[Mesh] Changing your MAC address

rhodey rhodey at anhonesteffort.org
Thu Nov 21 14:05:13 PST 2013 

My last email was poorly timed with the reception of your previous
email, no relation sorry, always enjoying your insight :)

--
-- rhodey ˙ ͜ʟ˙

On 11/21/2013 02:01 PM, Mitar wrote:
> Hi!
> 
> Just to make sure, because I now see my last e-mail as very depressing.
> I just explained where most of open source effort in mesh routing
> protocols was spend until now, but I do think that it is maybe time that
> we are start spending energy on privacy and security of mesh networks as
> well. But to my knowledge there is no clean and already made solution
> out there yet. But let's make it!
> 
> 
> Mitar
> 
>> Hi!
>>
>> Mesh networks and open source routing protocols we are using in general
>> have a lousy security properties because at least until know development
>> was mostly concentrated on getting routing itself to work properly (no
>> loops and so on) in a all the time changing wireless networks with
>> packet losses, where anybody can join in and add their own routing
>> device. In comparison, Internet itself has very similar bad security
>> properties, but there not everybody can deploy a BGP router. In mesh
>> networks, people can deploy an equivalent to the BGP router. Which is
>> what we want.
>>
>> Cjdns is trying to address some of this issues:
>>
>> https://en.wikipedia.org/wiki/Cjdns
>>
>> But from what I understand it is more of a Internet overlay network, so
>> using VPN tunnels, and not really for wireless mesh networks. It can
>> work in wireless mesh as it is transport agnostic, but I am a bit
>> skeptical about performances there. Which is probably reasonable,
>> because it is a trade-off between security and usability. Still, the
>> security and privacy of end-users (those connecting through APs) is
>> another question.
>>
>> There were some other proposals made in time, but at general you have
>> always the same issue: if you allow untrusted (in security sense of
>> trusted) devices to route in your network, you have a hard problem. A
>> problem which is scope of much scholarly research and publications.
>>
>>
>> Mitar
>>
>>> On Wed, Nov 20, 2013 at 10:50 PM, Mitar <mitar at tnode.com> wrote:
>>>> I would be more interested in what happens to the arp table. Does it grow?
>>>
>>> It appears to be staying up-to-date. At this very moment there are 5
>>> obsolete dhcp leases hanging around, but none shows up in
>>> /proc/net/arp
>>>
>>> After a week of this, I'm wondering if it's better to dissociate this
>>> stuff entirely from the network logic. Maybe all interfaces should
>>> just be randomized at boot time and/or every 24 hours, no matter what
>>> the network is doing. Seems a lot less complicated.
>>>
>>> I'm also now skeptical that a malicious network couldn't work around
>>> any of these tricks as long as you remain in their range. If one
>>> device appears as soon as the other leaves, at the same location, they
>>> can make a good guess that it's still you.
>>> _______________________________________________
>>> mesh mailing list
>>> mesh at lists.sudoroom.org
>>> http://lists.sudoroom.org/listinfo/mesh
>>>
>>
>

More information about the mesh mailing list