Check this box to affirm you have no conflict of interest.
on
Website
Short description
Open source Android alternative to Google’s FMD, you can use SMS, instant messengers and fmd.nulide.de to… Find My Device! They also say that that your location data is encrypted to them, but you can set your own server, too.
FMD
Why I think this tool should be added
It’s pretty important to locate your phone when needed. (Still, for something of this importance, I would appreciate it if they would have a reputable, external security audit eventually.)
Section on Privacy Guides
Maps and Navigation
3 Likes
Why was this suggested under “Maps and Navigation”? This should be under General Apps - Privacy Guides
I’m disappointed to see that this app is not at least mentioned by PG. I don’t understand how anyone can recommend GOS, but not mention this app. With GOS you lose the ability to find your lost phone via Google, so to me this is a must-have app. It’s all open sourced and self-hostable. In fact, I’m currently self-hosting an FMD server now.
Does FMD have problems? Yes. I’ve been reporting issues to improve in the last month:
The creator is sponsored by some EU org that forbids AI use so the new development is quite slow. However, it’s still infinitely better to use FMD instead of just losing your $1k phone forever.
You can use google find my device on graphene os if you use the play services and turn the feature on in device admin apps in settings. Google has a much higher threshold for safety of your data and more importantly more clearer liability with ease of lawsuit due to local presence than some unreviewed software running on random servers by individuals with no liability.
One of the first things phone thieves do is to put it into a faraday bag, switch it off, etc. if there is no chance for accessing the device. Google’s Find My Device has a higher chance of success in these conditions with the global network for tracking similar to Apple.
If the threat of losing phone deserves a remedy, it should be a full fledged one and not just a bandage. Anyone in this situation should use Google’s network. If your threat model includes targeted attacks by Google or State Level Threats, you should not be trusting random server operators or recovered devices that may be tampered with anyway.
1 Like
Yes, that would indeed work much better if you live in an area with frequent professional phone theft and trust Google enough to run their services on your phone. I personally don’t, but I realize most GOS users do. Sure, some might trust Google to have access to their location and to run their admin apps. I don’t.
You’re not forced to trust the public FMD server. I self-host my own which takes 17MB RAM and does nothing 99% of the time.
I’m not concerned about any state-level threats or professional phone thieves with faraday bags. If that’s your threat model and you live in area where that’s a high possibility then I definitely agree that you should rely on Google and their BT network tracking. However, my concern is simply losing/leaving my phone somewhere and not being able to find it again. In this case FMD is the superior system for privacy-conscious users.
3 Likes
I am sure that you evaluated the options well, and was not pushing you about the choice. I was just clarifying this part:
You do not lose the ability to find your phone with Google’s network on GOS. I will try to proofread my responses more thoroughly to ensure I quote the parts I am specifically responding to to prevent misunderstanding.
1 Like
Looks promising, but potentially a little early. It looks like the project is pre-1.0 (not fully stable):
FMD is still pre-1.0. While FMD generally works, there are certain known problems/weaknesses/issues that we would like to fix before we are confident in calling FMD a “stable 1.0”.
That said, I’m not aware of any alternatives, aside from Google. One to watch, at the least.
I think you’re right. I’m putting my money where my mouth is and will start actively contributing to the project’s codebase to try and get it over the line for the 1.0 release.
I’ve been chatting with the creator on gitlabs and matrix. I’m currently working on completely redesigning and rewriting the web UI as a modern web app, which will improve a lot of existing issues and nits. Next I’ll be looking to implement SSE for instant new location updates and add optional FIDO2 auth.
3 Likes
Seems like it is build on a very outdated Android SDK. I wouldnt use it.
God damn it I think you’re right.
I had to research this today as I don’t normally work on Android, but FMD’s app is now 4 major releases of Android behind. This was done to be able to continue to support remote bluetooth on/off functionality which modern Android SDK no longer allows without manual user confirmation. Running such an old SDK version is a security concern based on what I read and it causes FMD to run in some Android compatibility mode which has its own issues.
I use this and it works great.