Slashdot Log In
Open Source Adeona Tracks Lost & Stolen Laptops
Posted by
CmdrTaco
on Mon Jul 14, 2008 10:08 AM
from the marco-polo-marco-polo dept.
from the marco-polo-marco-polo dept.
An anonymous reader writes "Adeona is the first Open Source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service. This means that you can install Adeona on your laptop and go — there's no need to rely on a single third party. What's more, Adeona addresses a critical privacy goal different from existing commercial offerings. It is privacy-preserving. This means that no one besides the owner (or an agent of the owner's choosing) can use Adeona to track a laptop. Unlike other systems, users of Adeona can rest assured that no one can abuse the system in order to track where they use their laptop."
Related Stories
Submission: Open source software for lost or stolen laptops by Anonymous Coward
[+]
Adeona Warns of Instability; OpenDHT Mothballed 82 comments
gbickford writes "Adeona, the first open source system for tracking the location of your lost or stolen laptop, was featured on Slashdot last year. I was stoked when I read about how it worked and I installed it immediately. I just went to look for updates on the site and was greeted with a giant warning message stating, 'Adeona is currently not working.' It seems that OpenDHT, the distributed hash table that stores the location information and photos, has been fairly unstable lately. The developers claim that this is "largely because the back-end OpenDHT system is not able to tolerate the load imposed by Adeona. OpenDHT removed the need for a centralized database with tracking information, which in effect prevents a 3rd party from tracking a user's whereabouts. OpenDHT was Sean Rhea's Ph.D. project back in 2005 and he has decided to officially bow out of maintaining it as of July 1st, which has left the developers of Adeona looking for another back end to store location information and photos. The source code for Adeona is available and they are actively seeking developer contributions on the developer's list. Do any developers have ideas on where to put scads of information in a free, reliable, anonymous, and secure manner?"
This discussion has been archived.
No new comments can be posted.
Open Source Adeona Tracks Lost & Stolen Laptops
|
Log In/Create an Account
| Top
| 192 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Hmm... (Score:5, Funny)
Re:Hmm... (Score:4, Funny)
Parent
Re:Hmm... (Score:4, Funny)
Guys... THE strip bar doesn't really have open wifi. It was a joke. Now come back to your desks...
Parent
Re:Hmm... (Score:5, Funny)
Parent
Re:Hmm... (Score:4, Funny)
Parent
But without a central service (Score:5, Interesting)
it may be more difficult for Adeona to gain traction with non-technical law enforcement officers.
"So who do I call to confirm that this laptop is stolen?"
"Umm, me. You see, there's this free software called Adeona that anyone can set up to track their own laptop."
"Never heard of it..."
In previous threads about stolen laptops (like the AskSlashdot thread on how best to recover a stolen laptop) I read some anecdotes where people were in a similar situation with similarly-purposed software that they rolled themselves. Perhaps the software having a common face (same name and features) will be enough to solve this problem.
Re:But without a central service (Score:5, Interesting)
The important thing is to provide all the relevant details when you file a police report -- model, color, and most importantly serial number. If you don't file a police report, then nothing has been stolen as far as the law is concerned.
I did not have my serial number written down anywhere, but when my house was burglarized a few months ago and my Macbook Pro was stolen, Apple was able to provide me with it along with a copy of my invoice. I made sure the police report had the serial number in it, even though I did not have any special software installed for tracking it.
A few weeks later, I found a bunch of new bookmarks in my browser that I didn't recognize and I realized whatever fool had my laptop had not bothered to re-image it, and was still using my Firefox profile, which was still connected to my Foxmarks [foxmarks.com] account.
So I changed them all to point to a redirect page on my own webserver, and set up a cron job to watch the logs and email me whenever it got a hit. Foxmarks dutifully synced my changes down to my stolen laptop the next time the guy opened Firefox, and suddenly I had his I.P. address. He sent it to me several times a day, and it was always from the same IP.
Now, the police in my precinct are not technical, but I called them and left a message explaining the information I had, and referencing my case number, and making it very clear that all they needed to do was get a subpoena to get the subscriber information from Comcast. It took about a week for someone to call me back to find out what the hell I was talking about, about 20 minutes on the phone for me to give him a brief "TCP/IP 101," and then about three more weeks for them to get the paperwork through the courts. But then one day the detective called me up, told me he was standing in the suspect's apartment, and asked me where to find the serial number on the laptop.
I told him how to remove the battery and find the serial number, he matched it against the police report, and I had it back a couple of hours later. The guy that was using it got charged with a felony (receiving and concealing stolen property).
All of my personal files were still on the laptop, just moved into the trash bin. Along with several pictures of the guy and his buddies mugging for the camera and throwing gang signs. (These, of course, I burned to a CD and gave to the police).
Anyway, my point is just that even though the cops are usually not remotely technical, they will follow up on this sort of thing if you are polite, take the time to explain the technology, and make sure to follow procedure by filing a detailed report as soon as your laptop is stolen.
I'll definitely be installing this software on the laptop as soon as I have a free moment -- I got lucky with Foxmarks, but it's better to be prepared than lucky.
Parent
Re:But without a central service (Score:5, Informative)
In my experience (meaning this is of course only anecdotal evidence) it all has to do with their manpower vs. the likelihood of making an arrest.
In my case for example, the house was burglarized. My alarm system went off, and the police did respond, but as I understand it, they noted that the door was open, and that was it. My friend who was house sitting had to call them back to fill out a proper report with the things she could tell were missing, and when I got back into town I dropped by the precinct with a written, detailed list of everything taken. At this point they did not have anyone assigned to investigate -- they basically take a report so you can send it to your insurance company, and that's all they do. So you're right about that.
But they aren't wrong to do that, exactly -- they have limited resources, and as a citizen I don't necessarily want them wasting their time on a case with no witnesses, no suspect, and no leads. A 5000 dollar property crime doesn't exactly warrant bringing in the CSI team to look for DNA. If it did, they would need a hell of a lot of CSI teams. I'd rather they spend their time and money catching violent offenders.
But when I ended up with the IP address that could lead them to the stolen property, suddenly they were more than willing to help. They assigned a detective, who took what I had and ran with it, because suddenly the solveability of the case had gone from a low probability and high difficulty to good probability and low effort. I'm nobody important, I assure you. Just a guy that had an actual lead.
Maybe I'm giving people too much credit, but I think most police (I've met some assholes too, I assure you) really do want to help -- it's just a matter of how best to spend their limited time and budgets.
Parent
Re:But without a central service (Score:4, Funny)
Don't worry, I'm working on the open source justice mob!
Let's just say it involves a lot of chinese communists, farming tractors, and a boat to store the mob offshore.
PayPal donations welcome!
Parent
Re:But without a central service (Score:4, Funny)
Good lord, man! Misusing an apostrophe in a Slashdot thread? When the parent poster owns an open-source justice mob?
Delete your account! Throw away your computer! RUN FOR THE HILLS!
Parent
Reformat HD = Free Laptop? (Score:5, Insightful)
Re:Reformat HD = Free Laptop? (Score:5, Insightful)
Sure. This is betting on the fact that a lot of thieves are too dumb to do that, and either use or pawn the laptop without doing much to it. I'm willing to bet that's the case more often than not.
Parent
Re:Reformat HD = Free Laptop? (Score:5, Informative)
Actually they state as much right in their FAQ:
What if a thief removes the software, reinstalls the OS or doesn't connect to the Internet?
A motivated and sufficiently equipped or knowledgeable thief can always prevent Internet device tracking: he or she can erase software on the device, deny Internet access, or even destroy the device. For example, Adeona currently has no mechanisms for attempting to survive a disk wipe.
We point out that we do not believe this renders Adeona (and other location-tracking systems) useless. The Adeona system was designed to protect against the common thief -- for example, a thief that opportunistically decides to swipe your laptop from a coffee shop or your dorm room, and then wants to use it or perhaps sell it on online. Such thieves will often not be technologically savvy and will not know to remove Adeona from your system. While device tracking will not always work, systems like Adeona can work, and it is against the common-case thief that we feel tracking systems can add significant value.
Parent
Re:Reformat HD = Free Laptop? (Score:5, Interesting)
The proof of the pudding is in the eating. How many laptops has this system recovered so far?
Also, for a PC, I don't see what this software does that's more useful than the following crontab entry:
That too does a connect on average every half hour, and the IP address and time is being logged.
It does not send any traceroute information (which would be easy enough to do with another half line in the crontab), because doing so could very well be considered illegal black hat activity on your part. Consider someone connecting a stolen laptop to a corporate network. Just because your laptop was stolen doesn't mean you have a right to examining the internal topography of that corporate network, and sending the information to a third party. I'm amazed that the authors of this software are stupid enough to do so!
Parent
Re:Reformat HD = Free Laptop? (Score:5, Insightful)
Parent
Re:Reformat HD = Free Laptop? (Score:5, Insightful)
I suspect you may be somewhat overestimating the average criminal's technical abilities or knowledge. Maybe if this became a common sort of tool and were used all the time, people might begin to learn how to avoid it, but I can't see it being install on more than a tiny fraction of a percent of laptops for the near future...
Parent
Missing.. (Score:3, Interesting)
Desktop love...
Why exactly would this NOT work on a desktop? Or a UMPC? Or a ULCPC?
Cheers!
Re:Missing.. (Score:5, Funny)
But do you often take your desktop PC out for coffee?
Well, not so much anymore. Once I realized it was a "sure thing" I kind of stopped the romance.
I felt kinda bad until I inserted the comment, "I wanna just stay in today" on the start-up splash.
Parent
Prior art ? (Score:4, Funny)
I get warnings that my computer is broadcasting its IP address all the time !
Missing component to open-source project. (Score:5, Insightful)
All we need now is an open source justice mob with open source pitchforks and torches?
Seriously, from what I understand. Locating your laptop is a lot easier than recovering it.
The police are not likely to get involved. The user is probably not the thief but a buyer, etc.
Re:Missing component to open-source project. (Score:5, Interesting)
Parent
No proprietary, central service? (Score:3, Funny)
This sounds suspiciously like some kind of P2P thing. I think it should be outlawed :\
The challenge is set (Score:5, Insightful)
Honestly, publishing that on slashdot is like telling a small child "there is no way you can reach the delicious stash of chocolate in that cupboard right there"
Did we need this? (Score:5, Interesting)
I actually use something very like that, solely for the purpose of finding my own remote machines' dynamic IP addresses. I don't really see the need for a dedicated "project" to make an entry in your access_log on startup.
Open Source Security? (Score:1)
The Face of Laptop Theft (Score:2)
I love those sample pictures of debased laptop thieves furtively inspecting their ill-gotten goods...
Or maybe the Mac demographic is a lot less latte-drinking yuppie than commonly assumed? ;D
Propriety Centrality (Score:2)
Adeona is the first Open Source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service.
Define your terms, please. It's a client-server application, so by definition there's a central location. As for "proprietary", well, I guess it's cool that the software is open-source, but most of us don't choose software for religious reasons.
This solution is touted as being more privacy-conscious than existing "phone home" solutions, but I don't see it. In theory, use of encryption makes the data inaccessible to anybody but the owner of the laptop. In practice, technology is not a substitute for a well-managed system. I'd rather trust my data to a professionally managed system owned by a company with published privacy policies than to some kludged-up system managed by a hacker for whom it's just a hobby, no matter how "foolproof" the software supposedly is. As they say, fools are fiendishly clever.
Oh yeah, and I want my phone-home software in my BIOS, so that the thieves can't just wipe my hard disk to get rid of it.
Open source does have security advantages over proprietary software, and all other things being equal, I'd choose OSS over proprietary for something like this. But all other things are not equal — not, at least, until hardware manufacturers start burning the Adeona client into the BIOS.
Which is not to run down Adeona itself. It's a notable achievement. But I do get tired of the way every OSS milestone is treated as something we should all switch to, post haste.
Photos too! (Score:3, Interesting)
Is something like this needed? (Score:2)
I just got my laptop stolen. As i understand, there is no way to log in to a Vista laptop if you don't know the password to the machine's only administrator account. If they can't log in, they will just reformat.
If i would have logged in with no password , yes maybe i could have tracked them with their ip address and such, but then they would have had access to all my files which of course i don't want to.
So, is this really needed? Next laptop i will also set a password in the BIOS.
I encrypted my hard drive (Score:3, Insightful)
Now I am supposed to set up a second system the laptop defaults to boot into just to install this software? Not thx, not on my limited laptop hard drive. I mean the whole point of my completely encrypted laptop is so that I don't have to worry about it getting stolen, because they won't be able to use the data aginst me or my customers.
Argh, another GPL clickthrough (Score:1)
Encrypted drives... (Score:3, Interesting)
Assuming that I encrypt my hard drive, this software will not work, correct? And if you have a laptop, you really should encrypt it, no?
eeepc (Score:1)
retrieve (Score:1)
gone with the wind (Score:1)