Arthur Besse@lemmy.ml to

Meshtastic@mander.xyzEnglish · 6 days ago

MeshMarauder: someone finally published a tool to demonstrate how trivial it is to defeat meshtastic's DM encryption (by replacing public keys in profile broadcasts)

1

MeshMarauder: someone finally published a tool to demonstrate how trivial it is to defeat meshtastic's DM encryption (by replacing public keys in profile broadcasts)

Arthur Besse@lemmy.ml to

Meshtastic@mander.xyzEnglish · 6 days ago

nullagent (@nullagent@partyon.xyz)

Which brings me to part two, MeshMarauder. An open source tool demonstrating proof-of-concept exploits against the DEFCON 33 Meshtastic firmware. MeshMarauder will demostrate: - Tracking user activity on any mesh regardless of encryption usage - Hijack all meshtastic user profile metadata - Change any users public key - Send messages as any user in channel chats that appear authentic - MITM direct messages https://meshmarauder.net #defcon #meshtastic #meshmarauder #cybersecurity

Chat

shortwavesurfer@lemmy.zip
link
fedilink
arrow-up
0·
6 days ago
Oh, definitely, when keys change, you should be required to acknowledge the new key.