How can we trust the security and privacy of Adeona?
Our techniques for ensuring security and privacy are not secret: the source code is available. Moreover, the system is also designed as part of a peer-reviewed academic paper that appeared at the 2008 USENIX Security Symposium, one of the top venues for computer security research publications. Adeona is designed to protect user location privacy against powerful adversaries: a malicious party who has control over the entire distributed remote storage infrastructure, a malicious party who has physical access to the device (and wants to learn prior locations using Adeona), and even collusions between the two. That said, in order to maintain efficiency and usefulness, Adeona does not consider some threats. For example we cannot ensure privacy in the extreme case that ISPs collude to reveal a device’s locations. More details about our threat models are given in the paper. Adeona is, however, still under development and we welcome and encourage feedback and suggestions.
