I’m not impressed by this paper. On one hand, the remote short message service (SMS) command feature it describes sounds potentially useful. On the other hand, remote commands are not new and do not constitute a “privacy information protection system.” No mechanisms that would, for example, prevent a phone thief from harvesting stored data (look up Karsten Nohl) are described.

From what I can piece together, the authors modified Android code to broadcast an “SMS message received” event. They also wrote a new process that executes at highest priority in order to preemptively grab incoming text messages and determine if the SMS payload carries one of their special messages. If it is one of their commands, they consume the message and execute the payload’s command. If it’s not one of their messages, they ignore it. This remote command execution method could allow owners of stolen phones to send “lock” or other commands. In order to prevent easy defeat of this system by killing the SMS monitor task, redundant SMS monitor processes are used. If the thief tries to kill the running monitor process, a standby copy takes over, presumably ad infinitum (a standard failover pattern). What prevents the thief from killing the backup copy first, and then killing the running monitor, is not explained.

In the closing paragraphs of the paper, the authors mention contact backups, trusted phone numbers, and a “protected” mode of operation, but do not explain these features anywhere. The complete SMS command set is also not documented, nor are use cases, possible shortcomings, or authentication and authorization. They may have reinvented the remote message capability of Android Lost (also Tracker, Lookout, Android Device Manager, and others over the years), but the authors have not demonstrated complete privacy protection or, really, any new ideas at all.