Wireless Mesh Networks, The NSA, And Re-building The Internet
from the exploring-all-the-avenues dept
One of the bitter lessons we learned from Snowden's leaks is that the Internet has been compromised by the NSA (with some help from GCHQ) at just about every level, from our personal software and hardware, through ISPs to major online services. That has prompted some in the Internet engineering community to begin thinking about how to put back as much of the lost security as possible. But even if that's feasible, it's clearly going to take many years to make major changes to something as big and complex as the Net.
However, there's an alternative approach to digital connectivity that has been around for a while, and that's already being used around the world. Wireless meshes allow ad-hoc networks to be set up independently of the Internet's main wiring by hooking together a local collection of suitable devices. Mesh networks can be thrown up and torn down quickly; devices can join and leave them dynamically; and they can recover from breaks in the wireless links by setting up alternative paths. They can either be run as local area networks, disconnected from the Internet, or hooked into it, allowing single or multiple links to be shared by the entire mesh.
One such wireless mesh comes from The New America Foundation's Open Technology Institute, which describes itself as follows:
The Open Technology Institute formulates policy and regulatory reforms to support open architectures and open source innovations and facilitates the development and implementation of open technologies and communications networks. OTI promotes affordable, universal, and ubiquitous communications networks through partnerships with communities, researchers, industry, and public interest groups and is committed to maximizing the potentials of innovative open technologies by studying their social and economic impacts – particularly for poor, rural, and other underserved constituencies. OTI provides in-depth, objective research, analysis, and findings for policy decision-makers and the general public.
Its Commotion project has just reached an important milestone:
Open Technology Institute (OTI) announced today that it has completed Beta testing and upgrades of its groundbreaking mesh networking toolkit, and is launching Commotion 1.0 in time for the new year. The launch represents the first full iteration of the technology, which makes it possible for communities to build and own their communications infrastructure using "mesh" networking. In mesh networks, users connect their devices to each other without having to route through traditional major infrastructure.
Of course, neither Commotion nor other wireless meshes are proof against the NSA's huge array of tricks and tools that we have recently found out about. Indeed, OTI provides an explicit "warning label" for its mesh:
Commotion 1.0 is an open-source toolkit that provides users software and training materials to adapt mobile phones, computers, and other wireless devices to create decentralized mesh networks so they can connect and share local services. A mesh network can function locally as an Intranet, but when one user connects to the Internet, all users will have access to it as well.Commotion
But it's important to remember that Commotion and the other wireless mesh systems were designed in a more innocent time, before we knew the extent to which we were being spied upon, and how much the basic protocols of the Internet had been compromised. Now that we've learnt about all those things, it would be good to use that knowledge to spur the creation of the next generation of wireless mesh systems with high levels of security and privacy, so that we can add them to our own collection of tools and tricks in the fight to build a surveillance-resistant Net.
Cannot hide your identity
Does not prevent monitoring of internet traffic
Does not provide strong security against monitoring over the mesh
Can be jammed with radio/data-interference
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: commotion, infrastructure, mesh networks, privacy, security, wireless, wireless mesh networks
Companies: open technology institute, oti
Reader Comments
Subscribe: RSS
View by: Time | Thread
warning label should say
- will likely expose you to your neighbors and other people on the network
- easily permits man in the middle attacks and data redirection
- has no real security, and you are likely to suffer many brute force attacks from within the network
- Can disappear in an instant when the only node you can see gets turned off
I live a very, very high density condo project typical of my country, and on average I can see a dozen or more wireless units. Yet, move only 100 meters or so away, and the connections pretty much disappear, and you are relying on 4G / LTE connections - which most people will NOT share.
Quite simply, even in high density living, there is no assurance of a quality wi-fi signal indoors from any other source than your own unit, and thus, it just doesn't work well with current technology.
Yes, some people will put antennas on their house and setup beams and all that, but that only goes to prove that the mesh is so fine that it is easily broken. One guy moves and shuts down his node and a whole group of people could lose connectivity. Not exactly prime, is it?
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Anybody feel like firing up a BBS? :)
[ link to this | view in thread ]
[ link to this | view in thread ]
What you want to look into is https://projectmeshnet.org which came from http://www.reddit.com/r/darknetplan
I think it's still very early days for meshnets, though, and we'll probably need about a decade for the technology to catch-up. When everyone will have Wi-Fi that can do 10 Gbps for ranges of at least half a mile (or a mile, preferably), then we're talking! It should also get easier for individuals to launch their own Wi-Fi balloons, the way Google is doing in Africa.
The issue is that while the Wi-Fi Alliance may be interested in 10 Gbps Wi-Fi, I don't think they are interested in long range Wi-Fi, at all. They've recently seemed to have gone backwards and are starting to support very short range 60 Ghz WiGig Wi-Fi, which does 7 Gbps, but is kind of useless for meshnets due to its short range and inability to go through walls.
So we need to pressure the Wi-Fi Alliance to give us mile-long Wi-Fi protocols with at least 1Gbps throughput, as the next protocol after 802.11ac.
The only alternative for miles-long Wi-Fi right now is White Spaces wireless, but that's a centralized thing, and I doubt it can be very censorship resistant. It's more of a helping rural areas get Internet sort of thing, and mainly from bigger companies, not individuals.
[ link to this | view in thread ]
Until meshnets become a reality, there are quite a few projects inspired by Bitcoin that are trying to build secure and decentralized networks on top of the insecure Internet.
Projects such as :
http://twister.net.co/
http://okturtles.com/
https://bitmessage.org/
And even TPB's new censorship-resistant project:
http://torrentfreak.com/how-the-pirate-bay-plans-to-beat-censorship-for-good-140105/
I think these types of projects will become very popular in the next few years, if they are proven to be practical to use.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Use of mesh networks would be a step to protecting the population in general from blanket surveillance. It would not stop targeted surveillance, but along with encryption, make blanket surveillance too expensive to carry out.
[ link to this | view in thread ]
Re:
Everything could be completely anonymous with nothing more than a mac address used for identification, or even a mesh network unique code used for anonymity.
A box that could do this would be super effective and fast in creating a mesh network all over the world.
Yes the basic internet infrastructure would be used for internet activity but eventually i can see boxes being produced that allowed everyone to host their own website free of charge.
Just imagine, you go and buy a box for $100 and install a hard drive of your own. You then have whatever the size the hard drive is space to use for a website or websites.
Yes this would need to be created as a standard first so all manufacturers could build on it, but in the end with a little thought the internet could become completely free and the only basic structure needed would be between countries with huge distances between them like the US to the EU.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
I still have mine. Haven't turned it back on since I shut it down in 1995, but it should still be usable. I continually resist the urge to turn it on just to walk down memory lane.
The only problem is that there wasn't much security on the BBS since the phone lines were run by AT&T and was point-to-point (hence, NSA already could get them,) and there was little, if any, encryption used on the connection.
[ link to this | view in thread ]
Something something box design something...
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
Only 8 miles? I have done it over 15 miles. They need to catch up!
However, that's irrelevant. It doesn't matter if someone can eavesdrop on your WiFi if all of your traffic is encrypted through a VPN. A good mesh network does this.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
There is a good reason for that, too much interference with longer range technologies in high density housing areas. Mesh networks work best at medium density, where noes are close enough to see several others, but not so far apart that no other node is visible, or so close together that they interfere with each other because there are no clear channels
That said, the current problems with the Internet are due to the way that the connections are provided. In the western world ate least, this is by asymmetric broadband, so that the only reasonable approach to a private server or site is to get it hosted at a data warehouse, server farm, or blogging host etc. That is let someone else have at least physical control, or provide the software for private servers, and feed all the connections through choke points that are easy to intercept.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
In the long run though, I'd also like to see custom modem modem modulations being used on point to point connections. The idea of being able to negotiate a dynamic 8FSK toneset or something during the handshake at the very least would be interesting.
There's really no easy way to avoid mass intercept - either on a public network or a mesh network as some other commenters have pointed out. I think that's the simplest way to get it done in the short term, though. Particularly if it's true that the machines responsible for monitoring are just made for automatically transcribing voice.
There's plenty more things then voice you can stuff down a phone line.
[ link to this | view in thread ]
interesting discussion
will send custom photo or whatever as proof of identity.
Interested?
John McAfee
[ link to this | view in thread ]
change is must
[ link to this | view in thread ]