This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: Security

Track your missing laptop with Adeona

By Nathan Willis on September 23, 2008 (9:00:00 PM)

Share    Print    Comments   

Almost every laptop on sale today comes equipped with the Kensington security slot on the side or back, through which you can connect a theft-deterring locked steel cable. The system's down sides are (a) that a would-be thief can damage or destroy your equipment trying to yank the cable out, and (b) that you have to buy the cable separately. As an alternative, the free software utility Adeona won't preemptively deter theft, but it will help you track down your stolen equipment and better the chances of its recovery by police.

Adeona runs in the background, and works its magic by waking up at random intervals to record data about the equipment's location and status, which it encrypts and then silently uploads to off-site storage. If your laptop (or, for that matter, your co-located server) goes missing, you can retrieve its latest records from elsewhere, learning such information as its internal and external IP address, local network configuration, and more. Armed with that info, you can call John Law and take a big step toward recovering your goods.

Adeona is distinct from commercial equipment tracking alternatives in that it takes multiple measures to ensure that the off-site status records are anonymous, untraceable, and encrypted. To accomplish this, the system randomizes many of its parameters -- the length of time between status checks, the time between status check and upload, and the destination node of the off-site storage.

You can download the Adeona client for Linux, Mac OS X, and Windows; the latest version is 0.21, and is available under the GPLv2. The OS X and Windows packages are binaries, and the Linux package is source code. Compiling the code is straightforward; the standard ./configure; make; make install three-step will suffice on any standard Linux distribution. You will also need the OpenSSL, traceroute, and cron packages, all of which are widely available.

Once you have compiled Adeona, the make install step will prompt you to create an Adeona password that is used to encrypt a local credentials file. The file contains seed data that you will need in order to retrieve stored status checks in the event that your machine is lost or stolen, so don't forget your password. The installer will also provide you with a sample cron job that you should add to your machine's crontab in order to keep Adeona running regularly.

You can install Adeona clients on multiple machines, and you can retrieve entries for all of them from a single machine, provided that you have a copy of each client's credentials file. If you are monitoring multiple laptops, desktops, or servers, it pays to have a copy of each credentials file on each machine, since you never know which ones will turn up missing. Each file is encrypted with its own password.

The OS X version of Adeona sports one feature not yet present in the others: the ability to take a snapshot using modern Macs' built-in iSight video camera, potentially catching thieves on screen. If that bothers you or if you are just shy, a separate no-camera build is available too.

How it works

Current location checks are run approximately once every 30 minutes. Each time Adeona runs, it collects your machine's internal IP address from the operating system, the external IP address from a third-party reporting service, the name (if any) of the wireless network to which it is connected, the names of nearby routers as reported by traceroute, and (if available) a photo via iSight camera. It stores this information securely in an encrypted local cache. At some random point in the future, it uploads the collected report to the distributed, decentralized OpenDHT network.

By randomizing the interval between location checks and between uploads, Adeona makes it harder for would-be attackers to foil the system by switching the computer off before the check or by observing the upload. By randomizing which OpenDHT nodes receive the upload, Adeona can spread the information across multiple servers. Because the key used to index the upload on OpenDHT is randomized, attackers cannot retrieve your reports or discover which sets of reports are associated with the same machine.

Of course, the key values cannot be truly random -- they are generated by a pseudo-random number generator, and therein lies the key to retrieving the location reports. The intervals, nodes, and keys are completely predictable if you know the initial seed value, and that is stored within the credentials file. Armed with that file, Adeona can calculate the timestamps of every location report, and how to retrieve them from OpenDHT. Since that file is password-encrypted using AES, it is secure from all but a brute-force attack.

Naturally, a thief with physical access to your machine can do things to disable Adeona -- uninstall it, erase the hard drive, or just keep it disconnected from the Internet. In such situations, no other security product can help you discover your missing machine's location either. Adeona's service is just as strong as any proprietary solution, but with the added strength of anonymity and security.

Test drive

In practice, Adeona is unobtrusive: once you have installed the data collection client, you can forget it is there. That is true even of the camera-enabled OS X build, which I tried along with the Linux package. The green camera LED blinks once when a picture is taken, but I didn't notice a flash until after several hours of continuous use. Compiling and installing the Linux version is a piece of cake; there are no obscure dependencies and it needs no complicated configuration.

In the field, report retrieval is more important than the unobtrusiveness of report generation. If your laptop is stolen, you may have only a short window in which to act, after which your machine could be wiped or shut down to sit on a pawn shop's shelf. The retrieval command on Linux requires command-line switches that specify the start and end times and the number of location reports to fetch. The Mac version is a bit easier to use; it comes as a clickable Terminal script with pop-up windows that request the same information. The same could be done for Linux with Zenity.

In either case, the retrieval process provides human-readable output as it requests and fetches each location report from OpenDHT. The only problem I encountered with the system at all was with OpenDHT itself. OpenDHT is a decentralized database of hashed key-value pairs running on PlanetLab nodes. As such, it provides some fault-tolerance should any particular node become unreachable. But for the first few days of my Adeona test drive, the entire OpenDHT system was down.

I talked to Adeona developer Gabreil Maganis about the issue, because the error message I received from the retrieval script did not indicate OpenDHT was at fault. He assured me that the error message would be fixed in the future, and suggested checking the URL http://www.opendht.org/servers.txt to determine whether OpenDHT was currently up and running.

As to whether OpenDHT storage constitutes a single point of failure that undermines Adeona's utility, Maganis says that there are alternatives in the works. "Additional online storage options is an engineering issue. We plan to have a 'wish list' of some sort on the Web site to invite enthusiasts to maybe implement an Azureus DHT module for Adeona. We were conscious about making the code easy to extend and add to during development and hopefully that is the case."

The Adeona project is hosted at the University of Washington. If you are interested in learning more details of the exact security protocols that make it run, its creators have published a paper describing the system and the attack vectors it counteracts. It not only keeps your location information secure from prying eyes, but it protects your privacy in other ways that a common thief might not have thought of. If you have ever considered purchasing a proprietary device tracking application, read the paper to get up to speed on exactly what makes Adeona superior. And read the source code if you're still not convinced.

Most of us will be lucky enough to never have a laptop or desktop computer lost or stolen, and Adeona's location abilities will only serve as a precaution. But at this price, it is well worth taking that precaution.

Share    Print    Comments   

Comments

on Track your missing laptop with Adeona

Note: Comments are owned by the poster. We are not responsible for their content.

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 198.108.50.86] on September 23, 2008 10:20 PM
If someone stole your laptop to personally use, wouldn't they wipe the hard drive rendering this software useless? Is there something I am missing?

#

Re: Track your missing laptop with Adeona

Posted by: Anonymous [ip: 85.166.46.113] on September 23, 2008 10:51 PM
No. Except that most thieves are stupid (or else they wouldn't need to become criminals), so many of them will turn on the laptop and surf around a bit before thinking about wiping the hard drive, if they even know such a thing is possible...

#

Re: Track your missing laptop with Adeona

Posted by: Anonymous [ip: 76.84.157.226] on September 25, 2008 04:42 AM
No, you're not missing anything at all, and that was exactly what I was thinking too. A wiser thief (and don't kid yourselves, there are some very intelligent theives out there)would boot the thing off-network, snoop around and gather/steal all the information they can off the drive, and then wipe it! No more Adeona, no recovery of laptop by this method whatsoever.

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 68.165.29.186] on September 23, 2008 11:04 PM
Yes, apparently thieves don't do this; all you have to do is search the news for stories of thieves caught by similar applications installed that took pictures of the thieves, say, when they stole a macbook....

I find this also to be useful for tracking a machine with an IP address that changes randomly for no readilly apparent reason (used to have this problem at work) - without using a dynamic DNS service which would expose the machine to discovery via DNS.

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 217.171.129.75] on September 23, 2008 11:45 PM
Outside of hardware that transmits it's location, there isn't really any way of recovering your machine and while there are GSM devices for laptops they can simply be removed. At least on a server or desktop you have some possiblity of concealing the device.

This obvious is pointed out by the above response as well as in the article, thieves simply format and sell on. Is this an advertisement?

CXT

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 217.171.129.75] on September 24, 2008 12:46 AM
@ 85.166.46.113 & 68.165.29.186

If thieves are that stupid, then how do they log into your Linux account to 'surf around'? I have some experience with these people and I can assure you that the ones that happen to steal unprotected, password free computers, then go online to upload photographs of themselves are very few and far between.

Yes such people do make the news, but so do the ones that wave at CCTV while robbing convenience stores, graffiti their own names at the crime scene, get stuck while climbing through windows or set fire to themselves while stealing petrol, all for obvious reasons: they're rare and quite fantastic. The headline invariably reads 'Town's dumbest criminal'.

-

I've just read the article again and had a look at Adeona's site. My comments are from the perspective of a Linux and Cygwin user. I see that Macintosh computers that have a built in webcam will take pictures, as long as the unattended computer is turned on in a well lit room while they’re taking it. That's quite a specific audience there.

As for tracking dynamic IP addresses, that's a valid point, but I've always managed by having the machine simply ping a static machine, send an email, or use some other simple method.

CXT

#

Re: Track your missing laptop with Adeona

Posted by: Anonymous [ip: 68.200.218.75] on September 24, 2008 09:08 PM
As for tracking dynamic IP addresses, that's a valid point, but I've always managed by having the machine simply ping a static machine, send an email, or use some other simple method.

Exactly! An email would would give internal IP and external IP. Only things missing would be a picture(a script could easily add this) and an overly complex and over engineered encryption and retrieval mechanism (that failed in the course of the article!).

None of this even bothers to mention the highly unlikely scenario of your local police department acting on the information provided, even if you were able to translate that IP address into a physical street address. This whole concept, including the LoJack for laptops snake oil is, well... Snake oil!!!

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 70.110.94.51] on September 24, 2008 02:29 AM
It doesn't build on Linux with an AMD64, Linux kernel 2.6.25 or greater. Tried to install it this past weekend.

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 193.227.201.226] on September 24, 2008 12:34 PM
Not worth even trying this as thieves won't even pass the grub. First thing they will do is either wipe out the the hdd or remove it completely and shove their ones in!

This is totally waste of time, unless there is a BIOS program which sends external ip address info to the server as soon as the laptop is turned on and once the status has been updated by the owner on the server to be stolen ip search gets triggered. That would be ideal system.

#

Re: Track your missing laptop with Adeona

Posted by: Anonymous [ip: 64.162.136.162] on September 24, 2008 05:24 PM
you don't know that. they could boot it up that first time and not know what it is, and let it boot to a login prompt. from there most would be lost, I'm guessing...

bios level security would only work if it was connected via wire (cat5/6) and there was a dhcp server on the network and no proxy. if the laptop is wireless then it won't work, especially if there is a wep/wpa encryption.

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 204.147.92.118] on September 24, 2008 08:26 PM
They should be getting a cease and desist soon from Absolute Software. They are notorious for fucking with anyone who tries to move into the laptop tracking space.

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 76.113.91.164] on September 24, 2008 08:44 PM
If there ripping off your laptop anyhow here not gonna format ect. Most are for pawn for drugs or and beer.
So paranoid, If your that worrired build a script that with 3 try's with the wrong password it formats your drive anyhow or even better you should encrypt the total drive anyhow and stop worrying. Were's your backup disks at?

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 168.18.240.21] on September 24, 2008 10:02 PM
Another solution would be to equip laptops with a GPS.
The cost is getting lower all the time.

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 202.108.130.138] on September 25, 2008 02:37 AM
embedded gps module will kill this software. I can hardly think it is promising.

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 64.39.1.10] on September 25, 2008 06:25 PM
Lots of negative opinions...but I know from first hand experience that thieves indeed are often stupid, and they often know you personally before they steal your stuff. So I see a use case here. If I did get my macbook stolen and someone cracked my password and/or the filevault that houses my homedir (neither is very likely), I'd be happier to find out where to go to get my macbook than to just have the satisfaction of knowing some arbitrary script formatted my hard drive after three failed password attempts.

Just one man's opinion.

#

Re: Track your missing laptop with Adeona

Posted by: Anonymous [ip: 86.28.101.8] on September 25, 2008 07:23 PM
Well, I think you really found the clever one in town. This thing could be potentially useful for Windows machines where a guest account of some sort was set up so to not upset the thief much, i.e. allow him to browse the web for a while. In my case, even if there was no password whatsoever, our thief would be welcomed by a black terminal. I find it very unlikely that he'd fire up w3m or started X (only to be welcomed by another black X terminal again). Most probably he'd uttered some wtf variation and handed the laptop to whoever usually does the job of formatting/installing XP on top of it.

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 193.126.198.35] on September 25, 2008 10:38 PM
I've tried adeona for ±4 months. I never, ever, managed to retrieve collected data over the internet. I kept getting some network error as if all 99999 adeona servers were down. So goodbye, maybe next time.

#

Re: Track your missing laptop with Adeona

Posted by: Anonymous [ip: 64.39.1.10] on September 26, 2008 03:34 PM
Yeah, I just get a bunch of this:


info: ========== START STATE RETRIEVE ==========
info: state updatetime: 09/26/2008,07:52 (CDT)
info: update replica 0 not available
info: update replica 1 not available
info: ========== END STATE RETRIEVE ==========
info: ========== START STATE RETRIEVE ==========
info: state updatetime: 09/26/2008,07:41 (CDT)
info: update replica 0 not available
info: update replica 1 not available
info: ========== END STATE RETRIEVE ==========
info: ========== START STATE RETRIEVE ==========
info: state updatetime: 09/26/2008,07:22 (CDT)
info: update replica 0 not available
info: update replica 1 not available
info: ========== END STATE RETRIEVE ==========

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 124.30.49.75] on September 26, 2008 06:24 AM
what if some1 cracks into system where adeona stores the encrypted data???
If that is compromised then there is possibility of getting status of that person whatever moves he is making. It will be like tracking the owner of the laptop with his application only????
What if other data( confidential ) is also getting stored?

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 70.70.28.6] on September 27, 2008 07:16 AM
Anyone ever think that sometime somewhere someone is going to distribute a package like this, inventory where all the "high end" hardware is located, and sell that list to a crime ring? Hey, here's a list of where all the good stuff lives...

#

Track your missing laptop with Adeona

Posted by: Anonymous [ip: 200.1.175.207] on October 03, 2008 02:58 PM
I algo get a lot of:

info: ========== START STATE RETRIEVE ==========
info: state updatetime: 09/26/2008,07:52 (CDT)
info: update replica 0 not available
info: update replica 1 not available
info: ========== END STATE RETRIEVE ==========
info: ========== START STATE RETRIEVE ==========
info: state updatetime: 09/26/2008,07:41 (CDT)
info: update replica 0 not available
info: update replica 1 not available
info: ========== END STATE RETRIEVE ==========

Am I doing something wrong???

Thanx,

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya