Jump to content

Ethical Travel Bug?


kirgy9
Followers 2

Recommended Posts

Hi, iv got a query that i would like to run through the forums before i decided to go ahead!

 

Im a freelance software programmer as well as a geocacher, and im planning on using a special type of Flash Drive (U3 Flash Drive) alongside a travelbug.

 

The Flash Drive will has built-in "auto-run" feature, this means when inserted into the computer it will automaticaly run an application on the Memory Stick - without asking for user's permission.

 

The program obviously wont be malicious, i was planning on using it to open a program which will have several fields written inside, and will email me the results.

 

The aim is to be able to record alot of things that are not normaly loged about a travel bug and hopefuly because its different people will be more encouraged to do so.

 

There are endless possibilities for it:

*recording IP addresses to help located where to travel bug is being kept

*uploading of images to my own server directly

*more ideas please?

 

Obviously i would warn the user with perhaps a small laminated card attached to the Flash Drive about what it does.

 

The question i want to ask - is this ethical? Is this against the "rules"? A cacher will still be able to log to travel bug without also doing the additional Flash Drive logging.

 

I am willing to - if this goes ahead ethicaly etc. release the software for free to GeoCacher to use if they wish and create a simple user guide of "how".

 

Any comments or idea of what the program on the stick could do will be loved - thanks Geocachers!

Edited by kirgy9
Link to comment

I would have to agree with the majority. I for one would defnitly not run it on my my system. I see something like this being a liablity on you(the owner) if someone tampers with it and does set off a virus it could come back and you be to blame for it. So I would ask yourself is the Risk worth the reward?

Link to comment

Ethical? Yes.

 

Would I run it on my PC? No.

 

Even though I might trust you, what's to prevent someone else from replacing your software with something that is malicious?

 

Too risky.

+1

 

and i dont want people sending emails from my machine or uploading anything form my machine.

put a disposable camera in it or somit

Edited by Guinness70
Link to comment

Cool idea though! And so many possibilities!

 

The problem with an idea like that is people fear Big Brother more than you think. They would not run your drive on their computer for fear of being taken over, but what they probably don't realize is that data collection processes like that are run all the time on their machine in one form or another, when they do online transactions with their bank, when they buy books at Amazon, or music on IStore, or whatever. The problem is that if you want to stay ethical, you have to tell them, and if you do their will probably not run your drive.

 

Although people are so gullible sometimes.

 

At work we have a computer that's isolated from the rest of the network just for trying things like that, because we exchange all kinds of electronic documents with all kinds of people from all over the world. We would definitely try your drive on that machine.

 

With all that being said, I would probably not take the chance to run your app on my laptop.

Link to comment

In a way I like your Idea. But maybe instead of a Travel drive with an Executable file on it that will make anyone think twice before installing. Why not a mini CD/DVD with some information about the project with some PDFs on it with maybe a web address to a sight that will run the program on the web side of things if it is data base driven keep it on the server let people add their information and such you are looking for on the web site. Log their adventure with your Bug and send it to the next person. Seems that you have to log it on here anyway so anyone that picks it up is going to have a computer that ls linked to the internet. I know personally I would be more willing to help out if it based that way instead of a program you want to launch on my computer. Just an Idea. :)

Todd

Link to comment

Alright, thanks guys, seems like a bad idea then! This is why i wanted to pass it through here. I can see people's fear of the potential danger if someone took hold of the flash drive and re-formated it and used the U3 USB hack to enable an autorun for their own virus.

 

So this wont go ahead! But i may add some forms to my listing of a geocache or travel bug just to make it more fun.

 

Thanks Geocaching Universe!

Link to comment

Ethical? Yes.

 

Would I run it on my PC? No.

 

Even though I might trust you, what's to prevent someone else from replacing your software with something that is malicious?

 

Too risky.

+1

 

and i dont want people sending emails from my machine or uploading anything form my machine.

put a disposable camera in it or somit

This all sounds great but soooooo risky

Link to comment

Im a freelance software programmer as well as a geocacher, and im planning on using a special type of Flash Drive (U3 Flash Drive) alongside a travelbug.

 

I had a slightly similar idea, and I decided that even if everyone was on the level, and used the usb drive in good faith, that there is always the chance that any writable media could unintentionally pick up a virus along the way.

 

I'll be using mini disks instead with readable data only, no software. That way several system compatibility issues can be addressed immediatelyby running it all through a native web browser.

Link to comment

Im a freelance software programmer as well as a geocacher, and im planning on using a special type of Flash Drive (U3 Flash Drive) alongside a travelbug.

 

I had a slightly similar idea, and I decided that even if everyone was on the level, and used the usb drive in good faith, that there is always the chance that any writable media could unintentionally pick up a virus along the way.

 

I'll be using mini disks instead with readable data only, no software. That way several system compatibility issues can be addressed immediatelyby running it all through a native web browser.

 

Keep in mind that you aren't always dealing with techies.

 

If someone asks if they should stick something into their computer, I'm going to tell them no. It's just safer that way.

 

When it comes to travel bugs you have to consider the best travel options. Some people are just not going to log your bug. It's best understand that up front.

Link to comment

Hi, iv got a query that i would like to run through the forums before i decided to go ahead!

 

Im a freelance software programmer as well as a geocacher, and im planning on using a special type of Flash Drive (U3 Flash Drive) alongside a travelbug.

 

The Flash Drive will has built-in "auto-run" feature, this means when inserted into the computer it will automaticaly run an application on the Memory Stick - without asking for user's permission.

 

The program obviously wont be malicious, i was planning on using it to open a program which will have several fields written inside, and will email me the results.

 

The aim is to be able to record alot of things that are not normaly loged about a travel bug and hopefuly because its different people will be more encouraged to do so.

 

There are endless possibilities for it:

*recording IP addresses to help located where to travel bug is being kept

*uploading of images to my own server directly

*more ideas please?

 

Obviously i would warn the user with perhaps a small laminated card attached to the Flash Drive about what it does.

 

The question i want to ask - is this ethical? Is this against the "rules"? A cacher will still be able to log to travel bug without also doing the additional Flash Drive logging.

 

I am willing to - if this goes ahead ethicaly etc. release the software for free to GeoCacher to use if they wish and create a simple user guide of "how".

 

Any comments or idea of what the program on the stick could do will be loved - thanks Geocachers!

It would be fun to see the data collected on a program like this, but wouldn't the sample be skewed quite a bit by the (admittedly) several people who would not run your program on their computers?

Link to comment

IMO, this would fall into a category very similar to the idea of putting food into caches. This TB would never find its way into my hands, nor the hands of anyone else I cache with.

 

"Phone home" - no, thanks.

 

Upload who knows what from my computer to your server? NO WAY. How do I know that your application isn't searching my hard drive for my Quicken data files or anything else that might be "interesting"?

 

You can warn all you want, but people ignore warnings or just don't know enough to keep unknown media off their computers.

 

Also, someone malicious could put something else on the drive to really mess people up. Even if your application is "pure", once that drive is out of your possession, you've no way to control what's on it.

 

A mini-CD can help prevent malicious software from finding its way onto your original TB, but what prevents someone from making a clone of it that is malicious? With your original in hand, they have enough information to make a perfect forgery which includes a nasty payload.

Link to comment

...

The Flash Drive will has built-in "auto-run" feature, this means when inserted into the computer it will automaticaly run an application on the Memory Stick - without asking for user's permission.

 

The program obviously wont be malicious, i was planning on using it to open a program which will have several fields written inside, and will email me the results.

 

The aim is to be able to record alot of things that are not normaly loged about a travel bug and hopefuly because its different people will be more encouraged to do so.

 

There are endless possibilities for it:

*recording IP addresses to help located where to travel bug is being kept

*uploading of images to my own server directly

*more ideas please?

 

Any comments or idea of what the program on the stick could do will be loved - thanks Geocachers!

I would be real upset if I found one of my users (I am a corporate IT Architect) had this run on one of our computers.

Run a program without prompting for permission?

Email data from the computer to you with asking permission?

Record personal info and send it to a remote host without asking permission?

 

Congratulations, you will have written a Trojan horse.

Link to comment

I would be real upset if I found one of my users (I am a corporate IT Architect) had this run on one of our computers.

Run a program without prompting for permission?

Email data from the computer to you with asking permission?

Record personal info and send it to a remote host without asking permission?

I'm not "excusing" this program (see my previous post in the thread), but you've got USB ports locked down & autorun disabled, and users don't have admin rights on their systems, right? That'd significantly reduce the chances of such a device doing this.
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Followers 2
×
×
  • Create New...