Can't start SQL Server 2000 - Tibor Karaszi
07-Mar-08 07:52:41
First step is to look in SQL Servers errorlog file for the reason why SQL Server won't start.
--
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://sqlblog.com/blogs/tibor_karaszi
Can't start SQL Server 2000 - Dan Guzman
07-Mar-08 08:03:44
The parameters for a default SQL 2000 instance are in the registry under:
HKEY_LOCAL_MACHINE\Software\Microsoft\MSSQLServer\MSSQLServer\Parameters
If it SQL Server can't find master at startup, you probably didn't specify
the correct master database path parameter.
Tuesday, February 10, 2009
Thursday, January 08, 2009
Power Surge on Hub Port: A USB Device has exceeded the power limits of its hub port.
When you wake up a Microsoft Windows XP-based computer from hibernation or from standby, you may receive the following error message: This error message is displayed even if there are no USB devices connected to the computer.
Power Surge on Hub Port: A USB Device has exceeded the power limits of its hub port.
WORKAROUND
To work around this issue, disable the USB 2.0-enhanced host controller.
Note When you disable the USB 2.0-enhanced host controller, you lose USB 2.0 functionality. That is, you revert to USB 1.1 functionality.
To disable the USB 2.0-enhanced host controller, follow these steps:
Note When you disable the USB 2.0-enhanced host controller, you lose USB 2.0 functionality. That is, you revert to USB 1.1 functionality.
To disable the USB 2.0-enhanced host controller, follow these steps:
- Right-click My Computer, and then click Manage.
- Under Computer Management (Local), click Device Manager.
- In the Device Manager pane, expand Universal Serial Bus controllers.
- Right-click the USB 2.0-enhanced host controller, and then click Disable.
Note The name of the USB 2.0-enhanced host controller may vary. - When you receive the confirmation message, click Yes.
- Close Device Manager.
APPLIES TO
- Microsoft Windows XP Professional
- Microsoft Windows XP Home Edition
http://support.microsoft.com/kb/934644
Thursday, October 23, 2008
Intel's new tech will render stolen laptops unbootable
Laptop theft can affect users in more than one way. Not only do you lose your (undoubtedly not cheap) portable computer, you also lose all of the data on it. Of course, backing up ensures that it's not actually lost to you, but what about the person who has the laptop? Your electronic tax returns, embarrassing videos of yourself singing and dancing to N'Sync songs, and salacious e-mails are all somewhere out there, out of your control. (I once came into the possession of a laptop that was lost at O'Hare and never claimed, and found all sorts of e-mails on it from the owner who apparently cheated on his wife whenever he traveled. True story.)
Intel hopes to reduce that level of embarrassment (and more importantly, identity theft) by introducing Intel Anti-Theft Technology (ATT) later this year. The technology would involve placing a chip in the machine that would prevent it from booting without the owner's permission, Intel Mobility Group chief Dadi Perlmutter told The Register, although he declined to go into much more detail. He also indicated that ATT might one day incorporate tracking technology so that users might eventually be able to get their hardware back.
Intel isn't working on this initiative alone, though. In fact, a number of third parties announced today that they were partnering up with Intel to support ATT, such as Absolute Software Corporation (creators of firmware-based data protection/tracking solutions), BIOS maker Phoenix, and Utimaco (a data security company), to name a few. Intel also says that McAfee is on board, as well as manufacturers like Lenovo and Fujitsu.
ATT differs from current disk encryption technology because it would render the laptop useless, even if the hard drive is replaced. While this may not help the victim get the laptop back (unless it involves the aforementioned tracking technology), if widely adopted, ATT could deter thieves from stealing laptops in the first place if all they would end up with is an inoperable chunk of plastic and metal. Of course, if users want their data to be secure and for the laptop to be unbootable, it's probably wise to employ both ATT and some sort of disk encryption technology, in case the hard drive is removed and placed in another machine.
We (and the Register) don't expect to see ATT available to consumers soon, though. Perlmutter apparently said that it won't be available until at least the fourth quarter of the year, and it will take longer than that for manufacturers to incorporate it into their products. Still, as laptop sales increase, laptop theft is likely to as well. If the technology works well, then hopefully thieves will eventually learn to look for other, more attractive targets.
Intel hopes to reduce that level of embarrassment (and more importantly, identity theft) by introducing Intel Anti-Theft Technology (ATT) later this year. The technology would involve placing a chip in the machine that would prevent it from booting without the owner's permission, Intel Mobility Group chief Dadi Perlmutter told The Register, although he declined to go into much more detail. He also indicated that ATT might one day incorporate tracking technology so that users might eventually be able to get their hardware back.
Intel isn't working on this initiative alone, though. In fact, a number of third parties announced today that they were partnering up with Intel to support ATT, such as Absolute Software Corporation (creators of firmware-based data protection/tracking solutions), BIOS maker Phoenix, and Utimaco (a data security company), to name a few. Intel also says that McAfee is on board, as well as manufacturers like Lenovo and Fujitsu.
ATT differs from current disk encryption technology because it would render the laptop useless, even if the hard drive is replaced. While this may not help the victim get the laptop back (unless it involves the aforementioned tracking technology), if widely adopted, ATT could deter thieves from stealing laptops in the first place if all they would end up with is an inoperable chunk of plastic and metal. Of course, if users want their data to be secure and for the laptop to be unbootable, it's probably wise to employ both ATT and some sort of disk encryption technology, in case the hard drive is removed and placed in another machine.
We (and the Register) don't expect to see ATT available to consumers soon, though. Perlmutter apparently said that it won't be available until at least the fourth quarter of the year, and it will take longer than that for manufacturers to incorporate it into their products. Still, as laptop sales increase, laptop theft is likely to as well. If the technology works well, then hopefully thieves will eventually learn to look for other, more attractive targets.
How to track and recover stolen laptops .
Track and recover stolen laptops with LoJack for Laptops, Computrace, GadgetTrak and Undercover.
I hadn't heard of Computrace / Absolute until about two weeks ago, when we found two computers at my office talking to "search.namequery.com" several times a second. What I find is interesting: A program that installs without my permission or knowledge, takes orders from a 3rd party (up to and including "wipe the hard drive"), and actively resists removal.
One computer was brand-new (MPC/Gateway M685), the other just over a year old (MPC/Gateway E475). The first one they claim was "accidentally" activated at the factory, the second got a motherboard replacement that had this little program "activated" from its prior owner.
The sales rep at MPC/Gateway got the Absolute/Computrace rep on the phone and they both claim that it isn't a virus. Okay, fine, it doesn't self-replicate. Seems to fit darn near every other part of the definition! Their tech-support guy ordered the two computers to disable their BIOS component and uninstall, which THEY DID! The files in C:\Windows\System32 vanished before my eyes.
They were back the next day.
Gateway/MPC doesn't seem to understand my frustration. We spend so much time and money securing our computers and making sure they run only the software we WANT them to run. Now you want me to feel safe with a BIOS-level program that copies itself to FAT32/NTFS partitions and tricks Windows OSes into executing it? This same program that calls a 3rd party and requests instructions? I know of only three instructions it can accept, but what if there are others? ("Stolen, check in every 15 minutes", "Stolen, wipe hard drive", "Disable and uninstall" we know of)
I asked how they secure the disk-wiping function and was not impressed with the answer. They use an RSA token to verify that the right customer called in. I said 'Ok, what about the link to the computer? Is it signed or encrypted?' No answer, they just went back to the RSA token.
Heck, we have BlackBerries that can wipe themselves on remote command but RIM makes a big deal of how the communications are encrypted between the BB and my server. I know that J. Random Cracker isn't going to trick my BB into nuking itself. But what if he spoofs "search.namequery.com" and returns the code for "Nuke HD"? Will their little 200kb program accept the order?
I read that someone found and disabled Computrace/Absolute's BIOS code in a firmware dump and then re-flashed his machine. If I can't pull that off with Gateway/MPC I will have to recommend that we find a vendor that does NOT pre-infect the computers we purchase.
============================
The real Lojack system, for cars, predates the Internet and GPS. It's pretty good. About 90% of Lojack-equipped cars are recovered when stolen. When you buy Lojack, an installer comes out and installs a little box somewhere on your car. You don't know where, and they have many alternative locations. It gets power from the car, so it keeps itself charged.
The unit finds an FM broadcast station with the Lojack subcarrier and listens for a message with its serial number. If your car is stolen in an area with Lojack coverage (which includes most major US cities), a police stolen car report is copied to Lojack's computers, which then tell the subcarrier transmitter at the broadcast stations to start broadcasting messages with the unit's serial number. The unit in the car then starts emitting a beacon signal.
Lojack has good integration with big-city police departments. They equip police cars with Lojack receivers at Lojack's expense. Any Lojack receiver that's emitting turns on indicators in police cars, showing direction and approximate range. When you see a police car with four antennas in a square on the roof, that car has a Lojack receiver.
In Los Angeles, the LAPD's air force, both rotary and fixed-wing, has Lojack receivers. This has resulted in some dramatic stolen car recoveries. [wsati.org] Cops like the system, because not only do they get cars back, they often find someone they want driving the stolen car.
But "Lojack for Laptops" doesn't use that system. It just reports IP addresses when the unit connects to the Internet. A company called Absolute Software seems to have just licensed the Lojack name; it's apparently not part of Lojack Corporation at all.
=============================
I hadn't heard of Computrace / Absolute until about two weeks ago, when we found two computers at my office talking to "search.namequery.com" several times a second. What I find is interesting: A program that installs without my permission or knowledge, takes orders from a 3rd party (up to and including "wipe the hard drive"), and actively resists removal.
One computer was brand-new (MPC/Gateway M685), the other just over a year old (MPC/Gateway E475). The first one they claim was "accidentally" activated at the factory, the second got a motherboard replacement that had this little program "activated" from its prior owner.
The sales rep at MPC/Gateway got the Absolute/Computrace rep on the phone and they both claim that it isn't a virus. Okay, fine, it doesn't self-replicate. Seems to fit darn near every other part of the definition! Their tech-support guy ordered the two computers to disable their BIOS component and uninstall, which THEY DID! The files in C:\Windows\System32 vanished before my eyes.
They were back the next day.
Gateway/MPC doesn't seem to understand my frustration. We spend so much time and money securing our computers and making sure they run only the software we WANT them to run. Now you want me to feel safe with a BIOS-level program that copies itself to FAT32/NTFS partitions and tricks Windows OSes into executing it? This same program that calls a 3rd party and requests instructions? I know of only three instructions it can accept, but what if there are others? ("Stolen, check in every 15 minutes", "Stolen, wipe hard drive", "Disable and uninstall" we know of)
I asked how they secure the disk-wiping function and was not impressed with the answer. They use an RSA token to verify that the right customer called in. I said 'Ok, what about the link to the computer? Is it signed or encrypted?' No answer, they just went back to the RSA token.
Heck, we have BlackBerries that can wipe themselves on remote command but RIM makes a big deal of how the communications are encrypted between the BB and my server. I know that J. Random Cracker isn't going to trick my BB into nuking itself. But what if he spoofs "search.namequery.com" and returns the code for "Nuke HD"? Will their little 200kb program accept the order?
I read that someone found and disabled Computrace/Absolute's BIOS code in a firmware dump and then re-flashed his machine. If I can't pull that off with Gateway/MPC I will have to recommend that we find a vendor that does NOT pre-infect the computers we purchase.
============================
The real Lojack system, for cars, predates the Internet and GPS. It's pretty good. About 90% of Lojack-equipped cars are recovered when stolen. When you buy Lojack, an installer comes out and installs a little box somewhere on your car. You don't know where, and they have many alternative locations. It gets power from the car, so it keeps itself charged.
The unit finds an FM broadcast station with the Lojack subcarrier and listens for a message with its serial number. If your car is stolen in an area with Lojack coverage (which includes most major US cities), a police stolen car report is copied to Lojack's computers, which then tell the subcarrier transmitter at the broadcast stations to start broadcasting messages with the unit's serial number. The unit in the car then starts emitting a beacon signal.
Lojack has good integration with big-city police departments. They equip police cars with Lojack receivers at Lojack's expense. Any Lojack receiver that's emitting turns on indicators in police cars, showing direction and approximate range. When you see a police car with four antennas in a square on the roof, that car has a Lojack receiver.
In Los Angeles, the LAPD's air force, both rotary and fixed-wing, has Lojack receivers. This has resulted in some dramatic stolen car recoveries. [wsati.org] Cops like the system, because not only do they get cars back, they often find someone they want driving the stolen car.
But "Lojack for Laptops" doesn't use that system. It just reports IP addresses when the unit connects to the Internet. A company called Absolute Software seems to have just licensed the Lojack name; it's apparently not part of Lojack Corporation at all.
=============================
What Are the Best Laptop Theft Recovery Measures?
The old standby goes -- there's no one security measure that's perfect, but you can make it a lot easier.
The first and most obvious layer is physical access. Don't leave your laptop visible in your car when you park. Lock your office doors. Don't leave it at a coffee house when you go to the bathroom.
The second is physical security. Invest in a laptop leash and chain it down if you work in a shared office space environment.
The third layer is physical deterrence. Customize the heck out of your computer. A big engraved security mark (be it your driver's license #, your name, your cell #, your email address, whatever) will turn off thieves. Same if you've got anything else that's obviously unique and can't easily be removed.
The fourth layer is electronic deterrence. A boot password and a screensaver password will deter unskilled theives. There are plenty of skilled thieves who plan to reformat the drives, but a few will be deterred by not being able to sell the laptop on the corner without a password. (If you don't believe me, hang out in midtown NYC long enough and you can get offers to sell hot laptops in the $100 range).
The fifth layer is tracking. Things like LoJack and all the other services. If they boot your laptop it'll contact the network and you can at least have a shot at getting it back. (Note, some of these are not compatible with a boot password). Of course, record your Windows serial # (if you run Windows) and your Dell quick service code (if you use a Dell) or the equivalent for your system. These are uploaded.
The sixth layer is luck. Sometimes people catch theives by webcam, sometimes by stupid emails, sometimes by pure random encouters. You gotta get lucky.
No one of these layers is sufficient and it's silly to talk about LoJack for Laptops if you leave your laptop sitting in the open for somebody to grab it. LoJack is most useful to break open crime rings, not to actually get your laptop back -- by the time the police get around to subpoenaing the ISPs your laptop is gone, but the thieves might not be. I run it, but I don't expect it to save my butt.
The first and most obvious layer is physical access. Don't leave your laptop visible in your car when you park. Lock your office doors. Don't leave it at a coffee house when you go to the bathroom.
The second is physical security. Invest in a laptop leash and chain it down if you work in a shared office space environment.
The third layer is physical deterrence. Customize the heck out of your computer. A big engraved security mark (be it your driver's license #, your name, your cell #, your email address, whatever) will turn off thieves. Same if you've got anything else that's obviously unique and can't easily be removed.
The fourth layer is electronic deterrence. A boot password and a screensaver password will deter unskilled theives. There are plenty of skilled thieves who plan to reformat the drives, but a few will be deterred by not being able to sell the laptop on the corner without a password. (If you don't believe me, hang out in midtown NYC long enough and you can get offers to sell hot laptops in the $100 range).
The fifth layer is tracking. Things like LoJack and all the other services. If they boot your laptop it'll contact the network and you can at least have a shot at getting it back. (Note, some of these are not compatible with a boot password). Of course, record your Windows serial # (if you run Windows) and your Dell quick service code (if you use a Dell) or the equivalent for your system. These are uploaded.
The sixth layer is luck. Sometimes people catch theives by webcam, sometimes by stupid emails, sometimes by pure random encouters. You gotta get lucky.
No one of these layers is sufficient and it's silly to talk about LoJack for Laptops if you leave your laptop sitting in the open for somebody to grab it. LoJack is most useful to break open crime rings, not to actually get your laptop back -- by the time the police get around to subpoenaing the ISPs your laptop is gone, but the thieves might not be. I run it, but I don't expect it to save my butt.
The Adeona system was designed to protect Notebook against the common thief
What alternatives exist?
There are numerous commercial services offering proprietary (non-Open Source) device location tracking systems. Most offer little to no privacy guarantees, and the rest force a user to entrust privacy to the company involved.
What makes Adeona unique?
The Adeona system is unique in its ability to offer reliable location tracking while simultaneously ensuring that no third parties can abuse the system to track a device's legitimate users. Adeona is also open source.
What is the state of the Adeona code?
The current version of Adeona is 0.2.1. This beta version is a mostly re-written version of the research prototypes discussed in the academic paper. We've performed moderately extensive testing on Linux, Windows XP, and Mac OS X. Please report any bugs or issues.
Is Adeona only useful for laptops? What about desktops, iPhones, etc.?
Adeona can also be installed on desktop computers. Furthermore, you can also install it on your servers in case someone breaks into your server room and steals them. Currently we do not support mobile devices such as the iPhone, but we are looking into providing support here, as well.
How can we trust the security and privacy of Adeona?
Our techniques for ensuring security and privacy are not secret: the source code is available. Moreover, the system is also designed as part of a peer-reviewed academic paper that appeared at the 2008 USENIX Security Symposium, one of the top venues for computer security research publications. Adeona is designed to protect user location privacy against powerful adversaries: a malicious party who has control over the entire distributed remote storage infrastructure, a malicious party who has physical access to the device (and wants to learn prior locations using Adeona), and even collusions between the two. That said, in order to maintain efficiency and usefulness, Adeona does not consider some threats. For example we cannot ensure privacy in the extreme case that ISPs collude to reveal a device's locations. More details about our threat models are given in the paper. Adeona is, however, still under development and we welcome and encourage feedback and suggestions.
How do I install?
See the download instructions.
Can I install this on my girlfriend or boyfriend's computer and track her or him, and perhaps get pictures of them while they're doing certain activites?
Yes. Like all technologies, Adeona has the potential for being abused. However, if you are malicious enough to want to do the above, there is probably other software available out there more suited for your needs. (We won't provide links to these more malicious tools.)
How do I know if the Adeona client is running?
On Mac OS X or Linux, type "ps aux | grep adeona" from a command prompt. On Windows XP, the task manager will show adeona-client.exe as a process, if it is running. On Windows Vista, the task manager will show AdeonaClientService as a service, if it is running.
I run Zone Alarm on Windows or Little Snitch on OS X. What type of network connections should I see coming from Adeona?
The Adeona client requires Internet access, and so must not be blocked by Zone Alarm or Little Snitch to function properly. Allowing adeona-client.exe Internet access should typically suffice. The client uses this access to make several types of connections: HTTP requests to retrieve gateways for OpenDHT and for determining the current External IP address of the system, UDP connections for performing pings and traceroutes, RPC connections to perform inserts into (or retrieves from) the DHT (remote storage).
I'm behind a corporate firewall, will Adeona work? What ports need to be open?
Adeona will work as long as it is allowed connections on port 80 (HTTP) and port 5852 (for OpenDHT). Note that these are also required to be open for retrieval. Additionally, if one wants nearby routers reported, then UDP packets should not be dropped (this allows performing traceroutes).
I use a filesystem backup utility. How does this affect my Adeona client state ( .cst ) file?
If your filesystem is backed up, then an old copy of your .cst file may be archived as part of the backup. If someone is able to obtain the backup, then they would be able to track the locations you visit after the backup was made. However, the privacy of locations you visited before the backup was made would not be compromised. Like all backup regimes, we recommend encrypting your backups.
How often does the Adeona client send location updates?
The Adeona client sends updates at randomly determined times, to help prevent timing attacks. Currently, the default option is set so that the client sends an update on average every 30 minutes. Note that "on average" means that sometimes the client will send two updates within just a few minutes, while other times the gap might be larger.
How long do these location updates stay in OpenDHT?
OpenDHT allows one to store data for a maximum of 1 week i.e. 604,800 seconds. We have configured Adeona to do so.
How do I remove Adeona?
See the uninstall section of the documentation.
Wait a second --- why have you made it easy to uninstall the Adeona client?
This is the first public distribution for deployment. For this deployment we have chosen to make Adeona easy to uninstall because we wish to provide flexibility to you (the user). Pending your feedback, future versions of Adeona could incorporate mechanisms that will make it difficult to remove.
What if a thief removes the software, reinstalls the OS or doesn't connect to the Internet?
A motivated and sufficiently equipped or knowledgeable thief can always prevent Internet device tracking: he or she can erase software on the device, deny Internet access, or even destroy the device. For example, Adeona currently has no mechanisms for attempting to survive a disk wipe.
We point out that we do not believe this renders Adeona (and other location-tracking systems) useless. The Adeona system was designed to protect against the common thief -- for example, a thief that opportunistically decides to swipe your laptop from a coffee shop or your dorm room, and then wants to use it or perhaps sell it on online. Such thieves will often not be technologically savvy and will not know to remove Adeona from your system. While device tracking will not always work, systems like Adeona can work, and it is against the common-case thief that we feel tracking systems can add significant value.
How do I do a retrieve?
See the retrieval section ( complete with screenshots ) of the documentation.
Can I perform retrievals from other computers?
Given the adeona-retrievecredentials.ost file generated during installation, one can perform tracking from any other computer that has the retrieval tools installed. For example, if you install the tracking client on your laptop and back up your credentials to a desktop, then you can perform retrieval from the desktop. This does not require running the tracking client on the desktop. See installing retrieval tools.
What information is included in a location update?
Currently, the location-finding component of Adeona includes the following information in its updates:
Internal IP address
This is your Internet location as reported by the operating system.
External IP address
This is your Internet location obtained by asking a web server like checkip.dyndns.org.
Nearby routers
These are network routers obtained by doing a traceroute to randomly selected PlanetLab computers. Usually, the names of network routers you are using can give a clue about your geographical location.
Access point
This is the name of the wireless hotspot you are connected to, can also give a clue about your location. Note that the Windows version simply reads a registry key that might contain stale information or no information on the current access point (for example, if one is not using the Windows-provided wireless management tools.)
Photos (Macs only)
The location-finding component takes a picture using isightcapture before sending an update to OpenDHT. If a thief was using the laptop, you could get a photo of them.
What else can I do to help make sure I can recover my lost or stolen laptop?
You should also register your laptop at JustStolen.net. Adeona can help you find the location of your laptop while it is in the thief's possession. But, if the police recover your laptop through other means (e.g., the battery was dead and the thief abandoned it), the police will be able to use JustStolen.net's database to determine that the laptop belongs to you. (You can also register your other important possessions, ranging from bicycles to cameras, at JustStolen.net.)
How do you take the photos on Macs?
We use the freeware isightcapture utility by Axel Bauer: http://www.intergalactic.de/pages/iSight.html.
If I install the Apple OS X version that takes pictures with the built-in iSight camera, will the green light on the camera turn on when the pictures are being taken?
Yes it will. While a thief could potentially notice this, we ourselves often did not. Please note that there is a Mac OS X package of Adeona with photos disabled here.
Is it safe to do retrievals even when my device is still in my possession?
A user can test retrieval at any time, however the location privacy of any retrieved updates cannot be completely ensured. However, the privacy guarantees for any previous (not retrieved) locations and all future locations remains. See the retrieval instructions.
What should I do once I do a retrieve and find the location (IP address) of my laptop or a picture of a thief?
Do not attempt to recover your lost or stolen laptop yourself. If you believe your laptop has been stolen, contact the appropriate law enforcement agency. You may also present them with the data you retrieved via Adeona.
I want to know the geographical locations visited by my laptop. How can I do this?
First, see the answer to the previous question. The current version of Adeona does not provide geolocationing (translating network coordinates into geographical coordinates). However, free geolocationing database services exist. For example, try Wigle (for wireless access points) or the Maxmind GeoIP demo (for IP addresses). We cannot vouch for the accuracy of such services.
What if OpenDHT goes down?
The remote storage facility is an essential component of any device tracking system. It is where the device's location information is kept. Our implementation of Adeona relies on OpenDHT to store a device's location updates. The best way to ensure the continued usefulness of OpenDHT is to support the OpenDHT project. We have engineered Adeona to deal with temporary connectivity issues when storing or retrieving data from OpenDHT.
Could a company adopt your techniques?
We believe that privacy is important and would love to see companies adopting our privacy-preservation techniques. Nothing prevents them from doing so, though they should still contact the University of Washington for licensing issues.
Why is my password being passed as a command line parameter to the initialize and retrieval programs?
In the Windows and OS X installer and recovery GUIs we have the user, by default, specify their password within a dialog box. This password is then passed as a command-line parameter to the appropriate Adeona executable. This could mean, for some system configurations, that the password might show up in the clear in a system log, when running `ps', etc. We recognize this is not a best practice, security-wise, however we made this the default because of the significant usability benefits for those not comfortable with command lines and the envisioned single-user machine common-case usage scenario.
There is a simple work-around. For the installation process, enter some irrelevant password (e.g. "password") into the appropriate password dialog boxes. This will cause adeona to be initialized with this password. The installation process is set to run the client so follow the instructions in the Readme.txt file on how to stop it. Then, from the Adeona installation directory, run the command
adeona-init.exe -r resources/ -l logs/
This will prompt you, within the command shell, to choose a password. Here you've simply re-initialized Adeona with a fresh set of credentials, now protected by the new password. Now, restart the client and make sure to copy the new adeona-retrievecredentials.ost file to a safe location (e.g., email it to yourself, place it on a USB thumbstick, or even print it out).
Windows users should use the cmd.exe terminal to run the command above. You can also just navigate to the directory where you installed Adeona and ( 1 ) click on StopAdeona.bat then, ( 2 ) click on InitAdeona.bat.
For recovery, just enter an incorrect password in the dialog box (e.g. "password"). The recovery command shell window that pops up will note the incorrect password, and prompt you to try again.
Are there any things you might change in the Adeona system, perhaps for future versions?
Yes. Please see our research paper for more information. One example avenue for improvement might be to create a cleaner interface between Adeona and the DHT (which is used as a bulletin board to store the location updates). Currently, because PlanetLab nodes (which house OpenDHT) are not always guaranteed to be stable, the Adeona client will download a fresh set of OpenDHT nodes from http://adeona.cs.washington.edu/gateways.adeona at every update interval.
What else could Adeona be made to do in the future?
The Adeona system is designed with extensibility in mind. We envision that it would be straightforward to add functionality to send authenticated commands back to the laptop (e.g., so as to delete sensitive data). Here the remote storage service, OpenDHT, would act as a private, anonymous bulletin board for relaying communication between the device and its owner. The Adeona client could also be engineered to be significantly more resistant to thieves attempting to disable it, via kernel-level support or even hardware support.
What software tools did you use to create the Adeona OS X and Windows packages?
In preparing the Adeona OS X and Windows packages, we made use of the following additional packages. We are grateful to them and wish to acknowledge them here.
Cygwin is used to build the Windows version of Adeona. The cygwin1.dll, cygcrypto-0.9.8.dll and the cygrunsrv.exe program are included in the Adeona Windows package.
NSIS or the Nullsoft Scriptable Install System is used to create the Windows installer of Adeona and the GUI interface for performing retrievals.
Packagemaker from Apple is used to create the OS X installer of Adeona.
We use the freeware isightcapture utility by Axel Bauer for taking pictures on OS X.
There are numerous commercial services offering proprietary (non-Open Source) device location tracking systems. Most offer little to no privacy guarantees, and the rest force a user to entrust privacy to the company involved.
What makes Adeona unique?
The Adeona system is unique in its ability to offer reliable location tracking while simultaneously ensuring that no third parties can abuse the system to track a device's legitimate users. Adeona is also open source.
What is the state of the Adeona code?
The current version of Adeona is 0.2.1. This beta version is a mostly re-written version of the research prototypes discussed in the academic paper. We've performed moderately extensive testing on Linux, Windows XP, and Mac OS X. Please report any bugs or issues.
Is Adeona only useful for laptops? What about desktops, iPhones, etc.?
Adeona can also be installed on desktop computers. Furthermore, you can also install it on your servers in case someone breaks into your server room and steals them. Currently we do not support mobile devices such as the iPhone, but we are looking into providing support here, as well.
How can we trust the security and privacy of Adeona?
Our techniques for ensuring security and privacy are not secret: the source code is available. Moreover, the system is also designed as part of a peer-reviewed academic paper that appeared at the 2008 USENIX Security Symposium, one of the top venues for computer security research publications. Adeona is designed to protect user location privacy against powerful adversaries: a malicious party who has control over the entire distributed remote storage infrastructure, a malicious party who has physical access to the device (and wants to learn prior locations using Adeona), and even collusions between the two. That said, in order to maintain efficiency and usefulness, Adeona does not consider some threats. For example we cannot ensure privacy in the extreme case that ISPs collude to reveal a device's locations. More details about our threat models are given in the paper. Adeona is, however, still under development and we welcome and encourage feedback and suggestions.
How do I install?
See the download instructions.
Can I install this on my girlfriend or boyfriend's computer and track her or him, and perhaps get pictures of them while they're doing certain activites?
Yes. Like all technologies, Adeona has the potential for being abused. However, if you are malicious enough to want to do the above, there is probably other software available out there more suited for your needs. (We won't provide links to these more malicious tools.)
How do I know if the Adeona client is running?
On Mac OS X or Linux, type "ps aux | grep adeona" from a command prompt. On Windows XP, the task manager will show adeona-client.exe as a process, if it is running. On Windows Vista, the task manager will show AdeonaClientService as a service, if it is running.
I run Zone Alarm on Windows or Little Snitch on OS X. What type of network connections should I see coming from Adeona?
The Adeona client requires Internet access, and so must not be blocked by Zone Alarm or Little Snitch to function properly. Allowing adeona-client.exe Internet access should typically suffice. The client uses this access to make several types of connections: HTTP requests to retrieve gateways for OpenDHT and for determining the current External IP address of the system, UDP connections for performing pings and traceroutes, RPC connections to perform inserts into (or retrieves from) the DHT (remote storage).
I'm behind a corporate firewall, will Adeona work? What ports need to be open?
Adeona will work as long as it is allowed connections on port 80 (HTTP) and port 5852 (for OpenDHT). Note that these are also required to be open for retrieval. Additionally, if one wants nearby routers reported, then UDP packets should not be dropped (this allows performing traceroutes).
I use a filesystem backup utility. How does this affect my Adeona client state ( .cst ) file?
If your filesystem is backed up, then an old copy of your .cst file may be archived as part of the backup. If someone is able to obtain the backup, then they would be able to track the locations you visit after the backup was made. However, the privacy of locations you visited before the backup was made would not be compromised. Like all backup regimes, we recommend encrypting your backups.
How often does the Adeona client send location updates?
The Adeona client sends updates at randomly determined times, to help prevent timing attacks. Currently, the default option is set so that the client sends an update on average every 30 minutes. Note that "on average" means that sometimes the client will send two updates within just a few minutes, while other times the gap might be larger.
How long do these location updates stay in OpenDHT?
OpenDHT allows one to store data for a maximum of 1 week i.e. 604,800 seconds. We have configured Adeona to do so.
How do I remove Adeona?
See the uninstall section of the documentation.
Wait a second --- why have you made it easy to uninstall the Adeona client?
This is the first public distribution for deployment. For this deployment we have chosen to make Adeona easy to uninstall because we wish to provide flexibility to you (the user). Pending your feedback, future versions of Adeona could incorporate mechanisms that will make it difficult to remove.
What if a thief removes the software, reinstalls the OS or doesn't connect to the Internet?
A motivated and sufficiently equipped or knowledgeable thief can always prevent Internet device tracking: he or she can erase software on the device, deny Internet access, or even destroy the device. For example, Adeona currently has no mechanisms for attempting to survive a disk wipe.
We point out that we do not believe this renders Adeona (and other location-tracking systems) useless. The Adeona system was designed to protect against the common thief -- for example, a thief that opportunistically decides to swipe your laptop from a coffee shop or your dorm room, and then wants to use it or perhaps sell it on online. Such thieves will often not be technologically savvy and will not know to remove Adeona from your system. While device tracking will not always work, systems like Adeona can work, and it is against the common-case thief that we feel tracking systems can add significant value.
How do I do a retrieve?
See the retrieval section ( complete with screenshots ) of the documentation.
Can I perform retrievals from other computers?
Given the adeona-retrievecredentials.ost file generated during installation, one can perform tracking from any other computer that has the retrieval tools installed. For example, if you install the tracking client on your laptop and back up your credentials to a desktop, then you can perform retrieval from the desktop. This does not require running the tracking client on the desktop. See installing retrieval tools.
What information is included in a location update?
Currently, the location-finding component of Adeona includes the following information in its updates:
Internal IP address
This is your Internet location as reported by the operating system.
External IP address
This is your Internet location obtained by asking a web server like checkip.dyndns.org.
Nearby routers
These are network routers obtained by doing a traceroute to randomly selected PlanetLab computers. Usually, the names of network routers you are using can give a clue about your geographical location.
Access point
This is the name of the wireless hotspot you are connected to, can also give a clue about your location. Note that the Windows version simply reads a registry key that might contain stale information or no information on the current access point (for example, if one is not using the Windows-provided wireless management tools.)
Photos (Macs only)
The location-finding component takes a picture using isightcapture before sending an update to OpenDHT. If a thief was using the laptop, you could get a photo of them.
What else can I do to help make sure I can recover my lost or stolen laptop?
You should also register your laptop at JustStolen.net. Adeona can help you find the location of your laptop while it is in the thief's possession. But, if the police recover your laptop through other means (e.g., the battery was dead and the thief abandoned it), the police will be able to use JustStolen.net's database to determine that the laptop belongs to you. (You can also register your other important possessions, ranging from bicycles to cameras, at JustStolen.net.)
How do you take the photos on Macs?
We use the freeware isightcapture utility by Axel Bauer: http://www.intergalactic.de/pages/iSight.html.
If I install the Apple OS X version that takes pictures with the built-in iSight camera, will the green light on the camera turn on when the pictures are being taken?
Yes it will. While a thief could potentially notice this, we ourselves often did not. Please note that there is a Mac OS X package of Adeona with photos disabled here.
Is it safe to do retrievals even when my device is still in my possession?
A user can test retrieval at any time, however the location privacy of any retrieved updates cannot be completely ensured. However, the privacy guarantees for any previous (not retrieved) locations and all future locations remains. See the retrieval instructions.
What should I do once I do a retrieve and find the location (IP address) of my laptop or a picture of a thief?
Do not attempt to recover your lost or stolen laptop yourself. If you believe your laptop has been stolen, contact the appropriate law enforcement agency. You may also present them with the data you retrieved via Adeona.
I want to know the geographical locations visited by my laptop. How can I do this?
First, see the answer to the previous question. The current version of Adeona does not provide geolocationing (translating network coordinates into geographical coordinates). However, free geolocationing database services exist. For example, try Wigle (for wireless access points) or the Maxmind GeoIP demo (for IP addresses). We cannot vouch for the accuracy of such services.
What if OpenDHT goes down?
The remote storage facility is an essential component of any device tracking system. It is where the device's location information is kept. Our implementation of Adeona relies on OpenDHT to store a device's location updates. The best way to ensure the continued usefulness of OpenDHT is to support the OpenDHT project. We have engineered Adeona to deal with temporary connectivity issues when storing or retrieving data from OpenDHT.
Could a company adopt your techniques?
We believe that privacy is important and would love to see companies adopting our privacy-preservation techniques. Nothing prevents them from doing so, though they should still contact the University of Washington for licensing issues.
Why is my password being passed as a command line parameter to the initialize and retrieval programs?
In the Windows and OS X installer and recovery GUIs we have the user, by default, specify their password within a dialog box. This password is then passed as a command-line parameter to the appropriate Adeona executable. This could mean, for some system configurations, that the password might show up in the clear in a system log, when running `ps', etc. We recognize this is not a best practice, security-wise, however we made this the default because of the significant usability benefits for those not comfortable with command lines and the envisioned single-user machine common-case usage scenario.
There is a simple work-around. For the installation process, enter some irrelevant password (e.g. "password") into the appropriate password dialog boxes. This will cause adeona to be initialized with this password. The installation process is set to run the client so follow the instructions in the Readme.txt file on how to stop it. Then, from the Adeona installation directory, run the command
adeona-init.exe -r resources/ -l logs/
This will prompt you, within the command shell, to choose a password. Here you've simply re-initialized Adeona with a fresh set of credentials, now protected by the new password. Now, restart the client and make sure to copy the new adeona-retrievecredentials.ost file to a safe location (e.g., email it to yourself, place it on a USB thumbstick, or even print it out).
Windows users should use the cmd.exe terminal to run the command above. You can also just navigate to the directory where you installed Adeona and ( 1 ) click on StopAdeona.bat then, ( 2 ) click on InitAdeona.bat.
For recovery, just enter an incorrect password in the dialog box (e.g. "password"). The recovery command shell window that pops up will note the incorrect password, and prompt you to try again.
Are there any things you might change in the Adeona system, perhaps for future versions?
Yes. Please see our research paper for more information. One example avenue for improvement might be to create a cleaner interface between Adeona and the DHT (which is used as a bulletin board to store the location updates). Currently, because PlanetLab nodes (which house OpenDHT) are not always guaranteed to be stable, the Adeona client will download a fresh set of OpenDHT nodes from http://adeona.cs.washington.edu/gateways.adeona at every update interval.
What else could Adeona be made to do in the future?
The Adeona system is designed with extensibility in mind. We envision that it would be straightforward to add functionality to send authenticated commands back to the laptop (e.g., so as to delete sensitive data). Here the remote storage service, OpenDHT, would act as a private, anonymous bulletin board for relaying communication between the device and its owner. The Adeona client could also be engineered to be significantly more resistant to thieves attempting to disable it, via kernel-level support or even hardware support.
What software tools did you use to create the Adeona OS X and Windows packages?
In preparing the Adeona OS X and Windows packages, we made use of the following additional packages. We are grateful to them and wish to acknowledge them here.
Cygwin is used to build the Windows version of Adeona. The cygwin1.dll, cygcrypto-0.9.8.dll and the cygrunsrv.exe program are included in the Adeona Windows package.
NSIS or the Nullsoft Scriptable Install System is used to create the Windows installer of Adeona and the GUI interface for performing retrievals.
Packagemaker from Apple is used to create the OS X installer of Adeona.
We use the freeware isightcapture utility by Axel Bauer for taking pictures on OS X.
Wednesday, October 22, 2008
Protecting your notebook
Many of us have become so dependent on our laptops that we take them nearly everywhere. But what would happen if your notebook were stolen? In addition to the loss of the computer itself, there are two other concerns, the loss of your data and the accessibility of that data to whoever accesses your computer. What information would the thief be able to access? Credit-card numbers, bank account information, photos, music, passwords?
A laptop is stolen every minute in the United States, and most are never recovered. That's 700,000 per year! As you'd expect, they're most frequently taken from hotel rooms, college dorms, automobiles, airports and coffee shops. So what can you do to minimize a loss?
Back up your information
First, back up your important data. I've been using a service called BackUpRight. The San Diego company of the same name provides an automated backup service for both corporations and individuals. 5GB of backup is $10 per month, 20GB is $60 per month and 50GB is $100 per month. 5GB is usually sufficient enough for your files, e-mails and photos.
Just install the software on a PC or Mac, select the files you want to back up, and when you want it done. You'll never need to think about it; it's done automatically. It sends an e-mail message each time a backup is scheduled, letting you know whether it was successful. The service works on multiple computers, your data is protected off-site and only you have the ability to view it. There's a free trial available on the company's Web site, backupright.com.
Experts advise using a password to access your computer, but many dislike the extra delay at startup. A password can often be bypassed by moving the hard drive to another computer.
If you do use a password, select a word with at least eight characters and unusual symbols such as %, $, @ or ?. Use a word or phrase that's easy to remember. So instead of "sandiego," choose "$@ndie%o".
Also refrain from storing social security, credit-card numbers and passwords in your contact list. If you must do it, reverse the numbers and append them with superfluous numbers.
What's the best way to protect against the loss of your computer? Consider Absolute Software's LoJack for laptops. (The company licenses the LoJack name from the company that sells a tracking system for recovering stolen automobiles.) It costs $50 a year. (absolutesoftware.com).
If your notebook is stolen, LoJack will capture the IP address the next time the person goes online and will provide authorities with the information.
Once the software is installed in your PC or Mac, the notebook silently contacts Absolute's monitoring center whenever it's connected to the Internet.
Should your notebook ever be stolen, notify Absolute's recovery team by phone and file a report with your local police department. The service captures the IP address the next time your notebook goes online.
Absolute provides the IP data and other documentation to law enforcement, which uses it to obtain a search warrant to get the physical location from the service provider such as Cox or Time Warner.
How well does LoJack work? According to Absolute, it recovers three out of four stolen computers using its service. If you're one of the four it misses, the company will refund the cost of the software 30 days after the theft.
I spoke with Detective Fernando Ramirez of the San Diego police department, who has experience with a large number of notebook thefts. He's encountered two stolen notebooks that had LoJack software installed. In both of the cases, the computers were successfully recovered, but one case took 3 months and the other took almost two months.
Much of the delay was waiting for the subpoenaed information from the service provider after the warrant was served. A LoJack representative told me the company is constantly trying to shorten the time, and the company even pays fees to the provider if it can expedite delivery of the information.
So while LoJack is effective, don't expect to get your stolen notebook back right away. In the meantime, the thieves have had ample time to access your data. LoJack is also looking at additional services to retrieve your data and then erase it remotely.
In spite of the current limitations, LoJack is worthwhile and provides another layer of protection. And it helps law enforcement identify thieves.
There's also a low-tech method for recovery of lost notebooks and other items that relies on good Samaritans. It's from Boomerangit of San Leandro.
You purchase tamper-resistant serialized labels and stick them on your notebook or your other important items such as your cell phone or camera. A multipack costs $15 and contains two labels and two different size tags to protect four devices.
You register the items and your personal information at boomerangit.com. If the person who finds your lost product calls the phone number on the tag, Boomerangit will contact you. The service has 1 million users.
A laptop is stolen every minute in the United States, and most are never recovered. That's 700,000 per year! As you'd expect, they're most frequently taken from hotel rooms, college dorms, automobiles, airports and coffee shops. So what can you do to minimize a loss?
Back up your information
First, back up your important data. I've been using a service called BackUpRight. The San Diego company of the same name provides an automated backup service for both corporations and individuals. 5GB of backup is $10 per month, 20GB is $60 per month and 50GB is $100 per month. 5GB is usually sufficient enough for your files, e-mails and photos.
Just install the software on a PC or Mac, select the files you want to back up, and when you want it done. You'll never need to think about it; it's done automatically. It sends an e-mail message each time a backup is scheduled, letting you know whether it was successful. The service works on multiple computers, your data is protected off-site and only you have the ability to view it. There's a free trial available on the company's Web site, backupright.com.
Experts advise using a password to access your computer, but many dislike the extra delay at startup. A password can often be bypassed by moving the hard drive to another computer.
If you do use a password, select a word with at least eight characters and unusual symbols such as %, $, @ or ?. Use a word or phrase that's easy to remember. So instead of "sandiego," choose "$@ndie%o".
Also refrain from storing social security, credit-card numbers and passwords in your contact list. If you must do it, reverse the numbers and append them with superfluous numbers.
What's the best way to protect against the loss of your computer? Consider Absolute Software's LoJack for laptops. (The company licenses the LoJack name from the company that sells a tracking system for recovering stolen automobiles.) It costs $50 a year. (absolutesoftware.com).
If your notebook is stolen, LoJack will capture the IP address the next time the person goes online and will provide authorities with the information.
Once the software is installed in your PC or Mac, the notebook silently contacts Absolute's monitoring center whenever it's connected to the Internet.
Should your notebook ever be stolen, notify Absolute's recovery team by phone and file a report with your local police department. The service captures the IP address the next time your notebook goes online.
Absolute provides the IP data and other documentation to law enforcement, which uses it to obtain a search warrant to get the physical location from the service provider such as Cox or Time Warner.
How well does LoJack work? According to Absolute, it recovers three out of four stolen computers using its service. If you're one of the four it misses, the company will refund the cost of the software 30 days after the theft.
I spoke with Detective Fernando Ramirez of the San Diego police department, who has experience with a large number of notebook thefts. He's encountered two stolen notebooks that had LoJack software installed. In both of the cases, the computers were successfully recovered, but one case took 3 months and the other took almost two months.
Much of the delay was waiting for the subpoenaed information from the service provider after the warrant was served. A LoJack representative told me the company is constantly trying to shorten the time, and the company even pays fees to the provider if it can expedite delivery of the information.
So while LoJack is effective, don't expect to get your stolen notebook back right away. In the meantime, the thieves have had ample time to access your data. LoJack is also looking at additional services to retrieve your data and then erase it remotely.
In spite of the current limitations, LoJack is worthwhile and provides another layer of protection. And it helps law enforcement identify thieves.
There's also a low-tech method for recovery of lost notebooks and other items that relies on good Samaritans. It's from Boomerangit of San Leandro.
You purchase tamper-resistant serialized labels and stick them on your notebook or your other important items such as your cell phone or camera. A multipack costs $15 and contains two labels and two different size tags to protect four devices.
You register the items and your personal information at boomerangit.com. If the person who finds your lost product calls the phone number on the tag, Boomerangit will contact you. The service has 1 million users.
Subscribe to:
Comments (Atom)