Open source laptop tracking and recovery
Adeona
If you use a laptop, you have a good chance of having it lost or stolen. Learn about Adeona, a reliable open source system that can help you locate your lost or stolen laptop.
If you search on the term "laptop" at the DATALOSS db site [1], you'll see announcements such as "160,000 notified that personal information is on stolen laptop" or "Social Security numbers and names of about 60,000 on stolen laptops."
This same search at The Data Breach Blog [2] will produce additional shock thanks to headlines like "Laptops stolen from TSA contractor contain personal information of 3,930" or "Stolen laptop contains personal data of 800,000 Gap job applicants."
Other recent news headlines have included the loss of PII (Personally Identifiable Information) for 190,000 employees on stolen Anheuser-Busch laptops, or a Stanford laptop containing data concerning 72,000 current or former employees.
Ponemon Institute conducted a study in July 2008 on behalf of Dell that determined that 800,000 laptop are misplaced by users each year as they pass through airports [3], a number that used to describe all laptop thefts globally. Even more significant is the fact that approximately half of the professionals surveyed for the Ponemon study admitted that they carry confidential company information.
Ultimately, this study indicates that approximately 63-million laptops were purchased worldwide in 2008. If we use the commonly assumed estimate that one in ten laptops are stolen each year, and 20 percent are lost or misplaced, then no fewer than 6,300,000 laptops ended up in the wrong hands last year.
Consider these statistics and then think about this: If you use a laptop, you stand a very good chance of losing it or having it stolen. Furthermore, FBI statistics indicate that as few as 2 percent of lost or stolen laptops will ever be recovered.
Adeona
Adeona [4] is the private, reliable, open source system for tracking the location of your lost or stolen laptop. With no dependency on a proprietary, central service, Adeona only needs to be installed on your laptop to help increase your sense of mobile device safekeeping. Additionally, Adeona ensures your privacy via advanced cryptographic methodology, allowing only the owner – or the owner's agent – to use the system to track a lost or stolen laptop.
Adiona [5], the Roman goddess of safe returns, lends her name to this remarkable open source offering. If you treat your laptop as your child, you'll appreciate knowing that Adiona is believed to watch over children and bring them home safely, and also to protect travelers.
Adeona utilizes the open source OpenDHT [6] (distributed hash table) distributed storage service to store location updates sent from the Adeona client you install on your laptop, which continually monitors the current location of your laptop and gathers data such as IP addresses and local network topology that is used to identify its current location. Again, keep in mind that the Adeona client then uses strong cryptographic methodology to encrypt the location data and ensure that the ciphertexts stored with the OpenDHT service are anonymous and unlinkable, while also making it is easy for a laptop owner to retrieve location information.
In this article, I'll start with Adeona installation and retrieval, and then I'll look at the science behind the system.
Warning
Do not attempt to recover your lost or stolen laptop yourself. If you think your laptop has been stolen, contact the appropriate law enforcement agency.
Installation
Regardless of your operating system, Adeona installation is straightforward. According to the online Adeona installation notes, it has been built and tested on multiple Linux flavors including Ubuntu, Fedora, Gentoo, and even the XO laptop (One Laptop per Child). I conducted installations on Ubuntu systems; be sure to check for dependencies: OpenSSL, traceroute, cron, and the optional iwconfig. To install Adeona, run:
$ tar xzf adeona-0.2.1.tar.gz $ cd adeona/ $ ./configure $ sudo make install
By default, the installer script will install Adeona in /usr/local/adeona. To make sure it runs during system startup, the Adeona client program relies on cron:
$ sudo crontab -e
This command will open root's crontab file so you can add the entry for the Adeona client. Note that the install script will print out the necessary crontab entry so you can just copy and paste it. Be sure you add this crontab entry for Adeona, otherwise the client will not run the next time you reboot.
The crontab entry for Adeona is comprised of:
@reboot $INSTALLDIR/adeona-client .exe -s $INSTALLDIR/adeona-clientstate.cst -r $INSTALLDIR/ resources/ -l $INSTALLDIR/logs/ &
The trailing ampersand (&) is necessary to prevent the parent /bin/sh from lingering while the client is running. Although I did not test an installation on a 64-bit system, there are some compatibility issues that are resolved by compiling with the -m32 flag, which is easily achieved by locating the CFLAGS variable in the Makefile and adding the -m32 flag to it.
On some Debian-based systems, you might need 32-bit versions of the required libraries via getlibs (for example, getlibs -l libcrypto.a). Errors you might encounter could result from an absence of the C libraries or OpenSSL routines and headers. Resolve these via:
$ sudo apt-get install build-essential
or:
$ sudo apt-get install libssl-dev
After agreeing to the terms of the GPL (and assuming all dependencies are met), you'll be prompted for a password. To protect your location-finding credentials, please pick a password for Adeona; it does not need to be the same as your login password. Remember to add the Adeona crontab entry after committing your password.
Don't forget to make a backup copy of your location-finding credentials:
adeona-retrievecredentials.ost
The installer drops a copy of adeona-retrievecredentials.ost on your Desktop. Next, email it to yourself, or better yet, put it on a portable memory device (USB, SD, etc.). If you must, write down the contents given that they are protected by the password you established during the installation process.
To help prevent timing attacks, Adeona utilizes pseudo-randomly scheduled updates. Thus, you might not be able to retrieve any location information as stored in OpenDHT until at least one hour after installation.
Retrieval
Because the necessary binaries are included in client installation packages, retrieval is very simple on all systems. Logic dictates, however, that you'll be conducting retrieval from a different system than the one on which you installed your original client.
After installation, retrieval is achieved via the following commands:
ADEONADIR=/usr/local/Adeona
The command
$ADEONADIR/adeona-retrieve.exe -r $ADEONADIR/resources/ -l /path/to/results/ -s /path/to/your/adeona-retrievecredentials.ost -n 1
retrieves the most recent location given the encrypted location-finding credential file. Figure 1 shows retrieval on my test system. Had I not attempted retrieval so soon after installation on this particular system, I might have received results like Listing 1.
If I were a thief using this laptop at a coffee shop or a library, the laptop owner would likely retrieve a specific access point – an IP address that can be geo-located by law enforcement – and additional router data.
Adeona offers an additional feature for Mac users that takes advantage of the built-in iSight camera [7]. With isightcapture incorporated, the Mac OS X version of Adeona gives you the option to capture pictures of the laptop user or thief. Rest assured that images are also privacy-protected; only the laptop owner (or the owner's agent) can access them (Figure 2).
Listing 1
Retrieval example
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Systemd Fixes Bug While Facing New Challenger in GNU Shepherd
The systemd developers have fixed a really nasty bug amid the release of the new GNU Shepherd init system.
-
AlmaLinux 10.0 Beta Released
The AlmaLinux OS Foundation has announced the availability of AlmaLinux 10.0 Beta ("Purple Lion") for all supported devices with significant changes.
-
Gnome 47.2 Now Available
Gnome 47.2 is now available for general use but don't expect much in the way of newness, as this is all about improvements and bug fixes.
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.