Here's a more sophisticated version of a similar idea:
Cellular networks are centrally administered, enabling service providers and their governments to conduct system-wide monitoring and censorship of mobile communication. This paper presents HUMANETS, a fully decentralized, smartphone-to-smartphone (and hence human-to-human) message passing scheme that permits unmonitored message communication even when all cellular traffic is inspected.
HUMANET message routing protocols exploit human mobility patterns to significantly increase communication efficiency while limiting the exposure of messages to mobile service providers. Initial results from trace-driven simulation show that 85% of messages reach their intended destinations while using orders of magnitude less network capacity than naïve epidemic flooding techniques.
I don't see the similarity, but distributed p2p systems are very interesting, especially when they involve mobile wireless communication. It's kinda sad that there is currently little use for these kind of networks. In larger cities node density could get high enough to actually create a continuous mesh network with acceptable latency and loss.
It is a bad idea to plug untrusted hardware into your computer. Many Windows users have autorun enabled, so could be infected with malware as soon as they plug it in. This has been exploited by people pretending to run promotions and handing out infected USB drives in front of targeted businesses.
Worse than autorun, there have been buffer overflows against USB drivers and proof-of-concept exploits that allowed Firewire devices to read arbitrary physical memory through DMA access. I haven't seen this used in practice, but the risk is there. Bruce Schneier wrote about these attacks a few years ago:
http://www.schneier.com/blog/archives/2006/06/hacking_comput...
If you want to go down the Ken Thompson "Trusting Trust" hardware security rabbit hole, think about who manufactured your computer.
Not even just that, but someone could rig up a USB plug that shorted out the power (or, worse, rammed 9V from a battery back up it) and cream your USB port..
It's a similar risk to using a file sharing network though. It depends on the type of files you're downloading, of course, but lots of people don't check an EXE before running it.
Although you often have the wisdom of the crowd when downloading files; if 1000 people are sharing/seeding, then the files are probably* safe.
I have thought for ages of something like this, but instead of usb drivers, a wifi box with a big harddisk. You would connect to the wireless network, open browser at 192.168.0.1 and instead of a router's page, you would get to a website, with a nice interface, where you could select the files you wanted to download or upload others.
I even did some drawing and thought of solar pannels and batteries to keep it going non-stop. What demotivated me was the fact I'm living in Brazil and normal filesharing is still much easier and non-risky...
Anyway, a wifi box like this would be much more secure if done right. A complementary idea I also thought of was to make the boxes communicate with each other, much like a cloud you could access from any reachable access point.
they know whatever MAC address you're using at the time, sure. if that happens to be 06:66:de:ad:b3:3f, then anyone later inspecting the logs will probably be disappointed.
This is as "anonymous" as a public mailbox. This is trivial to monitor, and said monitor could easily perform a diff of the drive after each contact.
Real dead drop locations are typically only known by the involved parties, are ad hoc, and move frequently.
Don't get me wrong -- it's an interesting and sort of amusing project. I don't mind most of the terminology they're using, but I think it's dangerous to call something "anonymous" when it is so far from being so.
Fun concept, but I immediately imagine someone going around smashing these with a hammer (or, perhaps more likely, city workers being sent out to remove them). :\
Here's a much more expensive project with a similar idea:
Bluetooth low energy is option once more phones support it. With a button cell the transmitter will operate more than a year. Hide it completely in a wall or somewhere else where it is difficult to remove.
It's a cool idea, but I worry about malware. Malware is known to be able to infect USB drives put into the machine it's on, and it only needs to be plugged into another machine to infect it. They'll have to be systematically reformatted pretty often...
You think incorrectly and having that assumption, you're exposing yourself to more risk. To assume Linux USB drivers, file systems and file managers don't contain vulnerabilities is to assume wrong.
Sure, there is also the potential threat of someone breaking into my home/office and installing secret videocameras to record my keyboard and get my truecrypt password (or more easily, opening the "safe" and figuring out what string of characters in a certain notebook is it). However, I don't worry about such things, and neither would I worry connecting a random usb to my practically disposable netbook.
Someone could always re-wire the thing into mains power, in all probability destroying anything connected to it regardless of any software it might be running.
Since you can only touch one conductor of a USB connector at a time (or really at all) unless you stick your tongue into it, then any mains power applied to it is going to be hard pressed to cause you anything besides an uncomfortable tingling.
Ah, so you do remember that the current is going to have to flow through you, and that will need something a bit more conductive than pavement and shoes.
Note that you don't actually know what kind of device it is. It's USB, but it's not necessarily just a flash drive. For all you know it's hooked up to a microprocessor-driven exploit-o-bot.
Neat idea. Obvious security concerns apply, but probably people who are nerdy enough to whip out their laptop and plug it into the wall are smart enough not to have autorun switched on when doing this.
haha well done! Great and fun idea. We should make it a movement and put them up all over the world. And make a site like geocaching for this type of sharing!
Cellular networks are centrally administered, enabling service providers and their governments to conduct system-wide monitoring and censorship of mobile communication. This paper presents HUMANETS, a fully decentralized, smartphone-to-smartphone (and hence human-to-human) message passing scheme that permits unmonitored message communication even when all cellular traffic is inspected.
HUMANET message routing protocols exploit human mobility patterns to significantly increase communication efficiency while limiting the exposure of messages to mobile service providers. Initial results from trace-driven simulation show that 85% of messages reach their intended destinations while using orders of magnitude less network capacity than naïve epidemic flooding techniques.
http://www.usenix.org/event/hotsec10/tech/full_papers/Aviv.p...