Lingolol

KrissyKatMy area is always great for radio because of the flatness and the Lake. 😺<a href="https://hoosier.social/@muddyfields" class="u-url mention" rel="nofollow noopener" target="_blank">@muddyfields</a> <a href="https://hoosier.social/tags/Meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#Meshtastic</a>

AI6YR BenInteresting. This meshtastic node is approximately at JPL. Which would explain the enthusiasm for the USGS earthquake output <a href="https://m.ai6yr.org/tags/jpl" class="mention hashtag" rel="nofollow noopener" target="_blank">#jpl</a> <a href="https://m.ai6yr.org/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a>

AI6YR BenSomeone wired up the USGS earthquakes to <a href="https://m.ai6yr.org/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> recently.... Seems like they will want to limit it geographically.You can see this implemented on the fediverse at <a href="https://bots.krohsnest.com/@quakes" class="u-url mention" rel="nofollow noopener" target="_blank">@quakes</a> (one example)<a href="https://m.ai6yr.org/tags/earthquakes" class="mention hashtag" rel="nofollow noopener" target="_blank">#earthquakes</a>

KrissyKatBloomington has a Meshtastic group.<a href="https://btownmesh.org/" rel="nofollow noopener" translate="no" target="_blank">https://btownmesh.org/</a><a href="https://hoosier.social/tags/bloomington" class="mention hashtag" rel="nofollow noopener" target="_blank">#bloomington</a> <a href="https://hoosier.social/tags/lora" class="mention hashtag" rel="nofollow noopener" target="_blank">#lora</a> <a href="https://hoosier.social/tags/radio" class="mention hashtag" rel="nofollow noopener" target="_blank">#radio</a> <a href="https://hoosier.social/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a>

erlHey any east bay peeps use <a href="https://chaosfem.tw/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a>? Drop ur shortname in the comments (mines erl)

Julian OliverGreat audit and PoC by <a href="https://partyon.xyz/@nullagent" class="u-url mention" rel="nofollow noopener" target="_blank">@nullagent</a>, detailing over-the-air exploits of <a href="https://mastodon.social/tags/Meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#Meshtastic</a>: <a href="https://meshmarauder.net/" rel="nofollow noopener" translate="no" target="_blank">https://meshmarauder.net/</a>Some thoughts1/ Meshtastic has never had strong security model (even since PKI) 2/ Always been irresponsible to promote MT for sensitive comms 3/ Primary use case for MT is as emergency comms fallback 4/ It could be as insecure as walkie talkies or HAM & people would still use it for (3). 5/ Let's hope MT devs adopt the excellent recommendations by the PoC author(s)<a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> (via <a href="https://mastodon.nz/@ira" class="u-url mention" rel="nofollow noopener" target="_blank">@ira</a>)

Joy Denebeim<a href="https://mastodon.social/@geerlingguy" class="u-url mention" rel="nofollow noopener" target="_blank">@geerlingguy</a> is <a href="https://mastodon.deepthot.org/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> store and forward? If so it's as secure as bang path <a href="https://mastodon.deepthot.org/tags/uucp" class="mention hashtag" rel="nofollow noopener" target="_blank">#uucp</a> email

Scott Murray :neurodiversity:Important thread for anyone interested in <a href="https://sfba.social/tags/LoRa" class="mention hashtag" rel="nofollow noopener" target="_blank">#LoRa</a> <a href="https://sfba.social/tags/mesh" class="mention hashtag" rel="nofollow noopener" target="_blank">#mesh</a> <a href="https://sfba.social/tags/radio" class="mention hashtag" rel="nofollow noopener" target="_blank">#radio</a> systems like <a href="https://sfba.social/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> and <a href="https://sfba.social/tags/meshcore" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshcore</a> <a href="https://partyon.xyz/@nullagent/115005174102950908" rel="nofollow noopener" translate="no" target="_blank">https://partyon.xyz/@nullagent/115005174102950908</a>

nullagentSo when it's this easy to get a MITM going things like making posts in public chats as anyone you want feels kinda low key.But I do hope that extended warranty works out, everyone seems pretty concerned about them.<a href="https://partyon.xyz/tags/defcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#defcon</a> <a href="https://partyon.xyz/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> <a href="https://partyon.xyz/tags/lora" class="mention hashtag" rel="nofollow noopener" target="_blank">#lora</a> <a href="https://partyon.xyz/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

nullagentWhich brings me to part two, MeshMarauder.This is an open source tool demonstrating proof-of-concept exploits against the DEFCON 33 Meshtastic firmware. MeshMarauder will demostrate: - Tracking user activity on any mesh regardless of encryption usage - Hijack all meshtastic user profile metadata - Change any users public key - Send messages as any user in channel chats that appear authentic - MITM direct messages<a href="https://meshmarauder.net" rel="nofollow noopener" translate="no" target="_blank">https://meshmarauder.net</a><a href="https://partyon.xyz/tags/defcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#defcon</a> <a href="https://partyon.xyz/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> <a href="https://partyon.xyz/tags/meshmarauder" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshmarauder</a>

nullagentThe first new tool is lorapipe, a firmware that runs on most consumer LoRa radios. We've tested it a ton of ESP32-S3 based Xiao Wio boards.This turns your lora radio into extremely minimal serial device that sends and receives packets in a dirt simple CSV format.The radio can be tuned on the fly to switch between meshcore, meshtastic and LoRaWAN sync words and frequencies.<a href="https://github.com/datapartyjs/lorapipe" rel="nofollow noopener" translate="no" target="_blank">https://github.com/datapartyjs/lorapipe</a><a href="https://partyon.xyz/tags/lorapipe" class="mention hashtag" rel="nofollow noopener" target="_blank">#lorapipe</a> <a href="https://partyon.xyz/tags/lora" class="mention hashtag" rel="nofollow noopener" target="_blank">#lora</a> <a href="https://partyon.xyz/tags/lorawan" class="mention hashtag" rel="nofollow noopener" target="_blank">#lorawan</a> <a href="https://partyon.xyz/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> <a href="https://partyon.xyz/tags/meshcore" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshcore</a>

nullagentI've been busy as hell this past week.A lot of people have been asking hard questions about the security of LoRa systems when they hear about mesh radios.I'm not one to trust the marketing so I and several friends put together two new LoRa tools to help us audit the security claims of LoRa mesh systems!🤘🏿 📡 ✨ <a href="https://partyon.xyz/tags/radio" class="mention hashtag" rel="nofollow noopener" target="_blank">#radio</a> <a href="https://partyon.xyz/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://partyon.xyz/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://partyon.xyz/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> <a href="https://partyon.xyz/tags/lorapipe" class="mention hashtag" rel="nofollow noopener" target="_blank">#lorapipe</a> <a href="https://partyon.xyz/tags/meshmarauder" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshmarauder</a> <a href="https://partyon.xyz/tags/lora" class="mention hashtag" rel="nofollow noopener" target="_blank">#lora</a> <a href="https://partyon.xyz/tags/mesh" class="mention hashtag" rel="nofollow noopener" target="_blank">#mesh</a>

hex<a href="https://kolektiva.social/tags/DearLazyweb" class="mention hashtag" rel="nofollow noopener" target="_blank">#DearLazyweb</a>: I'm trying to avoid buying anything from the US. What <a href="https://kolektiva.social/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> options are available from non-US companies?

Darren Meyer :donor:Trying to flash the hackers.town <a href="https://infosec.exchange/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> node badge at <a href="https://infosec.exchange/tags/DEFCON33" class="mention hashtag" rel="nofollow noopener" target="_blank">#DEFCON33</a> under Linux? Use the command-line esptool option, but first add udev rules and make sure you’re in the grouplsusb to find vendor and device ID add a rule in /etc/udev/rules.d sudo udevadm control --reload-rulesYou should have a /dev/ttyACM* make sure your user is in the same group as it. esptool chip-id(Not chip_id!)When all that works you should be able to download the right firmware and flash

Jeff SikesThere’s not many Meshtastic devices near me, but recently I guess a flight from AUS to LAX flew over the house! Pretty cool.<a href="https://mastodon.social/tags/Meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#Meshtastic</a>

Tekniquelly correctThe <a href="https://freeradical.zone/tags/defcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#defcon</a> <a href="https://freeradical.zone/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> setup is coming alive. This is fun!

FinnToday I have summited the Höckeberg - without Sherpa, oxygen or any mounting climbing tools. I skipped base camp, directly climbed that beast without a break!It's the highest mountain ("Berg" is German for mountain) in the area Angeln between Flensburg, the Baltic Sea and Schleswig. It took me minutes, it is 82m above sea level. <a href="https://de.wikipedia.org/wiki/H%C3%B6ckeberg" rel="nofollow noopener" translate="no" target="_blank">https://de.wikipedia.org/wiki/H%C3%B6ckeberg</a><a href="https://toot.fan/tags/Meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#Meshtastic</a> brought me there, received one new node and a few old ones in <a href="https://toot.fan/tags/Flensburg" class="mention hashtag" rel="nofollow noopener" target="_blank">#Flensburg</a> But I couldn't connect home, it's too far.

🎤🧹<a href="https://infosec.exchange/tags/MakeShitMonday" class="mention hashtag" rel="nofollow noopener" target="_blank">#MakeShitMonday</a>, another <a href="https://infosec.exchange/tags/Meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#Meshtastic</a> edition...Put together a couple of RAKWireless WisBlock B1 kits at the end of last week and installed them in a custom 3D printed case that a friend designed that takes a housing for an 18650 battery. Involved a little bit of soldering, crimping a JST connector (then re-stripping the wires and re-crimping after I messed it up the first time, then adding a little super glue to keep the crimped leads in the JST connector - LOL).Now <a href="https://infosec.exchange/@llorenzin" class="u-url mention" rel="nofollow noopener" target="_blank">@llorenzin</a> and I have a couple more <a href="https://infosec.exchange/tags/LoRa" class="mention hashtag" rel="nofollow noopener" target="_blank">#LoRa</a> mesh radios to play with!

SteveAlready seeing a few Meshtastic nodes from my hotel room on my node with the defcon firmware.<a href="https://infosec.exchange/tags/roadtodefcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#roadtodefcon</a> <a href="https://infosec.exchange/tags/defcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#defcon</a> <a href="https://infosec.exchange/tags/DEFCON33" class="mention hashtag" rel="nofollow noopener" target="_blank">#DEFCON33</a> <a href="https://infosec.exchange/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a>

Ben<a href="https://defcon.social/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#meshtastic</a> lesson learned:Too many ROUTER_LATE nodes, even on hilltops, can hurt the health of your mesh. If you need a RL node, pick one for a local area and only that one. We are trying to mitigate terrain where the combination of the Hudson bend and 1400ft hills mean you need adjacent hilltop radios on either side of the river join both north and south meshes. Initially we had one in RL at 1400ft. Then added a second RL on an adjacent hilltop, and then a third to extend range further away from River, all within maybe 10mi. But sometimes messages would drop even for local traffic. Switched them all to CLIENT and haven't lost anyone yet. One mesher is going to try to move their node to a regional high point and we'll designate that as the sole RL.

Recent searches

Search options

Administered by:

Server stats:

#Meshtastic