US Promoting Mesh Networks; Reporters Misleadingly Think They Somehow Stop Digital Spying

from the not-the-same-thing dept

A recent article in the NY Times talked about how the US State Department is behind a project to build up mesh networks that can be used in countries with authoritarian governments, helping citizens of those places access an internet that is often greatly limited. This isn't actually new. In fact, three years ago we wrote about another NY Times article about the State Department funding these kinds of projects. Nor is the specific project in the latest NYT article new. A few months back, we had covered an important milestone with Commotion, the mesh networking project coming out of New America Foundation's Open Technology Institute (OTI).

But the latest NYT article is especially odd, not because it repeats old news, but because it tries to build a narrative that Commotion and other such projects funded by the State Department are somehow awkward because they could be used to fight back against government surveillance, such as those of the NSA. The problem is that the issues are unrelated, and nothing in mesh networking deals with stopping surveillance. As Ed Felten notes, the Times reporters appear to be confusing things greatly:
There’s only one problem: mesh networks don’t do much to protect you from surveillance. They’re useful, but not for that purpose.

A mesh network is constructed from a bunch of nodes that connect to each other opportunistically and figure out how to forward packets of data among themselves. This is in constrast to the hub-and-spoke model common on most networks.

The big advantage of mesh networks is availability: set up nodes wherever you can, and they’ll find other nearby nodes and self-organize to route data. It’s not always the most efficient way to move data, but it is resilient and can provide working connectivity in difficult places and conditions. This alone makes mesh networks worth pursing.

But what mesh networks don’t do is protect your privacy. As soon as an adversary connects to your network, or your network links up to the Internet, you’re dealing with the same security and privacy problems you would have had with an ordinary connection.
The whole point of Commotion and other mesh networks is availability, not privacy. The target use is for places where governments are seeking to shut down internet access, not surveil on them. Yes, there is a case where if you could set up a mesh network that then routed around government surveillance points you could circumvent some level of surveillance, but the networks themselves are not designed to be surveillance proof. In fact, back in January when we wrote about Commotion, we pointed out directly that the folks behind the project themselves are pretty explicit that Commotion is not about hiding your identity or preventing monitoring of internet traffic.

Could a mesh network also be combined with stronger privacy and security protections? Yes, but that's different than just assuming that mesh networking takes on that problem by itself. It doesn't -- and it's misleading for the NYT to suggest otherwise.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: access, commotion, mesh networks, privacy, security, state department
Companies: new america foundation, oti


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 22 Apr 2014 @ 3:21pm

    Mesh networks should have encrypted communication by default, otherwise they are not secure. Same for that FireChat app that was in the news recently - it doesn't encrypt the conversations, even in transit.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 Apr 2014 @ 3:50pm

      Re:

      That does not solve the big problem for people living under an authoritarian government, hiding the fact that they are communicating in secret, and/or aiding people to do so, by for instance running a TOR node. Under the worse forms of these governments, just cwhen under an authoritarian government Steganography, via something like Flickr, if you can establish a relationship with a trustworthy person to get your message out.

      link to this | view in chronology ]

  • icon
    aldestrawk (profile), 22 Apr 2014 @ 3:47pm

    It's amazing to me how naive some journalists are with respect to science or technology. The following quote from the story should tell anyone with even the least understanding of networking that the mesh networks described cannot be secure.

    “I just put my router up, and it will connect to anything it sees,” Ms. Gerety said. “You just keep putting up more routers.”

    Doesn't the NYT have fact checkers or editors anymore? They certainly do have some reporters who are quite knowledgeable about science and technology in general and the Internet in particular.

    Mesh networks are in use in the US although you may not be aware of it. For example, the network behind PG&Es smart meters is a mesh network. Now that one is supposed to be secure, using encryption to ensure confidentiality and exclusivity.

    link to this | view in chronology ]

  • icon
    Roger Strong (profile), 22 Apr 2014 @ 4:15pm

    Think about the digital spying implications when telepresence robots are added.

    My Wi-Fi reaches 30 feet, limiting the roaming range of a robot. Connected in a mesh with other Wi-Fi access points, a robot could roam much further.

    Those stuck in a hospital - or someplace boring - could rent a robot, put on an Oculus Rift and wander around anywhere from a distant mall to tourist attractions. Tourist areas will no doubt rent them out to anyone who can't afford to visit in person. Executives could stay at the cabin and still "manage by walking around" at the office. Business people and reporters may rent them in distant cities rather than visiting.

    Which in turn means that anyone can position a surveillance camera where needed, as needed, from anywhere.

    Anonymous stalking of celebrities and ex-girlfriends will get worse when rented telepresence robots meet Tor. Whistle blowers and activists will find telepresense robots permanently watching their yards, moving only if someone places something in front of them. (The medium is the message!) The Chinese government will LOVE this technology.

    Larry Niven's flash mobs will happen. But instead people flooding in to a major news event using teleport booths, they'll be using rented telepresence robots. There's even a monetary incentive Niven never thought of: As fires and accidents and celebrity indiscretions hit the newswire anywhere in the world, rent a local robot and rush to the scene to record it for your YouTube channel or for sale. First responders won't be able to move a fire truck without (cheerfully) running over them.

    link to this | view in chronology ]

  • icon
    Wally (profile), 22 Apr 2014 @ 4:24pm

    Yeah.

    link to this | view in chronology ]

  • icon
    Wally (profile), 22 Apr 2014 @ 4:26pm

    Yeah...about that spying...

    The meshes are meant to stop digital spying in those countries...Believe it or not...citizens of countries that censor the Internet, are more heavily monitored than the NSA did us...The mesh is also a means to help get around such censorship from the outside world.

    link to this | view in chronology ]

  • identicon
    Kirk Parker, 23 Apr 2014 @ 1:19pm

    "and it's misleading for the NYT to suggest otherwise."

    This is my shocked face...

    link to this | view in chronology ]

  • identicon
    Gurudatt, 23 Apr 2014 @ 11:21pm

    Most people do not understand security

    When one is connected to the mainstream Internet through an ISP, it goes through many checkpoints. It is like there is a highway and there are police checkpoints. It is difficult for somone to get past those once they are setup.

    The only way to secure your communication is by not using the mainstream Internet and insteading using p2p wireless communication that does not require the mobile or internet network to be operational. Today's mobile devices have many such options. Bluetooth, Wifi, NFC, etc

    All one needs to do is create a network by using these p2p communication technologies. This is possible by enabling a secure handshake between two devices and a grid computing app (the one similar to SETI uses) that converts every such device into a server and stores the latest repository of all such connections in a secure encrypted format that cannot be reversed (your information will decrypt only on your device).

    So it is like a Grid OS in place on each of these devices that enable individual secure apps such as messaging, chat, etc.

    This will put the Mobile networks out of business and reason why they are not encouraging such technologies.

    But this is doable. The fact that the security agencies generally get to us through the ISPs it is time we junk their services.

    link to this | view in chronology ]

  • identicon
    John Atkeson, 17 Sep 2014 @ 8:59am

    Well you're half right

    "As soon as an adversary connects to your network ... you’re dealing with the same security and privacy problems you would have had with an ordinary connection."

    This is not really true.

    There is no one place on a mesh where an adversary can position himself to eavesdrop all of your communication the way he can on the mainstream Internet backbone.

    Eavesdropping on a mesh is like sitting in the middle of a dark lake and hoping that when a fish goes from point A to point B, he just happens to hit you. Possible, but very unlikely.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.