Phoning home, in computing, refers to an act of client to server communication which may be undesirable to the user and/or proprietor of the device or software. It is often used to refer to the behavior of security systems which report network location, username, or other such data to another computer.
Phoning home may be useful for the proprietor in tracking a missing or stolen computer. This type of phoning home is frequently used on mobile computers at corporations. It typically involves a software agent which is difficult to detect or remove. However, there are malicious types of phoning home such as surreptitious communication between applications or hardware installed at end-user sites and their manufacturers or developers. The traffic may be encrypted to make it difficult or impractical for the end-user to determine what data are being transmitted.
The Stuxnet attack on Iran's nuclear facilities was facilitated by phone home technology as reported by The New York Times.
There are some uses for the phoning home practice that are legal in some countries. For example:
Phoning home could be for purposes of access restriction, such as transmitting an authorization key. This is done with the Adobe Creative Suite. Each time one of the programs is opened, it phones home with the serial number. If the serial number is listed as being already in use, or a fake, then the program will present the user with the option of inputting the correct serial number. If the user refuses, the next time the program loads, it will operate in trial mode until a valid serial number has been input. However, the method can be thwarted by either disabling the internet connection when starting the program or adding a firewall or Hosts file rule to prevent the program from communicating with the verification server.
Phoning home could also be for marketing purposes, such as the "Sony BMG Rootkit", which transmits a hash of the currently playing CD back to Sony, or a digital video recorder (DVR) reporting on viewing habits. High-end computing systems such as mainframes have had 'phone home' capabilities for many years, to alert the manufacturer of hardware problems with the mainframes or disk storage subsystems (this enables repair or maintenance to be performed quickly and even proactively under the maintenance contract). Similarly, high-volume copy machines have long been equipped with phone-home capabilities, both for billing and for preventive/predictive-maintenance purposes.