Monday, December 29, 2014

Meshnets - cjdns

Exploring Hyperboria

If you pay attention to the "net-neutrality" issue that keeps popping up you may start to feel uncomfortable about how tenuous this whole internet thing is.  Well, I did at least.  When someone asks "who owns the Internet" the answer we hope for is "nobody" or "everyone" but that's not quite right.  The internet is owned by the companies that own the "tubes" or the backbone infrastructure to the internet.

Remember that old "super highway" it's not quite far from the truth.  Imagine if there is a highway that connects us all, but to get to that highway we take the side-streets from our home through our ISP.  Then that highway is really a network of toll-roads.  So your ISP charges you to connect to the "super-tollway" part of that calculation is most of your traffic will be coming from someplace else back to your home (inbound) and you won't be running a service from home that would generate a lot of outbound traffic.  Among the tollways they trade in traffic.  So they hope to keep outbound traffic to a minimum (debts) and balance it with their inbound (credits)

Sounds pretty nice and capitalistic, doesn't it?  Well, some of those companies that own the "tubes" are also in the business of providing content.  Like maybe streaming movies or music, and for as much as gamers love to watch power-bars, watching that damn loading bar is never fun.  So a company might be tempted to prioritize their services over a competitors (one who doesn't own any tubes).  Or, as it happens, they hold data-rates hostage until popular services pay up for all that extra data, you know, the stuff you're already paying for.

Now, laws are good and handy, but nobody really really trusts a legal system to always do the right thing.  I know I don't.  For all the good intentions, there's probably twice as many bad intentions crafting our laws.  So consider instead a system that doesn't require laws to make it fair.    

A small detour

Whatever your opinion of Bitcoin, the purpose was to create a network without trust.  Trust is good isn't it, why don't we want it?  Whenever you go to Target you swipe your card and you trust that they aren't transmitting all your vital information un-encrypted over open networks.  So maybe trust doesn't work out so well after all.  All our traditional banking is built on old systems of trust.  There are trusted middlemen who get a generous cut of the transaction for their trustworthiness.  Bitcoin upgrades this system distributing the trust to the network of users.  Without going into painful detail, basically anyone has the ability to verify a transaction is legit, like a super-power that lets you detect counterfeiting. 

Back to work

So imagine how the Internet could be upgraded.  More importantly what needs fixing?  Security or privacy is a big problem.  There are great application developers out there, but not everyone of them is a good security expert, or believes they need one.  When your favorite social networking grows from obscurity to universal use, it might not have considered security when it was new.  Now that it's big, it has consumed more and more of your private data, but it might be riding on duct-tape security.
Second, getting back to the original problem, what do we do when our Internet service providers decide to play god with the data?  What about less than freedom loving governments trying to inhibit the free flow of information?  If the Internet remains centralized the owners have the power to censor what isn't in their favor.

Imagine if you will, that you live in a small remote town.  One day a cable hungry back-hoe cuts the link connecting the town to that super-tollway Internet.  You're a small town and big internet company decides it's not a priority to reconnect you (though they keep billing unless you go online and submit an interruption of service form, oh wait, no internet...) so your town is completely cut off from modern communications.
Luckily you have a very smart mayor and she decides this is the moment to introduce a town-wide wifi system.  Everyone gathers for a pick-nick and seminar to teach everyone about this new system.  She proposes to team with the local maker/hacker club to help convert the town's home wifi routers into a secure mesh network.  The process upgrades your existing firmware and allows you to turn your wifi router into a mesh-node.  This node will automatically connect to your neighbors in range and create a local-network.  This mesh connection continues street after street until the whole town is now connected again.  It might even work with mobile phones, as you roam the network.
However this isn't the world wide web, it's just a town-wide-mesh.  Local business can re-host their websites on the town-mesh, The mayor might even decide to offer e-mail hosting, your-name@town.mesh.  

This town doesn't exactly exist, but there is a little mesh-community of a few thousand nodes.  We call it Hyperboria, but don't get too excited.  This community is reserved for people ready to make contributions.  It's not a dark-net full of disgusting and illicit activity, in fact it's more like a small town even though it's distributed globally.  For one, it's social, no one has a right to be connected (we call it peered) if you're obnoxious your peers can (and will likely) un-peer you, leaving you disconnected.  There aren't a lot of services on Hyperboria either.  We've got a few of the essentials like github (we're all about development) and IRC.  You can find a social media site and an e-mail service and a few other odds and ends.  Its a slow project, focused on doing it right, rather than right now.

So go back to our town-mesh, once they are re-connected to the Internet, they could keep using their town-mesh while enjoying infinite cat-videos of the web, the two can live side-by-side.  However, one could imagine a newspaper picks up the story and other towns decided it's a right fit, in fact they decided to connect their towns into the same mesh.  Town after town is added to the mesh, close neighbors may establish wireless or fiber "backup" links between towns, these links increase the possible mesh paths for traffic to pass.  In the event of another killer back-hoe, a town in the mesh may not even notice the interruption.  The bigger the mesh with redundant paths means a more robust network for all.

In this little fiction, a geographic area is connected with a redundant series of de-centralized connections.  There isn't a super-tollway, but an actual Web/mesh of connections where data travels via the shortest available path with the power to change that path as the situation changes.  The owners of the internet may still exist but we won't be held hostage to their oligarchy.

Other thoughts

While we're discussing the decentralization of information, it's useful to consider similar situations.  I'm not a fan, but I know the world loves Facebook.  Facebook is a service that allows people to communicate, in exchange for control over everything you'd like to communicate.  If the service decides your choice of communication is not in their interest, they can/will silence you.  Most people, well frankly, aren't interesting enough to fear censorship, however perhaps they live in countries that are inclined to pressure services to censor or relinquish customer data.  Perhaps they choose a lifestyle or use a name other than their legal one, these harmless people can have their digital 'self' confiscated with recourse.  Too bad!

We don't actually need these centralized communication systems, e-mail is still popular and it might be a surprise to most people but you don't need google or aol to send an e-mail, you computer is perfectly suitable to sending and receiving them.
There aren't a lot of distributed substitutions that satisfy every modern social-networking need, but there could easily be, one major limiting factor is the available address space.  There are a finite number of IP addresses in the IPv4 range.  They are controlled and sold, but they are scarce and valuable.  There are alternative like IPv6 which would allow us to address every atom in the solar system with room to spare, but that would make the IPv4 address worthless.  You've likely guessed who's well invested in the IPv4 address space, the same owners of those super-tollway tubes.

Last bits

I'm not a tin foil hat sort of guy, just an engineer who hates to see a poorly designed system hobble on for no better reason than someone is making a boat-load of my money to provide me that faulty service.  There are still a lot of problems to address with a mesh-based internet, consider the incentives for hosting a robust node (one that can handle a lot of traffic) opposed to being a leaf-node (node that handles little-to-none traffic for the mesh) what incentive does one have to bury a fiber line to the next town or create a long range wireless link to the remote local-mesh?  Ideas are floating about some sort of data-rate currency that allows nodes to accumulate points for the data they service, then spend them for priority data on other nodes.  How would you make sure people don't abuse the system?  How would you make sure everyone could get some useful amount of data?  

The system Hyperboria is running on a protocol named cjdns, (cjd are the initials of the inventor, ns is network system/suite)

Development is mostly isolated to *nix systems (cause it's the best :) and Mac, but there are resources for other OSes.  

If you decided to try it out, you'll need to know how to compile and run the service:

I recommend this howto, it will allow you to run one instance of cjdns on your network but all your LAN clients will be able to browse/connenct to the mesh network.

Just getting a node running doesn't get you into Hyperboria, in fact you don't actually have to join the community.  Maybe you have a big (nerdy) family, you could create your own private/secure family meshnet providing services only your inner-circle can access. (plus it provides an external IP to your mesh if you don't have an IPv4 already)

If you would like to join Hyperboria, learn about IRC and connect to EFnet/#cjdns or #projectmeshnet.
Important!  Don't go demanding peers, make some friends, ask questions, be neighborly!  If you can manage to make a friend or two, then ask to peer with them (they might just offer).
*when passing peering credentials it's likely your new friend will want to send them encrypted via email, if you don't know how to use stuff like PGP, google it :)

Once your in hyperboria, this clearnet site has a few hype-links to resources inside: