20 Nov
2013
20 Nov
'13
12:18 p.m.
Inspired by last week's conversation, I experimented with MAC
randomization on my laptop. And I DoS'd my own network by exhausting
its DHCP pool.
My very naive script reset the MAC after every network hiccup, so the
router kept seeing an entirely new device and giving it a new IP
address. Slowly. Until they were all gone. I "solved" my problem the
stupid way by rebooting the router and lowering the DHCP timeout from
24 to 3 hours.
A production script would be clever about resetting it only on new
associations, and not on every brief reassociation. However, still
something to keep in mind when deploying networks that encourage this
sort of thing. ;)
20 Nov
20 Nov
1:47 p.m.
New subject: Changing your MAC address
It makes a lot of sense that a network with MAC hopping devices would need
a DHCP server with short lease times.
How do short lease times impact devices that are not changing their MAC
addresses?
-steve
On Wed, Nov 20, 2013 at 12:18 PM, Yardena Cohen <yardenack(a)gmail.com> wrote:
Inspired by last week's conversation, I
experimented with MAC
randomization on my laptop. And I DoS'd my own network by exhausting
its DHCP pool.
My very naive script reset the MAC after every network hiccup, so the
router kept seeing an entirely new device and giving it a new IP
address. Slowly. Until they were all gone. I "solved" my problem the
stupid way by rebooting the router and lowering the DHCP timeout from
24 to 3 hours.
A production script would be clever about resetting it only on new
associations, and not on every brief reassociation. However, still
something to keep in mind when deploying networks that encourage this
sort of thing. ;)
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
--
-steve
1:51 p.m.
New subject: Changing your MAC address
TCP sessions get reset when you get a new lease on a different IP.
Hopefully short lease times comes with giving you the same IP if you
stay connected and keep re-acquiring leases. But I've encountered
equipment that doesn't.
-a
On 20 November 2013 13:47, Steve Berl <steveberl(a)gmail.com> wrote:
It makes a lot of sense that a network with MAC
hopping devices would need a
DHCP server with short lease times.
How do short lease times impact devices that are not changing their MAC
addresses?
-steve
On Wed, Nov 20, 2013 at 12:18 PM, Yardena Cohen <yardenack(a)gmail.com> wrote:
Inspired by last week's conversation, I experimented with MAC
randomization on my laptop. And I DoS'd my own network by exhausting
its DHCP pool.
My very naive script reset the MAC after every network hiccup, so the
router kept seeing an entirely new device and giving it a new IP
address. Slowly. Until they were all gone. I "solved" my problem the
stupid way by rebooting the router and lowering the DHCP timeout from
24 to 3 hours.
A production script would be clever about resetting it only on new
associations, and not on every brief reassociation. However, still
something to keep in mind when deploying networks that encourage this
sort of thing. ;)
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
--
-steve
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
10:43 p.m.
New subject: Changing your MAC address
Hi!
Of course you can get the same IP address if you keep the same MAC. If
you change MAC then there is no way for DHCP to assign you the same IP.
(Not really true, it could based on the client name you probably
broadcast with your DHCP request and which is as well a privacy leak.)
And even if it would assign you the same IP, it would then link you to
your previous MAC because of this, so you do not want this, if you care
about MAC privacy.
Anyway, we are talking here about IPv6, so you do not use DHCP but
simply prefix. And then a way to append MAC to that prefix. So changing
MAC means changing IP as well (if you keep old one, then you again link
your new MAC to your old one, even if you use something as hash function
to obfuscate your MAC addresses).
Mitar
TCP sessions get reset when you get a new lease on a
different IP.
Hopefully short lease times comes with giving you the same IP if you
stay connected and keep re-acquiring leases. But I've encountered
equipment that doesn't.
-a
On 20 November 2013 13:47, Steve Berl <steveberl(a)gmail.com> wrote:
--
http://mitar.tnode.com/
https://twitter.com/mitar_m
It makes a lot of sense that a network with MAC
hopping devices would need a
DHCP server with short lease times.
How do short lease times impact devices that are not changing their MAC
addresses?
-steve
On Wed, Nov 20, 2013 at 12:18 PM, Yardena Cohen <yardenack(a)gmail.com> wrote:
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
Inspired by last week's conversation, I experimented with MAC
randomization on my laptop. And I DoS'd my own network by exhausting
its DHCP pool.
My very naive script reset the MAC after every network hiccup, so the
router kept seeing an entirely new device and giving it a new IP
address. Slowly. Until they were all gone. I "solved" my problem the
stupid way by rebooting the router and lowering the DHCP timeout from
24 to 3 hours.
A production script would be clever about resetting it only on new
associations, and not on every brief reassociation. However, still
something to keep in mind when deploying networks that encourage this
sort of thing. ;)
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
--
-steve
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
21 Nov
21 Nov
10:52 a.m.
New subject: Changing your MAC address
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/20/2013 01:47 PM, Steve Berl wrote:
How do short lease times impact devices that are not
changing their
MAC addresses?
In our experience, not overmuch. DHCP lease renewals are pretty
snappy, and do not seem to degrade user experience overmuch.
- --
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
"I've got a Chevy parked out back with a serious root canal problem."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlKOVoQACgkQO9j/K4B7F8FPAwCgz2i0PDzJrTEZXWDF3vplDvDI
qX4An30p+a278L4lSow4ZFDrXhGAziyw
=2wa0
-----END PGP SIGNATURE-----
20 Nov
20 Nov
10:49 p.m.
New subject: Changing your MAC address
Hi!
And I DoS'd my own network by exhausting its DHCP
pool.
Use IPv6 and no DHCP server.
Mitar
--
http://mitar.tnode.com/
https://twitter.com/mitar_m
10:50 p.m.
New subject: Changing your MAC address
Hi!
I would be more interested in what happens to the arp table. Does it grow?
Mitar
Inspired by last week's conversation, I
experimented with MAC
randomization on my laptop. And I DoS'd my own network by exhausting
its DHCP pool.
My very naive script reset the MAC after every network hiccup, so the
router kept seeing an entirely new device and giving it a new IP
address. Slowly. Until they were all gone. I "solved" my problem the
stupid way by rebooting the router and lowering the DHCP timeout from
24 to 3 hours.
A production script would be clever about resetting it only on new
associations, and not on every brief reassociation. However, still
something to keep in mind when deploying networks that encourage this
sort of thing. ;)
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
--
http://mitar.tnode.com/
https://twitter.com/mitar_m
21 Nov
21 Nov
1:11 p.m.
New subject: Changing your MAC address
On Wed, Nov 20, 2013 at 10:50 PM, Mitar <mitar(a)tnode.com> wrote:
I would be more interested in what happens to the arp
table. Does it grow?
It appears to be staying up-to-date. At this very moment there are 5
obsolete dhcp leases hanging around, but none shows up in
/proc/net/arp
After a week of this, I'm wondering if it's better to dissociate this
stuff entirely from the network logic. Maybe all interfaces should
just be randomized at boot time and/or every 24 hours, no matter what
the network is doing. Seems a lot less complicated.
I'm also now skeptical that a malicious network couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
1:38 p.m.
New subject: Changing your MAC address
Hi!
Mesh networks and open source routing protocols we are using in general
have a lousy security properties because at least until know development
was mostly concentrated on getting routing itself to work properly (no
loops and so on) in a all the time changing wireless networks with
packet losses, where anybody can join in and add their own routing
device. In comparison, Internet itself has very similar bad security
properties, but there not everybody can deploy a BGP router. In mesh
networks, people can deploy an equivalent to the BGP router. Which is
what we want.
Cjdns is trying to address some of this issues:
https://en.wikipedia.org/wiki/Cjdns
But from what I understand it is more of a Internet overlay network, so
using VPN tunnels, and not really for wireless mesh networks. It can
work in wireless mesh as it is transport agnostic, but I am a bit
skeptical about performances there. Which is probably reasonable,
because it is a trade-off between security and usability. Still, the
security and privacy of end-users (those connecting through APs) is
another question.
There were some other proposals made in time, but at general you have
always the same issue: if you allow untrusted (in security sense of
trusted) devices to route in your network, you have a hard problem. A
problem which is scope of much scholarly research and publications.
Mitar
On Wed, Nov 20, 2013 at 10:50 PM, Mitar
<mitar(a)tnode.com> wrote:
--
http://mitar.tnode.com/
https://twitter.com/mitar_m
I would be more interested in what happens to the
arp table. Does it grow?
It appears to be staying up-to-date. At this very moment there are 5
obsolete dhcp leases hanging around, but none shows up in
/proc/net/arp
After a week of this, I'm wondering if it's better to dissociate this
stuff entirely from the network logic. Maybe all interfaces should
just be randomized at boot time and/or every 24 hours, no matter what
the network is doing. Seems a lot less complicated.
I'm also now skeptical that a malicious network couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
2:01 p.m.
New subject: Changing your MAC address
Hi!
Just to make sure, because I now see my last e-mail as very depressing.
I just explained where most of open source effort in mesh routing
protocols was spend until now, but I do think that it is maybe time that
we are start spending energy on privacy and security of mesh networks as
well. But to my knowledge there is no clean and already made solution
out there yet. But let's make it!
Mitar
Hi!
Mesh networks and open source routing protocols we are using in general
have a lousy security properties because at least until know development
was mostly concentrated on getting routing itself to work properly (no
loops and so on) in a all the time changing wireless networks with
packet losses, where anybody can join in and add their own routing
device. In comparison, Internet itself has very similar bad security
properties, but there not everybody can deploy a BGP router. In mesh
networks, people can deploy an equivalent to the BGP router. Which is
what we want.
Cjdns is trying to address some of this issues:
https://en.wikipedia.org/wiki/Cjdns
But from what I understand it is more of a Internet overlay network, so
using VPN tunnels, and not really for wireless mesh networks. It can
work in wireless mesh as it is transport agnostic, but I am a bit
skeptical about performances there. Which is probably reasonable,
because it is a trade-off between security and usability. Still, the
security and privacy of end-users (those connecting through APs) is
another question.
There were some other proposals made in time, but at general you have
always the same issue: if you allow untrusted (in security sense of
trusted) devices to route in your network, you have a hard problem. A
problem which is scope of much scholarly research and publications.
Mitar
--
http://mitar.tnode.com/
https://twitter.com/mitar_m
On Wed, Nov 20, 2013 at 10:50 PM, Mitar
<mitar(a)tnode.com> wrote:
I would be more interested in what happens to the
arp table. Does it grow?
It appears to be staying up-to-date. At this very moment there are 5
obsolete dhcp leases hanging around, but none shows up in
/proc/net/arp
After a week of this, I'm wondering if it's better to dissociate this
stuff entirely from the network logic. Maybe all interfaces should
just be randomized at boot time and/or every 24 hours, no matter what
the network is doing. Seems a lot less complicated.
I'm also now skeptical that a malicious network couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
2:05 p.m.
New subject: Changing your MAC address
My last email was poorly timed with the reception of your previous
email, no relation sorry, always enjoying your insight :)
--
-- rhodey ˙ ͜ʟ˙
On 11/21/2013 02:01 PM, Mitar wrote:
Hi!
Just to make sure, because I now see my last e-mail as very depressing.
I just explained where most of open source effort in mesh routing
protocols was spend until now, but I do think that it is maybe time that
we are start spending energy on privacy and security of mesh networks as
well. But to my knowledge there is no clean and already made solution
out there yet. But let's make it!
Mitar
Hi!
Mesh networks and open source routing protocols we are using in general
have a lousy security properties because at least until know development
was mostly concentrated on getting routing itself to work properly (no
loops and so on) in a all the time changing wireless networks with
packet losses, where anybody can join in and add their own routing
device. In comparison, Internet itself has very similar bad security
properties, but there not everybody can deploy a BGP router. In mesh
networks, people can deploy an equivalent to the BGP router. Which is
what we want.
Cjdns is trying to address some of this issues:
https://en.wikipedia.org/wiki/Cjdns
But from what I understand it is more of a Internet overlay network, so
using VPN tunnels, and not really for wireless mesh networks. It can
work in wireless mesh as it is transport agnostic, but I am a bit
skeptical about performances there. Which is probably reasonable,
because it is a trade-off between security and usability. Still, the
security and privacy of end-users (those connecting through APs) is
another question.
There were some other proposals made in time, but at general you have
always the same issue: if you allow untrusted (in security sense of
trusted) devices to route in your network, you have a hard problem. A
problem which is scope of much scholarly research and publications.
Mitar
On Wed, Nov 20, 2013 at 10:50 PM, Mitar
<mitar(a)tnode.com> wrote:
I would be more interested in what happens to the
arp table. Does it grow?
It appears to be staying up-to-date. At this very moment there are 5
obsolete dhcp leases hanging around, but none shows up in
/proc/net/arp
After a week of this, I'm wondering if it's better to dissociate this
stuff entirely from the network logic. Maybe all interfaces should
just be randomized at boot time and/or every 24 hours, no matter what
the network is doing. Seems a lot less complicated.
I'm also now skeptical that a malicious network couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
2:13 p.m.
New subject: Changing your MAC address
Hi!
No problem, it just made me realize that my e-mail was depressing. :-)
In any case, we might first try to define:
- who is adversary and adversary's capabilities, so, a security model
- what features would we want of the network
For example, do we want that anybody can attach a new routing device to
the network without any registration somewhere, and verification,
anything? Do we want to provide end-users with roaming? And so on.
Having a clear list of all this would help us then see possible
conflicting or aligned concerns.
Mitar
My last email was poorly timed with the reception of
your previous
email, no relation sorry, always enjoying your insight :)
--
-- rhodey ˙ ͜ʟ˙
On 11/21/2013 02:01 PM, Mitar wrote:
--
http://mitar.tnode.com/
https://twitter.com/mitar_m
Hi!
Just to make sure, because I now see my last e-mail as very depressing.
I just explained where most of open source effort in mesh routing
protocols was spend until now, but I do think that it is maybe time that
we are start spending energy on privacy and security of mesh networks as
well. But to my knowledge there is no clean and already made solution
out there yet. But let's make it!
Mitar
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
Hi!
Mesh networks and open source routing protocols we are using in general
have a lousy security properties because at least until know development
was mostly concentrated on getting routing itself to work properly (no
loops and so on) in a all the time changing wireless networks with
packet losses, where anybody can join in and add their own routing
device. In comparison, Internet itself has very similar bad security
properties, but there not everybody can deploy a BGP router. In mesh
networks, people can deploy an equivalent to the BGP router. Which is
what we want.
Cjdns is trying to address some of this issues:
https://en.wikipedia.org/wiki/Cjdns
But from what I understand it is more of a Internet overlay network, so
using VPN tunnels, and not really for wireless mesh networks. It can
work in wireless mesh as it is transport agnostic, but I am a bit
skeptical about performances there. Which is probably reasonable,
because it is a trade-off between security and usability. Still, the
security and privacy of end-users (those connecting through APs) is
another question.
There were some other proposals made in time, but at general you have
always the same issue: if you allow untrusted (in security sense of
trusted) devices to route in your network, you have a hard problem. A
problem which is scope of much scholarly research and publications.
Mitar
On Wed, Nov 20, 2013 at 10:50 PM, Mitar
<mitar(a)tnode.com> wrote:
> I would be more interested in what happens to the arp table. Does it grow?
It appears to be staying up-to-date. At this very moment there are 5
obsolete dhcp leases hanging around, but none shows up in
/proc/net/arp
After a week of this, I'm wondering if it's better to dissociate this
stuff entirely from the network logic. Maybe all interfaces should
just be randomized at boot time and/or every 24 hours, no matter what
the network is doing. Seems a lot less complicated.
I'm also now skeptical that a malicious network couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
1:52 p.m.
New subject: Changing your MAC address
Last week Mitar pointed out that many of the tricks we're theorize are
effectively turning our layer 2 mesh into something of a layer 3 mesh. I
want to acknowledge this insight while expressing my interest in
continuing these experiments because I think layer 2 has been out of
sight out of mind for too long (at least for me). I hope that we can
continue forward with our current deployment plan and once complete use
it as a test platform for all these crazy hacks we're theorizing :)
I'm also now skeptical that a malicious network
couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
Following the general idea of mesh nodes maintaining a translation table
for the purpose of masking real, static MAC addresses with fake MAC
addresses-- why can't the "fake" MAC addresses be static. We could
allocate each node in our network a generous chunk of the MAC address
space which it could map to clients as they connect. Maintaining this
translation table would add complexity but I believe that it could also
remove some complexity from the routing protocol because of the static
address space.
If we accept the above idea and trust nodes to manage a static block of
the address space we also gain the option of adding trust into the
network. There is currently nothing stopping a malicious node on a
BATMAN-adv network from advertising that it has clients which it does
not-- BUT if we accept that nodes control a static address space we
defeat this attack. I believe this trust would have to be maintained
between nodes and transparent to clients because of our lack of control
over the client network stack, but I think this might be OK. A remaining
problem is to implement this system of trust without ruining the
decentralized nature of the mesh.
I get the impression that a lot of what we're theorizing has
implications to roaming between networks but if we are able to establish
trust between nodes I think we might not break everything. Either way, I
need to educate myself on roaming.
--
-- rhodey ˙ ͜ʟ˙
On 11/21/2013 01:11 PM, Yardena Cohen wrote:
> On Wed, Nov 20, 2013 at 10:50 PM, Mitar <mitar(a)tnode.com> wrote:
>> I would be more interested in what happens to the arp table. Does it grow?
>
> It appears to be staying up-to-date. At this very moment there are 5
> obsolete dhcp leases hanging around, but none shows up in
> /proc/net/arp
>
> After a week of this, I'm wondering if it's better to dissociate this
> stuff entirely from the network logic. Maybe all interfaces should
> just be randomized at boot time and/or every 24 hours, no matter what
> the network is doing. Seems a lot less complicated.
>
I'm also now skeptical that a malicious network
couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
>
_______________________________________________
> mesh mailing list
> mesh(a)lists.sudoroom.org
> http://lists.sudoroom.org/listinfo/mesh
>
2:07 p.m.
New subject: Changing your MAC address
Although the below message was written in response to Yardena's concerns
about educated guesses I realize now that the system I proposed does not
itself resolve such concerns. Tricky stuff...
--
-- rhodey ˙ ͜ʟ˙
On 11/21/2013 01:52 PM, rhodey wrote:
Last week Mitar pointed out that many of the tricks
we're theorize are
effectively turning our layer 2 mesh into something of a layer 3 mesh. I
want to acknowledge this insight while expressing my interest in
continuing these experiments because I think layer 2 has been out of
sight out of mind for too long (at least for me). I hope that we can
continue forward with our current deployment plan and once complete use
it as a test platform for all these crazy hacks we're theorizing :)
I'm also now skeptical that a malicious
network couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
Following the general idea of mesh nodes maintaining a translation table
for the purpose of masking real, static MAC addresses with fake MAC
addresses-- why can't the "fake" MAC addresses be static. We could
allocate each node in our network a generous chunk of the MAC address
space which it could map to clients as they connect. Maintaining this
translation table would add complexity but I believe that it could also
remove some complexity from the routing protocol because of the static
address space.
If we accept the above idea and trust nodes to manage a static block of
the address space we also gain the option of adding trust into the
network. There is currently nothing stopping a malicious node on a
BATMAN-adv network from advertising that it has clients which it does
not-- BUT if we accept that nodes control a static address space we
defeat this attack. I believe this trust would have to be maintained
between nodes and transparent to clients because of our lack of control
over the client network stack, but I think this might be OK. A remaining
problem is to implement this system of trust without ruining the
decentralized nature of the mesh.
I get the impression that a lot of what we're theorizing has
implications to roaming between networks but if we are able to establish
trust between nodes I think we might not break everything. Either way, I
need to educate myself on roaming.
--
-- rhodey ˙ ͜ʟ˙
On 11/21/2013 01:11 PM, Yardena Cohen wrote:
> On Wed, Nov 20, 2013 at 10:50 PM, Mitar <mitar(a)tnode.com> wrote:
>> I would be more interested in what happens to the arp table. Does it grow?
>
> It appears to be staying up-to-date. At this very moment there are 5
> obsolete dhcp leases hanging around, but none shows up in
> /proc/net/arp
>
> After a week of this, I'm wondering if it's better to dissociate this
> stuff entirely from the network logic. Maybe all interfaces should
> just be randomized at boot time and/or every 24 hours, no matter what
> the network is doing. Seems a lot less complicated.
>
I'm also now skeptical that a malicious
network couldn't work around
any of these tricks as long as you remain in their range. If one
device appears as soon as the other leaves, at the same location, they
can make a good guess that it's still you.
>
_______________________________________________
> mesh mailing list
> mesh(a)lists.sudoroom.org
> http://lists.sudoroom.org/listinfo/mesh
>
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
http://lists.sudoroom.org/listinfo/mesh
5 Dec
5 Dec
3:45 a.m.
New subject: Changing your MAC address
Hi!
I get the impression that a lot of what we're
theorizing has
implications to roaming between networks but if we are able to establish
trust between nodes I think we might not break everything.
About which trust you talk here? Do not forget that we cannot trust
nodes as well. Because anybody can deploy nodes in our network, so there
could be malicious nodes as well.
Mitar
--
http://mitar.tnode.com/
https://twitter.com/mitar_m
21 Nov
21 Nov
2:58 p.m.
New subject: Changing your MAC address
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/21/2013 01:11 PM, Yardena Cohen wrote:
It appears to be staying up-to-date. At this very
moment there are
5 obsolete dhcp leases hanging around, but none shows up in
/proc/net/arp
Entries in the ARP table time out after a pseudorandom period of time
but they do time out. Read the arp(7) manpage for details.
After a week of this, I'm wondering if it's
better to dissociate
this stuff entirely from the network logic. Maybe all interfaces
should just be randomized at boot time and/or every 24 hours, no
matter what the network is doing. Seems a lot less complicated.
The problem with that is that you will get service interruptions
because neighboring nodes will need to update their caches (and
probably their routing tables as well). It can make things wonky,
especially on a busy mesh.
I'm also now skeptical that a malicious network
couldn't work
around any of these tricks as long as you remain in their range. If
one device appears as soon as the other leaves, at the same
location, they can make a good guess that it's still you.
That attack is already being used against discrete targets, e.g., it's
how the surveillance team correlated a person (Sabu) with a MAC
address and a traffic flow (his Tor traffic). I think you're making
things too difficult and possibly introducing problems later on.
- --
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
"If you can't do something smart, do something right." --Jayne, _Serenity_
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlKOkCQACgkQO9j/K4B7F8FdAACbBSlCA4/8HozA40IsknxtGZBG
2B0An09ksGitqyKp6kd+KLonhY/ZxOJe
=Mt0P
-----END PGP SIGNATURE-----
3806
days inactive
3821
days old
15 comments
6 participants
participants (6)
-
Adrian Chadd -
Mitar -
rhodey -
Steve Berl -
The Doctor -
Yardena Cohen