[Mesh] Fwd: [Commotion-discuss] Seattle Police mesh network for surveillance?

Marc Juul juul at labitat.dk
Mon Nov 11 03:25:36 PST 2013 

On Mon, Nov 11, 2013 at 2:53 AM, Mitar <mitar at tnode.com> wrote:

> Hi!
>
> > Yes! Emphatically yes! This is an issue of people's safety. People will
> not
> > reasonably expect that they are broadcasting their position
>
> Except if you would have position of all clients on the map in real-time
> on the mesh webpage. Then they would very easily see that it is clear
> where they are. I think that by disabling batman-adv traceroute you are
> promising better privacy, but not much. Very technical skilled person
> can still retrieve the location (by measuring latency to all nodes and
> to all MACs and see which one matches the most). Isn't it better that we
> give up and say that we cannot really assure privacy so it is better
> that you do it yourself, if you care? (And give some good ideas how to
> do that?)
>


I had a long reply written out, but then I got an idea before hitting send:

  Can't we just modify batman-adv to rewrite MAC addresses on the fly? We
would need to keep a mapping of MAC to fakeMAC for each client, but only
for the directly connected clients, so the lookup and packet mangling
should be fast.
-- 
Marc/Juul



> > If we don't do anything about this issue then we are endangering
> > people's personal safety.
>
> The same argument then goes for people not encrypting their traffic.
> Will we try to break things for them to have encrypted traffic?
>
> So it is better that they believe that they are secure and private, but
> in fact they are only to some degree and to exactly which degree they
> are they will not understand?
>
> > True. You'd need to use a batman-specific tool, but that's security by
> > obscurity territory and it only takes one person to make a "find anyone's
> > location" web app for that to break.
>
> Why not disable batman-adv traceroute then? If and when this tool will
> exist?
>
>
> Mitar
>
> --
> http://mitar.tnode.com/
> https://twitter.com/mitar_m
> _______________________________________________
> mesh mailing list
> mesh at lists.sudoroom.org
> http://lists.sudoroom.org/listinfo/mesh
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://sudoroom.org/lists/private/mesh/attachments/20131111/5fc30ca8/attachment.html>

More information about the mesh mailing list