Slashdot Mirror
USB 'Dead Drops'
Okian Warrior writes "Aram Bartholl is building a series of USB dead drops in New York City. Billed as 'an anonymous, offline, peer to peer file-sharing network in public space,' he has embedded USB sticks as file cache devices throughout the city. Bartholl says, 'I am "injecting" USB flash drives into walls, buildings and curbs accessible to anybody in public space. You are invited to go to these places (so far 5 in NYC) to drop or find files on a dead drop. Plug your laptop to a wall, house or pole to share your files and data.' Current locations (more to come) include: 87 3rd Avenue, Brooklyn, NY (Makerbot), Empire Fulton Ferry Park, Brooklyn, NY (Dumbo), 235 Bowery, NY (New Museum), Union Square, NY (Subway Station 14th St), and West 21st Street, NY (Eyebeam)"
Turn off AutoPlay first, kids. You'll thank me later.
Is that kind of like a Glory Hole? Probably the same number of viruses.
Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
What could possibly go wrong?
5 free usb drives, where's my bike?
I can think of no security issues that could be introduced by this development.
For an encore, he'll be setting up "Drop Dead" sites around the city. These will be little knobs mounted to walls, for anonymous people to "share" biological materials by walking up to them and licking them.
http://alternatives.rzero.com/
Will this unsuspecting guy access the child porn cache.. Hello my name is Chris Hansen and I am from NBC's "To Catch A Predator" please sit down
So basically, you are being invited to connect a USB device from an unknown source, with unknown code on it, to your machine. There have been many instances of people leaving USB sticks with exploit binaries around for people to find. You find the stick, stick it in your machine, and are promptly exploited. Regardless of whether the creator of the dead drops hasn't done this intentionally themselves (hopefully, they haven't), you have no idea what might have been placed on the sticks by others.
Sounds like a glory hole to me.
It truly amazes me how stupid people are. If this bozo did this to my property and announced it like he has, then I'd get a contractor and remove it and haul this clown in to small claims court for the costs.
There are ways of doing this sort of thing while minimizing your liability. He's opened himself to finding out about the costs the hard way.
Ok, so they chose to leave the male end sticking out of the wall- and instead of using some sort of extension cord plug the laptop directly in. It will not take much wobbling of the laptop to create a large amount of shear stress on the usb stick leading to failure.
Also I'm sure many will complain about the possible dangers of viruses but imagine worse. How much damage could you do with a usb stick? It wouldn't be impossible to rig a car battery to the contacts from the other side of the wall.
I know this guy thinks it's "cute" and that it's all "artsy" or something. But It's not. It's just fucking stupid. Why would I want to go to a dark alley on new work to plug my laptop into a usb port sticking out of a wall?
WTF am I doing replying to an AC at 5 A.M on a Friday night?
As soon as the RIAA et al thugs can find the locations they will fill the devices up with garbage, pr0n, incorrectly named and incredibly distorted music/video files. Nice idea but too easy to corrupt
What the heck is the point of this? Sometimes I hate artists. Here's an idea, just give someone a USB drive when you want to share files with them. Or mail it. Or I guess call it art and attach USB drives to walls. Move over Van Gogh, there's a new master in town!
Drop dead or will sue
The idea is more like a sure fire recipe for a DOA usb file sharing system.
I would say it has to do with the current e-climate, that anyone with any sort of power wants to censor/control the internet/electronic world.
This is an interesting means of dealing with the issue of control, and most likely the first of many steps.
... this concept would not go down well with the government, especially around their nuclear facilities.
It's kinda pointless and possibly dangerous there's something cool about a USB port in a brick wall. It's like plugging into the unknown
"Plug your laptop to a wall, house or pole to share your viruses and data."
Fixed that
Vector for malware in 3... 2...
Sounds an awful lot like a high(er?) tech version of a geocache to me. Somebody should post these to geocaching.com and suggest a new style of cache... a data cache.
Apparently, this person is willing to expose himself as a complete moron, just to get a bit of publicity. This is not even original, security experts have been using something very similar as network penetration technique for years.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
There's a long tradition of young folks picking up nasty viruses from anonymous strangers in NYC; now their computers can too.
Am I part of the core demographic for Swedish Fish?
Will you notice the salty tang?
some sort of actual storage instead of the 4-8GB that could be in that thumb drive max
Do you know how many computers I've had and/or used that had at least an order of magnitude less than 4-8GB mass storage?
Why, back in my day, we had 160KB floppy disks! And we were glad to have 'em too!!! Rassum fassum darned kids today with their fancy "USB Drives"...
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
So you stop by and upload/download but don't notice that the Dept Homeland Security has the place staked out until they serve the search warrant on your house...
Guys with expensive laptops will be at the following five locations:
sheesh
Could be worse. In 1969, the Museum of Modern Art in New York deployed Pulsa, an exhibit which included many strobe lights arranged to flash in sequence. There was a long line of strobes not only on the museum, but extending to adjacent buildings.
Pilots reported runway lighting in midtown Manhattan. The "moving ball of light" strobe system for runways was chosen because, even in cluttered urban areas with many parallel lines of light, there's nothing which looks like that. The FAA made them retime the strobes so that it didn't look like a runway.
I actually agree with this. We need to make those fuckers who know nearly nothing of the internet itself learn. Share, share and share some more is what I say. No matter what, given non-invasive measures. Some day, in a perfect utopia,*we* will rule the world -- that means that everyone will know what is right and do accordingly, thus, our ruling of the world will be the absence of the need to do so -- it would be a Perfect Anarchy.
Baby steps, dear Anarchy....
Have you heard about SoylentNews?
I'm not scared. Boot a live distro and get/leave some cool files. I think it's cool.
He should put in a rootkit in every one of them, which at a specified time and date will display "Congratulations, you are the xth idiot out of y idiots who have risked security and data just to try something stupid"
Silly suggestions aside, he should really take this opportunity to teach people the dangers of malware which can be picked up by doing stupid things.
For the finale they really ought to bust him for possession of child porn. That would almost make the show worth watching.
Autorun virii are not fun. Save yourself the hassle and save the idiots the pain.
I definitely won't stick someone's hoo-hoo dilly in my laptop's cha-cha.
Some sort of plastic egg or something, that you were supposed to put a message in, then give it to someone "hey, this is for Joe Bloggs, in Topeka, pass it on". The idea was that eventually, Joe would get it, no matter where you were when you started it. I think others were encouraged to add to it too.
It predates the 6-degrees of Kevin Bacon, but it is the same idea.
Was it an oobie or some such? This sounds like that. Probably sold a lot of plastic crap and packaging.
Hippies.
This issue is a bit more complicated than you think.
I have to agree with the other posters. This is a stupid idea. The are easy to break. Easy to find for those that don't like the idea of them existing. They don't hold a particularly large amount of data. The fixed location makes them useless as a dead drop.
The way a non-stupid person would do this is to set up a wireless router. This way two anonymous people could exchange data and no one would be able to tell where or who they were beyond being in the general vicinity. It would also actually be able to hide. As long as they could get power to it, it could be just about anywhere, so it would take a fair amount of effort to make sure you had the skill and equipment to actually find the thing. If you want storage, just use a router that has NAS capabilities.
I kind of like the idea of an anonymous way for citizens to share data, but gluing USB sticks on walls is not the way to do it.
is there also one in that place where I put that thing that time?
The RIAA doesn't even need to bribe politicians to get rid of these. All they have to do is visit the publicly disclosed addresses, locate the sticks, and take a hammer to them.
See, the key to running a cold war-style dead drop is that you DON'T tell everyone where it is.
Dead drops are for hiding secrets. Filesharing is more or less the polar opposite, it exists to give everyone equal access to information.
get it? :D
I took one look at this and thought of my 3-pound drilling hammer.
Doesn't it rain in New York City?
Empire Fulton Ferry Park is right down the street from where I live. There's only so many places it could be hid.
I think I need to fire up my spare laptop with a LiveCD and find it.
For science
Shameless plug for my photos on Flickr
I know adding a gender changer will add a few bucks, but will limit the bump/kick risk.
Ideally, expose a usb B femaie plug, as everyone has usb B male to usb A male plugs laying around.
I can imagine RIAA/MPAA lobbying for a law to ban them.
It's proving to take a very long time to make the proles (and indeed even many geeks) that copying data is not actually *doing* something.
This will make a lot of people think, I think.
expandfairuse.org
free HBO!
It's a great idea, but why put these things in such easily accessible locations where they could be open to anyone with less than noble intentions? I did the same thing as this guy a couple of years back, but was a little more selective in location, some of which are as follows:
* Mount Etna (near the mouth)
* North pole (well 40 ft underground at that point)
* 3 miles underground at an unknown location. There is a cave entrance though I think (well there was last time I went).
* In my house
* Inside the fossilized remains of a dead bird found somewhere in the Sahara Desert.
* Five are in the ocean too (I'll keep the exact locations secret, but you may have some luck checking out the Atlan... (hint hint) ).
Why OpalCalc is the best Windows calc
it's a trap!
Politics is Treachery, Religion is Brainwashing
It's like a speak-easy from the era of prohibition for file sharing. What could possibly go wrong? Can anyone say entrapment?
goatse.jpg
Copy of goatse.jpg
Copy2 of goatse.jpg
Copy3 of goatse.jpg
...
I have something in common with Stephen Hawking...
Fortuantely I'll be dead long before this wretched future you wish for ever comes to pass. Don't assume that what your psychotic mind concieves of as utopia, would not be hell to others.
Problems with killer file systems is that they get sent to chroot for deleting Russian imported libraries.
That way i can get my free viruses without having to plug something in.
---- Booth was a patriot ----
...its like the era of near anonymous sex, eventually people started dying after hooking up. How long before we see people killing their computers, or going to jail because they plugged in and xferred something really illegal?
This is REALLY smart.
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
Why would I want to go to a dark alley on new work to plug my laptop into a usb port sticking out of a wall?
For the cheap thrill? Isn't that why people insert other things sticking out of walls, or insert their thing into holes in walls in New York?
... and then they built the supercollider.
it's a trap!
Not only that, dead drops would be better protected by NOT disclosing their locations. Make it a game or puzzle, or riddle or something.
The mind conceives, the body achieves, the spirit manifests.
So um.. how many USB ports will be shorted out by a wet connector.
They can just come by at 3am and replace the USB drive with something else ... with a little camera off to one side.
Unless of course people feel there is something 'cool' about having to be in a specified location to receive information in this day and age.
GEO caching came readily to mind. Find an interesting (and hopefully somewhat safe site) and when people get there, not only can they share whatever, but they can have a unique experience as well.
From sneaker net ot peer to peer to USB Dead Drops? lmao...
Might be good practice for when Fascism takes over thanks to Citizen United vs FEC.
Is your Internet Throttled? Install DD-Wrt, OpenWRT or Tomato to learn the truth! Google: 1Gbps/1Gbps: 5 Communities
I used to do Geocaching...before kids ;)
I had reservations about finding boxes hidden and opening them to see what's inside. On all occasions the contents were benign.
I think it's a shame that the first thing people think to do with these is to load them up with exploits or porn. Don't get me wrong, I wouldn't be plugging my laptop in without some serious protection. However one thing I liked about Geocaching was that it caused you to go to places off the beaten track or informed you of interesting facts about the location. It was great as a tourist.
There is so much interesting stuff about this...and yet...now I'd be too afraid to plug in.
Another train of thought, If the artist wanted to present some interesting social study, he/she would monitor the files at each location and build an instillation to show what type of file, when uploaded, how much good and bad, yadda yadda.
I'm sure with a bit of extra thought with respect to the security aspects by the artist, this could be made acceptably safe. For instance, could the stick be simulated on a system which actively scans and cleans between uploads?
I find this interesting enough. Sure, it could be just an FTP server that anyone can connect to. You could use 30s of your life to connect to it, check what is there and disconnect. And everything interesting would probably have to be removed quickly because it breaks some copyright law, is too offensive, etc... But there is no control when it comes to this. Anyone who has connected to it has actually went through some trouble to put files there. I think that you are just being bored if you aren't at all intrigued to know what type of files would there be... And to leave something for the next one who comes to check the storage for the same reasons.
Also, here is a proptip: If you aren't interested. Fine, just ignore it. It is silly to get that heated about something like this. Try not taking life that seriously. :)
From a geek perspective, I think this is awesome. It combines all the fun of geocaching with the rewards of actually getting something. I do think that viruses would be a concern, yes, but at the same time, anyone looking for one of these things is going to expect that, and will either be protected somehow, or will be using a machine they can keep in quarantine.
From an art perspective, I think this is awesome. It's funny, fresh and gets people outside, exploring their world. It's using available materials to change the way people look at common, everyday items.
From an engineering perspective, all I can see is broken USB hubs stuck in my port because I sneezed too hard. Or shorted out the port because it was wet on the inside of the plug. Or someone thought they were cute and put some WD-40 in there, instead of electrical contact cleaner.
But from an societal point of view, I see strangers walking up to a building and holding their computers up against the wall. That's fine for things like monuments, park statues and maybe even trees in a park? But doing that outside a business might get you in trouble.
Do it anywhere near someplace the NYPD consider "sensitive", and you might just become the latest headline news.
[End Of Line]
Go ahead... stick it in....
... You come to Virus.
Creativity: A+
Humor: B
Usefulness: F
Convenience: F
Security: F
Resistance to Vandalism: F
"When information is power, privacy is freedom" - Jah-Wren Ryel
This is the dumbest thing ive ever heard of. Anyone who is stupid enough to use these things deserves whatever malware they pick up.
Perhaps geocaching then? I've not partaken myself, but it seems to be something along the lines of what you're talking about.
Comment removed based on user account deletion
respect your slashdot memes, son, or go hangout on digg or reddit with your shenanigans.
One man's USB treasure is another man's garbage...
Help! I am a self-aware entity trapped in an abstract function!
Why not set up a "Swap Club" to pass around a big "Slut Drive" or three around?
After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
... of a ball peen hammer and a flat surface. The viewer is invited to place his thumb on the flat surface and whack it with the hammer, and by doing so become more interconnected with what it means to execute a Really Dumb Idea.
Yeah, because the "open" guys have really shown that they know how to all control their egos and make sure everything they do is in the best interests of the "community", and not in the pursuit of some ridiculous need to flex an e-peen or get the last word.
I predict the first day you declare your utopia has been achieved, at least 3 people will fork it because they can't abide by trivial differences in your set of rules, and several dozen blog posts will go up lamenting the shoddy architecture and insecure design of your utopia, and talk about how short-sighted you are to have not anticipated these issues.
Because that's how your vaunted community works in actuality. Thank you, but as someone else mentioned, we'll be -- blessedly -- long dead before this hellish 'utopia' comes to pass. God save us from technical savants with the will to power and limited or nonexistent social skills.
A wide range WLAN-NAS would be a better dead drop.
I did my part found one and uploaded photoshop, some movies, and bunch of mp3's :)
on the device was couple movies and sims 3
pretty interesting
Or whack the protruding USB socket with a hammer.
There!
Security problem solved!!
(Don'tcha effin get tired of conceptual artistes and their lame ideas?)
They really don't have any standards for art anymore, do they?
Not since they took the Dadaists seriously, no.
I tend to think of modern art as a sport akin to social engineering. When you think of it that way, it stays annoying but at least you can respect some of the skills involved, unlike those used in the actual work itself.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
They are getting desperate out there ;)
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
Just wait until someone drops kiddie porn on it or the latest malware!!
In the near future, when all internet access is censored, people will have these drop sites as their only access for non government approved information, like porn.
On a side note, Mirror's Edge.
The guy obviously overlooked the "people are assholes" factor. Some jerk will eventually show up with a hammer and destroy the thing just for the hell of it.
So how about it /.?
I see alot of posts criticizing the implementation of this "Dead Drop" system.
Anyone else here have a better idea?
Maybe some super cheap hacked routers with open wifi and ftpd?
Or how about a blue-tooth device cemented in the sidewalk?
I live near NYC... i think it would be cool to come up with a "off the grid" sneakernet..
I have to return some videotapes...
It's just a slashvertisement.
really dumb.
Now maybe if it were a wifi spot with shared data, but USB who cares.
I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso
How long do you think it will be before some people start using these as a way to exchange child porn or some idiot thinks it would be funny to upload kiddie porn on all the USB sticks and the cops come in and shut the thing down?
If you liked this thought maybe you would find my blog nice too:
Hmm?
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
The most insure method of attaching to a computer.
Another dumb idea that people will fall for.
You didn't quite get what I mean, or I didn't make myself clear. My idea is that there will be a world in which there are no pricks and people who don't get the law -- they will all understand it and punish themselves if they ever fail to follow it (which, in itself, would rarely happen). This world would be the perfect world of Anarchy that so many leaders and people have waited for. It is impossible, because every guy like I described, there's three idiots like us who can do nothing else than type on /., and then there's politicians which are basically immoral beings who smell money.
Now, go bash someone else, and don't invoke the thing's name -- it's enough people believe in such foolness already.
Have you heard about SoylentNews?
One word: corrosion.
Would greatly appreciate if someone could please add this information onto the USB dead drops in my absense (after all the dead drops need some juicy content with government secrets):
http://www.mediafire.com/?09tf66ybzurpr0s
http://cid-3bfa0ee4c6f361ff.office.live.com/browse.aspx/Public
https://docs.google.com/leaf?id=0B9K1bpZ8L19dNTk1YmE1NTctYTYwZC00ZjdjLWEzZGUtNDY1MzQ5ODVmNTQ0
http://cid-3bfa0ee4c6f361ff.photos.live.com/
http://evidenceagainstusgovernment.blogspot.com/
http://newworldordersatanicslavery.blogspot.com/
Hey guys, no one expects this to be _useful_. You're welcome.
> I figured it would also need some code to figure out who was getting too close to the hidden antenna and drop transmit power or the connection outright to mask the actual location.
1) If I sniff only, you will not detect me
2) No matter what you do, unless you switch positions, I can find you over time
> I also figured the network would need to occasionally switch off and vanish if devices nearby were lurking and not sharing, even with that, no way to defeat passive wifi sniffing.
How will you find out that I sniff when I only sniff? I will send _nothing_.
I can put a JPG, MP3, PDF, anything that exploits a zero-day (or known) vulnerability on the drive. As you will not only _copy and store_ but _open_ the files...
Also, what stops me from emulating a keyboard and entering a load of crap? "Windows-c (?) deltree c:\\ /y\n" comes to mind.
The USB stick solution doesn't need a power supply; all wireless solutions do. It's also a lot cheaper to implement, especially for an artsy experiment.
Indeed /. this time around breaks it down however it can do, takes it way too seriously, and hasn't come with a single alternative that's as cheap, easy to implement, and anonymous as this one is. This assuming it has any practical value in the first place.
I once saw an art installation that was an almost-functional guillotine. Pull a lever, and the blade would come down, until it hit a hidden stop. It was installed in a public place for a year and, sadly, nobody pulled the lever.
My opinion is that the purpose of art is to make the audience think. Today, we are thinking about what kind of malevolent files could be shared, or what fleeting connections we have with people around us. A hammer and hard surface makes me think about how, now and then, everybody needs warnings about really bad ideas.
Congratulations! An artist is you!
You do not have a moral or legal right to do absolutely anything you want.
You forgot the obligatory Admiral Ackbar. ;)
But setting up a wireless access point connected only to a local server would probably do a lot better. Use a "cantenna" to direct the access point covering area to a given location and it will be trickier to triangulate. Even better if you can bounce the radio waves against something using the "cantenna".
It would be an excellent information drop point for everyone in covert operations. Add a steganographed picture of something innocent - or maybe not so innocent like a pr0n image and you can propagate your information.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
There's more than just autoplay and malware to worry about.
How long before some jerk sets one of these up that's not connected to a hidden USB drive, but to the AC power lines?
*POOF* No more laptop.
Beta sux! Join the Slashcott! http://hardware.slashdot.org/comments.pl?sid=4760465&cid=46173047
I've read a lot of the comments at the article and here at /. and, all opinions considered, I have to agree that it was a fairly irresponsible decision on the artist's behalf.
1. Could poke some kid's eye out, should have been recessed into the wall
2. Could break off in your USB port or cable, should have been recessed into the wall;
3. Could be filled with things you don't want to go near like viruses and other malware, maybe should have been set up with some firmware attached as mediator;
4. Surprisingly, not mentioned: could be filled with things you don't want to go near like child pornography, which will temporarily be in your possession while you're "jacked in there lil' chummer";
5. Also not mentioned: easily spoofed performance art, with malicious self-activating-firmware or voltage sources attached, to become a very, very, very malicious device to hook up to with anything at all, especially valuable hardware and software (also easily torn out and replaced with evil twin);
6. Also not mentioned: these things don't all appear to be in the most secure sorts of areas, and will likely become targeted by hoodlums looking to score a quick laptop or other portable device.
7. The liability of any wrong coming to any computer users through these devices, I am pretty sure (I'm not a lawyer) could be traceable directly back to the artist.
To all those who got off on how it's the digital equivalent of GPS: frankly, it's the digital equivalent of fucking a crack-whore, or actually putting your shit up-to/into a real "glory hole".
"Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
But the USB stick alone is such an issue.
Why stop at wide-open storage? Why not put a common terminal BBS in a firmware and attach several backup storages, upload/download directories, a virus scanner, even forums, and make it something relatively safe and functional? Then attach that to a wireless, give it a photovoltaic cell for a voltage source, attach a few capacitors to charge for night time use, cover the PVC with a layer or quartz and encase the whole thing in a piece of granite, and sink *that* into something.
As it is, the USB sticking out of a wall idea is one of the most retarded things... it's so obvious, maybe the artist should have stopped and said "there are reasons why this hasn't been done, yet", and not stopped at "oh some capitalist would steal it -- voila, cement!"
"Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
Sneakernet reintroduced! Yay!
....Is to carry around a multimeter along with the other usual stuff like i do, and see how much voltage the f*cker is outputting. You never know..... kind of like the etherkiller. Imagine that one.... lcd screen on the meter displaying 220 VAC. Dare to plug in now, bitch? LOL Concept is definitely cool though....
The security risk is pretty obvious to people with some computer knowledge. And let's face it, people without some computer knowledge are never going to hear about these things--or bother to find them.
If I'm going to use a dead drop, obviously I'm not just going to log into my home account and then plug in. I'm going to boot off a CD or another USB, and then plug in to drop off or pick up. Or I'm going to use a sacrificial machine (netbooks or old laptops are cheap).
Build a man a fire, he's warm for one night. Set him on fire, and he's warm for the rest of his life.
I'm just going to leave this here: INTERNET!
This is not SneakerNet, or data geocaching. This is AttentionWhoreNet. The only things you'll find on these things after a day is club/drug/callgirl spam and kiddie porn. Congrats, you dumb fucking sycophant of an "artist", you fail at thinking.
Besides, Real SneakerNetters (tm) in this day and age use portable hard drives or small NAS boxes. Driving a 16TB NAS to your friend's basement is oh, about 100 gigabit per sec :) Which is about ten thousand times faster than any USB key I've ever seen.
-Billco, Fnarg.com
You forget to make a difference between "simple, low-budget, not necessarily useful arts project" and "ueber-geeky, high-budget, high-maintenance, overly complex, still probably useless project".
That said I would prefer to connect using a USB extension cable instead of holding my laptop to the wall, risking breaking everything.
This is basically the digital equivalent of a glory hole. I expect a lot of viruses to be transferred this way.
USB-A connectors are pretty crappy and non-weatherproof - I can imagine the wear & tear on something like that with a lot of 'non-owners' (owners are usually pretty careful with their own hardware) ramming plugs into it.
Too bad the tech for USB never progressed as far as something asexual like an Apple mag-safe power connector.
Thank you for installing this convenient terrorist communication network.