Jump to content

dead drops. possible tie in to geocaching?


escondido100
Followers 4

Recommended Posts

I saw this a couple of weeks ago. It could be implemented in some fashion to create a puzzle or letterbox, but I think there could be guidelines implications:

 

In the interest of file security, caches that require the downloading, installing or running of data and/or executables may not be published.

Link to comment

I saw this a couple of weeks ago. It could be implemented in some fashion to create a puzzle or letterbox, but I think there could be guidelines implications:

 

In the interest of file security, caches that require the downloading, installing or running of data and/or executables may not be published.

 

+1

 

Ummm.....No Thanks :anibad:

Link to comment

truly not practical... it takes one person who plugs in to one and uploads KP to turn the entire thing into a major lawsuit, or one hacker who turns the flashdrive into a forced boot drive or has it run an executible file apon connection to the drive with a virus or spyware.

 

not to mention weathering concerns, most flash drives aren't waterproof, and even for the ones that are the contacts will corrode rather quickly when left in the elements.

 

not to mention how long will it be until the RIAA 'places' one that does little more than log your identifieing info[MAC address, etc] and the files you UL/DLed[or searches your media folders]... or untill a multi national advertising firm places one that searches your browser caches and MAC to better 'sell you' the next time you go online[personally i think its bad enough the number of websites that use cookies to track your internet usege(often without your knowledge)]

 

all and all, i'm not a fan of the idea

Link to comment

some USB drives have a physical "write protect" switch.

And all files have a read-only attribute.

 

Eliminate the thumb drive, just too many issues, and put a URL in the cache. Then finders can write that down and use any computer or phone to access the file online from the cache site if they can connect by smart phone or laptop.

 

Or put the URL in the cache description so they can get it before they hunt the cache.

 

Or something.

 

I like the basic idea but the delivery mechanism needs tweaking.

 

To get it listed this all has to be optional, I think... seekers should be able to find the cache even if they don't want to participate in this so that it doesn't become an ALR.

Link to comment

I think it's an awesome idea andas long as the visitor has an up to date antivirus, which they should have anyway, it shouldn't be a problem. As for the durability of the USB device in question, when wrapped in epoxy like that, they're darn near bombproof.

 

I'm a confirmed tech addict and I aprove this post.

A "confirmed tech addict" would recognize that with something like this, a virus which is trapped by an up to date AV product would be the least of your worries. There are other ways to capture someone's data & send it off to a remote server that don't involve known viruses.

Link to comment

I think it's an awesome idea andas long as the visitor has an up to date antivirus, which they should have anyway, it shouldn't be a problem. As for the durability of the USB device in question, when wrapped in epoxy like that, they're darn near bombproof.

 

I'm a confirmed tech addict and I aprove this post.

A "confirmed tech addict" would recognize that with something like this, a virus which is trapped by an up to date AV product would be the least of your worries. There are other ways to capture someone's data & send it off to a remote server that don't involve known viruses.

True. I used Remote Spy to monitor my kids internet usage when they were pre and early teens. It can be installed from any source completely invisibly and allows the user to monitor anyone's computer anywhere online or off (it uploads off-line activity when you connect to the 'net), and unless they've addressed this since I used it years ago spyware and anti-virus programs don't see it.

 

The thing is that anyone who wants to monitor you doesn't need to go to the trouble to alter a memory stick, they can do it with this or any of several programs like this much easier by sending you a picture in an email. :anibad:

Link to comment

Personally I wouldn't participate in this. I'm not going to buy a lap top for geocaching for one. If I did buy one I wouldn't be bringing it out into the sticks or lugging it around town. Our elements are just not hospitable for survival of memory sticks in a cache or stuck by a cache.

 

And if I went to a cache and saw the walls and what not modified like they are on that website and if the cache owner didn't have permission to modify the walls or didn't own the walls I probably wouldn't do the cache at all.

Link to comment

I think it's an awesome idea andas long as the visitor has an up to date antivirus, which they should have anyway, it shouldn't be a problem. As for the durability of the USB device in question, when wrapped in epoxy like that, they're darn near bombproof.

 

I'm a confirmed tech addict and I aprove this post.

A "confirmed tech addict" would recognize that with something like this, a virus which is trapped by an up to date AV product would be the least of your worries. There are other ways to capture someone's data & send it off to a remote server that don't involve known viruses.

 

For example...

 

Awhile back I heard a radio program with someone from a U.S. federal cyber security department. He had a number of "horror" stories but the one that stuck out involved one of those digital picture frames. It plugged into a USB port and, because many were not aware that the default behavior in a certain O/S was to execute a "autorun.inf" program if it exists on a removable device. In this case, the picture frame downloaded a trojan horse that captured a bunch of data from the host computer and was sending it to an email address in China. The scary part was that these digital picture frames were right out of the box and were purchased at a well known big box electronics store.

Link to comment

Interesting.

 

People in these forums have said that they are read only, when in fact they are not.

 

The websites say, "download your favorite files here!"

 

They are public sharing places.

 

One guy wrote on the website he is just heading out the door with a trojan to install on them. Whether he meant it or not, someone will.

 

Cool idea. Not very functional though.

Link to comment

Awhile back I heard a radio program with someone from a U.S. federal cyber security department. He had a number of "horror" stories but the one that stuck out involved one of those digital picture frames. It plugged into a USB port and, because many were not aware that the default behavior in a certain O/S was to execute a "autorun.inf" program if it exists on a removable device. In this case, the picture frame downloaded a trojan horse that captured a bunch of data from the host computer and was sending it to an email address in China. The scary part was that these digital picture frames were right out of the box and were purchased at a well known big box electronics store.

Duracell battery chargers (with USB plugs) were caught last year running some software & phoning home to someplace in China too, IIRC.

Link to comment

dead drops

 

the link above takes you to a site that pretty well explains the concept.

i wonder how practical this would be for a cache.

take a laptop or netbook to log find on file add pics etc.

i think it could work.

Ideas? input?

Now that I've looked at the website (didn't dare do it at work), two thoughts come to mind:

 

#1 we've already covered - just plugging a random, unknown USB device into a computer is stupid. Encouraging people to do it doubly so.

 

#2, the practice as described on the page linked involves defacing or modifying property which the owner of the device (or cache) presumably is not the owner of. I'm pretty sure this would violate a guideline of some sort.

 

I think such an idea would be potentially harmful to cachers, and harmful to the image of cachers/the game itself in the eyes of property owners, government authorities, and muggles in general.

Link to comment

First, having the laptop against the wall is uncomfortable and risky. I'd use this:

 

IMG_1545685.jpg

 

Second, I wouldn't do it. What would happen if someone rig up a circuit to draw power from your USB port, step it up to, say, 1000V (using a step-up transformer circuit similar to what is used for 12V CCFL) and feed it back to your data pins?

Link to comment

From the GPSstash Yahoo group:

 

A new movement has combined geocaching, file-sharing and graffiti into

a form of urban interactivity that feels illicit. It may also a be a

sign of things to come."

 

Read more: http://goo.gl/tGi7X

 

This reminds me of an idea Dave Ulmer had for geocaching back in 2000.

He called it a cyberstash. Back then, you had to go home and retrieve

your cyber prizes from the Internet. Now, you just plug in the USB-drive

and retrieve your cyber prizes at the waypoint.

 

--

Scout

Link to comment

There was another thread about these someplace.

Aside from the relative stupidity of plugging a strange thumb drive into your laptop, the drives would not last much longer than the first rainstorm, or a person bumping into it.

I forgot my USB drive in a pocket and it got washed, spun and dried only to find it had taken no damage and worked fine. Just clean now B)

Link to comment

There was another thread about these someplace.

Aside from the relative stupidity of plugging a strange thumb drive into your laptop, the drives would not last much longer than the first rainstorm, or a person bumping into it.

I forgot my USB drive in a pocket and it got washed, spun and dried only to find it had taken no damage and worked fine. Just clean now B)

Try leaving it outside for a few months, exposed to the elements, multiple occasions where it's damp for several days at a time, standing water inside the connector, and possibly sprayed with road salt.

 

USB connectors are made from very, very cheap metal. They will corrode.

Link to comment

 

In the interest of file security, caches that require the downloading, installing or running of data and/or executables may not be published.

 

It says caches that REQUIRE downloading, installing, ect, will not be published so if you do place a dead drop in on or around a cache if you interact with it you do so at your own risk. Now we do make water proof cache containers. the contents of these can last for years and for the people who doubt that a thumbdrive would last think about some of the logs you encounterd. These are made of paper and with proper precautions they can last a long time. A thumb drive is metal and plastic, I think that's a wee bit more durible than paper. Ok so place a usb in a cache or attatch it to the inside of a container and if you feel like taking the risk you can upload your photos, cords, notes, hints, even songs you like. I don't know why so many people oppose this idea, I do think that a usb in the elements wouldent last long but a usb in a cache would last as long as the container was water tight. Its as simple as droping a usb in a cache.

Link to comment

Thinking this concept through I think there's a very cool way you can associate this with geocaching. Not combining the 2 but taking something from dead drops. If you make a travel bug using a USB to log the location and provide a story I think it would catch on pretty quick. Also trusting a USB that is connected to the travel bug tag would present little risk if any (thanks to the great geocaching community). Just seems like it would be fun to open it up and enjoy reading about the bugs travels before your add you own little part to it and send it on it's way :P

Edited by Night_Hiker
Link to comment

truly not practical... it takes one person who plugs in to one and uploads KP to turn the entire thing into a major lawsuit, or one hacker who turns the flashdrive into a forced boot drive or has it run an executible file apon connection to the drive with a virus or spyware.

 

not to mention weathering concerns, most flash drives aren't waterproof, and even for the ones that are the contacts will corrode rather quickly when left in the elements.

 

not to mention how long will it be until the RIAA 'places' one that does little more than log your identifieing info[MAC address, etc] and the files you UL/DLed[or searches your media folders]... or untill a multi national advertising firm places one that searches your browser caches and MAC to better 'sell you' the next time you go online[personally i think its bad enough the number of websites that use cookies to track your internet usege(often without your knowledge)]

 

all and all, i'm not a fan of the idea

I love when people get all up in arms trying to ruin a good idea. Tons of people could have ruined geocaching by the way that you describe it. Someone could have placed KP photos in an geocache ammobox or instead of inflicting damage to a computer they could have rigged something up to a geocache to cause bodily harm. But people don't cache to cause harm or destruction, we do it because it's fun and we find different varieties every time. That's why I plan on creating a dead drop style cache. Instead of having a PHYSICAL logbook and PHYSICAL trade-ables it will all be digital in a very well camo'ed container, placed on private property with owners permission. I have yet to come across a well hidden cache that has been full of illegal products or images. At worst the cache would get muggled and I'd be out an old $0.99 flash drive and a $0.20 usb extension cable. Which is alot cheaper than what goes into most caches. There is no reason this should be any different. "End Rant"

Link to comment

truly not practical... it takes one person who plugs in to one and uploads KP to turn the entire thing into a major lawsuit, or one hacker who turns the flashdrive into a forced boot drive or has it run an executible file apon connection to the drive with a virus or spyware.

 

not to mention weathering concerns, most flash drives aren't waterproof, and even for the ones that are the contacts will corrode rather quickly when left in the elements.

 

not to mention how long will it be until the RIAA 'places' one that does little more than log your identifieing info[MAC address, etc] and the files you UL/DLed[or searches your media folders]... or untill a multi national advertising firm places one that searches your browser caches and MAC to better 'sell you' the next time you go online[personally i think its bad enough the number of websites that use cookies to track your internet usege(often without your knowledge)]

 

all and all, i'm not a fan of the idea

I love when people get all up in arms trying to ruin a good idea. Tons of people could have ruined geocaching by the way that you describe it. Someone could have placed KP photos in an geocache ammobox or instead of inflicting damage to a computer they could have rigged something up to a geocache to cause bodily harm. But people don't cache to cause harm or destruction, we do it because it's fun and we find different varieties every time. That's why I plan on creating a dead drop style cache. Instead of having a PHYSICAL logbook and PHYSICAL trade-ables it will all be digital in a very well camo'ed container, placed on private property with owners permission. I have yet to come across a well hidden cache that has been full of illegal products or images. At worst the cache would get muggled and I'd be out an old $0.99 flash drive and a $0.20 usb extension cable. Which is alot cheaper than what goes into most caches. There is no reason this should be any different. "End Rant"

 

VERY well said. In fact, I was willing to come out of lurking to support this. The specific style and idea that is originally presented as dead drops may not suit everyone's taste. Does every cache? There is little to be said of the dangers presented beyond what we have now. Don't own scuba gear? A UV light? Etc, etc, etc. Being aware of the dangers and risks is to be expected. There is nothing more presented here than what we already deal with.

 

I'm a little shocked with the amount of tech that goes into this sport that people are so put off by another device. <Really silly example here...> OH NO! VIRUS ON MY GPS! Viruses on my paperless tech! Viruses on my erm... log book?

 

I feel it's best to simply keep an open mind. Don't be shocked when more, more and more tech turns up. I LOVE this sport for it's ability to evolve. As has been said before, and will be surely said again: If it's not for you move on, and enjoy what you enjoy!

 

Happy caching. Tech or traditional (where ever that line is for you)

Link to comment

It seems like a silly idea, now that we have the internet and cloud computing. Why would you have to travel to a location and hook your laptop up to share files?

 

It looks like a cable would be required, since my laptop is heavy and holding it up to the wall will get tiring fast. I'll look soooo important, using a laptop with a cable connected to a phone booth.

 

Has this come up again in the schedule already?

 

It's only been three months. I thought this was on the yearly schedule.

I will edit the schedule to make sure everything is factored in.

Link to comment

Has this come up again in the schedule already?

 

It's only been three months. I thought this was on the yearly schedule.

 

Proposition to amend schedule as follows:

[insert topic] <-> [insert joke about it being on the schedule]

[insert anything] SCHEDULE! [No new discussion.]

[END]

 

I'm sure many of you old hats have talked everything over a billion times. I'm aware 'clogging up' a forum with the same talk is at best... boring. However, shutting down any new discussion because it's happened before? Seems strange. If there's a specific topic for a subject, by all means point people that way! If not and you are only willing to add 'THE SCHEDULE' to a topic... you are as guilty as the people simply repeating.

 

A curse on our team - I hope I look back on this post a year from now. That seems fair.

Link to comment

I love the idea of this ... in reality though I'd really want to know whose digital data I was sharing ... can see lots of ilicit uses for this, but nothing I'd want to be a part of! ... if I need to share something out in the feild definitely prefer the idea of just sharing a few lines of text by QR code, or if I want to share more just use the cache's web log page!

Link to comment

Instead of having a PHYSICAL logbook and PHYSICAL trade-ables it will all be digital in a very well camo'ed container, placed on private property with owners permission.

Good luck with that.

 

If I found such a thing listed as a cache, I'd write my handle on a slip of paper and leave it in the container. If you delete my online log because I didn't want to connect my laptop to your device, I'm sure Groundspeak would reinstate my log and chastise you for your ALR.

Link to comment

Two Cents from a security and network admin - The technique you are describing is a form of 'social engineering' where a data criminal drops CD's or USB sticks labeled with something enticing in a location they know will be picked up and played. It is a surprisingly effective ploy as most people are just curious enough and just careless enough to make this work. When you factor in the fact that most people care more about what is plugged into their home machine but their work PC is the tech guy's problem when it gets trashed.

 

One measure of protection is to turn off autoplay for all drives and this keeps most of the USB malwares from launching but it is not as secure as just not plugging the thing in in the first place...

Link to comment

I love when people get all up in arms trying to ruin a good idea. Tons of people could have ruined geocaching by the way that you describe it. Someone could have placed KP photos in an geocache ammobox or instead of inflicting damage to a computer they could have rigged something up to a geocache to cause bodily harm. But people don't cache to cause harm or destruction, we do it because it's fun and we find different varieties every time. That's why I plan on creating a dead drop style cache. Instead of having a PHYSICAL logbook and PHYSICAL trade-ables it will all be digital in a very well camo'ed container, placed on private property with owners permission. I have yet to come across a well hidden cache that has been full of illegal products or images. At worst the cache would get muggled and I'd be out an old $0.99 flash drive and a $0.20 usb extension cable. Which is alot cheaper than what goes into most caches. There is no reason this should be any different. "End Rant"

 

I don't carry my laptop while geocaching. But usb drives are so old school anyway. Just put in a QR code, and scan it with your phone, that way people can just log it online right away. Why bother having a digital log on a usb drive? You would still have to hike back to the cache to get the log. Why would I want to double log and risk getting junk on my computer? And not even be able to trade anything to boot? Or trade digital stuff? Look at the junk people already trade, what kind of digital junk do I want from people that I would not be already able to get on my own?

 

Some people also find it fun to cause harm. Some people have other motives and will take advantage of opportunities. Muggling would not be the worst thing that could happen. Don't even need to get a virus, all you need is for someone to drop a top secret government document or child porn. Then that property owner will be in deep doodoo. And probably you too, since you're the cache owner. But whoever dropped/picked up the files will be in the wind. Physical caches aren't really conducive to mass destruction, so not so useful for those looking to make a point. So your local terrorist could look at a physical cache and say, well I can put a bomb in and maybe injure a few people the next time they come whenever that may be, or transfer the building plans for the local nuclear power plant at the dead drop cache. Which cache type would be more useful? Maybe I've watched too many movies and you'll be fine. But there is so much more money involved in data crimes than physical crimes that setting up a free anonymous offline transfer network would be perfect for illicit use.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Followers 4
×
×
  • Create New...