[Mesh] Fwd: [Commotion-discuss] Seattle Police mesh network for surveillance?

Mitar mitar at tnode.com
Sun Nov 10 16:57:07 PST 2013


Hi!

> We can ensure that IP addresses are cycled frequent enough because
> we'll have control over a majority of the DHCP servers on the mesh so
> I'll be focusing on MAC addresses.

Not to mention that IP addresses will be private and there will be NAT
for Internet.

And for IPv6 you will probably use autoconfiguration based on the MAC
anyway, no?

So the question is just MAC at the end.

> It is important to realize that only mesh nodes (access points) have
> *potential* knowledge of signal strength

Not really. Routing protocol measures packet loss from all neighboring
nodes to the client to determine how to best route traffic to the
client. You can possible use this as a signal strength indicator.

Depending on the routing protocol this information might not be
available further down the routing path. In BATMAN I believe only direct
neighbors know this information.

But on the other hand, you often want to collect this information
globally to be able to improve network performance. But we could be
collecting this information in a way that clients are anonymized, while
we still get link/topology data.

> To increase user privacy I would like to experiment with a MAC address
> spoofing service that could run on mesh nodes or volunteer hosts.

You can maybe try to repurpose ARP proxy support in Linux:

https://en.wikipedia.org/wiki/Proxy_ARP

> But it is not that simple of course, because spoofed MAC addresses
> need to persist just as legitimate MAC addresses do, and move about
> in the physical world (connect to different mesh nodes) just as other
> legitimate users will.

And of course produce unique traffic as well.


Mitar

-- 
http://mitar.tnode.com/
https://twitter.com/mitar_m



More information about the mesh mailing list