(Update, October 2009.) Adeona depends on the availability of a separate service, OpenDHT. On July 1, OpenDHT was taken down. We have taken the opportunity to set up OpenDHT again on PlanetLab, under our administration. However, we are still testing our OpenDHT infrastructure. Therefore, at this time we are not encouraging new downloads of Adeona.
There are numerous commercial services offering proprietary (non-Open Source) device location tracking systems. Most offer little to no privacy guarantees, and the rest force a user to entrust privacy to the company involved.
The Adeona system is unique in its ability to offer reliable location tracking while simultaneously ensuring that no third parties can abuse the system to track a device's legitimate users. Adeona is also open source.
The current version of Adeona is 0.2.1. This beta version is a mostly re-written version of the research prototypes discussed in the academic paper. We've performed moderately extensive testing on Linux, Windows XP, and Mac OS X. Please report any bugs or issues.
Adeona can also be installed on desktop computers. Furthermore, you can also install it on your servers in case someone breaks into your server room and steals them. Currently we do not support mobile devices such as the iPhone, but we are looking into providing support here, as well.
Our techniques for ensuring security and privacy are not secret: the source code is available. Moreover, the system is also designed as part of a peer-reviewed academic paper that appeared at the 2008 USENIX Security Symposium, one of the top venues for computer security research publications. Adeona is designed to protect user location privacy against powerful adversaries: a malicious party who has control over the entire distributed remote storage infrastructure, a malicious party who has physical access to the device (and wants to learn prior locations using Adeona), and even collusions between the two. That said, in order to maintain efficiency and usefulness, Adeona does not consider some threats. For example we cannot ensure privacy in the extreme case that ISPs collude to reveal a device's locations. More details about our threat models are given in the paper. Adeona is, however, still under development and we welcome and encourage feedback and suggestions.
See the download instructions.
Yes. Like all technologies, Adeona has the potential for being abused. However, if you are malicious enough to want to do the above, there is probably other software available out there more suited for your needs. (We won't provide links to these more malicious tools.)
On Mac OS X or Linux, type "ps aux | grep adeona" from a command prompt. On Windows XP, the task manager will show adeona-client.exe as a process, if it is running. On Windows Vista, the task manager will show AdeonaClientService as a service, if it is running.
The Adeona client requires Internet access, and so must not be blocked by Zone Alarm or Little Snitch to function properly. Allowing adeona-client.exe Internet access should typically suffice. The client uses this access to make several types of connections: HTTP requests to retrieve gateways for OpenDHT and for determining the current External IP address of the system, UDP connections for performing pings and traceroutes, RPC connections to perform inserts into (or retrieves from) the DHT (remote storage).
Adeona will work as long as it is allowed connections on port 80 (HTTP) and port 5852 (for OpenDHT). Note that these are also required to be open for retrieval. Additionally, if one wants nearby routers reported, then UDP packets should not be dropped (this allows performing traceroutes).
If your filesystem is backed up, then an old copy of your .cst file may be archived as part of the backup. If someone is able to obtain the backup, then they would be able to track the locations you visit after the backup was made. However, the privacy of locations you visited before the backup was made would not be compromised. Like all backup regimes, we recommend encrypting your backups.
The Adeona client sends updates at randomly determined times, to help prevent timing attacks. Currently, the default option is set so that the client sends an update on average every 30 minutes. Note that "on average" means that sometimes the client will send two updates within just a few minutes, while other times the gap might be larger.
OpenDHT allows one to store data for a maximum of 1 week i.e. 604,800 seconds. We have configured Adeona to do so.
See the uninstall section of the documentation.
This is the first public distribution for deployment. For this deployment we have chosen to make Adeona easy to uninstall because we wish to provide flexibility to you (the user). Pending your feedback, future versions of Adeona could incorporate mechanisms that will make it difficult to remove.
A motivated and sufficiently equipped or knowledgeable thief can always prevent Internet device tracking: he or she can erase software on the device, deny Internet access, or even destroy the device. For example, Adeona currently has no mechanisms for attempting to survive a disk wipe.
We point out that we do not believe this renders Adeona (and other location-tracking systems) useless. The Adeona system was designed to protect against the common thief -- for example, a thief that opportunistically decides to swipe your laptop from a coffee shop or your dorm room, and then wants to use it or perhaps sell it on online. Such thieves will often not be technologically savvy and will not know to remove Adeona from your system. While device tracking will not always work, systems like Adeona can work, and it is against the common-case thief that we feel tracking systems can add significant value.
See the retrieval section ( complete with screenshots ) of the documentation.
Given the adeona-retrievecredentials.ost file generated during installation, one can perform tracking from any other computer that has the retrieval tools installed. For example, if you install the tracking client on your laptop and back up your credentials to a desktop, then you can perform retrieval from the desktop. This does not require running the tracking client on the desktop. See installing retrieval tools.
Currently, the location-finding component of Adeona includes the following information in its updates:
You should also register your laptop at JustStolen.net. Adeona can help you find the location of your laptop while it is in the thief's possession. But, if the police recover your laptop through other means (e.g., the battery was dead and the thief abandoned it), the police will be able to use JustStolen.net's database to determine that the laptop belongs to you. (You can also register your other important possessions, ranging from bicycles to cameras, at JustStolen.net.)
We use the freeware isightcapture utility by Axel Bauer: http://www.intergalactic.de/pages/iSight.html.
A user can test retrieval at any time, however the location privacy of any retrieved updates cannot be completely ensured. However, the privacy guarantees for any previous (not retrieved) locations and all future locations remains. See the retrieval instructions.
Do not attempt to recover your lost or stolen laptop yourself. If you believe your laptop has been stolen, contact the appropriate law enforcement agency. You may also present them with the data you retrieved via Adeona.
First, see the answer to the previous question. The current version of Adeona does not provide geolocationing (translating network coordinates into geographical coordinates). However, free geolocationing database services exist. For example, try Wigle (for wireless access points) or the Maxmind GeoIP demo (for IP addresses). We cannot vouch for the accuracy of such services.
The remote storage facility is an essential component of any device tracking system. It is where the device's location information is kept. Our implementation of Adeona relies on OpenDHT to store a device's location updates. The best way to ensure the continued usefulness of OpenDHT is to support the OpenDHT project. We have engineered Adeona to deal with temporary connectivity issues when storing or retrieving data from OpenDHT.
We believe that privacy is important and would love to see companies adopting our privacy-preservation techniques. Nothing prevents them from doing so, though they should still contact the University of Washington for licensing issues.
In the Windows and OS X installer and recovery GUIs we have the user, by default, specify their password within a dialog box. This password is then passed as a command-line parameter to the appropriate Adeona executable. This could mean, for some system configurations, that the password might show up in the clear in a system log, when running `ps', etc. We recognize this is not a best practice, security-wise, however we made this the default because of the significant usability benefits for those not comfortable with command lines and the envisioned single-user machine common-case usage scenario.
There is a simple work-around. For the installation process, enter some irrelevant password (e.g. "password") into the appropriate password dialog boxes. This will cause adeona to be initialized with this password. The installation process is set to run the client so follow the instructions in the Readme.txt file on how to stop it. Then, from the Adeona installation directory, run the command adeona-init.exe -r resources/ -l logs/ This will prompt you, within the command shell, to choose a password. Here you've simply re-initialized Adeona with a fresh set of credentials, now protected by the new password. Now, restart the client and make sure to copy the new adeona-retrievecredentials.ost file to a safe location (e.g., email it to yourself, place it on a USB thumbstick, or even print it out).
Windows users should use the cmd.exe terminal to run the command above. You can also just navigate to the directory where you installed Adeona and ( 1 ) click on StopAdeona.bat then, ( 2 ) click on InitAdeona.bat.
For recovery, just enter an incorrect password in the dialog box (e.g. "password"). The recovery command shell window that pops up will note the incorrect password, and prompt you to try again.
Yes. Please see our research paper for more information. One example avenue for improvement might be to create a cleaner interface between Adeona and the DHT (which is used as a bulletin board to store the location updates). Currently, because PlanetLab nodes (which house OpenDHT) are not always guaranteed to be stable, the Adeona client will download a fresh set of OpenDHT nodes from http://adeona.cs.washington.edu/gateways.adeona at every update interval.
The Adeona system is designed with extensibility in mind. We envision that it would be straightforward to add functionality to send authenticated commands back to the laptop (e.g., so as to delete sensitive data). Here the remote storage service, OpenDHT, would act as a private, anonymous bulletin board for relaying communication between the device and its owner. The Adeona client could also be engineered to be significantly more resistant to thieves attempting to disable it, via kernel-level support or even hardware support.
In preparing the Adeona OS X and Windows packages, we made use of the following additional packages. We are grateful to them and wish to acknowledge them here.