permanently deleted

  • the_river_cass [she/her]
    ·
    edit-2
    4 years ago

    working on a comms project that might make burners safe to reuse. we're using lora radios to provide a mesh network so people can talk to other people on the same network but you never get any cell or data plan and stick the thing in airplane mode so it's not capable of announcing itself to local cell towers or stingrays. if this works out, we'll probably flash them with custom roms to disable bluetooth and the normal cell radio at the firmware level, and physically damage the antennas at a mechanical level so we have some certainty about how safe these are, then make a post about how to make these for yourselves / put up a little shop so people without skills can buy them at cost.

    we still need to work out the chat application (signal needs to phone home to the internet and these won't have regular internet access without a base station) and matrix still needs some kind of homeserver to talk to so I'm probably going to end up stealing from work (we make a distributed data store that's designed to work over mesh networks and an end-to-end encrypted, peer to peer chat application is something they'll straight up pay me to make, even if I insist on open sourcing it, lol).

    so lots of prototyping and planning!

    edit: forgot to say, the radios have a 10-15km theoretical range so we have high hopes for this project.

    edit 2: because I'm not a lib, here's a link to the radio. they're expensive to buy from the guy directly but he's cool and published everything including schematics you can breadboard or have printed, so I'm hoping we can find a cheaper way to make these.

    • newmou [he/him]
      ·
      4 years ago

      Wow I didn’t even know such a thing was possible, that’s really cool

      • the_river_cass [she/her]
        ·
        4 years ago

        I hope it is! there's a lot to figure out and a ton of details that need sorting but hopefully it's just a small matter of doing the work and not a serious technical challenge.

        • newmou [he/him]
          ·
          4 years ago

          You sound like the perfect person to do it, that’s really inspiring. Hope it works out!

      • PorkrollPosadist [he/him, they/them]
        ·
        4 years ago

        Look into ham radio. It is a cursed boomer hobby, but you can literally send data to the other side of the planet wirelessly if conditions are right. There is no central off switch for radio. If you have an antenna and the other person has an antenna you're good. There are a lot of revolutionary applications for radio, ranging from tactical applications at protests, to public service pirate internet, to emergency communications, to pirate broadcasting.

        • raven [he/him]
          ·
          edit-2
          4 years ago

          I have a pi radio hidden inside the drop ceiling in the bathroom in my college dorm. It has enough range to cover the building and broadcasts revleft episodes on a loop on 100.1 FM

          It's been there a week and hasn't been discovered yet, but even if it were I would just hide another somewhere.

      • the_river_cass [she/her]
        ·
        4 years ago

        I'll post stuff at various milestones as I'm going to need help from the broader community on like validating the security and stuff like that, long before I'd feel comfortable telling people to use this thing, trusting their well-being and safety to it, especially as the people who need this most are affinity groups doing cool shit and getting hampered by not being able to talk to each other because they were smart and left their phones at home.

      • the_river_cass [she/her]
        ·
        4 years ago

        yeah, I have, they don't support e2e encryption that way yet, and it's quite heavy-weight compared to the options I'm looking at. something I didn't mention in my post is that the bandwidth of these links is 21kbps as a theoretical maximum so waste is...quickly intolerable...

    • thomasdankara [he/him]
      ·
      4 years ago

      This is sweet!

      I had a similar idea a while back that I never fully fleshed out, but using WiFi mesh networking instead of lora. I figured lora was more specific, but I didn't know as much about it's long range capability. The idea was to build handsets using esp32 modules with external antennas, and build out a huge city wide mesh network working on wifi bands based on small, local repeaters (also ESP based). Esp32 since you can encrypt the onboard flash, they're pretty powerful and decently cheap.

      Since your threat model here includes the most enthusiastic spy agency of any nation-state, I would be EXTREMELY careful about the firmware flashed onto the phones. Frankly, I don't trust android or IOS for something like this - maybe using a linux ROM on android would be good enough, but I'd say the preferable and way more labor intensive option would be to build your application specifically for your hardware, and only using open source packages. I'd also encourage the ability to perform on-air key revocation, so if a radio is confirmed to have been compromised it can be removed from the talkgroup immediately.

      Maybe using a pi would be a good idea, since the radio can communicate over both serial and usb? Or if you can manage to shave the code down enough, you could try to run it directly off of another microcontroller.

      I'd love to talk more about this if you're able to, let me know.

      • the_river_cass [she/her]
        ·
        4 years ago

        but using WiFi mesh networking instead of lora

        so I know for a fact we can use WiFi-Direct for a lot of this as it's one of the things we regularly test at work. problem is the range is much shorter and that matters real fast when you're surrounded by buildings.

        The idea was to build handsets using esp32 modules with external antennas, and build out a huge city wide mesh network working on wifi bands based on small, local repeaters (also ESP based). Esp32 since you can encrypt the onboard flash, they’re pretty powerful and decently cheap.

        we actually explored doing this a couple of years ago as well. main issue came down to not having a suitable hub for a backhaul to the internet from which we could expand the network. we're better situated now and might pick this up at some point.

        Since your threat model here includes the most enthusiastic spy agency of any nation-state, I would be EXTREMELY careful about the firmware flashed onto the phones.

        I mean more make a ROM myself to kill the wireless capabilities on the device, then ensure it's done through mechanical damage to the antenna. this gets us as close as we can feasibly get to airgapped and our primary mode of attack becomes the radios themselves. we can't solve the trusting trust problem, obviously, but we can do enough to make it so that the people using these have to be explicitly targeted by the NSA, using techniques we've only theorized to exist -- I'm ok with that for a prototype. with more time, there's a lot we can do to make the underlying network safer by, for example, abandoning tcp/ip (it assumes you can trust the network under you) for more suitable alternatives -- these can't compete with the maturity of tcp/ip, so any implementation time is going to be massive here. and there's a bunch of stuff like that.

        maybe using a linux ROM on android would be good enough

        yeah, this is definitely one of the things I want to try. we're also considering not starting with phones and instead working up from like beagle boards or something but I think the form factor becomes too unwieldy, unfortunately. we'll see, though -- depends on how testing goes.

        but I’d say the preferable and way more labor intensive option would be to build your application specifically for your hardware, and only using open source packages

        yeah, of course. the part I can't do too much about are the firmware blobs to run the various hardware components on basically every android phone (really... it's virtually every piece of hardware you might conceivably use for this...). one of the advantages here, though, is that these devices never, ever touch the internet and the goal is to kill all the radios but the one we're attaching (a radio that's fully open hardware, open software, etc.). so there are only two modes of attack -- try and get on the network and then spoof one of the other identities, a mode of attack that's actually well covered by signal's double ratchet/libolm, or to get physical control of one of the devices. we have some thoughts on how to protect against this last mode of attack but this is an area where we're going to be trying things and right now I'm leaning towards "wipe the device at the first sign of intrusion".

        Maybe using a pi would be a good idea, since the radio can communicate over both serial and usb? Or if you can manage to shave the code down enough, you could try to run it directly off of another microcontroller.

        yeah, definitely considering this. the main worry here is that the device is difficult to actually use in practice because people are very used to phones. remember that one of the goals is to get people to stop bringing their phones to anything even mildly spicy and to use these instead to talk to their comrades, instead (and we really are focused on that mode right now -- I'm not putting together any plans right now for trying to authenticate and validate communication between unknown parties for the forseeable future... the plan right now is to force everyone into the same room together to generate and cross sign keys, and that will be the only way on to these things.) the usage model is already going to be strange for people and people working in a mode they don't understand, taking shortcuts, or just bypassing security features altogether is a much more likely cause for compromise than anything else we're discussing. that said, this was also my first thought when I sat down to try and put together a plan for this project and something much more custom is very likely if we make it to a second round of development (right now we really just need to prove to ourselves and others that this is viable in the first place, with the caveats of what this can't protect you from up front and center).

        and yeah, I'm super excited about this and I'd love to talk more. I'm @therivercass:matrix.org, hit me up.

  • ciaplant667 [he/him,fae/faer]
    ·
    4 years ago

    Talked to my partners family about anarchism and communism. They’re from Eritrea and fled during the civil war with Ethiopia, so they don’t have a really positive outlook on communism. Partner’s mom was like “people need rules or else everyone goes crazy”, and I’m like “yeah but all the people making the rules do it to amass more wealth and power” and she’s like “yeah”. Her uncle’s like “back in the day everyone just took care of each other” and I’m like “heyyy that sounds like communism ;)”

  • Nakoichi [they/them]
    ·
    4 years ago

    Worked, agitated, continued my exhausting attempt to plant the seeds of unionization, and also had a guy tell me they listened to The War On Everyone and wanted to know what I suggest they listen to/read next, so I suggested It Could Happen Here. Once they have seen the whole scope of how fucked the US is I'm just gonna give them my full list of theory recommendations and David Harvey lectures on Capital.

      • Nakoichi [they/them]
        ·
        4 years ago

        Thanks, I've been trying to get anyone that seems to take interest in my cash register rantings to listen to TWOE because it's the best possible explanation of how we got where we are and why Trump is just a symptom of our existing deeply rooted fascism.

  • ap1 [any,undecided]
    ·
    edit-2
    4 years ago

    my student union party (coalition of demsocs and some MLs and anarchists, running alongside a trot party) lost the election to a neolib party and i smoked a lot of cigarettes

    • CantTrip [she/her]
      ·
      4 years ago

      Damn that hurts to hear.

      Good on you for putting up opposition.

      Perhaps one day we can mount large, highly organized oppositions and turn this shit around.

  • GothWhitlam [he/him]
    ·
    4 years ago

    You're moving up my list of 'Coolest most powerful people'. :heart-sickle:

  • ChairmanAtreides [he/him]
    ·
    4 years ago

    I was literally watching online lectures and reading today to catch up on my online classes so I don't have to do as much work the next four days when I'm working too...

    Still gonna have to read another chapter and write 2 pages before work lmaoooo

  • kristina [she/her]
    ·
    4 years ago

    me and my grandparents are slowly converting my mom to communism