this post was submitted on 29 Sep 2025
38 points (100.0% liked)

Meshtastic

1250 readers
1 users here now

A community to discuss Meshtastic (https://meshtastic.org/docs/introduction)

founded 2 years ago
MODERATORS
Sal@mander.xyz
38
A whole lot of vulnerabilities apparently exist in Meshtastic encryption? (partyon.xyz)
submitted 5 days ago by black_flag@lemmy.dbzer0.com to c/meshtastic@mander.xyz
9 comments fedilink hide all child comments
 

Thoughts on this?

top 9 comments
sorted by: hot top controversial new old
[–] _stranger_@lemmy.world 10 points 5 days ago* (last edited 5 days ago) (1 children)

I'm not familiar with the design philosophy of the original protocol, or if they decided the protocol should or should not attempt to impose any kind of a security model, but given that the project grew out of the same kind of ethos as HAM, I'd bet it was never a high priority.

That said, these exploits make the mesh untrustable and should be mitigated. If the devs don't want to implement fixes, maybe the answer is stripping out all encryption entirely and adding a plugin system that allows anyone to implement a solution themselves. They could even move the current broken implementation to a plugin and make it the default.

In the future, they'd only ever need to handle requests for maybe new entry points or tweaks to the plugin system.

[–] rescla@feddit.nl 3 points 4 days ago

It is mitigated in 2.6.11 https://github.com/meshtastic/firmware/releases/tag/v2.6.11.60ec05e. When I re-generate keys on a node I get warnings that the public key of that node is changed, and I need to delete the node and wait for the next advertisement to update it. I haven't tried running meshmarauder myself to see if the user profile tampering still works, if they sign and check the updates correctly I don't see why that would still be broken. The other impersonation stuff does not seem to be released yet.

That said, I think Mestastic works as a kind of hobby, out of band public communication network first and foremost. Even in that kind of setting, knowing who sent which message is valuable, but not a deal breaker in my opinion. Not sure I'd trust it as a network for encrypted person to person messaging. And to be fair, compared to "normal" HAM, any kind of attestation is a bonus. And it's license free and relatively cheap to get into.

[–] shortwavesurfer@lemmy.zip 4 points 5 days ago

If I'm understanding correctly, they are actually addressing security issues. For example, they have a blog post called that one time at DEF CON where they discussed what happened and how they mitigated it in firmware 2.7.5.

[–] slazer2au@lemmy.world 5 points 5 days ago

  1. I believe every single exploit we demo'd was previously documented in meshtastics bug tracker 1yr+ ago and were closed by the MT devs and largely ignored for a year.

  2. When I began trying MT in 2024 the devs shutdown convos asking for security fixes saying people should use other comms tools if they wanted security. Rather than address fixable security bugs.

Well, that pretty much settles the Devs don't care about security.

[–] andyburke@fedia.io 2 points 5 days ago (1 children)

Is it legal to encrypt communications in the spectrum meshtastic is using?

I had thought it was not and therefore could not be built into the protocol and so securing communications (potentially illegally) is left as an exercise for the reader.

Is that not so?

[–] black_flag@lemmy.dbzer0.com 4 points 5 days ago (1 children)

It's apparently legal if you don't enable ham mode. Not a lawyer etc.

[–] meh@piefed.blahaj.zone 4 points 5 days ago* (last edited 5 days ago) (1 children)

in the US at least its about broadcast power level. HAMs can broadcast louder but cant enable encryption. default firmware shipped to the US limits your power level so you remain legal.

*i should add that is MY understanding of the situation and i'm no lawyer.

[–] shortwavesurfer@lemmy.zip 3 points 5 days ago

You have it correct. If you're using ham mode, you're allowed to use more power, but hams cannot have encrypted data. Therefore, ham mode is disabled by default.

Also with Ham Mode, if you do enable it, you can only talk to other nodes also using Ham Mode, unencrypted. Therefore, you lose access to the majority of the mesh, which makes it kind of pointless, except for experiments.

[–] meh@piefed.blahaj.zone 2 points 5 days ago

this is never going to be and was not designed to be a secret spy movie text network anymore than it is an instant messager replacement. the encryption has a ways to go yes but its also come a long way. the benefit of the platform is zero licensing entry with cheap gear. that communities can stand up together and use. or organizers can flash devices between uses and swarm a mesh if needed.

its fun building meshes that can cover a hundred miles but, to function like that you have to drastically shorten the messages. and repeat messages to deal with drops. the encryption overall is fine for what the mesh can do and what the appropriate use cases could be. not great but it'll do.