Hacker News new | past | comments | ask | show | jobs | submit login
Hong Kong protestors using Bridgefy's Bluetooth-based mesh network messaging app (forbes.com/sites/johnkoetsier)
609 points by rmason on Sept 2, 2019 | hide | past | favorite | 216 comments

No closed source mesh networking can be secure. However good user experience it has. They are no different than using WhatsApp. Indeed in that respect at least Signal is better.

I am not sure why protestors did not adopt the open source serval mesh project apk and ios app. [1]

In Hong Kong given the density of building it's bit hard to have a line of sight, so it will still be hard to build a local network. But it's still possible to build a completely wireless network over the top of the buildings to communicate with each other.

This communications can be blocked, but then it will still work if enough people switch on their mobile phone and WiFi router to communicate with each other over peer to peer network which is a combination of wired and wireless. [2] [3] [4] [5] [6]

[1] http://www.servalproject.org/

[2] https://ssbc.github.io/scuttlebutt-protocol-guide/

[3] https://dat.foundation/

[4] http://subnodes.org/

[5] https://hyperboria.net/

[6] http://www.servalproject.org/

Something works, it helps their protests admist disruption of telecom. Appreciate that please. Not everything needs to be technical. More we speak of tech, more morale we loose.

We can support what works today, while commenting on its shortfalls to raise awareness and build better, more secure solutions for tomorrow.

Kill snake by its head. Which is the snake in this world ?

Rich people.

More we speak of tech, more morale we lose.

Meaning human-centric vs tech-centric morale/world-view?

Example: One side of the world:

Hey we used bluetooth to communicate to my next door neighbour while our internet was being sniffed by the government.

Other side of the world:

Hey man, looks like the bluetooth tech they were using is pretty outdated. I wonder how they are living.

How did the talk get diverted ?

Why the other side of the world didn't talk about whats important?

How can they start appreciating first than putting the intellect mind into work?

Whats feels wrong?

Something feels wired in the brain.

Haaa right!

Tech is as addictive as any other addiction.

Intellect is the addictive substance.

Big brains know it,

We use it,

We think along with it.

So what got lost?

When did we stop to think like a humble monkey instead like a greedy machine ?

couple more questions.

point - Balance the mind with its own nature and external influence.

Reject if something feels wrong. Or atleast dont express.

Depression is prevalent in tech.

Why ! Because brain was giving you signs from beginning that it isnt healthy.

Everything is connected.

Hope I gave you the message you needed.

You know something is good when it has to be recommended twice in one comment.

I like to add one point here: Mesh network is not only good for protest, it also useful when network is unstable, for example during bad weather, disastrous event etc. Let's don't forget mesh net can also be use to off-load some of the traffic from the "Normal network", plus good for privacy (If the network is built on top a verified open source structure).

I don't think it's a good idea of advertising a type of tech "good for protest/revolution/revolt/something like that". If you do that, the tech will never be adopted.

> No closed source mesh networking can be secure. However good user experience it has. They are no different than using WhatsApp. Indeed in that respect at least Signal is better.

> I am not sure why protestors did not adopt the open source serval mesh project apk and ios app.

Because they don't share your value system, and chose a better user experience over a more secure system.

I want free software to win, which is perhaps a more extreme value system than yours (if you understand the difference between free software and open source software). But it strikes me as a bit naive to assume that free software will win on superior ideology alone. It's no coincidence that free software is winning in areas where it provides the best user experience (server OS-es, browsers) and losing in areas where it provides a worse user experience (user OS-es, most web applications).

I think the idea was that open source was more secure when it comes to communication rather than having to choose open source for ideological reasons.

Security seems like a good reason to me.

Does "useability" not also seem like a good reason to you?

"Security is more important than useability" is an ideology.

Because Serval isn't in the App Store yet?

I believe that's the point. You need to download the APK or whatever IOS provides for developer packages. This means less tracking from the vendor (Google, Apple)

1) It doesn't seem to be a principled decision to stay out of the App Store on the part of Serval's author, who says "trying to get the app approved for release on the Apple App Store. But that will be an adventure for another day."


2) This wasn't planned out months in advance. This is a protest that is organically sprouting up. Nobody wants to add jailbreaking or xCode to the onboarding process for people to join a protest movement.

3) I think worrying about Apple tracking what apps you install is the least of anyone's problems there at the moment.

3) I think the worry is China forcing Apple to produce this info (list of HK users with said app installed), not what Apple themselves would do with it. Maybe not a dealbreaker, but something to consider...

I think China getting that information from Apple is sort of a second-order concern at this point. In a more stable situation, yeah, you don't want the police to have a reason to knock on your door. When you're gearing up to go protest in public and the cops are dropping tear gas on everybody, those sorts of lists are less important. Not saying that it doesn't matter, but there is no such thing as absolute security, it's a series of tradeoffs.

Keep in mind that Apple's iCloud services in China are not actually provided by Apple. They are provided by Cloud Big Data Industrial Development Co., Ltd., and allows Apple to, "continue to improve iCloud services in China mainland and comply with Chinese regulations". [0]

This service even has different terms of service, than the standard iCloud offering (though I haven't done a diff to see what's changed).

The effect of this is that the encryption keys for the service for Chinese users, are in the hands of a state-owned company (not Apple).

I'm a big support of Apple's approach and ethics with respect to privacy generally, however if you're in China, or a citizen of China, then it's probably safe to assume that anything on or passing through iCloud, is fully accessible to the state, without requiring Apple's involvement (e.g. via subpoena).

[0] https://support.apple.com/en-us/HT208351

Anybody have some details on this? I always wondered how this is handled for Chinese going abroad or Foreigners traveling in China without sending the keys back and forth.

Or do Chinese iCloud accounts still use the Chinese servers even when abroad while the western ones get to go through the great firewall for western iCloud?

This is effectively documented in the link provided:

> If you are not a Chinese citizen residing in China mainland, you can edit the country or region setting of your Apple ID to reflect your current country or region and continue using iCloud under Apple's current terms and conditions.

that is an extremely interesting question, both from a technical and juridical point of view. Hope someone will ask apple about this in a more official channel.

This only applies to users who have an Apple ID registered as being in China.

Hong Kong residents are not impacted by this.

For now.

The broader question is, if the Chinese state can demand this, then what (other than popular opinion) is stopping other states (with sufficient clout to meddle in Apple's markets and/or operations) from demanding the same?

Context of the conversation wasn't hypothetical future situations, but rather the present situation facing Hong Kong protesters.

Given that the protests are about China's over-reach into Hong Kong rule of law, Apple making any changes in the immediate future to impact Hong Kong residents would be a very challenging decision to make. It would also be particularly difficult to enforce, given that Hong Kong exists on the outside of the Great Firewall, with the rest of the wider Internet.

The company name is actually "Guizhou on the Cloud Big Data Industrial Development Co., Ltd."

(I thought that was a joke/parody name, but it's actually true.)

I disagree, hiding behind the anonymity of the crowd is critical in protests. Yes, they might catch a few people, but if you know for sure they'll just round everyone up later because they know exactly who was protesting, suddenly nobody wants to do it.

There is no way to install apps on ios outside the appstore.

Xcode is able to dynamically generate a development provisioning profile, even if you do not have a (paid) developer account. So side-loading is definitely possible, in some respects.

You need to create a developer account, learn how to use xCode (not at all trivial), and even with all that you need to reinstall it every 7 days.

Effectively sideloading does not exist. The fact that 0.001 percent of people who own an iPhone can, with great effort, sideload apps is irrelevant.

You don't need a developer account anymore to sideload apps on iOS.

But you still must reinstall every 7 days?

Yes, that is still a thing.

Unable to reply to Illniyar’s comment below. To add to those points on the difficulty (actually practical impossibility), you’d also need to have access to a Mac to do all those things every seven days. That’s a very big ask, along with the technical know how to use Xcode, for so many people in Hong Kong.

Does anyone know the reason(s) why Apple makes it impractical to sideload?

Side loading is a threat to Apples control over all iOS and similar AppStore devices. If I didn’t want to comply with the very far-reaching requirements for e g in-app stores, I could just ask my users to side load my app. If for example Audible did this, it’d be a real threat.

Chief among this is the requirement that all in-app purchases have a 30% tax by apple.

Which is why you can't buy books in the kindle ios app[0] among others.


Still waiting on regulators to slap Apple for that obvious anticompetitive behavior.

I'm not 100% sure because I didn't use it, but cydia impactor might work.

Google knows and logs forever every app you start on your device doesn't matter if installed from Google Play or not.

That website is.. something

The background makes it kinda hard to read

Is the point that it’s secure, or that it cannot be blocked?

I’d prefer anonymity over security.

You can use PGP encrypted messages over any network to be secure.

It is my impression that the Party is not shy to use rubber hose cryptanalysis, so you better make sure to stay anonymous. That is quite hard with PGP.

No forward secrecy.

I just tried the app via the US App Store and it requires you to verify through SMS before use. This means that it’s neither anonymous nor fit for use in a disaster zone.

Good example of software that would be better if open source.

Hi! You can skip the SMS verification step, which is how thousands of people have used it after earthquakes and hurricanes :) we also have an SDK so that developer can create their own app and make it work however they want.

Considering what others have described here to skip verification, you have used a dark pattern to force users to resort to SMS verification, endangering all those thousands of users you/your company claimed have downloaded the app in Hong Kong. This dark pattern would also inhibit or reduce usage during natural disasters unless you place a “Skip Verification” button that’s as prominent as the one for SMS verification. You could explain to the user the benefits or disadvantages of both on the same screen.

Having seen FireChat, another closed source mesh network app that allows people to sign up without giving a phone number, there’s no reason for me to recommend your app or even for me to try it.

how do you skip verification? after hitting the cancel button the start screen shows again

Apparently you need to fail verification a few times before it'll present the option. I kept giving it bogus phone numbers and eventually a "skip" button appeared.

I wouldn't trust an app where the first thing you have to do is navigate dark patterns.

It's likely because of those dark patterns that they can use it in the first place given how walled garden app stores treat apps that do allow for actual anonymous or distributed messaging systems.

I wouldn't either, but it would seem that HKers don't have many options at this time. Hope more are identified and that there aren't malicious intentions with this current one.

How is that a dark pattern? It's better if you do verify, so you can see your contacts and others can know it's you. If that fails, then we offer to use the app without verification.

Hit the verify button without any number and it'll show up at the bottom.

It's awesome that you've released the SDK. :) Have you seen any cool projects done with it?

For an open source, anonymous version of this check out the Briar Project: https://briarproject.org/how-it-works/

Briar is definitely far superior. However, one major drawback is that it is not cross platform. This alone means it won't gain traction in the Hong Kong protests, unfortunately.

Briar looks very interesting, however it lacks the broadcast mode that Bridgefy has, which I suspect is a major feature for coordinating a protest.

It also lacks the ability to use existing contacts (you have to do a QR code exchange).

Still quite useless, because key exchange process is so badly designed. But they've promised to fix this in future.

Exactly this. I don't see any other solution that offers remotely near the same privacy that Briar does.

I had the same experience and was disappointed. But a good mesh app is inherently difficult to monetize!

Combining mesh over some/several form(s) of 802.11, Signal protocol public key distribution "locally" via QR code, and Delay-Tolerant Networking (Cerf et al. 2007) would be the holy grail (and would have no reliance on SMS or phone number) and also could not be monetized. Which is a damn shame, because it's eminently technically feasible, but complicated enough that I'd probably need a professional team to implement.

Charging businesses to use it would be a path to monetization, hence WhatsApp's partnership with Twilio.

Not a bad point, but what business prefers a mesh to a centralized messaging system?

Most businesses do not care about the technical details of the platforms they use. Look at adoption of the PSTN (centralized) & Email (federated and interoperable) among businesses, they migrate to where their customers are most reachable.

Businesses selling gas masks, helmets and med-kits?

Construction industry supply would prefer to sell you walkie-talkies

Cyberpunk future, here we come!

Does everything need to be monetized?

No! But assembling the talent to build a product without a potential source of revenue is difficult.

These days? It appears so.

Next step, Chinese intelligence hacks their database of verified phone numbers. Anonymity over. Having the resources of a nation state, they could probably do it easily.

chinese intelligence has already intercepted all sms coming from the app and has all the users phone numbers

You can skip the verification, but it's not obvious how to (dark pattern).

If you skip verification but the people you communicate with do not, then all of you are at risk of being publicly identified.

Or join as a malicious node. There is no panacea without control over some infrastructure.

If they were doing E2E encryption, that would not be a problem. Broadcasting to find the right recipient (the one with the decrypting key) but contents protected from everybody else.

Ok so how would key distribution work here? Tofu?

If you can meet once physically, there is nothing better than that to exchange your public keys. That's why hackers meetings are "public keys signing parties".

For something as low latency as messaging, you can probably use proof of work for DoS resistance

Because messaging software that drains batteries is what everyone wants...

It's better than the alternative, which is no messaging.

PoW or no messaging seems to me like an obviously false dichotomy.

I used a simple mobile "burner" and was fine to authenticate. I bought bunch of $5 cards with cash in a small store and used this one in my dumb flip phone bought on a flea market few months ago. I am certain to a high degree that's pretty enough setup to stay under radar.

This burner phone and your "real" phone are going to be easy to correlate retroactively based on the towers they are both hitting

I'm not the only one using my tower I am sure about that. I am not that special.

yes of course, but if the burner and your real phone establish any kind of pattern it will be obvious after the fact to anyone who can analyze the records.

Hopefully OP uses a different cell network than the one Simple Mobile rides atop.

This kind of device matching can be done across any of the carriers or their MVNOs, all of them give up the data when asked by a government entity. Many tower locations will even be identical across carriers, making the matching even easier.

Also this correlation could be done with stingray towers without bringing the cell carriers into the loop.

With the higher clustered protestors the tower linking won't be as identifiable as you might think.

It may take longer to get enough samples to filter out unwanted user associations but if you have all the data points from every tower retroactively over ~10 weeks of protest it's going to be difficult to hide.

I don't think gp here is in china, but rather just offering their procedure for acquiring a burner phone.

Depends on the standard of proof that is required.

Just to clarify - I have nothing to do with HK or the riots going. I am just stating that I was able to use my somewhat "burner" setup to register the App. What happens after that is whole different story.

this is why you remove the battery of the burner until you use it. remove the battery and sim of your compromised phone relocate yourself install sim and battery of your burner

This still creates a detectable pattern.

If the legit phone goes off while the burner is on that's a pattern. If the legit phone goes off and (travel time / distance) elapses before burner appears (travel time / distance) away from the last legit ping that's a pattern. If the legit phone and burner phone hit the same towers at the same time more than 3 times that's a pattern. If the burner phone spends most of the time off (battery out, faraday cage etc) then the times it does connect are even stronger signals.

You need to generate a ton of "noise" data where both phones are hitting different towers at the same time on a constant basis; and never being together. Maybe mailing the burner phone on a regular basis between isolated locations that the real phone never goes to?

Cell tower data is incredibly powerful for tracking people.

If you think it's bad now, wait until 5G rolls out allowing live tracking of people to within meters.

Is this baked in to the infrastructure so you can be located or baked into the phone so you can locate yourself? If the former, I would have expected more concern?

"I would have expected more concern" From the public? Everyone carries a phone, pretty much everyone is on Facebook. Given a yes/no box to tick you're going to get a lot of "yes" to "do you think you should have freedom from being tracked", but given a choice of what hardware/software to use people are going to pick the ones which everyone else is using, so that they can contact them. Next to nobody is going to stop at 4g because 5g has a higher granularity of location awareness.

the still detectable pattern depends on how often you use your phone or make the switch. its not a pattern if its done over days or if you even leave a phone cached in a special place such as a geocache so it can be swapped by someone else for a different burner.

They could turn off cellular and turn on bluetooth.

The baseband radio still communicates with the tower in airplane mode.

That's interesting. Does anyone have a further source or description of that behaviour?

It's required for emergency calls to quickly enable routing of said emergency call. They work even with no SIM or IMEI in the phone in some countries, though most western countries are starting to require SIM cards due to abuse (SWATting).

Any Links / docs discussing that? I didn’t find anything about this in a bit of searching.

You can't get "burner" SIMs in Australia (where I am), I don't think.

They usually require a sign up before activation; I'd be interested to know of ones that are true "burner" SIMs that are sold here.

Oh, you definitely can. You're just unlikely to be able to find them without already being involved in crime

The ID verification methods vary to account for channels like that you can buy SIMs from vending machines at airports and train stations and verify online https://www.acma.gov.au/theACMA/approved-methods-for-verific...

Vodafone just let you tick a box saying "i am who i say i am" https://www.acma.gov.au/Industry/Telco/Carriers-and-service-...

Is there any software that would be worse when open source?

Search engines, an adversary knowing how the ranking works can manipulate(/'optimize') results seen by the users.

Online game clients which attempt to verify that a human is playing rather than a bot.

Only those that use the widely debunked 'Security through obscurity" model. So most of it unfortunately.

How would it being open source solve the problem of addressing?

Addresses can be made non-identifying.

Yes, but people typically want addresses to be identifying to _somebody_ otherwise they're not actually all that useful.

If I am Alice and know Bob, I want to know Bob's address. Using the cell phone number, an address I already have for Bob, solves that problem. Verifying the number via SMS provides some reasonable (but not ironclad) guarantees that it actually is Bob.

Yes, as an address scheme, it prioritizes convenience over other things. If you want wide acceptance, that's a requirement. Wide acceptance can be useful if you need to adopt something in a hurry and you didn't think to set up something in advance. It's also great because it isn't exactly great opsec to look different from the crowd, and using Tor is a giant "HI I AM DOING CRIMES" beacon to the world.

Then why hasn’t that happened with Signal yet? Being open source may not have much of a correlation on how features change for such apps.

Signal is really three things with the same name (four or five, if you count the foundation and/or the LLC):

1) The Signal protocol, which can have multiple implementations (WhatsApp, Facebook Messenger and Skype all use it), 2) The Signal client and server, which are open source, and 3) The Signal service operated by Signal Messenger, LLC.

You can use either 1 or 2 to implement a system that doesn't require a phone number to use. Wire, for instance, is a messenger that has adopted parts of the Signal protocol and the Signal source code. [https://github.com/wireapp/proteus/blob/develop/src/internal...]

What you can't do is change how the Signal servers operated by Signal Messenger are operated, or refer to your own client/server using Signal trademarks.

For all practical purposes, "Signal" being open source hasn't made that happen. As for Wire, yes, I know about its origins and I use it too, but even Wire had disagreements with Signal on using the protocol and finally managed to settle it (this is from 2016, so take it for what it's worth). [1] Wire is also focusing more on paying users and businesses and building features exclusively for that market. So the free tier is no longer a great place to be in.

[1]: https://medium.com/@wireapp/axolotl-and-proteus-788519b186a7...

Super interesting. At Burning Man this year it seemed like a significant percent of the city had goTennas, which had never been true before. I also remember reading about a big mesh in Brooklyn being a thing recently. I bet we’re going to be hearing more about practical mesh networks in the coming years.

Reminds me of Nintendo's PictoChat, a peer-to-peer, physical proximity-based chat application that was built into the DS. I've written about it on here before [0]:

> [You could] chat on one of four available channels with nearby users over local wireless, by exchanging text and hand-drawn pictures.

> At about the peak of its popularity—right before smartphones became truly prevalent among kids my age—I was doing middle school science fairs. This involved lots of standing around waiting in front of your trifold posterboard while judges slowly worked their way along the rows and rows of other projects. We weren't supposed to leave our own stations in the meantime, and they were spaced out enough to make talking with your neighbors inconvenient. Instead, the whole room was on PictoChat, filling up all four channels with streams of chatter and doodles and mutual commiseration on our anxieties over presenting to the judges.

For a company known for perpetually trailing behind its competitors in online services, Nintendo was oddly ahead of its time here (and with the Download Play feature, too: peer-to-peer software distribution and wireless networking!).

[0] https://news.ycombinator.com/item?id=20106929

I think a few things hampered Nintendo. Their (laudable) commitment to backwards compatibility led to them getting stuck behind the curve technologically -- the POWER architecture they stuck with from GameCube (when it was a mostly mainstream choice) to WiiU (when it really wasn't) and the older pre-Cortex ARM designs they were using in the 3DS years after Cortex was shipping left Nintendo of the position of not being able to really ride the bulk of the improvements happening in the marketplace. (It's notable that the Switch is an abandonment of hardware-based backwards compatibility in favor of Nvidia internals that wouldn't look out of place in an Android tablet.)

And because Nintendo prides themselves on being a family company, in much the way that Disney does, they had less of a tolerance for looking the other way at just how bad other users can be. Microsoft would just throw out an "Online interactions not ESRB rated" warning and moderate the worst of it after the fact when building Xbox Live. I don't think Nintendo ever saw that as an acceptable option.

PictoChat was great, we used it during schoolwide assemblies (put in the middle of the day so students couldn't ditch as easily).

https://imeshyou.com — self-reported goTenna Mesh community map (globally)

https://globalmeshlabs.org — goTenna’s open-source Lot49 protocol, to incentivize build-out of global ISP/carrier-free messaging network

I find the idea interesting, but is there some kind of open-source alternative that would be available on F-Droid?

This would be extremely useful since you can share your F-Droid archive over bluetooth, and that would also allow the app to be distributed the same way.

One less way for the authorities to block the app from being acquired.

People have been talking about Briar in another comment thread:


Seems to be available on F-Droid, but unfortunately is not cross-platform.

I think Manyverse is similar, although it too is just Android for now: https://www.manyver.se/

The Bridgify ToS are egregious; under "Messaging Content", you grant them irrevocable rights to use your messaging content...

Are there many services that don't ask for this broad scope? I see it often and understand it comes from lawyers studying the business process and writing a contract that enables it within the Kafkaesque copyright laws. They ask for universal copying right because if you spin up a new VM you don't want to have to ask if every message you send to it has permission to be copied to this new instance. And they want it to be irrevocable because you store backups for three years and don't want to have to be constantly scrubbing them for deleted accounts.

That's exactly why, whoopdedo :)

Hi everybody, I'm Jorge, founder of Bridgefy. Happy to answer any questions!

Are you aware that by doing SMS verification (optional or not) you're making your servers a very juicy target for hackers working for Chinese intelligence? They could probably assume that anyone in Hong Kong with the app is a protester

Hi Jorge, fyi I just browsed for Bridgefy on google and clicked on the first link that showed up and some random page turned up. It looked like it was hacked or something.

Here too. The url that I get on google is this one? http://reward0404.websitetrafficgo93.live/?utm_campaign=bKMu...

The correct url appers to be this https://bridgefy.me/

Sorry about that! Our official website is indeed www.bridgefy.me, and we should have www.bridgefy.com recovered in a short while.

That happened to me as well. Can anyone explain to me how that works? Is there entire site hacked, but only triggered when coming from Google? Or does it work some other way?

That first link from Google is highly NSFW. A fully nude woman appears on the screen from some scammy local dating ad network. Has their DNS been hijacked?

Can confirm

Same here, glad to know I'm not the only one.

Confirmed here as well.

Hi Jorge,

Pardon my ignorance but lets say that someone runs a typical cell phone jammer in the area, would that block the Bluetooth signal from working or are RF wavelengths not able to be jammed?

They'd have to specifically jam BT or all the public 2.4 Ghz band which includes WiFi and other protocols. Given that a BT jammer can be bought online for less than 100$, it's trivial to block this app over several tens of meters.

Well said petre, that's the perfect answer.

Hi Jorge, how much does participating in a Bridgefy bluetooth mesh network affect battery life?

Since we use Bluetooth Low Energy and the algorithm works to make broadcasting/forwarding efficient, we've found that running messages for 24 hours consumes around 7-10% battery total on an average device. These numbers may differ depending on the OS, device, usage, etc. but in a nutshell: we don't consider battery consumption to be a problem.

I met the founder, Jorge Ribs, a couple of times. He gave me some of the best advices I've received about Silicon Valley. Great guy. I'm happy it's gaining traction!

What was the advice?

He introduced me to the SV culture and compared it with Latin American culture (We're both Latin American). Gave me examples I could relate to and practical advice on how to work with Americans. Introduced me to a couple of lawyers and some other persons. Explained me my options regarding raising venture capital in the Valley (in the end I wasn't ready for raising).

To be fair, China doesn't block access to any websites in Hong Kong. In a sense, it's a freer internet than in the US (zero sites blocked, plus piracy is allowed).

At this moment. There was a piece posted to HN last week that Hong Kong's ISPs have been asked, or fear being asked, to implement a firewall similar to China's.

Hong Kong's ISP association published a public letter of protest about it.

Edit: Found it - https://www.hkispa.org.hk/139-urgent-statement-of-hkispa-on-...

That’s not entirely true. Their response came after a lot of outrage and fear by the general population.

This outrage came after some top pro-Beijing politicians said that declaring an emergency situation is still on the table, by doing so, it would allow the government to block certain internet services.

Pro-Beijing politicians always use harsh language. The same way PLA officers hinted that the PLA could be deployed in HK if requested by the government.

I overcame TDMA problems associated with mesh broadcast networks by moving channel allocation logic into the application layer. For me it was more important for reliable delivery then bandwidth. We use geo spatial TDMA to further allocate the channel, two proximity peers would have vastly different time slots. Unfortunately this leaks location data (though most 2GHz channels will). Besides wifi + bluetooth channels, we have leveraged acoustic channels (more so for unidirectional communication from a watch tower to all peers within an ultrasonic range)

This reminds me of FireChat which was heavily used during the 2014 Hong Kong protests

We tried to use it this year but it got overloaded on the first day.

Using technology to bring down tyrants. The CIA should do something useful for a change and see this app is distributed to places like North Korea, Zimbabwe, Syria, Myanmar and Iran.

You can block bluetooth. If the Chinese authorities haven't already it's because they see more value in having these kids walking around with personal trackers on their person.

Honest question, but do most people in North Korea have personal smartphones which can connect to outside networks and aren’t completely monitored by the government?

there are a number of mesh apps available they are just not promoted mainstream as they are problematic to monetize and undercut current chat platforms

I know of a few mesh apps. But what's significant about this one is the protesters self selected it.

Dictators can cut off social media apps, even cut of Internet access. But they risk turning more people out in the streets if they cut the power.

interesting that mentioning mesh and the problems of adopting it for anything but philanthropism is not considered valid by some. Yes there was a group consensus that a mesh was needed to communicate as a workaround to internet blockades, the only next step now would be to jam whatever the equivalent of 802.11* is over there. I seriously wish them best of luck, thats all i can hope for from here. Cutting the power would be exactly the thing that escalates it from NotMyProblem to now its affecting me

They don't need to jam the signal. It easier to infiltrate agents broadcasting phony messages among the protesters, creating confusion.

Does anyone have good technical resources on how mesh networks work?

Who's the authority on the identity of a recipient? Do you exchange something out of band (for example a QR code) first? How do messages get routed? How do messages behave under constant network partitioning and healing? Does it use your GPS location for network topology purposes? etc etc

have a look at these:





there is also an open mesh for routers if you have the hardware and propensity look at openWRT and find a mesh add on for it find out what routers you have available to flash it onto and then you will have a MESH node.

Do you know of any good resources talking about considerations for handling adversarial nodes in these networks? For example, what's to stop a rogue implementation from advertising that it has a low cost / short distance to every other node it's ever seen, reporting that data has been sent successfully that actually wasn't, etc? These links give some good background but I haven't seen anything on there about trust in a hostile environment.

@Jorge - is there a way for me to build "relays" out of ESP32/RPi Zero?

@HN Crowd - is there something I could do to prepare for possible censorship? I was thinking of mesh Internet over the air, something like DN42 but over wireless links

You can do mesh networking with the esp32: https://www.espressif.com/en/products/software/esp-mesh/over...

I think that it might be possible to adjust the app to accommodate the esp32 mesh using the mesh security to identify it. Obv. not had time to look at the details, but you could start with this and the bridgefy SDK?


They are also using Umbrella App, a free open source app to help protesters learn about and manage digital and physical security.

Links: www.secfirst.org

iOS: https://itunes.apple.com/us/app/umbrella-security/id14537153...

Android: https://play.google.com/store/apps/details?id=org.secfirst.u...

If worst comes to worst, I hope there's satellite connectivity to HK. Or landlines not under Chinese jurisdiction.

EDIT: To clarify, I'm concerned about what could happen if China cuts HK off from the Internet.

China can't cut HK off from the internet. Almost all Chinese internet traffic is routed through Hong Kong, not the other way around.

I don’t think China would care about cutting themselves off from the global internet.

Maybe the Chinese government wouldn't, but the people would care, a lot. The Chinese government is perpetually afraid of revolution and rebellion.

Do mainland Chinese really use that much of the global Internet?

Foreign trade is ~37% of China's GDP so probably at least 1/3 of the country depends on it directly or indirectly. For context that's equivalent to the entire population of the US even if only a small fraction of those people are conducting the actual communications, negotiations, and transactions of international commerce.

Yes, an enormous amount of data crosses the border from HK into China

Wait, so if I in Europe send an email to a Chinese server, it gets routed across the Atlantic, Pacific and via HK into China? There's no direct land link?

Depends on your ISP. There are cables from Europe and the Americas to China but they are very expensive and congested. HK is also congested but there is much more bandwidth and it's a lot cheaper.

so then HK could do...to china Hmm I think someone is in jeopardy but neither side has realized exactly who yet.

They still can cut off the consumers ISP and leave commercial untouched.

Let's take it a step further, and imagine a complete Internet blackout in HK, both consumer and commercial, even if just for a day or a week.

I'm thinking up scenarios of how China can do a modern Tianamen and get away with it.

I'd be happy to conclude that it isn't possible, but I'm not sure if I might be forgetting something...

Satellite comms would still work. But you raise an important point, as it's a strategic issue in the region: https://www.asiasentinel.com/econ-business/taiwan-fears-chin...

forcing someone to obey you rather than just destroying them for defiance suggest you need them around for something. Im wondering just what a tyrant would have left to occupy thier time when all of the tyrannized are deceased.

Satellite phones are extremely easy to determine point of origin, give or take 20m. That's enough to dispatch police or worse, launch an airstrike.

That's exactly how Dzhokhar Dudayev was killed: using two laser guided missiles while he spoke on sat phone. The signal was interceped by a Russian reconaissance aircraft.

This tactic has been used a number of times that I'm aware of, in Eastern Europe, South America and the Middle East.

...and not just with satellite phones, a normal phone suffices.

A drone will act as a receiver/relay for the phone signal, and then triangulate the phone's location.

Surprising given how easily defeatable it is for anyone sufficiently motivated.

The only "easily defeatable" method that I'm aware of is to make your call from somewhere you don't mind being bombed, make it from a place with multiple egress points, and to stay on the call for at most 90 seconds.

Or put an optical repeater at your target (bombable) site and install a long run of fiber to your safe location, which you then have to abandon. Doesn't seem very practical to me.

Optical repeater? You're overthinking it. You don't need minimal latency or perfect signal quality to make voice calls worthwhile, crap quality is fine. And if you have to abandon a satellite phone because your comms station got blown up...so what? That's just a cost of doing business. They're maybe a couple thousand on the black market, probably the same or less than a MANPAD.

I doubt China is planning to airstrile individual protestor.

Like people doubted they'd run over a protester with a tank, right?

There is a decent amount of JP/SG connectivity, iirc.

Seeing how well it’s working for Indoa in Kashmir, I”m surprised China hasn’t done it by now.

Kashmir isn't as highly networked in the global world like HK is, which is probably why the Indian government can get away with it... it is a chilling lesson to any region that doesn't have the luxury of being a financial hub, which safeguards from sudden blackouts...




How hard would it be for the secret service to infiltrate this? If messages are being passed back and forth could they intercept, modify etc?

Innovation in radio and communication used to be driven by wars and big government contracts. Now, progress in communication technology is driven by dissent.

https://genesis.re/comms - help me grow this guide!

How is it safe? I doubt its complicated to figure out which nodes are broadcasting/unicasting the most frequently, without looking at the content if you have cops at every block logging bluetooth traffic.

What's interesting is how quickly China has reacted to all this, in terms of pumping massive disinformation onto Twitter/Facebook/Youtube. There have to be upper limits on scaling that capability. And that is where China's weakness lies. The more they scale their Stasi bullshit the more likely we see a Chinese Snowden/Manning sooner or later.

It's encrypted and the only information it gives up, only when you do a system wide broadcast, is the broadcasters phone number. So the leaders use burner phones and the problem is solved.

What's important compared to other apps is that the protesters self selected it. If the US government were to provide some funding the next step would to build higher powered repeaters that can be placed on top of tall buildings. Can you imagine a city wide communication system for pro-Democracy forces in Hong Kong or Teheran?

> the next step would to build higher powered repeaters that can be placed on top of tall buildings.

Nice sentiment, but technically counterproductive for mesh networks. Wide coverage nodes create/suffer the “hidden transmitter problem”. Mesh performance degrades overall. Smaller footprint repeaters, and more of them, are a better solution.

> > the next step would to build higher powered repeaters that can be placed on top of tall buildings.

> Nice sentiment, but technically counterproductive for mesh networks. Wide coverage nodes create/suffer the “hidden transmitter problem”. Mesh performance degrades overall. Smaller footprint repeaters, and more of them, are a better solution.

Could you go into more detail on this/share any readings? As a ham radio operator I have learned this through experience but wonder if there are any papers on this idea.

The ham packet radio literature has the most readable descriptions. The professional RF networking write ups that I am aware of are pretty old because I have not followed networking much since grad school (back in the last millennium). Sorry about that.

Basically, you probably already know this, but for others reading along: The RF networking channel differs from a wired net in that not all stations can hear each other. So for stations of relatively equal performance, the stations on the edges do not hear each other and must relay through a station in the middle. It follows that those stations perceive channel busy/clear differently.

With a high level station, first off it hears many more stations so can not transmit into a clear channel as often. Then, when it does transmit, it has a large footprint and prevents channel re-use by several lower-level stations that would otherwise have different locally-clear channels.

There are so damn many far superior systems in this thread. We should have gotten together earlier and promoted one of them.

I don’t know a lot about it but would Signal be safe or even possible to use there?

No internet, no Signal.

No internet being key here.

IIRC this was built on StartupBus, great to see it still being used

Obviously since it’s the only safe option, I can see why the Chinese are using it, but I have to wonder what sort of bandwidth can realistically be supported by any mesh network.

Basically anything text-based (messages, location, triggers), and as technologies improve, so will Bridgefy as it's protocol -agnostic :)



The Hong Kong government would never get away with what they are doing to the people in the United States.

Situation is two sides of a coin. That said, your comment is not adding to the topic of the app.

Arguably it's the right of the people to bear arms against tyranny.

That’s why I find it so funny the are waving US flags, along with Pepe the Frog flags. If they tried throwing Molotov cocktails at US cops, the outcome would be very different.

A small number of protesters are waving US flags because a) they still, rightly or wrongly, see the US as a bastion of freedom and democracy, and b) they are specifically looking for foreign governments to put pressure on the HK/CCP government not to remove basic human rights from HKers. Also, some US far-right nutters trying to co-opt the protests, thinking they were among anti-commie friends. They were wrong, they are not welcome.

Pepe the Frog does not have the far-/alt-right connection here that he does in the US and elsewhere. The image is simply used as something cute and funny.

Molotovs... well, very few if any have actually been thrown at the police, rather than at barriers or police stations. There has been a ratcheting of violence, driven almost entirely by the police, and ultimately the government's complete failure to respond or act to massive peaceful protests. I am strongly in favour of the protests, and while I can't say I agree with every action of the frontliners, I cannot condemn then - I know what they're fighting for and against.

(Some) US cops are terrible. (Many) Hong Kong cops are brutal and out of control. I don't wish either force on either population.

That's not really a thing. Some far-right groups sent provocateurs and livestream grifters on an all expenses paid trip to HK to cash in on 'anti communist protests' but their efforts fell flat after HKers were advised of their identities.

I should probably have included an example: https://coconuts.co/hongkong/news/not-welcome-far-right-patr...

Gibson has since been indicted for felony riot which can carry a term of up 5 years, incidentally.

Does this not scare you?

Don't they require a state-run app on everyone's phones as part of their social credit system? It should at least know who is using the mesh app if nothing else?

I don't think that applies to HK (yet), which auxiliarily is related to what the protesters are protesting about (separation of legal zones)


AFAIK, even in China you're not required to do such except perhaps being a Uyghur in Xinjiang...

However, the PRC government is believed to have full access to popular apps like WeChat, among other surveillance tools.

If I were to do it, maybe I'd just ask phone makers to install such tools as system or ring-0 apps. Why would I give the people a chance to choose whether to participate in my mass surveillance scheme?

In the mainland there are only a few messaging apps that work and they are all either unencrypted or backdoored

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact