Community Mesh Networks
The Tradeoff Between Privacy, Openness, and Security
This essay first appeared in the Internet Monitor project’s second annual report, Internet Monitor 2014: Reflections on the Digital World. The report, published by the Berkman Center for Internet & Society, is a collection of roughly three dozen short contributions that highlight and discuss some of the most compelling events and trends in the digitally networked environment over the past year.
The Internet is weak, and this weakness has grown in recent years as the Internet has become more and more centralized, both at the application layer (with a concentration of power in the hands of a few large online operators) and at the infrastructure layer (governed in the United States by a few large telecom operators, such as Comcast, Verizon, and AT&T).
In face of the Snowden revelations, we are witnessing today a revived interest in mesh networking technologies promoting a more decentralized, peer-to-peer approach to network infrastructure and connectivity. Mesh networks are often reported as being more resilient and secure than the Internet, and it is not uncommon for people to regard them as a reactionary measure to the massive and generalized surveillance undertaken by the NSA. Their decentralized character is often regarded as a means to keep communication running during a period of crisis, while also providing a safe haven for activists eager to escape from both surveillance and censorship. This leads people to assume that mesh networks alone can resolve most of the privacy and security concerns of the Internet network — an assumption that is, unfortunately, often untrue.
Of course, mesh networks can be — and have been — made highly robust and secure, e.g., in the context of military-grade mesh networks deployed in war zones. Yet, these networks are extremely restricted in their use: they are configured to allow only a predetermined set of people to connect to them, and all communications are encrypted through proprietary algorithms that remain secret and internal to the network.
In the case of open community mesh networks, the situation is much different. Most of these networks are meant to provide an Internet connection to an underserved area with little or no telecommunication infrastructure and are designed to be as open and inclusive as possible: anyone can use the network or even connect a new node to the network.
In this regard, the decentralized and collaborative nature of community mesh networks might actually run counter to the security and privacy of users. To the extent that they are operated by the community, these networks also need to be secured by the community. Although many tech savvy users are involved in the initial set up of a mesh network, most of the users that subsequently connect to it are unlikely to spend much time securing the network. Hence, if a network is only as secure as its weakest node, most mesh networks deployed today are likely to be less secure than the vast majority of commercial ISPs.
Connectivity also constitutes an important challenge to the privacy and security of a network. While mesh networks make it easier to “route around damage,” the need to acquire an uplink to the global Internet constitutes an important bottleneck. The interconnection point is exactly where the problem lies: once connected to the Internet, whether a user connects to an online operator (such as Google or Facebook) through a mesh network or a standard Internet connection doesn’t make much difference in terms of privacy or confidentiality: all data submitted to a third-party operator will effectively be controlled by it.
So far, the issue has only been addressed by a few community networks (e.g., FunkFeuer from Austria, NEDWirelles from Croatia, and Wlan Slovenija) that have established a wireless backbone spanning geographical borders to create a direct link between them.
Today, as the technology is starting to be well understood, a growing number of mesh networks are being deployed all over the world. Mesh networks were initially difficult to deploy, as every node had to set up its own server and configure the routing protocol to use. Just a few years ago, the Commotion Wireless project (an initiative from the Open Technology Institute of the New America Foundation) was set up to address this problem by developing “Internet in a suitcase”: an open source toolkit that can be readily installed on a variety of low-cost, off-the-shelf devices for anyone to set up a mesh network without any technical knowledge. Similar tools are also being developed by other communities (such as MeshNet, NodeWatcher, or the Serval Project in Australia); some even provide pre-installed and pre-configured hardware devices, such as the Open-Mesh routers from MIT that only need to be plugged in to provide mesh connectivity. A few months ago, Open Garden released FireChat, an end-user application allowing anyone with an iPhone or an iPad to create a modular mesh network by exploiting the Bluetooth connectivity provided by iOS 7. It only took a few weeks for a similar functionality to be enabled on Android phones, so that both iOS and Android users can now communicate on the same mesh network.
Perhaps, as more of such applications are deployed on standard end-user devices, we might soon witness the mainstream adoption of mesh networking technologies, and hopefully the revival of an open and decentralized Internet infrastructure respectful of the end-to-end principle and devoid of any bottlenecks or gatekeepers.
Read more in the Berkman Center’s Internet Monitor 2014: Reflections on the Digital World.
