On Sun, Nov 10, 2013 at 11:52 PM, Mitar <mitar(a)tnode.com> wrote:
Hi!
Perhaps there is a better way to deal with the
problem. If I understand
batman-adv correctly, no node requires knowledge of anything but the next
hop for every destination. This should mean that we don't need the layer
2
traceroute functionality that batman-adv
includes. If we change
batman-adv
such that a node can only ever know the next hop
for a given destination,
I am not sure exactly what you are saying you would change? Batman
already knows only next hop for every destination. So what you would
change?
Anyway, I think this is still complicating too much. Practically, any
attack would simply be listing all MAC addresses in the network. Once
you know this list you know that they are in the network. And then you
use other means to determine where a person is. You have to remember
that nobody is using only one approach or one tool. They will combine
data from multiple sources. Any change here will just make network less
open (in the sense that you would have a difference between admins and
non-admins), for what gain?
Can please somebody first describe a threat model we are trying to
address here? Who attacking whom and with which tools?
Bob is stalking Eve, and he has figured out her MAC address. He wants to
follow her around the city or simply learn where she lives. Using the node
map, which includes node IP addresses (or because he simply drove around
the city and mapped them out himself) he knows the IP/MAC to physical
location mapping of all nodes. A simple layer 2 or 3 traceroute will now
tell him Eve's movements around town including her work location and home
location. I am proposing that we disable the layer 2 traceroute
functionality in batman-adv and block ICMP Time Exceeded messages such that
traceroute is no longer possible, and such that it becomes much more
difficult to find the physical location of a MAC address.
I think this scenario is our biggest concern with regards to tracking. The
government already tracks people using other methods, but we're setting up
a system that allows anyone to track anyone which brings with it a whole
slew of new problems.
Encouraging people to install apps that change their MAC addresses will not
solve the problem, since most people still won't install and use those apps
(and some devices don't allow that level of control).
--
Marc/Juul