Open 802.11b wireless access points and remailers
Several years ago, there was discussion on the list about creating headless or throwaway remailers (likely hidden in some institution where they could get power and net access for a long time until they were discovered)- I didn't spend a lot of time thinking about that, because I thought that the necessary Ethernet (or other network) connection which would be made between the hidden machine and the host network would make it easy enough to detect and disable that it wasn't a productive direction for exploration. (There are also any number of legal issues related to trespass, unauthorized network use, etc., which may apply.) However, that limitation may be withering away, with the spread of 802.11b (or similar) wireless networks - the attached email describes a Seattle-area system apparently set up by Microsoft in a shopping mall providing free network access to people within the reach of its radio units. An old laptop, a solar panel, some auxiliary batteries, and an 802.11 network card might be able to stay online for a long, long time in that sort of environment. This also sounds like a good way to get casual, anonymous network access to upload or download email - once upon a time, bad people who wanted to send forbidden emails or browse hidden sites did that by going to public terminals in libraries or web cafes or [...] - now perhaps they'll do that at Starbucks or the mall, either for free or having paid cash for short-term access via 802.11b wireless. And, if you're the sort that's worried about permission, etc., the nice thing is that these networks are explicitly intended for the use of guests on the premises, so at least the first level of concerns about trespass or unauthorized use are addressed. These days, remailers aren't as exciting as they once were - perhaps the next important tools are going to be Freenet or Mojo Nation nodes - but the combination of wireless access plus anonymous access provides an interesting opportunity for network participants which are physically within a jurisdiction yet unavailable for punishment.
To: seasigi-list@eskimo.com Cc: decentralization@yahoogroups.com From: Todd Boyle <tboyle@rosehill.net> Date: Mon, 23 Jul 2001 15:24:14 +0200 Subject: [decentralization] Free wireless access at Crossroads
Somehow I view this with the same sense of foreboding as the spread of two different species of africanized honeybees.
In business school we were taught that the incumbent in a market generally wants to wait for upstarts to expend their capital to deploy in specific places then, go to those places and compete. Drawing on billions of reserves from product X, the larger vendor can give away product Y for free.
Todd
From: "Michael Codanti" <michael@civis.com> To: <dev@seattlewireless.net>, <ptp@lists.spack.org> Subject: Crossroads Mall in Bellevue Date: Mon, 23 Jul 2001 11:36:13 -0700 Organization: CIVIS Consulting
I just thought I would drop a note to the lists about the Crossroads mall in Bellevue, WA. This is the one that Micro$oft has installed their test MSChoice network. We were on our way back from a trip to Canada and stopped in at the mall. Within seconds we were on the ChoiceNet network and according to my tests we had a full T1 to ourselves. (1132k down/1250k up) They have 4 Cisco APs and coverage appeard to be very good. Their site says you have to use the PANS client on Windows 2000, but I was using Windows XP RC1 and it ever even asked me to authentidicate... The most interesting thing is that the StarBucks in the mall has their MobileStar AP up, but signal strength sucked. (I was fairly close to StarBucks) And considering that ChoiceNet is free, and MobileStar wants $12/hour I don't know how much business they will get...
Michael
http://einstein.ssz.com/hangar18 Come join the Plan 9 party...(anybody got 16-bit ISA EIDE Controllers for sale? I've got two boxes I'll donate to the cause. One process, one file. I just can't find the #!*-]#@ controllers local). The PC-104 format is something I highly recommend if you want something specific like this. In particular, http://www.emjembedded.com 1-800-548-2319 Slap it in a NEMA box and you're a happy camper. It's one of the reasons I used 'small world networks' for my "Igor" remailer (Perl on Plan 9). In passing, if anyone is in Austin Thu. nite there is a key signing party at the Austin Linux Group, http://austinlug.org On Tue, 24 Jul 2001 gbroiles@speakeasy.org wrote:
Several years ago, there was discussion on the list about creating headless or throwaway remailers (likely hidden in some institution where they could get power and net access for a long time until they were discovered)- I didn't spend a lot of time thinking about that, because I thought that the necessary Ethernet (or other network) connection which would be made between the hidden machine and the host network would make it easy enough to detect and disable that it wasn't a productive direction for exploration. (There are also any number of legal issues related to trespass, unauthorized network use, etc., which may apply.)
However, that limitation may be withering away, with the spread of 802.11b (or similar) wireless networks - the attached email describes a Seattle-area system apparently set up by Microsoft in a shopping mall providing free network access to people within the reach of its radio units.
An old laptop, a solar panel, some auxiliary batteries, and an 802.11 network card might be able to stay online for a long, long time in that sort of environment.
This also sounds like a good way to get casual, anonymous network access to upload or download email - once upon a time, bad people who wanted to send forbidden emails or browse hidden sites did that by going to public terminals in libraries or web cafes or [...] - now perhaps they'll do that at Starbucks or the mall, either for free or having paid cash for short-term access via 802.11b wireless.
And, if you're the sort that's worried about permission, etc., the nice thing is that these networks are explicitly intended for the use of guests on the premises, so at least the first level of concerns about trespass or unauthorized use are addressed.
These days, remailers aren't as exciting as they once were - perhaps the next important tools are going to be Freenet or Mojo Nation nodes - but the combination of wireless access plus anonymous access provides an interesting opportunity for network participants which are physically within a jurisdiction yet unavailable for punishment.
To: seasigi-list@eskimo.com Cc: decentralization@yahoogroups.com From: Todd Boyle <tboyle@rosehill.net> Date: Mon, 23 Jul 2001 15:24:14 +0200 Subject: [decentralization] Free wireless access at Crossroads
Somehow I view this with the same sense of foreboding as the spread of two different species of africanized honeybees.
In business school we were taught that the incumbent in a market generally wants to wait for upstarts to expend their capital to deploy in specific places then, go to those places and compete. Drawing on billions of reserves from product X, the larger vendor can give away product Y for free.
Todd
From: "Michael Codanti" <michael@civis.com> To: <dev@seattlewireless.net>, <ptp@lists.spack.org> Subject: Crossroads Mall in Bellevue Date: Mon, 23 Jul 2001 11:36:13 -0700 Organization: CIVIS Consulting
I just thought I would drop a note to the lists about the Crossroads mall in Bellevue, WA. This is the one that Micro$oft has installed their test MSChoice network. We were on our way back from a trip to Canada and stopped in at the mall. Within seconds we were on the ChoiceNet network and according to my tests we had a full T1 to ourselves. (1132k down/1250k up) They have 4 Cisco APs and coverage appeard to be very good. Their site says you have to use the PANS client on Windows 2000, but I was using Windows XP RC1 and it ever even asked me to authentidicate... The most interesting thing is that the StarBucks in the mall has their MobileStar AP up, but signal strength sucked. (I was fairly close to StarBucks) And considering that ChoiceNet is free, and MobileStar wants $12/hour I don't know how much business they will get...
Michael
At 10:43 AM -0700 7/24/01, gbroiles@speakeasy.org wrote:
Several years ago, there was discussion on the list about creating headless or throwaway remailers (likely hidden in some institution where they could get power and net access for a long time until they were discovered)- I didn't spend a lot of time thinking about that, because I thought that the necessary Ethernet (or other network) connection which would be made between the hidden machine and the host network would make it easy enough to detect and disable that it wasn't a productive direction for exploration. (There are also any number of legal issues related to trespass, unauthorized network use, etc., which may apply.)
However, that limitation may be withering away, with the spread of 802.11b (or similar) wireless networks - the attached email describes a Seattle-area system apparently set up by Microsoft in a shopping mall providing free network access to people within the reach of its radio units.
An old laptop, a solar panel, some auxiliary batteries, and an 802.11 network card might be able to stay online for a long, long time in that sort of environment.
There are several companies making embedded systems boards that use very little power and are capable of running linux. I don't know if any of them are quite low power enough to run off a solar panel yet, but some of the mips/arm designs might be. It would seem to me that if it's a box you don't expect to get back, it might be a better idea to build a special purpose machine--just the motherboard, 802.11 device and a reduced Linux installation running out of flash ram.
And, if you're the sort that's worried about permission, etc., the nice thing is that these networks are explicitly intended for the use of guests on the premises, so at least the first level of concerns about trespass or unauthorized use are addressed.
Depending on the area covered, you wouldn't even need to trespass. If it's in a mall area, coverage would probably extend to certain areas of the outside of the building where it might be feasible to mount a small enough box that it wouldn't get noticed. Epoxy your box to the wall next to some other sort of electrical equipment (if the interference won't get in the way) and it will probably remain undiscovered for a while.
These days, remailers aren't as exciting as they once were - perhaps the next important tools are going to be Freenet or Mojo Nation nodes - but the combination of wireless access plus anonymous access provides an interesting opportunity for network participants which are physically within a jurisdiction yet unavailable for punishment.
Another interesting possibility is "Public VPNs" (I'm sure someone else has come up with this concept and given it a different name) but use VPN software to establish a connection to a box as described above, and your home IP is lightly masked. It might, given a big enough network, be possible to do some sort of "anonymous packet forwarder" like remailers, only in real time. Well, no. I'm sure it's possible, it'll just take a lot of bandwidth.
On 24 Jul 2001, at 20:59, Petro wrote:
There are several companies making embedded systems boards that use very little power and are capable of running linux. I don't know if any of them are quite low power enough to run off a solar panel yet, but some of the mips/arm designs might be.
My current new toy is a CerfCube. (http://www.intrinsyc.com/products/referencedesigns/cerfcube.html) The specs say max 1A @ 5VDC. I know that running a Compact Flash card makes it draw toward the upper limit, but the built in 32MB RAM + 16MB Flash should be enough to run a remailer. Maybe not quite disposable at $379, but it would be interesting to see what I can do in that area. With an adapter, I can run a 802.11 card from the CF socket, I think. (drivers might be tricky) Having fallen a little out of touch, what are the popular remailers in use? Can't seem to find my Mixmaster link anymore.
It would seem to me that if it's a box you don't expect to get back, it might be a better idea to build a special purpose machine--just the motherboard, 802.11 device and a reduced Linux installation running out of flash ram.
That sounds like the CerfCube (maybe without the stylish Al cube case).
Depending on the area covered, you wouldn't even need to trespass. If it's in a mall area, coverage would probably extend to certain areas of the outside of the building where it might be feasible to mount a small enough box that it wouldn't get noticed. Epoxy your box to the wall next to some other sort of electrical equipment (if the interference won't get in the way) and it will probably remain undiscovered for a while.
Hmmm.... maybe an inductive parasite power tap? -- Roy M. Silvernail [ ] roy@scytale.com DNRC Minister Plenipotentiary of All Things Confusing, Software Division PGP Key 0x1AF39331 : 71D5 2EA2 4C27 D569 D96B BD40 D926 C05E Key available from pubkey@scytale.com I charge to process unsolicited commercial email
In article <3B5E66E7.19729.1368F157@localhost>, Roy M. Silvernail <roy@scytale.com> wrote:
With an adapter, I can run a 802.11 card from the CF socket, I think. (drivers might be tricky)
You don't need an adapter: http://www.symbol.com/products/wireless/la4137.html It's an 802.11 card in a Compact Flash socket. - Ian
In article <3B5E66E7.19729.1368F157@localhost>, Roy M. Silvernail <roy@scytale.com> wrote:
With an adapter, I can run a 802.11 card from the CF socket, I think. (drivers might be tricky)
You don't need an adapter: http://www.symbol.com/products/wireless/la4137.html It's an 802.11 card in a Compact Flash socket. - Ian
On Tue, 24 Jul 2001 gbroiles@speakeasy.org wrote:
forbidden emails or browse hidden sites did that by going to public terminals in libraries or web cafes or [...] - now perhaps they'll do that at Starbucks or the mall, either for free or having paid cash for short-term access via 802.11b wireless.
I heard recently that Starbucks is piloting 802.11b access in selected Manhattan locations. The issue is support, of course - they need to see if they'll have to hire a sysadmin for every Starbucks before rolling it out. I haven't taken my laptop and tried to verify this yet. Matthew Skala had some material on his web page concerning "community wireless" networks, as well, in which people offer free wireless connectivity as a public service. Presumably this too would offer opportunities for anonymous net access. I would be less willing to trust a static box connected to one of these networks, though. Once identified as a remailer, it seems that it might be too easy to track it to its physical location, at which point it can be borged or destroyed. After all, if it's going to be an active remailer, it will be sending and receiving several messages each day. You might try to get around this by developing a protocol in which there are many, many remailers, each of which only speaks once in a very long while. I don't know how easy or hard it is exactly to do this kind of tracking, however, which makes it difficult to say what such a protocol would look like. Perhaps mobile remailers might be more useful or more difficult to track to their physical implementation. The only problem with a mobile remailer is the question of "who's moving it?" (or what). I can imagine a mobile remailer the size of a Walkman without too much difficulty; I can also imagine that if I were to wear such a remailer and walk around in the wrong kind of environment, I'd be asking for a "mugging." or worse. Now that I think about it, it's not clear that wireless actually buys us more than obscurity of physical location. The real win, as you point out, is ease of access and ease of setup. Maybe less dependence on upstream connections, as well, so you can get around the problem of ISPs shutting down remailers for spam. Plus mobile remailers seem to require either a global address space or developing the notion of remailer confederations which allow dynamic leave and join of remailer nodes. I recall that the notion of dynamic collections of remailers came up in at least one previous discussion of disposable remailers. I don't remember that too many conclusions were reached, but it was a while abck. One problem is that an adversary can show up with polynomially many of its closest friends and have them all try to join a remailer confederation at once. While the MIX protocol is theoretically OK as long as even one MIX is honest, this may have bad implications for traffic analysis. Perhaps one thing we could do would be to borrow Levien's advogato metric. Let anyone who wants to start a remailer confederation. They form the root set of the trust metric for that confederation. Anyone can join the confederation's address space, but will start out with no trust links between them and the root set. Nodes can rate each other, establishing trust links. This way you can develop a trust metric / reputation system local to that particular remailer confederation. Now the issues are how the ratings are set up and maybe more important, how routing of messages is influenced by the trust metric. Ratings could be manual. We know how well that works from the PGP web of trust experiment - and here life is harder since remops usually will not know each other personally nor want to. Another issue is dealing with nodes which leave the confederation. What if all the confederation founders leave? what happens to the root set then? Also, building up trust may require time, which makes this unsuitable for nodes which want to pop in for 20 ins and then leave (say their owner is on the freeway). -David
At 01:52 AM 7/26/01 -0400, dmolnar wrote:
will be sending and receiving several messages each day. You might try to get around this by developing a protocol in which there are many, many remailers, each of which only speaks once in a very long while. I don't know how easy or hard it is exactly to do this kind of tracking, however, which makes it difficult to say what such a protocol would look like.
Perhaps mobile remailers might be more useful or more difficult to track to their physical implementation. The only problem with a mobile remailer is the question of "who's moving it?" (or what). I can imagine a mobile remailer the size of a Walkman without too much difficulty; I can also imagine that if I were to wear such a remailer and walk around in the wrong kind of environment, I'd be asking for a "mugging." or worse.
When "cell phones" get more programmable, and handle text, an interesting "app" could be guerilla-net-like "routing". If everyone's "phone" is a RF repeater/router, its not impossible. Battery life would probably be the worst impact. A few airline bottles of vodka will keep the fuel cells humming (for the future phone, I mean). Lots of mil apps for fully distributed RF nets, too.
On Wed, 25 Jul 2001, David Honig wrote:
When "cell phones" get more programmable, and handle text, an interesting "app" could be guerilla-net-like "routing". If everyone's "phone" is a RF repeater/router, its not impossible.
You could probably hack this up now, if you were willing to lose the cell phone functionality of your cell phone. Maybe you could even get by with just replacing the web browser on your cell phone. (I still can't make head or tails out of my phone's browser, but apparently people use them.) cell phones do handle text. In fact people are trying to make a business out of cell phone mailing lists. see www.upoc.com You'd have to add would be some kind of scripting language for forwarding text messages on the phone.
Battery life would probably be the worst impact. A few airline bottles of vodka will keep the fuel cells humming (for the future phone, I mean).
Heh. "One for me, one for my phone." Batch transmissions every hour on the hour might help with this. No reason to be up all the time for sending e-mail. You could also play games in which every phone picks a different minute each hour, then wakes up during that minute for transmission. Your chance of being in the same minute as your destination isn't great, but you could transmit the packet to each of your neighbors in that minute, each of whom tries to relay the packet in different minutes during the next hour. One issue with that, though, is how to stop packets from flying around long after they've been first delivered. A gnutella/freenet-style limit on the number of tries might help. So might announcements of packets received; i.e. a phone says "I've received packet X, so you can drop it." You'd have to be careful about an adversary trying to create packets which live forever (i.e. the hop limit should not live in the packet, unless the packet is signed and these announcements had better have some way of proving they come from the 'intented' sender) (but at the same time, we should avoid any protocol which requires a PKI for phones or even public-key crypto on efficiency and speed grounds; it takes 20 seconds for my phone to negotiate one RSA key exchange). In order to prevent what Anderson calls "sleep deprivation" attacks, you'd also want that the number of minutes the phone is up depends weakly or not at all on parameters under the control of an adversary. like how many packets received during the previous minute up. Random dropping of incoming packets might be a way to get around this, since I'm thinking that every phone broadcasts to every other phone in the same minute anyway. (I keep thinking of _Dayworld_ through all of this, but I don't yet see a good joke or a useful metaphor -- phones are not assigned set minutes for life, unlike in _Dayworld_, so what's a "dayworld breaker"? a phone that continues to relay during the entire hour? that would be a good thing, since it'd speed up packet relay.) I'd be pretty surprised if people haven't already looked at these sorts of schemes and come up with much better ones. Although maybe they haven't been considered with adversaries in mind. Anyone know of references?
Lots of mil apps for fully distributed RF nets, too.
That's where spread-spectrum came from, isn't it? How much is publically known about the toys they already have? -David
At 03:38 AM 7/26/01 -0400, dmolnar wrote:
Lots of mil apps for fully distributed RF nets, too.
That's where spread-spectrum came from, isn't it? How much is publically known about the toys they already have?
-David
Spread spectrum and freq hopping are separate. They make jamming/finding harder. But they don't change the topology. What I meant is if each soldier's radio relays messages, you don't need a big succeptible basestation. Similarly with sensor nets, robot swarms, etc. ..... Did you know that NEC is selling a .4 x .4 mm x 60 micron chip that has a 128-bit ROM and an RF interface? For embedding into security docs. Externally powered, 30 cm range. Add sensors, solar power storage, longer range, and relay messages. Like dust in the wind.
On Thu, 26 Jul 2001, David Honig wrote:
What I meant is if each soldier's radio relays messages, you don't need a big succeptible basestation.
Problem: if each soldier's radio relays messages, it becomes relatively easy to create a soldier-seeking bullet. Just home in on the source of that radio noise, and blam. Bear
On Thu, 26 Jul 2001, Ray Dillinger wrote:
Problem: if each soldier's radio relays messages, it becomes relatively easy to create a soldier-seeking bullet. Just home in on the source of that radio noise, and blam.
Hence, LPI. Spread-spectrum, UWB, directed transmissions in the high microwave bands, and so on. Dunno how useful the latter are for portable equipment, though, or in the battlefield conditions. Sampo Syreeni, aka decoy, mailto:decoy@iki.fi, gsm: +358-50-5756111 student/math+cs/helsinki university, http://www.iki.fi/~decoy/front
At 10:40 AM 7/26/01 -0700, Ray Dillinger wrote:
On Thu, 26 Jul 2001, David Honig wrote:
What I meant is if each soldier's radio relays messages, you don't need a big succeptible basestation.
Problem: if each soldier's radio relays messages, it becomes relatively easy to create a soldier-seeking bullet. Just home in on the source of that radio noise, and blam.
Bear
1. ok, soldiers are cheap, if CNN isn't there to watch 2. think intermittent. like the russian bug in the wall. 3. if you toast a mil base station, all your fodder are toast dh
participants (9)
-
David Honig -
dmolnar -
gbroiles@speakeasy.org -
iang@abraham.cs.berkeley.edu -
Jim Choate -
Petro -
Ray Dillinger -
Roy M. Silvernail -
Sampo Syreeni