The other thing I'd note is that this article is referring to "mesh networks", when it really means "community networks": networks run by a community, regardless of whether the network is a mesh or not. I don't know about the Athens network in particular, but I know that the Freifunk and Guifi networks are rather hierarchically structured (i.e., are not true mesh networks). This is necessary for building a wireless network with reasonable performance due to the aforementioned fundamental scaling limitations of mesh networks.
I love the enthusiasm of everyone working on mesh networks, but I think it's valuable to keep a critical perspective and not get carried away with that enthusiasm, if for no other reason than to stay honest about the technical challenges involved.
Executive Director, The Free Network Foundation
Also, what are your opinions on Guifi.net?
Several others and I run a small (50 nodes) mesh network in my area, and it works fine for:
- enhancing WiFi access for all contributing nodes to an area which has limited or no coverage.
- providing fallback uplink connectivity for contributing nodes.
Infrastructure mesh networks are easy split into interconnected groups to avoid performance problems, and are still mesh networks, were a metropolitan area is covered by one ore more meshes to add redundancy and avoid scaling problems.
For enhanced privacy see http://www.eecs.berkeley.edu/Pubs/TechRpts/2013/EECS-2013-12...
I'm really surprised that P2P doesn't scale on a mesh and would like to understand this better. I do research on message passing algorithms and obviously trees (hierarchies) are great, meshes are not... I can see that the overhead of routing messages is going to grow (like n^2?) with the mesh size, but i'm surprised there is no way around this.
It's going to be a lot harder to "tap" a secure mesh network that's encrypted at every node. I would look more into this one:
The point for censorship circumventing meshes is to use whatever means possible to establish a routing fabric that gives anonymity and prevent authorities from tracking down or shutting of specific people.
It's perfectly fine in that case to route over mobile internet, over cable or ADSL connections, or over Wifi or any combination.
Your work seems to focus on a particular subset where someone for some reason have decided to go entirely wireless. But that makes little sense, not least because it means the network becomes entirely insular. Most network will want uplinks/downlinks to the internet, and the moment you spread such links through the mesh, most of your issues fall away, as it, for example, becomes ok or even advantageous to design the system to break wireless links and have the topology rearrange regularly and part of the routing could be to negotiate splitting and changing wireless links to break the wireless networks into smaller, but constantly changing chunks.
Your concern about omnidirectional networks swamping each other is similarly contingent on an all-wireless mesh, and a fairly dense one at that. I'm sure there are places where it is an issue, but I live in an substantially above averagely dense area, and I count about 10 wireless devices in my living room. I can detect about 5 other wireless networks around me, none on competing channels. If I bridged my network to two of those five, it would not substantially increase the amount of contention, especially as I know from measuring that several channels in normal wifi range are not used by any of my nearby neighbours, and given that I can compare to work, where we have 20+ computers with their own wifi networks on in the same room, paired with 20+ phones, and 10+ other large office networks visible.
Yes, the bandwidth to the internet would be low if we all were to try to piggyback off one uplink, but that would be silly. Instead, a proper privacy / censorship enhancing mesh would try to pass the traffic peer to peer where possible, and hand off parts of all the traffic to our upstream internet connections via encrypted connections to other parts of the mesh too.
When it comes to equipment, I have several wifi devices that fit inside a USB plug. Their antennas are not great, but easy to improve, so the idea that it'd be easy to prevent sales of suitable equipment is unlikely, I think - A USB hub plus a bunch of cheap USB wifi units + a $40 small computer, and you can bridge heaps of networks. In a situation with active censorship, there are enough consumer equipment that is trivial to create ad-hoc routers from, even if you worst case have to hook a bunch of bulky wifi access points together.
In fact, the possible units are cheap enough that I've been toying with the idea of bridging my own wifi along the 2 miles or so from my house to the train station I commute from by strategically hiding small android computers with an extra wifi interface, mostly for fun. The limiting factor now is no longer cost, but solving the power issue (finding a unit low enough power to be able to supply it via solar (I don't fancy the increased risk of trying to steak power anywhere along the route, though there's plenty of poorly protected tempting telco cabinets that'd be ideal) without making the units big enough that it'd be too hard to hide units along the road without having bomb squads called out...).
Routing protocols for large meshes certainly are still an issue, but that issue will only be solved if we actually try. And again it is worth keeping in mind goals. if your goal is to replace the public internet, then it's hard, as the bandwidth and latency requirements become a big challenge. If the goal is evading censorship, then you only need to pass certain traffic over the mesh fabric. In fact, the smaller percentage, the better, as much of the traffic will need to exit somewhere to bridge air gaps, and the smaller the traffic, the easier it will be to traffic mix and hide any encrypted exit traffic.
The US government/NSA is ruining the old Internet, so I hope the new one will be very resistant to such attempts in the future. I would watch out especially for hardware-level backdoors for such an Internet.
If they can't spy on the network directly because it's P2P they will try to force either the OS vendors or the hardware vendors to implement backdoors and keyloggers for them. So at the very least the focus should be on open source operating systems with open source firmware (and possibly even open source hardware in the future). Such hardware should be given extreme preference for the mesh networks.
I never thought that the whole "trusting trust" essay would become a practical reality and an everyday danger that must be mitigated. But welcome to the 21st century. No flying cars, but lots of dystopian cyber punks eager to get in your business.
A group of us are already well on the way in Oakland, stop by some time!
Does anyone know whether this is so, or how to protect against snooping, as I would assume there is some implicit level of trust required for a network like this to stay secure.
should be based in social connections and trust.. the old school policy
cjdns works by requiring people to exchange keys with someone out of band to get access to their mesh, and to me that just seems as fundamentally defeating the purpose.
Yes, that means you need to build a system where bad guys are hard to impossible to track down and throw off the mesh. The problem is if you create a system where misbehaving people are trackable, then good guys can be tracked too.
- Non-compromised endpoint hardware
- In-person public key exchange
- Onion routing
Maybe if there was an open source/open hardware router which contained a chip with secure boot, into which you yourself could burn the public key, and then it would only allow the code signed by that key... Sounds too complicated to be user friendly.
Besides, there is no way to verify that the hardware router that somebody considers to be secure was not replaced by an identically looking box that had been compromised :( .
Let's meet up to discuss more, how about a Google group to organize? https://groups.google.com/forum/#!forum/sf-meshnet
Do mesh operators have the same "safe harbor" protections?
What if the FBI shows up on your doorstep and says "give us access or go to prison" ?
The only decent point here, related to privacy is that it's way better for people to control the network instead of a police state, but you can't really be anonymous in such small MANs.
Melbourne and Perth seem to be the only ones left with active nodes? Canberra (air.net) used to be strong. Sydney lives on in the form of a website and nodedb, a world wide map of mesh network nodes, started by "evilbunny" (Duane Groth).
The servers are still live, but the content is well out of date. The projects are dead, but all the infrastructure seems to still be there, if interest ever revives.
It was built to connect the Tibetan community in Dharmsala, India using modified, off the shelf hardware and custom software at some of the hardest mountainous terrain where such equipment can be deployed.
Don't miss the International Summit for Community Wireless Networks (http://2013.wirelesssummit.org/).
For best UX, set your "Referrer:" header to google.com
Also, I think Cisco paid over a billion for one mesh community network's project. I think a YC cofounder may have been involved in that project. Not sure. Its Cisco brand name is Meraki.
It appears portable autonomous networks (i.e. no telco needed) are useful and valuable for many, diverse reasons. I posit that if you can build your "no telco required" network from affordable parts and can get it to work consistently, then it has value, irrespective of whatever "intended uses" for it you might have in mind.
Of course, I could be wrong.
Meraki was worth $1B because they almost completely pivoted away from mesh towards more conventional networking.
If I build a better LAN, it might be used by companies with high maintenance corporate networks, or it might be used by high scoring gamers at LAN parties. The LAN technology does not fundamentally change, only the usage.
However, your point is well taken. As far as buzzwords go, "mesh network" is not in the same league as "cloud computing". You will not see "mesh network" in Cisco's marketing.
But was this really a "pivot"? Or is this a case of a use (corporate LAN) that differs from the original one (community LAN): what I would call an "unintended use".
My idea of a "pivot" is something like when some young developers want to start a company that takes orders for food delivery over the web but then, after consulting with the older folks who would provide funding, decide instead to build a news commentary blog that functions like a forum. That sounds like more than a change of usage. It sounds like an entirely different program. But maybe not. Maybe the system they create for taking orders is more or less the same one they use for taking comments on news items.
Anyway, it's an interesting story and regardless of how the stuff is being used now, it was originally used for creating "mesh networks", a type of portable network that could run with a telco. Now it is used, by Cisco customers, for creating "distributed networks".
I'm not clear on the exact definition of "mesh networking", but I think it implies forwarding data traffic. If so, that disqualifies Meraki. But I'm not sure of the purpose of your point (with which I agree) because I never used the terms "mesh networking" or "mesh technology".
For the record, I used the words "portable" and "no telco needed". In my mind, this encompasses more than just "mesh networks".
I remember being told about research being done on multi-core processing in the 70's, but no headway there could outpace the standard of shrinking the technology and increasing the clock rate. Now we may as well assume n-cores. It's my hope (because mesh networks sound way more democratized and just "seem" like the next logical way of scaling the internet) that antennas become cheaper at a faster rate than wired infrastructure (given the fairly inelastic cost of digging shit up) and mesh networks start to make sense.
They've been at it since 2000, have various nodes throughout the city and some impressive long distance directional links. (Seattle's topography provides some interesting challenges.) When I lived there in about 2005 there were regular wireless hack nights. Find Matt Westervelt or Rob Flickenger.
The best solution would be allowing people to risk free run grid networks (which would be, I think, very low bandwidth) and have communities also supply separtae low bandwidth Internet connected wifi for free. We would then use a paid for service for anything for more than text or other low bandwidth uses. No one would download large mp3s, watch Netflix, etc. from the very low bandwidth community wifi, and the separate grid network would be local and likely not have anything to attract "Imperial interest" (sorry about the Star Wars metaphor :-)
Local grid networks could be part of support for local libraries, community centers, etc.
There was a surge in people doing wifi WAN style networks across whole cities, back when internet speeds were slow+expensive, and decent directional wifi antennas were available fairly inexpensively.
I think low-cost high-speed internet largely killed the need for it: perhaps Prism has given us a nudge to start again?
Also the "L" in LAN, stands for "Local".
I remember AWMN had experienced a boost when the ADSL's were out but very expensive, so many people used to buy one and share it alltogether.
It has come a long way since.
Also there's many cities with a first responders mesh network.
I'm a little disappointed, though, that at least local to me most of the interest centers around hacking the old WRT-54G rather than more modern and powerful gear.