Blog Post

How Pogoplug Works

Pogoplug, the little gadget that turns any USB-enabled drive into a personal storage locker accessible over the Internet, impressed me as much as it did Kevin over at our sister site jkOnTheRun. But I really wanted to learn how exactly it worked. So I reached out to Pogoplug maker Cloud Engines’ chief technology officer, Brad Dietrich, who in the past has worked in digital device startups such as Mediabolic (which has since been bought by Macrovision (s mvsn)). He shared some insights with me via email as the innards of this device, which is a computer in its own right.

Om: Are you using an embedded Linux on this device?

Brad Dietrich: Yes, we are running a Linux kernel on a Marvell ARM SOC. My team and myself have been working in the embedded Linux world for well over 10 years now (my background was at Mediabolic and the digital home) and we are very good at stripping things down to a bare minimum.

Om: Can you share some details?

Dietrich: Since we are so familiar with Linux’s kernel and networking stack, we rely on very little other software than the Linux kernel and the C library. Although the hardware will run the full version of Ubuntu for ARM (and some of our users are running it on their Pogoplugs), we took the approach of owning the majority of the feature stack ourselves so we could produce a good user experience that was fully integrated. We believe that seamless end user integration and location independence is absolutely critical to bringing the complexity of networking devices mainstream.

Om: How does it auto-configure the network connection and overcome some of the challenges posed by firewalls and the heterogeneous nature of home and broadband networks?

Dietrich: First of all, we make some assumptions about what most consumer networks look like today. We have worked with many of the mass market retail routers for many years, and know their idiosyncrasies and standard configurations. As you probably are aware, the security model that many of these devices have always taken is that devices that are physically connected to the LAN side of the Ethernet are implicitly trusted and can immediately receive DHCP addresses and route outbound connections to the Internet. Inbound packets are always denied unless they are responses to outbound-initiated requests. This security model is one of the reasons we chose to make the Pogoplug use only wired Ethernet. Wi-Fi has so many legacy configuration complexities that are nowhere near as transparent to set up.

Om: What happens when Pogoplug is connected to the Internet?

Dietrich: Once the Pogoplug has received a DHCP address and verifies it can speak out to our service on the Internet, technically the device is fully configured and nothing is required to configure. The service will tunnel all requests back from the Internet to the Pogoplug through this outbound connection that is established. If the device is unable to receive DHCP, yet we still have functioning Ethernet, we at least can communicate to the PC over the LAN, and there are fall-back steps to accommodate these more sophisticated network configurations.

Om: How do you ensure that Pogoplug is secure and is accessible for the users?

Dietrich: The only other step that is required in our “activation” is the process of ensuring that a user has access to the device. For this, we make similar security assumptions that the consumer-grade firewall is already making, namely that if the user has physical access to the device at the time the device is first turned on, then they must own the device. We guarantee this physical access by two methods. One, the Pogoplug is on the same LAN as the customer’s PC attempting to activate the Pogoplug; and two, the user has the security code (a 26-digit code) that is unique to the Pogoplug. The result of the user proving this access is to grant that user as the primary owner of the Pogoplug in question, and it is unable to be activated by anyone else until that user unregisters the device from their account.

12 Responses to “How Pogoplug Works”

  1. The thing that makes me look at Pogoplug and SheevaPlug and not like the Pogoplug is that Pogo has access to my data. Why would I want that, especially since they are a startup that is very likely to get bought by some unknown bigger player?

  2. Om,

    I’ve got one question on how this thing mounts when you are connected via the internet, say from a coffee shop. Does the Pgoplug drive still mount itself like a network drive on your Macbook Air?

  3. I think this is awesome.

    I have ordered a Fonera 2.0 which may be slihtly less powerful than Marvell’s latest ARM processor, but is just $49 at and as far as I understand works with a fully open source platform for applications to run on it’s Linux platform.

    Basically it’s a FON WiFi router with a USB host plug so you can connect any hard drive, usb key, HSDPA dongle, connecting more than 1 using a USB hub and have all kinds of applications running on it like NAS/Samba local file sharing, http/ftp server to access all your files from the Internet, uploading your files to web services like Youtube, Flickr, rapidshare, or online backup storage (eventually synchronizing all the files with another Fonera 2.0 on the net), downloading and seeding BitTorrents, seeding and leeching stuff on Emule and more. Though the Fonera 2.0 as far as I understand is only powerful enough to handle 2 BitTorrent or Emule files being downloaded/seeded at the same time.

  4. Wifiguy

    Good work, Om, this sounds like a truly innovati e product and I’m shocked that there aren’t more comments about it. Maybe you should focus on the pogopug app that allows you to use your iPhone to access your hard drive anywhere.

    • That is indeed funny… the iPhone part of your comment. I think you are spot on the innovative part, for the team has built a pretty solid product that totally rocks. and i can imagine the potential of something like this once it has been turned on.