Thoughts on Four Mesh-y Roles

These are four roles to play in the lightweight mesh concept I have been hacking on, under the name Gilgamesh. The roles are Leader, Lurker, Repeater and Notary. The goal is to provide varying levels of risk, find ways to extend the range of message distribution, and to add a layer of reputation and verification into the system.

These roles map to existing systems like Twitter in a fairly easy manner. Leader is someone who tweets, a Lurker is someone who reads tweets (mostly), a Repeater is someone who retweets, and a Notary is the “verified account” feature.

In the case of a crisis situation, or where apps are not viable, these roles can all be implemented manually, by humans, using the Bluetooth protocol and settings built into their phone directly. However, the plan is to implement these in the Gilgamesh app itself, to really take advantage of the dynamics expressed below, in a seamless user experience.

Leader (Read/Write): In this mode, you are communicating information by using your device radio to broadcast updates and information to all who will listen. This is the highest risk, highest visibility role to play in the mesh. There is also an idea of a Trusted Leader, who is one that you have paired or verified your device with, or been verified by a Notary “Numbers Station” (see below).

Lurker (Read Only): In this mode, the radios on your device are not broadcasting anything, but only set in receive or “discovery” mode. You can receive messages from leaders, but you cannot send anything. It is the lowest risk, least visible role in the mesh. Most people in the crowd, and new users of the app, will be lurkers. Switching to a Leader mode on your device is as easy as entering in a status update.

Repeater (Read/Write): A repeater listens for messages for known (paired/bonded/verified) Leaders and rebroadcasts anything they say, to anyone who will listen. Repeaters can be positioned in central fixed locations, or they can move through out a large area, to really extend the range of the mesh. The last set of received messages from a Leader are repeatedly broadcast on a regular basis, and if any new Leaders come in range, the Repeater will share any messages with them that have not been sent to them before. Repeaters can also be set to only repeat messages from Trusted Leaders.

Notary (Write Only): A notary, or “Numbers Station” is a device, managed by a trustworthy human, that Leaders can add their device ID to through pairing, to spread the device IDs of verified, trusted devices. If you are a Lurker or Leader, and you encounter a trusted Notary, then your device can accept any of the device IDs that are being broadcast by it, as trustworthy.

Feedback and thoughts are welcome here, or on the Github project tracker: https://github.com/n8fr8/gilgamesh

Hacking on a basic Bluetooth mesh-y concept

Inspired and frustrated by the closed, murky, proprietary nature of FireChat, and equally frustrated by my experiencing working on the way too complicated Commotion mesh project, I wanted to find a simple way to answer the question “what do we do when the Internet goes away” problem. FireChat is clearly not the answer for the types of communities I am trying to help, but in its absence, we have no other solutions, it seems.

What I have discovered is that Bluetooth device names (the things  you see when you are trying to pair a bluetooth device to your phone for instance) are actually a really great way to broadcast messages from your phone or computer to anyone within distance. This was partly inspired by the humorous wifi SSID messages that people often use, but the key difference is that Bluetooth device names can actually be 248 bytes long (80-240 letters/glyphs depending upon unicode language), as opposed to the much shorter ~30 character wifi SSIDs. It is also very easy to dynamically change your Bluetooth device name through open programming APIs.

The idea then is to use your device’s Bluetooth name as a kind of Twitter status message bearer, sharing key information during a crisis or as an act of protest/speech. It doesn’t require an app, just a little bit of knowledge and a new behavior. I have built an app (more below) that makes the user experience much simpler, and adds the ability to support retweets/shares (to expand the radio mesh reach), verification, privacy and even encryption (in theory).

To test the basic premise however, if you have an iPhone or iPad, you can set your device name in the general about settings. Then go to the Bluetooth settings area, and you will see all devices that are currently broadcasting. With Android, go to the Settings->Bluetooth screen, and you can “rename phone” from the menu, and set the visibility and timeout of your broadcast. With iPhones, as long as you stay on the Bluetooth screen, it will broadcast. With many new Android phones, you can set your visibility/broadcast timeout to 1 hour or infinite.

You can set a message like “!Gather 7pm at 1st and Main” or “@press please don’t photo faces” or “#Legal Aid is 2125551212”, or even just motivational messages “#staycalm #noviolence” or “#theworldiswatching”. If people like what you have written, they can change their status that message, and rebroadcast another 30 feet in whatever direction they are headed. Again, it is basically Twitter combined with doing “the wave” at a football game, except the wave is powered by these little super computers+radio stations we have in our pockets.

The Gilga app I am working on makes this all feel much more like a chat or Twitter type experience. The app also supports direct messaging using a secured RF socket. The important thing is that there a baseline concept here, that can be tapped into by anyone with a bluetooth device, be it a smartphone, an old Nokia, a PC with a huge Bluetooth antenna etc.

From a threat modeling perspective, there are risks about Bluetooth device IDs being scanned and logged, impersonation attacks based on modified Bluetooth radios, and the same misinformation spreading we see whenever we have an open commons, be it FireChat or Twitter. We have some ways to combat that, but it will be hard. My hope is that, by doing this work in the open, and with contributions by brilliant minds like yours, we can come up with some additional breakthroughs.

+n
****
https://github.com/n8fr8/gilgamesh

Gilga Meshenger: Messaging in the Bluetooth Babylon!

Some notes on the implementation, aka the glorious hack of Bluetooth Device Names. This application was original based on the Android SDK BluetoothChat sample. It used insecure (unpaired) and secure (paired) Bluetooth RFComm sockets to allow for short messages to be sent between devices. The primary modification that this project has made has been to add support for a “Broadcast” mode, that uses the Bluetooth device name, that is public visible during the Discovery process, as the message transport itself.

The design goals of this project are:

  • A truly decentralised application that requires only Bluetooth connectivity and has no central user registry
  • Incredible ease of use that ensures all “mesh” connectivity happens with as little user involvment as possible
  • Ability to enable trust or reputation for specific users or devices you message with
  • A very transient app that stores no data permanently
  • Ability to share the app easily between devices
  • A “fire and forget” mode, where the user can enter a message, put the phone in their pocket, and walk around and area and have it broadcast to all devices it encounters

alt   alt

The key innovations/hacks/revelations that led us to this point were:

  • As of recent Android versions, you can call an API to set your the device’s Bluetooth visibility to a very long time ~1 hour
  • You can dynamically change the Bluetooth device name, and it can be long – up to 248 bytes encoded as UTF-8
  • That the first two things above could be wrapped mostly in API calls the user did not have to see or worry about

Finally, some thoughts on security, privacy and reputation:

  • This app supports both a public broadcast mode, and a private, direct message mode. It is easy to use to both. The direct message mode is optionally secured and encrypted at the Bluetooth level if you have paired with the device/user you are connected with.
  • Impersonation is combatted by simplified user id’s to a short (6 character alphanumeric) value, based on the device’s unique Bluetooth ID. This makes them speakable and easy to remember. If someone says “trust messages from A1BC99” then likely you will be able to rememember that.
  • If you pair with a user (using standard Bluetooth pairing settings), their userid will be appended with a *, to make it even easier to know this is someone you should trust
  • The app ONLY works in Bluetooth mode, so though is no confusion when it might be using 3G/4G, Wifi or some other mode, and possibly go through a centralised server
  • The code is open-source, very small, and the entire app is only 28kb making it easy to audit, test and share
  • We make it easy to “retweet” a message by long pressing on it, which enables reputation for something to be built up by multiple people resharing it. If the user has paired with the user, you will also see the * next to the name to further indicate trust.

“YOU are the best anti-virus!”

Superhero-Poster

 

YOU ARE THE BEST ANTI-VIRUS
Staying safe on your computer, phone and online isn’t about having the latest security tools or paying lots of money to other people to keep you safe. By far the most powerful defense is to change your own behavior. Explore this site to learn how to keep yourself and your friends and family safer…and be your own Cyber Superhero.
https://www.cybersuperhero.net/

New report, by Iran, on Iranian Youth Proxy Use

This story from @maasalan on Global Voices, directly ties into my research at the Berkman Center on potential prosecution of end-users for using encryption and circumvention technology on their mobile phone. While “severe punishment” is possible, it seems to rarely happen in Iran:

In a report conducted by Iran’s Ministry of Youth and Sports, the Iranian government announced that of 23.5 million youth using the Internet, 69.3 percent of them are using circumvention technology such as proxies and VPNs — virtual private networks that provide access to the “global Internet”.

At the moment, Iranians often encounter a firewall when trying to access websites that appear antagonistic towards the government or the nation’s Islamic ideals. The report did not make mention of the legality of circumvention tools. But according to Iran’s list of Computer Crimes, the distribution of both circumvention technology and instructions to use such tools are both illegal. Violating these laws can result in severe punishment.

http://globalvoicesonline.org/2014/09/16/nearly-70-percent-of-young-iranians-use-illegal-internet-circumvention-tools/

Published
Categorized as Awareness