certs that crash the Treo, not the server. *shrug* But hell if I'm paying for a cert.
LinkReply

Comments:
[User Picture]From: erik
2007-03-17 08:18 am (UTC)
This is so inferior to the remote door opener you and Rode had freshman year.
(Reply) (Thread)
[User Picture]From: eli
2007-03-17 04:36 pm (UTC)
Heh, that's exactly where I started to go with this. All you need is like...50 1 gallon milk jugs full of water and...
(Reply) (Parent) (Thread)
[User Picture]From: moonwick
2007-03-17 08:22 am (UTC)
I'd probably go with running it over plain HTTP, and tacking on a dummy GET variable onto the fetched URL, which ought to keep T-Mobile from doing anything witty.
(Reply) (Thread)
[User Picture]From: jwz
2007-03-17 08:33 am (UTC)
Given that it takes 5-10 seconds to open the network connection, it might be faster if you just set it up so that you SMS to opensesame@danga.com, and have an email responder that opens the garage door.
(Reply) (Thread)
[User Picture]From: dossy
2007-03-17 12:01 pm (UTC)
+1 ... this was what I was going to recommend. Fewer points of failure, etc.

If you're security paranoid, you could have it SMS you back a challenge that you have to just send back, to prevent someone pretending to be you. (If someone else can receive your SMS'es, you've got bigger problems.)

(Reply) (Parent) (Thread)
From: evan
2007-03-17 08:35 am (UTC)
Maybe try non-SSL with a POST (so they're less likely to prefetch).
(Reply) (Thread)
(Deleted comment)
[User Picture]From: brad
2007-03-17 04:44 pm (UTC)
Consider I'll have one hand on the motorcycle, and only be operating the phone with my left hand... no stylus... and the browser is already slow...

I guess I could have a plain HTTP url with some javascript that auto-submits a form. JavaScript on this phone /kinda/ works.

I'll play, thanks.
(Reply) (Parent) (Thread)
[User Picture]From: deathboy
2007-03-17 08:40 am (UTC)
j2me app that opens an apt URL / squirts a bit of data from hither to thither? requires the java VM, natch :P
(Reply) (Thread)
[User Picture]From: srattus
2007-03-17 10:47 am (UTC)
you've got way too much time on your hands, man.

I would have likely done the sms -> procmail route myself.

I went the other way and upgraded my last garage door opener to one of those that uses a one-time code for each open.
(Reply) (Thread)
[User Picture]From: mart
2007-03-17 11:26 am (UTC)

Given that you're likely to only want to open the garage door when you're near your house anyway, perhaps bluetooth would work out better? Maybe establish a PPP connection over the bluetooth virtual serial line and then access your non-SSL HTTP server directly?

I guess it probably takes a few more keypresses to get a bluetooth-based PPP link up and then access a page over it, though. Assuming a Treo can even do that.

(Reply) (Thread)
[User Picture]From: brad
2007-03-17 04:47 pm (UTC)
I have one hand free, possibly with a glove on it... mashing a single key is about the only thing I can do.
(Reply) (Parent) (Thread)
[User Picture]From: 2shortplanks
2007-03-17 12:09 pm (UTC)
Prefetch Solution: Send a chunk of JavaScript to your Treo that causes a page refresh to the same URL but with a parameter that contains the current timestamp. Ignore any request more than five seconds old.

T-mobile can't prefetch that unless they're parsing the JavaScript you send, which is highly unlikely. Also, this gives protection against dumb replaying.
(Reply) (Thread)
[User Picture]From: robbat2
2007-03-17 03:59 pm (UTC)
try with certs from cacert, assuming you can load other roots CAs into your treo?
(Reply) (Thread)
[User Picture]From: rahaeli
2007-03-17 06:55 pm (UTC)
Not to diminish everyone's excellently geeky suggestions, but ... why don't you just get a garage door opener?

(I know, I know, I'd probably do it your way too if I could. I just had to say it. *g*)
(Reply) (Thread)
[User Picture]From: brad
2007-03-17 06:59 pm (UTC)
I have some... they're huge. And my phone is already huge.

If I go on a bike ride, I don't want to carry more huge crap. If I did, it'd have to go in my backpack, which I don't always have. Which means pockets, but pockets already have phone + keys ... no room.
(Reply) (Parent) (Thread)
[User Picture]From: rahaeli
2007-03-17 07:08 pm (UTC)
Yeah, I realized that was probably it as soon as I hit "post". Still, you have to admit, this *is* the kind of thing that mundanes look at and go "....oh my god." *g*
(Reply) (Parent) (Thread)
[User Picture]From: supersat
2007-03-17 09:15 pm (UTC)
We've got a small one that fits on my keychain. It's very handy.

Of course, if you want to go the totally geeky route, make an app that determines your location, and have it automatically open your garage door when it notices that you have arrived.
(Reply) (Parent) (Thread)
[User Picture]From: henry
2007-03-18 01:30 am (UTC)
Yeah, does your phone have gps?
(Reply) (Parent) (Thread)
[User Picture]From: supersat
2007-03-18 01:37 am (UTC)
GPS isn't necessary. You can scan for WiFi access points and trigger the door to open when you see your own AP pop in to view. You could also do fancier things using signal strengths to further enhance your location estimate. Hell, you could possibly even use cell tower sightings and signal strengths to estimate your location.
(Reply) (Parent) (Thread)
[User Picture]From: brad
2007-03-18 02:15 am (UTC)
My OpenMoko will. (being shipped)
(Reply) (Parent) (Thread)