Adeona Warns of Instability; OpenDHT Mothballed 82
gbickford writes "Adeona, the first open source system for tracking the location of your lost or stolen laptop, was featured on Slashdot last year. I was stoked when I read about how it worked and I installed it immediately. I just went to look for updates on the site and was greeted with a giant warning message stating, 'Adeona is currently not working.' It seems that OpenDHT, the distributed hash table that stores the location information and photos, has been fairly unstable lately. The developers claim that this is "largely because the back-end OpenDHT system is not able to tolerate the load imposed by Adeona. OpenDHT removed the need for a centralized database with tracking information, which in effect prevents a 3rd party from tracking a user's whereabouts. OpenDHT was Sean Rhea's Ph.D. project back in 2005 and he has decided to officially bow out of maintaining it as of July 1st, which has left the developers of Adeona looking for another back end to store location information and photos. The source code for Adeona is available and they are actively seeking developer contributions on the developer's list. Do any developers have ideas on where to put scads of information in a free, reliable, anonymous, and secure manner?"
I don't know what they were thinking... (Score:1, Interesting)
I always thought it was strange that Adeona worked on the back of an academic project to store its data. OpenDHT was actually pretty cool- I hadnt heard of it until I started reading how Adeona worked.
openDHT was a kind of anonymous, communal hard drive... seems someone could just modify OpenDHT to use FTP, WebDAV, or even CalDAV on their own web server to do the same basic thing. Since Adeona already encrypts everything on openDHT (which was the point-- anyone could grab the info anyway), so you could basically stick the info anywhere you have a bit of storage. Someone suggested slashdot comments, but something like a Google-based server might be able to handle the load. Isnt' this the kind of thing their Google App program is made for?
Over-reaching (Score:5, Interesting)
The reason for using OpenDHT, I think, was that Adeona didn't want it to be possible to trace user's movements using their system until the laptop was reported as stolen. Not that I am entirely clear on this. Perhaps the best thing to do for the time being would be to back off on the unbreakable-privacy goal until a reliable system arises, and use a database like the rest of us.
Yes, this is dangerous, in that it centralizes in one place the call-in data regarding some large number of laptops. And it makes it tempting for some government to subpoena the data, use it for eavesdropping, etc. So it should not be allowed to stand forever. But it seems kind of silly to just fold up tents until some reasonably blue-sky software meets production goals.
Bruce
Store it in DNS caches or NNTP posting(Eternity ne (Score:1, Interesting)
in the eternity network the data was stored in NNTP postings that were encrypted and posted via anonymous remailer.. other temp storage schemes have used DNS caches to great effect. DNS would get my vote plenty of built in caches and infrastructure
re adam back (eternity network)
Re:Adeona (Score:5, Interesting)
There's two types of thieves for laptops/small electronic devices.
One type (drug users, thieves with little technical knowledge, people who just want very quick cash) generally just try to pawn the device ASAP and get less than 10% of the retail value. The person who purchases the device from the pawn shop may or may not be that knowledgeable or have install disks to wipe the installed system.
The other type will try to maximize the money they get from the system. These people tend to be more technically knowledgeable and are more likely to wipe the computer and install a new system on it and then ebay or craigslist it, or they may even try to ransom it back to the original owner.
The devices stolen by those of the first type of thief generally will get booted up and plugged into the internet with tracking software intact and ready to report.
Now, it's not enough just to get a report, like an IP address and possibly a photo of the person using the device, because the police may not be interested in tracking down the device. Recently, I read a story about a stolen Mac with tracking software installed, where the owner went to the police with the info, and they were brushing him off except a member of their drug enforcement department happened to see the picture and recognized a drug dealer they were looking for, so they did track down the location and arrested the guy/returned the computer intact.
Because there is always an answer (Score:2, Interesting)
An open DHT is a highly valuable resource (Score:4, Interesting)
That's pragmatic advice to safeguard Adeona (I agree), but most of the responses here seem to have interpreted your advice to also mean dropping any interest in OpenDHT, because you called it "blue-sky"(which possibly suggests that "it's not gonna happen").
I think that a working Distributed Hash Table that is also scalable would be an immensely valuable resource to the community, and would end up underpinning many other projects besides Adeona. The legions of FOSS comprise not only coders but also many visionary designers and competent researchers as well, so I think we can do better than just leave OpenDHT to sink or swim without help.
How about fostering some more research-oriented work on OpenDHT (if the current design isn't a viable one) instead of abandoning it as the mood seems to be at the moment?
Google AppEngine (Score:4, Interesting)
Google's AppEngine is massively distributed. Be sure to encrypt the information written there, and you'll be done.
I'm not convinced about net-based tracking system (Score:2, Interesting)
The functionality depends upon the thief being unaware that information from the laptop is being transmitted somewhere and thus could give away information revealing the theft. If the thief knew about the client then they would of course find a way to disable it before attaching to a network.
With the current state of technology it's credible that a thief would steal the laptop, connect to the internet, then hopefully get caught. But what if laptops routinely had a GPS receiver onboard, and possibly also a GSM/UMTS modem? At that point it would become widely known by even the dumbest thieves that "laptops are trackable when you turn them on" and an arms race would ensue. The distributed tracking system would no longer be any good though
I already have a mobile phone with onboard GPS and there is an app which at power-on can auto-send a GSM text message containing the phone's detail to a pre-specified number. This is not defeated by changing the SIM card.