[Mesh] Fwd: [Commotion-discuss] Seattle Police mesh network for surveillance?

rhodey rhodey at anhonesteffort.org
Sun Nov 10 17:00:51 PST 2013 

> Not really. Routing protocol measures packet loss from all neighboring
> nodes to the client to determine how to best route traffic to the
> client. You can possible use this as a signal strength indicator.

Aha! Awesome idea Mitar, very tricky. Now we need to configure mesh
nodes to arbitrarily drop packets :P

> You can maybe try to repurpose ARP proxy support in Linux:
>
> https://en.wikipedia.org/wiki/Proxy_ARP

Thanks, I'll take a look.

-- 
-- rhodey ˙ ͜ʟ˙

On 11/10/2013 04:57 PM, Mitar wrote:
> Hi!
> 
>> We can ensure that IP addresses are cycled frequent enough because
>> we'll have control over a majority of the DHCP servers on the mesh so
>> I'll be focusing on MAC addresses.
> 
> Not to mention that IP addresses will be private and there will be NAT
> for Internet.
> 
> And for IPv6 you will probably use autoconfiguration based on the MAC
> anyway, no?
> 
> So the question is just MAC at the end.
> 
>> It is important to realize that only mesh nodes (access points) have
>> *potential* knowledge of signal strength
> 
> Not really. Routing protocol measures packet loss from all neighboring
> nodes to the client to determine how to best route traffic to the
> client. You can possible use this as a signal strength indicator.
> 
> Depending on the routing protocol this information might not be
> available further down the routing path. In BATMAN I believe only direct
> neighbors know this information.
> 
> But on the other hand, you often want to collect this information
> globally to be able to improve network performance. But we could be
> collecting this information in a way that clients are anonymized, while
> we still get link/topology data.
> 
>> To increase user privacy I would like to experiment with a MAC address
>> spoofing service that could run on mesh nodes or volunteer hosts.
> 
> You can maybe try to repurpose ARP proxy support in Linux:
> 
> https://en.wikipedia.org/wiki/Proxy_ARP
> 
>> But it is not that simple of course, because spoofed MAC addresses
>> need to persist just as legitimate MAC addresses do, and move about
>> in the physical world (connect to different mesh nodes) just as other
>> legitimate users will.
> 
> And of course produce unique traffic as well.
> 
> 
> Mitar
>

More information about the mesh mailing list