Which brings me to part two, MeshMarauder.
An open source tool demonstrating proof-of-concept exploits against the DEFCON 33 Meshtastic firmware.
MeshMarauder will demostrate:
- Tracking user activity on any mesh regardless of encryption usage
- Hijack all meshtastic user profile metadata
- Change any users public key
- Send messages as any user in channel chats that appear authentic
- MITM direct messages
https://meshmarauder.net
#defcon #meshtastic #meshmarauder #cybersecurity
If you’re looking for a Meshtastic alternative which was designed with cryptographic security in mind instead of adding it as an afterthought, check out Reticulum and its RNode firmware which lets it use (most) Meshtastic-compatible LoRa devices as a modem.
Reticulum also has much more intelligent routing, can work over things besides just LoRa (including the internet), and (some) applications built on it provide reliable transport.
see also
Sideband - probably the app to start with, for Linux, Android, Mac, and Windows
The license of the Python reference implementation doesn’t meet the free or open source software definitions because it contains these two clauses:
The Software shall not be used in any kind of system which includes amongst its functions the ability to purposefully do harm to human beings.
The Software shall not be used, directly or indirectly, in the creation of an artificial intelligence, machine learning or language model training dataset, including but not limited to any use that contributes to the training or development of such a model or algorithm.
While I very much appreciate the intention of these clauses, they will inevitably inhibit adoption somewhat.
There are however already multiple compatible implementations in development under free licenses, as you can see on the Awesome-Reticulum wiki page. (Including one by a company marketing products based on it for military use 😦)
The Sideband app is also under a non-free license (CC BY-NC-SA).
If you’re looking for a Meshtastic alternative which was designed with cryptographic security in mind instead of adding it as an afterthought, check out Reticulum and its RNode firmware which lets it use (most) Meshtastic-compatible LoRa devices as a modem.
Reticulum also has much more intelligent routing, can work over things besides just LoRa (including the internet), and (some) applications built on it provide reliable transport.
see also
about iOS support...
caveat about the license
The license of the Python reference implementation doesn’t meet the free or open source software definitions because it contains these two clauses:
While I very much appreciate the intention of these clauses, they will inevitably inhibit adoption somewhat.
There are however already multiple compatible implementations in development under free licenses, as you can see on the Awesome-Reticulum wiki page. (Including one by a company marketing products based on it for military use 😦)
The Sideband app is also under a non-free license (CC BY-NC-SA).