USB 'Dead Drops' 322
Okian Warrior writes "Aram Bartholl is building a series of USB dead drops in New York City. Billed as 'an anonymous, offline, peer to peer file-sharing network in public space,' he has embedded USB sticks as file cache devices throughout the city. Bartholl says, 'I am "injecting" USB flash drives into walls, buildings and curbs accessible to anybody in public space. You are invited to go to these places (so far 5 in NYC) to drop or find files on a dead drop. Plug your laptop to a wall, house or pole to share your files and data.' Current locations (more to come) include: 87 3rd Avenue, Brooklyn, NY (Makerbot), Empire Fulton Ferry Park, Brooklyn, NY (Dumbo), 235 Bowery, NY (New Museum), Union Square, NY (Subway Station 14th St), and West 21st Street, NY (Eyebeam)"
Yeeeahhh (Score:5, Insightful)
Turn off AutoPlay first, kids. You'll thank me later.
Re:Yeeeahhh (Score:5, Insightful)
Ya I would have thought an open wifi network connected to a little ftp server (but for fun not the internet)would make a far better dead drop.
for one you wouldn't have to be so obvious about connecting to it.
Sitting in a coffee shop across the street would be far less conspicuous.
Re: (Score:2)
Unless of course people feel there is something 'cool' about having to be in a specified location to receive information in this day and age.
Time to look for my mysterious-looking jacket and dark sunglasses, must look the part.
Re: "specified location" (Score:2)
Fun like GEO Caching (Score:3, Interesting)
Unless of course people feel there is something 'cool' about having to be in a specified location to receive information in this day and age.
GEO caching [geocaching.com] came readily to mind. Find an interesting (and hopefully somewhat safe site) and when people get there, not only can they share whatever, but they can have a unique experience as well.
From sneaker net ot peer to peer to USB Dead Drops? lmao...
Might be good practice for when Fascism [wikipedia.org] takes over thanks to Citizen United vs FEC [wikipedia.org].
Re: (Score:3, Insightful)
Why is parent +5 Insightful? (Score:3, Insightful)
> I figured it would also need some code to figure out who was getting too close to the hidden antenna and drop transmit power or the connection outright to mask the actual location.
1) If I sniff only, you will not detect me
2) No matter what you do, unless you switch positions, I can find you over time
> I also figured the network would need to occasionally switch off and vanish if devices nearby were lurking and not sharing, even with that, no way to defeat passive wifi sniffing.
How will you find out
Re: (Score:3, Informative)
Log what details? USB hosts don't leave fingerprints on storage devices. As far as the device is concerned, the host is totally anonymous.
And USB-borne malware is trivially easy to avoid, even in Windows, which didn't stop dozens of people from posting "OH NOES, TEH VIRUS!!!!" in this discussion.
It's like the 70's and 80's (Score:5, Insightful)
...its like the era of near anonymous sex, eventually people started dying after hooking up. How long before we see people killing their computers, or going to jail because they plugged in and xferred something really illegal?
This is REALLY smart.
Re: (Score:3, Insightful)
Exactly, what a bunch of idiots.
People doing this are going to discover that cops may not care much when you transfer copyrighted files over the net from the privacy of your own home, but they will care and will take notice when people start acting suspiciously in open public areas. People will probably start being arrested on suspicion of trading drugs, planting bombs, etc.
Re: (Score:3, Funny)
And then we'll hear, "I went to the dead-drop to swap some files, but I couldn't get near the place because it was hip-deep in copyright cops!"
Re:Yeeeahhh (Score:4, Funny)
Came here to see a bunch of geeks fail to grok "art project" and go into endless loops over the merits of the technology involved.
Am leaving satisfied...
Dead drops? (Score:5, Insightful)
Is that kind of like a Glory Hole? Probably the same number of viruses.
Cool (Score:2)
Comment removed (Score:5, Funny)
Re: (Score:3, Funny)
I invite continuation
Re:Cool (Score:5, Funny)
Re:Cool (Score:5, Funny)
Then a tow truck came by and said, "Hey, free taxi!"
Then Optimus Prime came by and said, "Longarm? Are you free?"
Re: (Score:3, Funny)
One of the signs today at the Rally to Restore Sanity asked "What would Optimus Prime do?"
Re: (Score:3, Insightful)
He would KICK ASS... with a cool voice.
Re:Cool (Score:4, Funny)
Then i came by and pissed on Optimus Prime. "Hey, free urine!"
You pissed on Optimus? Oooh, "urine" trouble now.
Re:Cool (Score:4, Funny)
Re: (Score:2)
Then a lawyer came along and said "Hey! Easy money!"
Re:Cool (Score:5, Funny)
Re: (Score:2)
Re:Cool (Score:4, Funny)
Free Willy!
Re:Cool (Score:5, Funny)
Re: (Score:2, Interesting)
Re: (Score:2)
Re: (Score:2)
Thinking back years ago, wasn't there an exploit which could work against any USB host, assuming complete control over the firmware in the USB device?
Re: (Score:2)
Re: (Score:2)
this is probably the most potentially damaging scenario possible short of giving a virus user direct physical access to your pc.
Excellent (Score:5, Funny)
I can think of no security issues that could be introduced by this development.
Re: (Score:2)
Re: (Score:2)
I can think of no security issues that could be introduced by this development.
Nor can I... at least for any reasonable OS that doesn't do anything so colossally stupid as to run any executable it finds there.
But I suppose that point's already been made here.
a new trend (Score:5, Funny)
For an encore, he'll be setting up "Drop Dead" sites around the city. These will be little knobs mounted to walls, for anonymous people to "share" biological materials by walking up to them and licking them.
Good way to get your laptop attacked (Score:5, Informative)
So basically, you are being invited to connect a USB device from an unknown source, with unknown code on it, to your machine. There have been many instances of people leaving USB sticks with exploit binaries around for people to find. You find the stick, stick it in your machine, and are promptly exploited. Regardless of whether the creator of the dead drops hasn't done this intentionally themselves (hopefully, they haven't), you have no idea what might have been placed on the sticks by others.
Re:Good way to get your laptop attacked (Score:5, Informative)
And here is an article on this exploit technique:
http://www.dailytech.com/USB+Drive+Malware+Exploit+Windows+7+Flaw+in+Apparent+Espionage+Effort/article19065.htm
Re:Good way to get your laptop attacked (Score:4, Insightful)
And here is an article on this exploit technique:
http://www.dailytech.com/USB+Drive+Malware+Exploit+Windows+7+Flaw+in+Apparent+Espionage+Effort/article19065.htm
http://www.dailytech.com/USB+Drive+Malware+Exploit+Windows+7+Flaw+in+Apparent+Espionage+Effort/article19065.htm [dailytech.com]
What, you can't actually make a link?
Re: (Score:2)
I wouldn't be walking around with a system running windows, even if I intended to use one of these devices.
Re:Good way to get your laptop attacked (Score:5, Funny)
What kind of crappy machine is vulnerable to files on an external medium?
It's not the nineties anymore.
Re: (Score:2)
Re: (Score:3, Funny)
What kind of crappy machine is vulnerable to files on an external medium?
The kind of machine that would run an attached executable when you open an e-mail might be expected to do such a thing.
Re:Good way to get your laptop attacked (Score:5, Interesting)
Umm.. I guess you didn't read about the Stuxnet worm that used several zero day USB based explotes including a buffer overrun in lnk files.
Last I heard not all of those where patched so if you are using a windows machine odds are you are.
Also if one was to be really nasty they would hack a microcontroller to be a keyboard and then hijack your machine that way.
You did not consider all attack vectors (Score:3, Insightful)
I can put a JPG, MP3, PDF, anything that exploits a zero-day (or known) vulnerability on the drive. As you will not only _copy and store_ but _open_ the files...
Also, what stops me from emulating a keyboard and entering a load of crap? "Windows-c (?) deltree c:\\ /y\n" comes to mind.
Re: (Score:2)
Re: (Score:2)
I'd do what I do when inspecting any questionable media or computer:
Boot one of the many convenient live Linux or PE-ish live CD/DVDs or live USB installs and have at it.
Engineering aspects: (Score:4, Insightful)
Also I'm sure many will complain about the possible dangers of viruses but imagine worse. How much damage could you do with a usb stick? It wouldn't be impossible to rig a car battery to the contacts from the other side of the wall.
Comment removed (Score:5, Informative)
Re: (Score:3, Funny)
Okay, I thought "meh, sandbox the system and disable autorun. Nothing can break then." This certainly made me afraid of random USB connectors sticking out of walls :o
Re: (Score:2)
12 volts on usb fried every usb device i had connected and killed the mainboard maybe more on a desktop I had.
(was a usb case for a laptop dvd drive. Design flaw was that it had a power connector commonly used for 12 volts.
good luck trying 12volts on your USB ports.
Re: (Score:2)
I once had a static electricity discharge go from my body to my PDA which was connected to my laptop via a USB cable.
The laptop turned off immediately, in some futile attempt to save itself, I suppose.
It did turn back on, but then proceeded to function strangely (unexpected reboots, taking too long to start up, or not starting up at all) until it finally died completely 3 or 4 days later.
The guys at the shop said it was a burnt motherboard, but I can't vouch for their expertise. For all I know it was a sing
So this is what passes for clever these days (Score:2, Insightful)
What the heck is the point of this? Sometimes I hate artists. Here's an idea, just give someone a USB drive when you want to share files with them. Or mail it. Or I guess call it art and attach USB drives to walls. Move over Van Gogh, there's a new master in town!
Re: (Score:3, Informative)
Thats ok. And we hate you. :)
You ultimately don't have to connect to the USB stick if you don't want to. And as for your suggestion, you've obviously missed the point, because the concept behind it is NOT to share files with someone you know. But rather to create drop spots in an urban environment to see what happens. Think of it as creating a parallel (and sllightly subversive) infrastructure that people might use in new and original ways. I would expect that in the age of "oh nohs! all the guvernmsnts r t
In Iran... (Score:3, Funny)
Although (Score:2, Insightful)
Easy... (Score:2)
Vector for malware in 3... 2...
Geocache much? (Score:4, Interesting)
How stupid can you get? (Score:3, Insightful)
Apparently, this person is willing to expose himself as a complete moron, just to get a bit of publicity. This is not even original, security experts have been using something very similar as network penetration technique for years.
Re: (Score:2)
If you read the link in the article, you'll see that Eyebeam is more like an art project than a security research project.
Re:How stupid can you get? (Score:4, Informative)
They really don't have any standards for art anymore, do they?
Re:How stupid can you get? (Score:5, Funny)
They really don't have any standards for art anymore, do they?
I hear the ISO is considering the issue, but if you want swifter action, I suggest you submit an RFC to the IETF.
Continuing the tradition... (Score:3, Funny)
There's a long tradition of young folks picking up nasty viruses from anonymous strangers in NYC; now their computers can too.
Attention thieves! (Score:2)
Guys with expensive laptops will be at the following five locations:
sheesh
What dould possibly go wrong? (Score:4, Interesting)
Could be worse. In 1969, the Museum of Modern Art in New York deployed Pulsa [moma.org], an exhibit which included many strobe lights arranged to flash in sequence. There was a long line of strobes not only on the museum, but extending to adjacent buildings.
Pilots reported runway lighting in midtown Manhattan. The "moving ball of light" strobe system for runways was chosen because, even in cluttered urban areas with many parallel lines of light, there's nothing which looks like that. The FAA made them retime the strobes so that it didn't look like a runway.
Re: (Score:2)
Probably a good idea. The standard eastern approach for Tullamarine airport here in Melbourne goes precisely above the east west runway at Essendon airport, which was our international airport when airliners had tappets and carburettors. It doesn't even have lights but that doesn't stop the occasional 747 crew from commencing final...
Re: (Score:2)
Suggestion (Score:2)
Silly suggestions aside, he should really take this opportunity to teach people the dangers of malware which can be picked up by doing stupid things.
Curiosity killed the ... (Score:3, Funny)
I definitely won't stick someone's hoo-hoo dilly in my laptop's cha-cha.
What was the name of that 70's thing... (Score:2)
It predates the 6-degrees of Kevin Bacon, but it is the same idea.
Was it an oobie or some such? This sounds like that. Probably sold a lot of plastic crap and packaging.
Hippies.
Re: (Score:2)
I agree with the other posters (Score:2)
The way a non-stupid person would do this is to set up a wireless router. This way two anonymous people could exchange data and no one would be able to tell where or who they were beyond being in the general vicinity. It would also actually be
Re: (Score:2)
Re: (Score:2)
I have lost touch with this world.
One of these is near me (Score:2)
Empire Fulton Ferry Park is right down the street from where I live. There's only so many places it could be hid.
I think I need to fire up my spare laptop with a LiveCD and find it.
For science
Re: (Score:2)
I think it's pretty brilliant (Score:2)
This will make a lot of people think, I think.
This is just silly (Score:3, Funny)
* Mount Etna (near the mouth)
* North pole (well 40 ft underground at that point)
* 3 miles underground at an unknown location. There is a cave entrance though I think (well there was last time I went).
* In my house
* Inside the fossilized remains of a dead bird found somewhere in the Sahara Desert.
* Five are in the ocean too (I'll keep the exact locations secret, but you may have some luck checking out the Atlan... (hint hint) ).
Directory Listing (Score:5, Funny)
goatse.jpg
Copy of goatse.jpg
Copy2 of goatse.jpg
Copy3 of goatse.jpg
...
Why not bluetooth or wifi? (Score:3, Interesting)
That way i can get my free viruses without having to plug something in.
Cops Will Not Like This... (Score:4, Insightful)
From a geek perspective, I think this is awesome. It combines all the fun of geocaching with the rewards of actually getting something. I do think that viruses would be a concern, yes, but at the same time, anyone looking for one of these things is going to expect that, and will either be protected somehow, or will be using a machine they can keep in quarantine.
From an art perspective, I think this is awesome. It's funny, fresh and gets people outside, exploring their world. It's using available materials to change the way people look at common, everyday items.
From an engineering perspective, all I can see is broken USB hubs stuck in my port because I sneezed too hard. Or shorted out the port because it was wet on the inside of the plug. Or someone thought they were cute and put some WD-40 in there, instead of electrical contact cleaner.
But from an societal point of view, I see strangers walking up to a building and holding their computers up against the wall. That's fine for things like monuments, park statues and maybe even trees in a park? But doing that outside a business might get you in trouble.
Do it anywhere near someplace the NYPD consider "sensitive", and you might just become the latest headline news.
My grading of this idea: (Score:4, Interesting)
Creativity: A+
Humor: B
Usefulness: F
Convenience: F
Security: F
Resistance to Vandalism: F
Re:My grading of this idea: (Score:5, Funny)
Okay, so ten out of ten for style, but minus several million for good thinking, yeah? -- Douglas Adams
Re: (Score:2, Insightful)
Re:Sounds great! (Score:5, Funny)
kudos to the person who will find them all and format to ext4 file system.
awesome post, but since it is almost halloween, why not a killer file system like reiserfs?
Re: (Score:3)
The replacement is probably going to be exfat. It's not free, not even remotely - it's patented to hell by Microsoft - but it's still likely to take over for the simple reason that Windows supports it (Since Vista, I think), and no removeable media is going to be practical of 90+% o
Re: (Score:2)
Re:Sounds great! (Score:4, Insightful)
A better way would be to build a simple open wifi AP. No internet connection, just storage.
Cue the old man thread... (Score:2)
some sort of actual storage instead of the 4-8GB that could be in that thumb drive max
Do you know how many computers I've had and/or used that had at least an order of magnitude less than 4-8GB mass storage?
Why, back in my day, we had 160KB floppy disks! And we were glad to have 'em too!!! Rassum fassum darned kids today with their fancy "USB Drives"...
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Great (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re:cfdisk /dev/sdb; mkfs.ext4 /dev/sdb1 (Score:4, Informative)
Re: (Score:3, Insightful)
Partition the usb drive into two. sdb1 is a tiny ntfs partition with some barney pics, and sdb2 is ext3 with all the awesome stuff on it. Windows won't even know how to access the 2nd partition AFAIK. Last time I checked Windows wouldn't even let you partition a usb thumbdrive w/ more than 1 partition.
Re:cfdisk /dev/sdb; mkfs.ext4 /dev/sdb1 (Score:4, Insightful)
Re: (Score:3, Interesting)
Yeah, because the "open" guys have really shown that they know how to all control their egos and make sure everything they do is in the best interests of the "community", and not in the pursuit of some ridiculous need to flex an e-peen or get the last word.
I predict the first day