Hacker News new | past | comments | ask | show | jobs | submit login
Meshbird – distributed private networking (meshbird.com)
177 points by gyre007 on Sept 25, 2018 | hide | past | favorite | 42 comments



This project has so many cryptographic wrong answers, I don't know where to begin.

Glaring problems: - The same unchanging aes key is shared between all nodes on a network. Compromise one, compromise all. Additionally a bad node can impersonate any other node.

    - The 96 bit nonce is derived randomly and there is no rekeying which means sending more than 2^32 messages will leak your (static, unchanging) key to the world. That's 2^32  total between all clients on a network. Hope everyone is manually updating their keys! 

    - Default unchanging password of `hello-world` is set. Everyone remembers to change that environment variable right?

    - The KDF is md5, which means attackers can brute force guess the key incredibly fast. 

    - There's no perfect forward secrecy (aging out of old keys).
Amazingly, this is still better than their last version, which used AES-CBC and used the same value for both the key and the IV (which is transmitted over the network).

Summary: Stick to Wireguard!


Looks like a decentralized version of ZeroTier[1] (No affiliation)

Would be interested in hearing from Adam[2] the trade-offs between fully and partially decentralized architectures

1: https://www.zerotier.com/

2: https://news.ycombinator.com/user?id=api


Not Adam, but I believe this:

> All traffic transmit directly to recepient peer without passing any gateways. Meshbird do not require any centralized servers.

means you can't have a NAT on both sides of connection. Zerotier falls back to proxying the traffic if you can't connect directly.


Wait, can't something in this list of techniques handle a NAT on both sides? https://en.m.wikipedia.org/wiki/NAT_traversal

If not, please pardon my ignorance; not a networking expert.


Kind of. What I meant is "it won't work for all double NAT setups". In practice, if you have upnp on both sides or a setup which allows holepunching for any source it will work. (usually) But after working for a VoIP provider, I don't trust those anymore. Your home router will have some edge cases, or the mapping detection will fail, or something else will happen. If you're trying to connect 2 parties reliably, they need a proxy or direct access on one side.


There’s two issues here-

1) They switched away from UDP, now use TCP. So NAT traversal / punching isn’t possible.

2) Even if UDP was used there’s still some network setups that aren’t traversal friendly, such as most cellular/LTE networks where port mappings are unpredictable.


TCP-based NAT punching is perfectly possible. Not that it’s needed often in systems that employ punching (due to it being a fallback option if UDP is unavailable), but it’s easy to do and works well.


How does that work? NATs (usually?) track TCP state. That means party A sends a SYN and will only pass in SYN-ACK. Party B's NAT drops SYN on the floor. Same happens the other direction. It works for UDP because there's no concept of an established connection, but TCP?


Look up something called Symmetrical TCP Open.


Name in papers: stunt, natblaster, p2pnet. They mostly depend on raw sockets unfortunately. And:

> Similarly, adding port prediction to the P2PNAT approach allows it to handle symmetric NATs increasing its success rate to 84.3%

Interesting that it works, but doesn't seem very reliable.


You are reading wrong papers :)

Clients A and B connect to a rendezvous host. R looks at A and B's ports, guesses which ports they will use for the next connection and instructs them to connect to each other respectively. First SYN packets are lost, but they poke holes, so on the retry the symmetrical open kicks in and peers hook up into a shared TCP connection. The end.


Again, that's only if the NAT allows this. Not all of them do and not all of them will have predictable port mappings. See http://www.ijimt.org/papers/226-G0027.pdf for example for details about what works when.


It's been a while since I worked on this, but back then over 80% NAT devices used simple +1 port allocation. Some fraction was using other increments and only OpenBSD used truly random overloading. The main issue with port prediction in general wasn't making it per se, but making it quick enough so that it won't expire.

From what I remember ingress TCP filtering was universally very dumb - if there was a SYN out, anything on the same quartet of IP/ports was allowed in. That was on a sample of several thousand devices, though most of these were of consumer grade. It was also few years before the paper you linked to above.


The quality seems a bit low. There is a similar project based on academic routing protocol Babel and implemented reliably by a professional called Re6st https://re6st.nexedi.com

Re6st indeed is more focused on connectivity than performance because it re-establish connection even when the Chinese great firewall kicks in.


Is this like Hamachi but for servers/command line?


Previous discussion: https://news.ycombinator.com/item?id=13638636


How does the meshing/peer discovery work? Is connection information encoded in the key?


DHT


Not anymore.

  # Changelog
  ## v2.0
  - removed DHT
  [...]
  - bootstraping and peer exchange from one or more nodes


Through existing friendships, perhaps?


In the previous discussion HN users were complaining about "AES-256 in CBC mode but without an authentication tag (HMAC)". Is this still the case or has it been addressed?

Also, any idea the overhead in terms of CPU pushing around 100Mbps?


Seems like it was replaced with GCM in https://github.com/meshbird/meshbird/commit/f4e50d5596b05d0c...


"Unfortunately I wasn't able to understand this piece of code and what it was aiming to, so I didn't changed."

That seems alarming for a commit message.


https://github.com/meshbird/meshbird/blob/master/src/meshbir...


Hmm, I would be keen to try it, however:

There are scant details on the website as to _how_ it works. They don't appear to backup the claim that its "distributed"

Are they just using a DHT to distribute IP addresses, then use wireguard to connect? how is routing configured? is it dynamic.

All of the basics seem to require looking into the code, which seems a little obtuse

also, wget'ing a script direct into sh, not a healthy start. easy installers == great, but not when its piped directly into sh. Tar.gz and make it obvious that your not hiding stuff, and make sure you post a hash of the tar.


The website is fancy, but I believe https://github.com/CovenantSQL/CovenantSQL/tree/develop/rpc is way better “distributed private networking”


It shouldn't matter but if I read English text with all the third-person "s" missing I somehow assume the worst.

And it is a bit strange their English is mostly correct and then they make this mistake consistently. Maybe not a mistake?


How does this compare to cjdns?


No tests?


And no documentation.


Is this like zerotier?


How does this compare to tinc-vpn.org?


So, wget a random sh script and run it? Really?


Yeah, there's a lot of unknowns with this project. https://github.com/meshbird/meshbird/issues/85


I'll point to this next when the value of reproducible builds is questioned: https://github.com/meshbird/meshbird/issues/85#issuecomment-...


Good catch!


Seems to be the fashion these days. I do not applaud it.


How does it work?


Funny how the submitted URL isn't the https one ^^.


What’s the catch?


I guess that the author doesn't know what they're doing: https://github.com/meshbird/meshbird/blob/19fa62219dd1dd9069...


Why not?




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: