Open Source Adeona Tracks Lost & Stolen Laptops

An anonymous reader writes "Adeona is the first Open Source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service. This means that you can install Adeona on your laptop and go — there's no need to rely on a single third party. What's more, Adeona addresses a critical privacy goal different from existing commercial offerings. It is privacy-preserving. This means that no one besides the owner (or an agent of the owner's choosing) can use Adeona to track a laptop. Unlike other systems, users of Adeona can rest assured that no one can abuse the system in order to track where they use their laptop."

Hmm...

[dahitokiri]

Mobile device + Linux + Adeona == cheap way to keep tabs on your girlfriend/wife/kids at all times?

Re:Hmm...

[BPPG]

What??? Little Jimmy has his laptop open at the local strip bar? Sweet, I didn't know they had open wifi!

Re:Hmm...

[cthulu_mt]

...No, he knew where she was the whole time...

Re:Hmm...

[Potatomasher]

woha ! +3 Informative ?
Guys... THE strip bar doesn't really have open wifi. It was a joke. Now come back to your desks...

Re:Hmm...

[BPPG]

I'm as surprised as you are.

Re:Hmm...

[j-pimp]

Hans shot first!!!

But without a central service

[pxc]

it may be more difficult for Adeona to gain traction with non-technical law enforcement officers.

"So who do I call to confirm that this laptop is stolen?"
"Umm, me. You see, there's this free software called Adeona that anyone can set up to track their own laptop."
"Never heard of it..."

In previous threads about stolen laptops (like the AskSlashdot thread on how best to recover a stolen laptop) I read some anecdotes where people were in a similar situation with similarly-purposed software that they rolled themselves. Perhaps the software having a common face (same name and features) will be enough to solve this problem.

Re:But without a central service

[acklenx]

"So who do I call to confirm that this laptop is stolen?"

The owner is probably the only person that should report it stolen regardless of the software "tracking" it. And how does someone know this laptop is your laptop? Perhaps the serial number (unless it has a large scratch through it). You do file that information with your insurance company, right?

Re:But without a central service

[Joe+Snipe]

Now that's just silly. First off, if they are not technically oriented, you would simply drop them into dummy mode and then feed them instructions. Second, chances are since you were the one to set up the program, you would be the one to sign in and get the location data. Then you would call the authorities and say "according to my gps-enabled tracking software, the laptop is at location X," and they would send out a detective. If the detective is unwilling to accept your data, then you are parsing it wrong.

Re:But without a central service

[Lumpy]

You can mention MOSt of the laptop tracking apps out there and the response will be "Never heard of it..."

MOST non-technical law enforcement officers haven't heard of most tools used like this.

Hell most havent heard of linux or even understand what wifi is.

It will have as much traction as the open source CCTV systems and closed source CCTV systems do. Most of them blink when you hand them a CD with CCTV footage on it and the viewer app and they ask, "so I can play this on a DVD player?" 99.997% of all commercial security recorders record to a special format that is only viewable by the special player software.

your local storm troopers dont know squat past how to fill out the paperwork.

Re:But without a central service

[kabocox]

it may be more difficult for Adeona to gain traction with non-technical law enforcement officers.

Um, LEOs would actually love to have this preinstalled on laptops, desktops, cellphones, game pads, game consoles, and everything else under the sun. All they need is for you to file a police report that X device is stolen. The tricky thing is how easy would it be to make a LEO account so you could log in some where and give Joe Bob Police Officer tracking rights to that cell phone and ipod that were just stolen, but not the LCD tv, pc, and all the other toys.

Trust me, LEO would love for you to have your own tracking software/hardware installed on everything that you own because it makes there job so much easier.

Re:But without a central service

[Zenaku]

The important thing is to provide all the relevant details when you file a police report -- model, color, and most importantly serial number. If you don't file a police report, then nothing has been stolen as far as the law is concerned.

I did not have my serial number written down anywhere, but when my house was burglarized a few months ago and my Macbook Pro was stolen, Apple was able to provide me with it along with a copy of my invoice. I made sure the police report had the serial number in it, even though I did not have any special software installed for tracking it.

A few weeks later, I found a bunch of new bookmarks in my browser that I didn't recognize and I realized whatever fool had my laptop had not bothered to re-image it, and was still using my Firefox profile, which was still connected to my Foxmarks account.

So I changed them all to point to a redirect page on my own webserver, and set up a cron job to watch the logs and email me whenever it got a hit. Foxmarks dutifully synced my changes down to my stolen laptop the next time the guy opened Firefox, and suddenly I had his I.P. address. He sent it to me several times a day, and it was always from the same IP.

Now, the police in my precinct are not technical, but I called them and left a message explaining the information I had, and referencing my case number, and making it very clear that all they needed to do was get a subpoena to get the subscriber information from Comcast. It took about a week for someone to call me back to find out what the hell I was talking about, about 20 minutes on the phone for me to give him a brief "TCP/IP 101," and then about three more weeks for them to get the paperwork through the courts. But then one day the detective called me up, told me he was standing in the suspect's apartment, and asked me where to find the serial number on the laptop.

I told him how to remove the battery and find the serial number, he matched it against the police report, and I had it back a couple of hours later. The guy that was using it got charged with a felony (receiving and concealing stolen property).

All of my personal files were still on the laptop, just moved into the trash bin. Along with several pictures of the guy and his buddies mugging for the camera and throwing gang signs. (These, of course, I burned to a CD and gave to the police).

Anyway, my point is just that even though the cops are usually not remotely technical, they will follow up on this sort of thing if you are polite, take the time to explain the technology, and make sure to follow procedure by filing a detailed report as soon as your laptop is stolen.

I'll definitely be installing this software on the laptop as soon as I have a free moment -- I got lucky with Foxmarks, but it's better to be prepared than lucky.

Re:But without a central service

[pushing-robot]

Good lord, man! Misusing an apostrophe in a Slashdot thread? When the parent poster owns an open-source justice mob?

Delete your account! Throw away your computer! RUN FOR THE HILLS!

Re:But without a central service

[Zenaku]

In my experience (meaning this is of course only anecdotal evidence) it all has to do with their manpower vs. the likelihood of making an arrest.

In my case for example, the house was burglarized. My alarm system went off, and the police did respond, but as I understand it, they noted that the door was open, and that was it. My friend who was house sitting had to call them back to fill out a proper report with the things she could tell were missing, and when I got back into town I dropped by the precinct with a written, detailed list of everything taken. At this point they did not have anyone assigned to investigate -- they basically take a report so you can send it to your insurance company, and that's all they do. So you're right about that.

But they aren't wrong to do that, exactly -- they have limited resources, and as a citizen I don't necessarily want them wasting their time on a case with no witnesses, no suspect, and no leads. A 5000 dollar property crime doesn't exactly warrant bringing in the CSI team to look for DNA. If it did, they would need a hell of a lot of CSI teams. I'd rather they spend their time and money catching violent offenders.

But when I ended up with the IP address that could lead them to the stolen property, suddenly they were more than willing to help. They assigned a detective, who took what I had and ran with it, because suddenly the solveability of the case had gone from a low probability and high difficulty to good probability and low effort. I'm nobody important, I assure you. Just a guy that had an actual lead.

Maybe I'm giving people too much credit, but I think most police (I've met some assholes too, I assure you) really do want to help -- it's just a matter of how best to spend their limited time and budgets.

Re:But without a central service

[FreakinSyco]

Leads? Sure, I'll just check down with the boys at the crime lab... They've got four more detectives on this case... They've got us workin' in shifts!

Re:But without a central service

[Zenaku]

The reason people commit $5000 property crimes is specifically because the police no longer bother to investigate.

If the police thoroughly investigated and had a high conviction ratio on even a relatively small number of crimes, people would be less likely to try it.

I don't disagree with you in the slightest on this point. Too bad we don't live in an ideal world with an unlimited supply of manpower. How much more would you be willing to pay in taxes to get every petty theft investigated?

Reformat HD = Free Laptop?

[QuantumLeaper]

All you have to do is reformat the hard drive and now some one has your laptop for free.

Re:Reformat HD = Free Laptop?

[Verteiron]

Sure. This is betting on the fact that a lot of thieves are too dumb to do that, and either use or pawn the laptop without doing much to it. I'm willing to bet that's the case more often than not.

Re:Reformat HD = Free Laptop?

[ChowRiit]

I suspect you may be somewhat overestimating the average criminal's technical abilities or knowledge. Maybe if this became a common sort of tool and were used all the time, people might begin to learn how to avoid it, but I can't see it being install on more than a tiny fraction of a percent of laptops for the near future...

Re:Reformat HD = Free Laptop?

[Verteiron]

Actually they state as much right in their FAQ:

What if a thief removes the software, reinstalls the OS or doesn't connect to the Internet?

A motivated and sufficiently equipped or knowledgeable thief can always prevent Internet device tracking: he or she can erase software on the device, deny Internet access, or even destroy the device. For example, Adeona currently has no mechanisms for attempting to survive a disk wipe.

We point out that we do not believe this renders Adeona (and other location-tracking systems) useless. The Adeona system was designed to protect against the common thief -- for example, a thief that opportunistically decides to swipe your laptop from a coffee shop or your dorm room, and then wants to use it or perhaps sell it on online. Such thieves will often not be technologically savvy and will not know to remove Adeona from your system. While device tracking will not always work, systems like Adeona can work, and it is against the common-case thief that we feel tracking systems can add significant value.

Re:Reformat HD = Free Laptop?

you have to understand that half of the thieves will steal the laptop and go pawn so they can get some quick cash. the other half is interested in what information they can obtain from the stolen laptop in order to commit fraud.

it's these thieves that you have to watch out for and protect yourself against! i can always replace a laptop. sure i'll be pissed and upset, but the harm that the theft can do to me stops at stealing the laptop.

it can take YEARS and thousands of dollars to repair the damage identity theft can do.

Re:Reformat HD = Free Laptop?

[arth1]

The proof of the pudding is in the eating. How many laptops has this system recovered so far?

Also, for a PC, I don't see what this software does that's more useful than the following crontab entry:

30 * * * * perl -e 'sleep rand(1800)';\
wget -q --spider http://my.website/report/LAPTOPNAME

That too does a connect on average every half hour, and the IP address and time is being logged.

It does not send any traceroute information (which would be easy enough to do with another half line in the crontab), because doing so could very well be considered illegal black hat activity on your part. Consider someone connecting a stolen laptop to a corporate network. Just because your laptop was stolen doesn't mean you have a right to examining the internal topography of that corporate network, and sending the information to a third party. I'm amazed that the authors of this software are stupid enough to do so!

Re:Reformat HD = Free Laptop?

[Vendetta]

How would it be illegal black hat activity on my part? It would be the fault of the douchebag who connected my laptop (that they stole) to this imaginary corporation's network. I'm not the criminal, the person who stole it is. Please, explain your logic to me.

Re:Reformat HD = Free Laptop?

[photonic]

Consider someone connecting a stolen laptop to a corporate network. Just because your laptop was stolen doesn't mean you have a right to examining the internal topography of that corporate network, and sending the information to a third party. I'm amazed that the authors of this software are stupid enough to do so!

So according to your logic, if I have a machine at my office that (for some good reason) sends a scan of the local network to HQ, reboots random local machines and sends goatse pictures to the local printer, then if someone steals this machine and plugs it into his network, they have the right to complain??

Re:Reformat HD = Free Laptop?

[0100010001010011]

Not everyone is a *nix geek. Yes there is a linux way to do things but not everyone wants to deal with that. There is an OS X and a Windows version.

I bought my sister, brother and myself a version of Orbicle's Undercover which does everything this does and a bit more. It'll take pictures of the thieves (if your Mac has a built in iSight), change contrast, etc.)

I was pondering making my own group of shell scripts do do something similar.
curl -O mywebsite/stolen.txt. Leave it at a 0, then make it a 1 when my laptop is stolen. Then have it do weird stuff. isightcapture can record pictures of someone as soon as the lid opens or during invalid login attempts. There are apple scripts to change the monitor contrast, computer volume, say stuff. (All of which Undercover does).

As soon as it detects it is in an Apple Store (by host name) it cranks the volume up and announces "This laptop is stolen. This laptop is stolen."

I thought about how much work that would take and I thought, meh. I'm watching TV and bought Undercover.

Finally, this is open source. Isn't that what the slashdot crowd bitches about most "ZOMG IT'S NOT OPEN SOURCE BURNNN". Someone took the time to build an installer for 3 different systems, make it so it used a DHS so you didn't have to configure FTP settings (You know not everyone has a my.website that they can read logs on daily) and all 1/2 the people here can do is bitch about how stupid it is or easy it could be to do with cron.

Thieves are stupid. Most will boot the machine and use it. Look at Orbiclue's "success stories." One thief loaded WoW then tried to delete all the personal files of the person. This isn't going to stop a corporate hacker but the jackass that breaks into your car, you might have a chance.

Re:Reformat HD = Free Laptop?

[hal9000(jr)]

Listen to yourself, arth1. So if said user connects to uber-secret network, surfs to a web site his choosing, his IP is dutifully logged in the web server logs and the users cookie is logged in the app. So now the owner of the website is liable for having that IP?

Not likely. 1) traceroute is NOT hacker activity. It is a function of a properly working network stack. 2) if the user is connected to uber-secret network and htat network is in the reserved address space (rfc 1918), then the IP doens't matter. What does matter is the need to have one public IP addresses to track, hence the need for a traceroute. 3) traceroute only traces one path out. It does not "map the internal network."

Hell, I'd do it and laugh at anyone who wanted to charge me.

Missing..

[vigmeister]

Desktop love...

Why exactly would this NOT work on a desktop? Or a UMPC? Or a ULCPC?

Cheers!

Re:Missing..

[BPPG]

Well, desktops tend to have rotary garfuncters, laptops use malleable garfuncters. Also, desktops tend to be too large, it needs to be on a smaller laptop for the software to work properly. Any computer shop employee can explain this to you.

Re:Missing..

[Arcane_Rhino]

But do you often take your desktop PC out for coffee?

Well, not so much anymore. Once I realized it was a "sure thing" I kind of stopped the romance.

I felt kinda bad until I inserted the comment, "I wanna just stay in today" on the start-up splash.

Prior art ?

[Gothmolly]

I get warnings that my computer is broadcasting its IP address all the time !

Comment removed

[account_deleted]

Comment removed based on user account deletion

No proprietary, central service?

[iminplaya]

This sounds suspiciously like some kind of P2P thing. I think it should be outlawed :\

The challenge is set

[tttonyyy]

users of Adeona can rest assured that no one can abuse the system in order to track where they use their laptop

Honestly, publishing that on slashdot is like telling a small child "there is no way you can reach the delicious stash of chocolate in that cupboard right there"

Re:The challenge is set

[Lumpy]

All I care about is the ability to remotely WIPE the machine. I dont care about recovery as Insurance gives me a new upgrade when it's stolen. I want to be able to trigger a switch that will wipe the thing hard and replace the windows boot with "STOLEN LAPTOP!" but will settle for simply wiping the drive silently.

Re:The challenge is set

[arth1]

A dead man's switch would do that.
The problems with them are that they are more often triggered inadvertently than for good reason. If you have to touch a file, access a web page, or otherwise take an action, what happens when you get pneumonia and are out with fever for a week? And if relies on an external automated function, like your server hitting a port regularly, and a zap occur if the machine hasn't been poked in a few days, what happens when you go on vacation or have the machine repaired, and forget to turn the timer off?
Or what happens if your clock battery dies, and the new one defaults to several years ago?

Laptops with built-in cell phones that can wake the system would probably be a better solution -- then you could log in remotely and do what you needed.

Comment removed

[account_deleted]

Comment removed based on user account deletion

The Linux Way

[mcrbids]

Also, what does it do that the following doesn't do in crontab?

1 * * * * wget -O /dev/null http://www.myprivatehomepage.com 2>/dev/null

Did we need this?

[pla]

Adeona is the first Open Source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service.

...Because putting "wget mywebsite.com" in your system startup script (yes, you can do that on Windows as well, you just need to download wget first) has sooooo many proprietary, centralized dependancies?

I actually use something very like that, solely for the purpose of finding my own remote machines' dynamic IP addresses. I don't really see the need for a dedicated "project" to make an entry in your access_log on startup.

Re:Did we need this?

[manastungare]

And their claim is far from accurate: there have been several systems, home-grown or libre software, before theirs.

Here's mine, for example: laptop theft protector, which has been around for at least an year.

Re:Did we need this?

[rukkyg]

Not everyone has their own web servers. This system uses the OpenDHT so anyone can use it, and it doesn't depend on your servers being up.

Re:Missing component to open-source project.

[nategoose]

1. My brother's alienware laptop was stolen. 2. Reported to the police. 3. Alienware got a tech support call from some guy that bought it on eBay. 4. Guy sends it in for repair. 5. Alienware calls my brother to tell him they have it and only need the police to ask for it officially so they can send it as evidence. 6. My brother tells the police. 7. Police say "huh?" 8. Laptop never sent, buyer never questioned, thief never caught. Similar thing when my sister's credit cards were stolen and used to buy gas at places with security cameras, except then even the credit card company didn't seem to care.

Re:Common Sense?

[filthpickle]

the common thief already knows that you have to wipe a stolen laptop. Or at least the vast majority do.

When I was younger and dumber I helped some common theives wipe/reinstall. They, like you said, either didn't know the login pw and knew that it had to be wiped to get around that, or they knew that they couldn't sell it at most(not all) pawnshops if they couldn't boot it to to the dtop to show that it worked.

I quit doing it because I came to a point in my life where I had too much to lose to mess with silliness like that. And the happy ending is that I heard thru the grapevine a few months ago that they got lowjacked and caught.

Photos too!

[FirstTimeCaller]

Hmm... the Mac version also snaps a photo with each update. I hope no one is doing anything inappropriate while in front of their computer. Here's hoping that your Macbook isn't stolen by the Goatse guy.

Re:Missing component to open-source project.

[silas_moeckel]

Actually CC companies make a lot of money on charge backs. There is an approx $30 fee that goes along with each one and it's for the full amount so they keep there original 1-5% fee as well. As vendors have more charge backs they even up the percentage they pay on all transactions. People with cards and the merchants are the only people that pay in the CC system the banks and CC companies just make money with no risk.

I encrypted my hard drive

[Britz]

Now I am supposed to set up a second system the laptop defaults to boot into just to install this software? Not thx, not on my limited laptop hard drive. I mean the whole point of my completely encrypted laptop is so that I don't have to worry about it getting stolen, because they won't be able to use the data aginst me or my customers.

Encrypted drives...

[Kludge]

Assuming that I encrypt my hard drive, this software will not work, correct? And if you have a laptop, you really should encrypt it, no?

Re:Is something like this needed?

[sheph]

Yes because it's so difficult to set the jumper that clears the BIOS.