Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adeona Warns of Instability; OpenDHT Mothballed

Posted by kdawson on from the here's-to-you-my-rambling-laptop dept.

gbickford writes "Adeona, the first open source system for tracking the location of your lost or stolen laptop, was featured on Slashdot last year. I was stoked when I read about how it worked and I installed it immediately. I just went to look for updates on the site and was greeted with a giant warning message stating, 'Adeona is currently not working.' It seems that OpenDHT, the distributed hash table that stores the location information and photos, has been fairly unstable lately. The developers claim that this is "largely because the back-end OpenDHT system is not able to tolerate the load imposed by Adeona. OpenDHT removed the need for a centralized database with tracking information, which in effect prevents a 3rd party from tracking a user's whereabouts. OpenDHT was Sean Rhea's Ph.D. project back in 2005 and he has decided to officially bow out of maintaining it as of July 1st, which has left the developers of Adeona looking for another back end to store location information and photos. The source code for Adeona is available and they are actively seeking developer contributions on the developer's list. Do any developers have ideas on where to put scads of information in a free, reliable, anonymous, and secure manner?"

82 comments

  1. Here's an idea... by Anonymous Coward · · Score: 4, Funny

    Post the information in anonymous Slashdot comments!

    1. Re:Here's an idea... by kdemetter · · Score: 3, Funny

      Actually , that could be done , however , the problem is that someone visiting slashdot with a browser , and posting on it, would be able to corrupt the data.

      So we need to way to ensure that only the program can post , and nothing else.

      Perhaps it can be done by storing the data in first posts : The program would be fast enough to put a post first , and if not , we know what 90% of the first posts will look like , so we can filter those out.

      --
      Slipping shoelaces ?
    2. Re:Here's an idea... by RuBLed · · Score: 4, Funny

      I save my files in 127.0.0.1 and that site is fast. It's also secure btw, I asked my friend to access 127.0.0.1 and he cannot see my files. Also whenever I try to access 127.0.0.1, it's reliable and always there. I never leave my basement though.

    3. Re:Here's an idea... by Anonymous Coward · · Score: 0

      Let's see...

      Free - Sure!
      Reliable - Usually!
      Anonymous - Probably!
      Secure - Mostly!

    4. Re:Here's an idea... by jonaskoelker · · Score: 4, Funny

      Actually, it wouldn't be such a horrible idea*.

      Just come up with an RSA keypair and store it on all your machines. Encrypt and sign all data you want to store "in the cloud", and find someone who will store it for you.

      * Slashdot might object to this and delete your post. I recommend using Reed-Solomon coding (or some other error-correcting code) and storing your data redundantly on several sites.

      You could also do mirrored RAIF (Redudant Array of Indepedent Forums), though it might be rife for puns. And RAIP, where P=Posts, would be ripe for them. (Someone's gonna RAIP my karma for that, but the puns and anagrams form such a FAIR PAIR...)

    5. Re:Here's an idea... by drachenstern · · Score: 1

      You've been waiting a LOOOONG time for that haven't you?

      --
      2^3 * 31 * 647
    6. Re:Here's an idea... by jonaskoelker · · Score: 1

      Made it up on the spot :)

  2. Realistic? by Brian+Gordon · · Score: 1

    scads of information

    free, reliable, anonymous, and secure

    Why do you assume there is such a thing? The only way I can think of is a distributed network, which as the summary says, runs into serious scaling issues.

    1. Re:Realistic? by Anonymous Coward · · Score: 2, Insightful

      BitTorrent to the rescue?

    2. Re:Realistic? by Daengbo · · Score: 4, Informative

      "Distributed hashing tables are a class of decentralized distributed systems that provide a lookup service similar to a hash table: (key, value) pairs are stored in the DHT, and any participating node can efficiently retrieve the value associated with a given key." [1]

      They should look at Bamboo DHT.

      --
      Put identity in the browser.
    3. Re:Realistic? by vegetasaiyajin · · Score: 1

      Bamboo and OpenDHT are the same.
      Bamboo is the software/algorithm/protocol and OpenDHT is a specific deployment of it on the PlanetLab research network.

      --

      My heart is pure, but make no mistake, it's pure evil
    4. Re:Realistic? by Daengbo · · Score: 1

      You rock and I suck!

      --
      Put identity in the browser.
  3. Adeona by megrims · · Score: 1

    First time I've heard of this software: it sounds interesting.

    I'm curious about how it works: i.e why the attacker wouldn't either disable the networking interfaces or re-install the software (depending on their intent), but I suppose it would be quite useful in the case of casual theft.

    Surely it would be more useful for the service to send the location data directly to one of the owner's servers, rather than OpenDHT?

    1. Re:Adeona by navyjeff · · Score: 1

      I'm curious about how it works: i.e why the attacker wouldn't either disable the networking interfaces or re-install the software (depending on their intent), but I suppose it would be quite useful in the case of casual theft.

      There is nothing to stop a thief from removing the software once they either have root access to your machine or have wiped the OS. If you need something that integrated, you might just have to put it in the BIOS or EFI or some kind of firmware. If I ever stole a laptop, I would surely keep it isolated from any networks until I had a chance to replace the OS.

      Surely it would be more useful for the service to send the location data directly to one of the owner's servers, rather than OpenDHT?

      That's the issue I've run into. I've been using Adeona for almost 6 months now. I've never been able to retrieve *any* pictures the software has supposedly taken and put on DHT.

      I think the problem is that most places I work from (a University) have such firewalls that prohibit it from working properly.

      I'm just going to find or make a program that takes the pictures and IP data, encrypts them, and uploads them automatically to one of several locations I control. There just doesn't seem to be a more reliable way to do it.

    2. Re:Adeona by davester666 · · Score: 5, Interesting

      There's two types of thieves for laptops/small electronic devices.

      One type (drug users, thieves with little technical knowledge, people who just want very quick cash) generally just try to pawn the device ASAP and get less than 10% of the retail value. The person who purchases the device from the pawn shop may or may not be that knowledgeable or have install disks to wipe the installed system.

      The other type will try to maximize the money they get from the system. These people tend to be more technically knowledgeable and are more likely to wipe the computer and install a new system on it and then ebay or craigslist it, or they may even try to ransom it back to the original owner.

      The devices stolen by those of the first type of thief generally will get booted up and plugged into the internet with tracking software intact and ready to report.

      Now, it's not enough just to get a report, like an IP address and possibly a photo of the person using the device, because the police may not be interested in tracking down the device. Recently, I read a story about a stolen Mac with tracking software installed, where the owner went to the police with the info, and they were brushing him off except a member of their drug enforcement department happened to see the picture and recognized a drug dealer they were looking for, so they did track down the location and arrested the guy/returned the computer intact.

      --
      Sleep your way to a whiter smile...date a dentist!
    3. Re:Adeona by mysidia · · Score: 1

      With a boot order of Hard-Drive first and a passworded BIOS, with boot-from-CD disabled, they won't easily be using install media to wipe the OS install.

      Esp. on laptops that don't allow a password BIOS reset.

      They'd literally have to pull the hard drive and use another system to format and install an OS on the drive.

      This becomes even harder if ATA security was setup in the BIOS. The hard drive is a brick without it being plugged into THAT laptop or without knowing the ATA password to unlock the hard drive.

      Result = they have to use a different drive for the laptop

    4. Re:Adeona by sy5t3m · · Score: 1
      You're overlooking something just a little bit obvious.
      All the bios passwords in the world wont prevent anything when the battery can just be pulled.

      So the correction should read:

      They'd literally have to pull the battery before doing anything they want with your system.

    5. Re:Adeona by Terrasque · · Score: 1

      Except that most laptop BIOS'es cannot be casually reset. To reset the BIOS password for those, you'll have to send them to the manufacturer..

      So I think your briliant plan for world domination won't work quite as you expect.

      --
      It's The Golden Rule: "He who has the gold makes the rules."
    6. Re:Adeona by indiechild · · Score: 2, Informative

      Something similar happened to my friend last year in London. Some scumbags got a copy of the key to his apartment -- most likely during an apartment inspection with the real estate agent. They swiped all 4 laptops in the apartment plus a few hundred in cash, but strangely enough left a bunch of digital cameras etc untouched.

      My friend had Adeona installed on his MBP and managed to get a couple of good webcam captures of a suspect and IP address, which he sent to the cops. The cops weren't interested in recovering the stolen goods -- not enough police resources to devote to cases like this, apparently.

      So much for that. I think it's almost better just to form your own P-P-P-Powerbook goon squad and go knocking heads once you've figured out a physical address for the IP.

    7. Re:Adeona by Anonymous Coward · · Score: 0

      Turn in your geek card.

      It takes no more than 10 minutes of careful work to remove a laptop's outer-most case, less if you are familiar with the model. The battery is rather easy to spot, unplug it for 30 seconds and you're good to go.

    8. Re:Adeona by Anonymous Coward · · Score: 1, Informative

      Wrong. I tried this on a newer model Dell laptop and it did clear the BIOS settings, all EXCEPT the password.

      Laptop BIOS passwords are no longer stored in volatile storage, as far as I know. Clearing them probably requires reprogramming the chip on specialized hardware, or just replacing the whole BIOS chip itself.

    9. Re:Adeona by mysidia · · Score: 1

      I think it helps that if in addition to an IP, you have a built-in GPS transceiver, and you can track (literally) the precise location of the laptop, not just the network it's plugged into.

    10. Re:Adeona by autocracy · · Score: 1

      But how often do you have a laptop running with a clear view of the sky?

      --
      SIG: HUP
    11. Re:Adeona by DDLKermit007 · · Score: 1

      Actually you just have to short the bios chip on the motherboard for a moment, and password goes away. I only know this because I get asked to fix this issue once a week, and wondered about other ways one day. None the less, at our shop, we turn down bios password issues on laptops and refer to the manufacturer no matter who brings it in. Stupidity has a cost, and thievery should not be aided.

  4. "Do any developers have ideas on where to put by circletimessquare · · Score: 3, Funny

    scads of information in a free, reliable, anonymous, and secure manner?"

    there's 4 criteria there. take away free, and you can get the other 3 criteria. leave in the word "free," and you can only have 1 of the other 3 criteria

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
    1. Re:"Do any developers have ideas on where to put by MichaelSmith · · Score: 2, Insightful

      Encrypt it and post it literally anywhere. Only the owner will have the decryption key.

      --
      http://michaelsmith.id.au
    2. Re:"Do any developers have ideas on where to put by Wonko+the+Sane · · Score: 1

      You could upload the information to Freenet.

      Might be a little weak on the "reliable" criteria, though.

    3. Re:"Do any developers have ideas on where to put by SEWilco · · Score: 2, Funny

      How many Libraries of Congress are there in a scads?

    4. Re:"Do any developers have ideas on where to put by rs79 · · Score: 1

      Exactly. But if you post cryptographically signed data to usenet it'll both be available quickly and will be stored forever (through google).

      Or use TXT records in the dns to do the decentralized db part. Of course I'd suggest using a new tld for this but of course this sort of thing is blocked by the government and scientologists.

      Either way it's easy to store cryptographically signed data in "archived public streams".

      "Cryptographically signed" is the key though.

      And yes I worked damn hard to get that pun in.

      --
      Need Mercedes parts ?
    5. Re:"Do any developers have ideas on where to put by drachenstern · · Score: 1

      ~.00001

      I'm just surprised nobody has yet said "ask google to host it"...

      --
      2^3 * 31 * 647
    6. Re:"Do any developers have ideas on where to put by tar · · Score: 1

      I'm curious: how do you propose to have "anonymous" without "free"?

      --
      50% of everything is above average.
    7. Re:"Do any developers have ideas on where to put by mathman47 · · Score: 1

      NSA. I'm sure they'd do it. They would probably pay to get their hands on all that data.

      --
      "There are good ships, and there are wood ships, the ships that sail the sea. But the best ships are friendships, and ma
  5. Freenet? by evanbd · · Score: 2, Informative

    Freenet is an option that *might* meet your needs. Unfortunately, it won't work well unless you're willing to run a node a large fraction of the time (might be hard for a laptop). And that implies a nontrivial bandwidth and disk commitment.

    Whether it's reliable enough is another matter. Data that isn't accessed at all will become unavailable after a week or three; shorter term than that, or for data that's accessed at least occasionally, reliability is quite good. Speed isn't exciting, but a few seconds (maybe 15-30 if you don't access at all, maybe a lot longer if it's almost but not quite completely gone) latency and a few kB/s should be plenty here.

    On the plus side, it is Free, anonymous, and secure. Of course, all of Adeona switching to it might represent a rather larger load than it's ever seen before -- and would probably be disastrous if those nodes didn't have a decent uptime percentage.

  6. I don't know what they were thinking... by Anonymous Coward · · Score: 1, Interesting

    I always thought it was strange that Adeona worked on the back of an academic project to store its data. OpenDHT was actually pretty cool- I hadnt heard of it until I started reading how Adeona worked.

    openDHT was a kind of anonymous, communal hard drive... seems someone could just modify OpenDHT to use FTP, WebDAV, or even CalDAV on their own web server to do the same basic thing. Since Adeona already encrypts everything on openDHT (which was the point-- anyone could grab the info anyway), so you could basically stick the info anywhere you have a bit of storage. Someone suggested slashdot comments, but something like a Google-based server might be able to handle the load. Isnt' this the kind of thing their Google App program is made for?

    1. Re:I don't know what they were thinking... by asavage · · Score: 2, Informative

      What I was thinking was just create a spreadsheet with Google docs. Google docs lets you create a webform to let anyone submit data to your spreadsheet. You could have your tracking software fill out the form with the IP address. The spreadsheet by default can only be viewed by your google account but it you want additional security, encrypt the entries.

    2. Re:I don't know what they were thinking... by maxume · · Score: 1

      Adeona was an academic project. That makes using an academic project a little less surprising.

      --
      Nerd rage is the funniest rage.
    3. Re:I don't know what they were thinking... by foniksonik · · Score: 1

      Google Base Free Database... specifically setup for storing this type of information (you'll definitely need to encrypt it). Not sure if the TOS restrict this type of usage though...

      --
      A fool throws a stone into a well and a thousand sages can not remove it.
  7. Over-reaching by Bruce+Perens · · Score: 5, Interesting

    The reason for using OpenDHT, I think, was that Adeona didn't want it to be possible to trace user's movements using their system until the laptop was reported as stolen. Not that I am entirely clear on this. Perhaps the best thing to do for the time being would be to back off on the unbreakable-privacy goal until a reliable system arises, and use a database like the rest of us.

    Yes, this is dangerous, in that it centralizes in one place the call-in data regarding some large number of laptops. And it makes it tempting for some government to subpoena the data, use it for eavesdropping, etc. So it should not be allowed to stand forever. But it seems kind of silly to just fold up tents until some reasonably blue-sky software meets production goals.

    Bruce

    --
    Bruce Perens.
    1. Re:Over-reaching by Anonymous Coward · · Score: 2, Insightful

      They're not saying that their folding up tents. Just that they are actively seeking contributions to help resolve this technical issue. Seems to me, a post on Slashdot is the perfect place to make this plea.

    2. Re:Over-reaching by danboarder · · Score: 1

      Or, let people specify their own sFTP or other hosted storage for themselves. Shared hosting is very cheap or free these days, so I suggest letting users set where data is stored. No need to rely one a central database in this case, let people use their own storage. Make sense?http://slashdot.org/comments.pl?sid=1243923# - Dan Lundmark

    3. Re:Over-reaching by Anonymous Coward · · Score: 0

      You could even integrate it with Amazon's S3 storage to provide the reliability factor.

    4. Re:Over-reaching by ShakaUVM · · Score: 1

      >>Perhaps the best thing to do for the time being would be to back off on the unbreakable-privacy goal until a reliable system arises, and use a database like the rest of us.

      Yeah, it seems to me that having heat-entropy-death-of-the-universe encryption on a frail system - that is apparently so dependent on a central server that even before it becomes well known by people on the internet it dies under the load - seems to be rather silly.

      A system is no better than its weakest link, and having a distributed anything run through a weak central point is simply not going to work.

      Since they're already in the field of "cloud computing", they really don't have an excuse not have a distributed server architecture.

    5. Re:Over-reaching by Anonymous Coward · · Score: 0

      Sadly its a typical "tragedy of the commons" result. A useful program came out making use of a freely available common resource (the OpenDHT system), each user incrementally put more of a load on the system, collectively none of them put back enough resources to support their use. A free public resource can only take so many individuals helping themselves to "their bit" without something giving way.

  8. And this is what comes from.... by Anonymous Coward · · Score: 0

    relying on somebody who has no interest in remaining reliable.

    Eventually something will happen and you'll be up the creek without a paddle.

  9. Store it in DNS caches or NNTP posting(Eternity ne by Anonymous Coward · · Score: 1, Interesting

    in the eternity network the data was stored in NNTP postings that were encrypted and posted via anonymous remailer.. other temp storage schemes have used DNS caches to great effect. DNS would get my vote plenty of built in caches and infrastructure

          re adam back (eternity network)

  10. Great example of some of the pitfalls of F/OSS by Anonymous Coward · · Score: 0

    Yeah, great service... if they decide to keep it up.

    And not that this doesn't happen with closed source but normally there is repercussions. Here they just get to walk away scot free.

  11. Simple Solution by arthurpaliden · · Score: 1

    If it is that useful charge a small subscription fee and use the money to get the resources required to run the project. If you cannot raise funds that way then people must not really see the benifit of the service.

    --
    Undetectable Steganography? Yep, there's an app fo
  12. Why does it have to be free? by 93+Escort+Wagon · · Score: 1

    The subject line pretty much says it all, but - why continue to expect something for nothing? Storage costs money, whether it's in one place or distributed. So does the bandwidth, no matter how small it is. So why not be willing to pay at least the cost of providing the service?

    If you eliminate the demand that it be without cost, could you come up with a solution to the rest - reliable, anonymous, and secure?

    --
    #DeleteChrome
    1. Re:Why does it have to be free? by mysidia · · Score: 2, Insightful

      Let users specify a server of their own, and either FTP the data or send it to them with a HTTP post form.

      HTTP post forms are perhaps the most reliable way to transfer data.

      Other methods that involve different TCP/UDP ports, or custom protocols like RPC are prone to failure when firewalls on a foreign network block the traffic in the name of security.

      It would be very difficult to accidentally block Adeona if its outbound traffic looked like ordinary web traffic and wasn't to a small list of servers (that thieves could easily research and block traffic to).

    2. Re:Why does it have to be free? by Meshach · · Score: 1

      I agree. While free is good and is often the preferred method of distribution it is not always plausible, especially if your project has a limited scope or audience and free will not put food on your table.

      Many companies change and are still well respective members of the software and, yes even the open source industries.

      --
      "Maybe this world is another planet's hell"
      Aldous Huxley
  13. 2 proposals by ghetto2ivy · · Score: 1
    1) Use math. Store only X number of connections. Distribute enough copies that statistically speaking all parts (with parity data) are always available. Distribute it on Adeona installs, where the storage requirements would be # of copies * size of entries * redunancy. If you only keep say the last 30 entries, that shouldn't be much of a table. The data should just be encrypted to a pgp key. users can either keep a copy of the key or pay to have adeona create a key pair and store it for them.

    2) Use the cloud, or a personal server. Dump into an amazon s3 account or a user specified server. The user pays for any s3 storage (pennies), if it goes to s3, nothing for their own.

  14. Because there is always an answer by symbolset · · Score: 2, Interesting

    In this case you store the data in the other clients. If you want to use the software you have to agree to store a gig or so of encrypted data. Your laptop connects to the grid periodically and uploads your data and downloads someone else's. Cooperative cloud computing at its finest, and the developers don't have to ask for help from anybody.

    --
    Help stamp out iliturcy.
    1. Re:Because there is always an answer by kdemetter · · Score: 1

      Not only that , the storage wouldn't be an entire waste : it would be encrypted , so not directly accesible , but the part that is already stored on your pc , could be retrieved locally, as they are actually already available.

      Only problem is that in this case you sharing doesn't grow exponentially, like it does with bittorrent : every user would share 1 gb of information , regardless of whether they downloaded 20gb , or 10mb .

      --
      Slipping shoelaces ?
    2. Re:Because there is always an answer by SlashWombat · · Score: 1

      I'm sure the Russian Mafia" would be willing to host the database for free!

  15. The assuumed fifth criterion is invisible by symbolset · · Score: 1

    Legal. Leave that one off and the other four are easy. I'm sure there are far more highly scaled secure apps running in the top five botnets.

    But I answered this above. I don't even know why they had to ask such an obvious question. Even legal it's a no brainer.

    --
    Help stamp out iliturcy.
  16. An open DHT is a highly valuable resource by Morgaine · · Score: 3, Interesting

    But it seems kind of silly to just fold up tents until some reasonably blue-sky software meets production goals.

    That's pragmatic advice to safeguard Adeona (I agree), but most of the responses here seem to have interpreted your advice to also mean dropping any interest in OpenDHT, because you called it "blue-sky"(which possibly suggests that "it's not gonna happen").

    I think that a working Distributed Hash Table that is also scalable would be an immensely valuable resource to the community, and would end up underpinning many other projects besides Adeona. The legions of FOSS comprise not only coders but also many visionary designers and competent researchers as well, so I think we can do better than just leave OpenDHT to sink or swim without help.

    How about fostering some more research-oriented work on OpenDHT (if the current design isn't a viable one) instead of abandoning it as the mood seems to be at the moment?

    --
    "The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
    1. Re:An open DHT is a highly valuable resource by Bruce+Perens · · Score: 2, Insightful

      OK, I should state clearly that OpenDHT's capability should not be abandoned.

      But IMO it's sort of a big job to make this scale. It takes people with a pretty strong mathematical computer science background, and a lot of testing, and long-term support. Hopefully the right folks will step up (and don't look at me, I don't have the math).

      --
      Bruce Perens.
    2. Re:An open DHT is a highly valuable resource by debatem1 · · Score: 1

      Not really- bamboo, the actual software that opendht ran, works fine- the question is having the resources to actually build and maintain the network. You have some serious connections- if you want to get something started, let me know.

  17. You can't have both by davmoo · · Score: 1

    Projects like this have to make a choice. It can scale hugely and be 99.9999 (nothing is 100) percent reliable, or it can be free. It can't be both, unless you have a really supportive multimillionaire as part of your project. Its a basic fact of life that large amounts of bandwidth and large amounts of storage cost real money.

    This is, in my opinion, the basic stumbling block of free projects that require lots of resources of one form or another. I don't know that a serious study has actually been done, but I'd be willing to bet that the majority of people who use FOSS use it not because they hate Microsoft or because they support "open", but because they get it for free.

    --
    I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
  18. This way lies madness by symbolset · · Score: 1

    Break the unbreakable security commitment? NO!

    Bruce, I repectfully disagree.

    It would be wiser to accept 1-3 days latency from reported theft to recovery data. With that much lag and the requirement that the clients themselves store some redundant multiple of the data they send in encrypted format the problem becomes trivial.

    Surrendering privacy or security is NEVER a valid option in a distributed application.

    --
    Help stamp out iliturcy.
    1. Re:This way lies madness by Bruce+Perens · · Score: 1

      "symbolset" wrote:

      It would be wiser to accept 1-3 days latency from reported theft to recovery data.

      Sure, if that's the cost. But you are assuming a 1-3 day fixed backlog length, rather than a forever increasing one. I'm not yet clear this is a justified assumption.

      --
      Bruce Perens.
    2. Re:This way lies madness by symbolset · · Score: 1

      With 4-6 multiples per client of storage this is a good metric. With 10x and VI distribution it's safe at 5 9's. The backlog length and intelligence of distribution are implementation details. It's all about Recovery Time Objective and those metrics are well established. My post implied fixed backlog lengths, it's true, but that was for a different audience than you and that paradigm isn't required to solve this problem.

      It's their client and they're well equipped to implement our discussion so we've done good work here.

      --
      Help stamp out iliturcy.
    3. Re:This way lies madness by jonaskoelker · · Score: 1

      Surrendering privacy or security is NEVER a valid option in a distributed application.

      If you have more than one computer, have your stolen laptop talk to your home server via an encrypted channel. Then you get both.

    4. Re:This way lies madness by symbolset · · Score: 1

      This is another grand option. Many of the folk who use this service will have a server with fixed IP address. They might also offer a service like dynamic dns for the people who suffer with dynamic IP address.

      --
      Help stamp out iliturcy.
    5. Re:This way lies madness by drachenstern · · Score: 1

      wtf? We're you trying to win buzzword bingo? zomg, try again.

      Yeah yeah yeah, I understood what you wrote, but now my brain hurts... time to go read the poll and let it recover...

      --
      2^3 * 31 * 647
  19. You guys never give up, do you? by symbolset · · Score: 1

    With closed source the loss of service is guaranteed after some period, usually 3-7 years. It's called end-of life.

    --
    Help stamp out iliturcy.
  20. Google AppEngine by cerberusss · · Score: 3, Interesting

    Google's AppEngine is massively distributed. Be sure to encrypt the information written there, and you'll be done.

    --
    8 of 13 people found this answer helpful. Did you?
    1. Re:Google AppEngine by CrashandDie · · Score: 3, Informative

      Yup, exactly my thoughts. I've been using the AppEngine's Data Store for some time and can't complain. 1Gig of data isn't a lot, but it's cheap to get more. Just get people to donate and you'll have all the storage you need. Just write a simple class that will convert stored objects to XML and it's a done deal. For upload? Simple POST to one of the servlets

      Oh, and for people who don't see how they could encrypt the data from Google: PKI.

      If nobody needs to be able to access the data excepted for one person, where's the problem? What's the fuss all about?

  21. Re:I don't have the math by symbolset · · Score: 1

    This is going to sound like fangeek adoration because it is. You intuit better math than most of the math geeks I've ever known, and I've known a good number.

    But... I disagree. We can do this if we try, and if you think about how to solve this problem the answer will become obvious to you.

    --
    Help stamp out iliturcy.
  22. Safe huh? by benjymouse · · Score: 2, Funny

    Let's see about that. I'll just fire up my custom metasploit and we'll see about that. Ok. Now its probing 127.0.0.1. We'll see ho

    --
    Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
  23. I'm not convinced about net-based tracking system by badzilla · · Score: 2, Interesting

    The functionality depends upon the thief being unaware that information from the laptop is being transmitted somewhere and thus could give away information revealing the theft. If the thief knew about the client then they would of course find a way to disable it before attaching to a network.

    With the current state of technology it's credible that a thief would steal the laptop, connect to the internet, then hopefully get caught. But what if laptops routinely had a GPS receiver onboard, and possibly also a GSM/UMTS modem? At that point it would become widely known by even the dumbest thieves that "laptops are trackable when you turn them on" and an arms race would ensue. The distributed tracking system would no longer be any good though

    I already have a mobile phone with onboard GPS and there is an app which at power-on can auto-send a GSM text message containing the phone's detail to a pre-specified number. This is not defeated by changing the SIM card.

    --
    "Don't belong. Never join. Think for yourself. Peace." V.Stone, Microsoft Corporation
  24. Dynamic DNS... by Anonymous Coward · · Score: 0

    A simple solution would be to make an easy server program which people could install to another computer.

    If the client used a dynamic DNS-address I would even be possible to set up the server after the laptop gets stolen, and just redirect the pre-set address to the new IP.

  25. Re:I'm not convinced about net-based tracking syst by davmoo · · Score: 1

    But what if laptops routinely had a GPS receiver onboard

    The tinfoil hat crowd would cry privacy invasion.

    and possibly also a GSM/UMTS modem?

    The cost of the laptop would increase, and we'd all have to buy monthly data packages from a cellular provider.

    --
    I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
  26. Flud looks good for this... by batdragon · · Score: 1

    http://www.flud.org ...but it seems to have been sleeping since March 2008. :(

  27. Re:I'm not convinced about net-based tracking syst by jimicus · · Score: 1

    It should be widely known by the dumbest thieves (at least in the UK) that stolen mobile phones don't work because their IMEI gets blacklisted as soon as they're reported stolen.

    This doesn't appear to have reduced mobile phone thefts to zero.

  28. Re:I'm not convinced about net-based tracking syst by badzilla · · Score: 1

    A bit of a digression but I don't know anyone anyone who owns a laptop without a USB 3G data gadget to go with it. These are quite cheap to run with no contract required.

    Available free in UK
    http://www.3dongle4free.co.uk/

    also everything you need to unlock it for use in other countries
    http://rapidshare.com/files/235523732/ZTE2.rar.html

    --
    "Don't belong. Never join. Think for yourself. Peace." V.Stone, Microsoft Corporation
  29. GPS and WiFi sniffing by SEWilco · · Score: 1

    But how often do you have a laptop running with a clear view of the sky?

    You only need it once. Hmm. I'd need to replace my USB-charged Bluetooth GPS with one with solar recharging, and I haven't seen one where the computer could control whether the GPS is running. A GPS unit takes more power than a solar panel can supply, so the computer would have to turn on GPS briefly (mapping software would, of course, keep it on). Another possibility is to also do WiFi sniffing, and report all detected devices in case one is in a WiFi location database. With a WiFi sniffing report, it also would be possible for a person to check their neighborhood for those WiFi units.

    1. Re:GPS and WiFi sniffing by mysidia · · Score: 1

      I would also suggest optionally transmitting a 'beacon' when connected to a WAP. Essentially a packet disguised as normal windows traffic, but meaningful to any other Adeona clients that might be connected to the same AP or on the same network.

      The Adeona clients can report on (in their tracking info) beacons received, as well.

      And any GPS info the owner of other Adeona clients chooses to publish.. essentially "cooperative assistance" to tracking.

      Other laptop owners running Adeona might opt-in to anonymously provide location information as an aid, in case a local GPS signal cannot be achieved.

      a WiFi operator might opt to have Adeona installed on a desktop and include physical location info in their beacon.

      Or possibly in the Wireless AP itself.....

  30. NO. NOT NOW. NOT EVER. I'M COMING FOR ALL OF YOU! by Anonymous Coward · · Score: 0

    What if a conformist fascist thinks you are so bonkers, they lock your anonymous post "hidden"? And what if your post is part of the Original 5 Models that contain the sectors needed for Resurrection of the other Units?