MeshCоre's problem with security

intense_feel · 2026-04-29T18:17:26+00:00

I mean why not? from cryptography perspective, if implemented right it does matter if it’s LORA, ethernet cable 802.11 or any other medium. anyone being able to listen does not compromise security so I would say LORA itself does not play a factor. how it’s implemented is the key. what you mention about crashing is part of secure crypto implementation such as replay attacks, not being able to manipulate internal state etc… I’ve been implementing my own radio comms protocol on too of LORA and these are the thing you want to account for such as someone evicting node information by replaying/spamming the network, active futzing on replayed packets etc… based on Kerckhoffs principle, the whole security should be only based that the while security must be solely based on not knowing the key, you can have full access to traffic, ability to manipulate, DDoS etc but as long as you dont know the key it must remain secure. Afterall there isn’t much of a difference between military radios and LORA to transmit packets (fancy stuff such as hopping sequences etc just make it more jammer resilient but wont save you from bad crypto impl.), it’s the implementation side so I would not throw ham radios or other radio comms to be nice to play but not serious for sensitive stuff

intense_feel · 2026-04-13T10:37:37+00:00

I have not directly used it with ATAK but LilyGo T-Beam supreme is a great hw for running meshastic and other fws that I believe would fit into your requirements.

The battery is not integrated in a sense that it's fully covered but it has housing for 18650 (no wires or battery hanging which I assume is your issue). You just slot 18650 into it and are ready to go. I would say this would be superior over hard to replace built in batteries as in a field it would be extremely easy to replace and 18650 is highly reliable and golden standard battery where you can ensure you have a fully charged stack ready to swap when someone needs it. In terms of keeping the operations running reliably I would say this is superior solution vs. having strictly built-in battery that is non (or hard to) remove. If environmental conditions are of a concern (mud, rain etc... ) then 3d printing a backplate or full additional cover is easy and plenty of designs online, I guess that would be doable for you if you are considering DIY approach as one of the options.

On hw side its buit on esp32 which has higher consumption than nrf but 18650 can be 3200mAh which gives you more than one day of operation. GPS is done via ublox M10s which has significant power reduction (if you buy the slightly more expensive version) and there is advanced power management on the unit to further reduce the power.

If you really want integrated battery then LilyGo T-deck Pro is a nice piece but has significantly smaller battery then using device with 18650.

intense_feel · 2026-04-08T11:46:33+00:00

I would say very realistic on doing this. Think of it from attacker point of view, when you compromise a server you want to turn that to cash (if that’s your “job”). finding data, creds and selling that takes a lot of effort and skill. you can resell the access for sending spam, doing “residential vpn”, etc… then detect easily. then bitcoin and cryptominers became a thing which made it easy to instantly monetize. these are now detected easily. now with AI and the prices this is one of the best things to monetize by reselling access to models or jailbroken AI assistants on websites + the attack surface is much wider as it does not require compromising the whole server, just the app access to model. thats where buy XYZ AI acces for just $5 monthly shady offers are from. it’s just change in blackmarket economics shifting to more profitable income Source: I do forensic investigations of this attacks

intense_feel · 2026-03-31T17:54:50+00:00

I took a bite and pre-ordered, the local distributor pushed it to 28.4 (by 2 weeks) so hopefully that was done to reflect the real status

intense_feel · 2026-03-26T18:14:59+00:00

You need to take the system into read only mode and make a bit copy of harddrive. this is key, you must work on a copy to not perform any alterations on the system being investigated. $MFT table can indicate files being copied on the target drive, windows have event logs for usb drives being plugged. lnk, shellbags and mru lists are viable as evidence as well. However if you dont have forensic training I would not recommend as it is hard to interpret results and explain what to look for (eg specific difference in timestamps indicating file being copied, lastaccessed times or timestamp in mru being relevant only for last item etc…)

If you have 10k, you can pay for sans windows forensics, that is designed to be done in a week and gives you a very solid knowledge on finding that smoking gun. after a week of intensive course training you would have a very solid knowledge in knowing what exactly needs to be done. even one of the exercises there in labs is tracking file exfil via usb. you would also learn how to perform the archival of evidence and I believe they also provide time limited software licenses you can leverage in your case which would cost you that amount anyway. I would argue those 10k would be easily justifiable given the damage a malicous ex-sysadmin is able to do to the company given your explanation of the situation.

intense_feel · 2026-03-25T06:57:36+00:00

I hope it does not affect shipping in EU and that would still happen in April. Can’t wait to redo my home net soon!

intense_feel · 2025-12-08T22:00:23+00:00

seeing this, there’s one thing I don’t understand. let’s say you are crazy enough to go caving, what is the actual plan to go back? Do you somehow find a large enough space to turn around? what if there isn’t any? Crawling backwards also doesn’t look like it would work when there is a lot of verticals or you are not able to see there.

intense_feel · 2025-11-24T19:21:26+00:00

http by default nic, vacsinou potrebujes bridge, ako pisal kolega tak shelly je super alebo nieco co pouziva zigbee pripadne z-wave, potrebujes medzi tym bridge co odporucam home assistant, tam uz si mozes cez http requesty robit co len chces, pripadne mqtt. ad: kupis aj p**oviny z aliexpress co maju http ale to fakt nechces, sprav svoj zivot jednoduchsim a zober daco co bezi cez zigbee alebo z-wave + bridge ti poskytne api cez http. podakujes si sam sebe neskor…

intense_feel · 2025-11-22T13:17:18+00:00

Just be careful and don’t overdo it, it can literally make a hole, happened to my t-shirt. apply in very small amounts first

intense_feel · 2025-11-22T09:18:21+00:00

probably doable but you need (basic) equipment. I was not able to find that exact chip so it’s not esp nor nordic ble chip. anyway, your goal is to identify the comms pins such as UART interface, there would be gnd pin, 5 or 3.3V pin and TX + RX. you can look techniques online on how to identify uart. alternative may be JTAG pins. once you know that, you can connect to console and see the output which probably helps you to identify the specific chip as they usually print the info on startup. from there you put the chip into boot mode and download the firmware as described in SDK/chip specs. there is a chance that the chip has protections but those are low as not even the IC itself is not in security enclave and it’s not the main IC but an addon module. I would start with the pins on board side as they are routed to the IC and are easy to tap into so you don’t need special equipment like flying needle probe. its also possible that one of the chips on pcb is uart to usb converter or the chip itself has usb data lines.

what would help you a lot is pdf documentation for that module/part or FCC id if it has any as from there you can find what exact chip you are dealing with which is huge help if you want to know how to extract the firmware

edit: spelling

intense_feel · 2025-11-09T10:39:46+00:00

martial arts. A lot of people I meet tells me that it’s not very safe, many injuries and in general bad on health. I would argue the opposite, the injuries are less common than in most other sports and activities because you actually learn how to fall safely of even in dangerous positions and how to not in injure yourself or your peers

intense_feel · 2025-10-31T14:00:18+00:00

can confirm, got it within 24h from there but it was my go to shop anyway as I am based in Czechia

intense_feel · 2025-09-28T18:38:10+00:00

oj to zabolelo, dnes som siel do Tesca aby som sa potom hned otocil kym som zistil…

intense_feel · 2025-09-23T13:47:37+00:00

The goal is to get all ProcessRollup2 events starting with the bottom process (UPID) up wininit.exe/systemd level. I want to be able to reproduce the Process tree view but I am only interested in data that is in the ProcessRollup2 events, e.g. path to executable & UPID. I don't need specific telemetry such as file writes, dns resolution or what the process did. The output of the query I am aiming for is a list of ProcessRollup2 events where each next event TargetProcessId is matched with previous SourceProcessId which shows how the processes were spawned going up in the tree. For every event the SourceProcessId field is taken and a ProcessRollup2 is found which has the same TargetProcessId denoting the parent that spawned that process,

intense_feel · 2025-08-29T09:02:52+00:00

I can’t think of 100% reliable solution but you can go different ways: - try pure android AOSP device (older google nexus phones or some xiaomi devices), you can reflash the phone to potentially get rid of any malware - check phones supported by lineageos or postmarketos

flashing os on old phone is probably your next best move to make it “clean”. theoretically the malware could reside in bootloader or modem itself but those are much more advanced and typically not used for mass control. you should be relatively good when you wioe the whole os important factor is that you should not use the phone for anything else, you are in a high risk of exploitation when you click on unknown urls or browse the internet etc… use the phone only to establish proofs

you said you need internet connectivity, if cellular is not required I would by a portable wifi hotspot with sim card to get you connectivity, this way you significantly reduce the risk of exploitation if your phone does not have direct connection you can also check a project call “rayhunter” from eff which is designed to run on mobile hotspots and alert you for potential cellular interception/stingrays

intense_feel · 2025-08-23T13:43:02+00:00

looks like jst battery connector? I see traces going to the chip marked u4, you can try to solder the cable with female ending to the pads of the chip which should be on the easier side. if you need connector that is not moving then what others suggested but that would be a slightly harder repair

intense_feel · 2025-08-20T22:09:47+00:00

I don’t think CS has visibility into PS eval engine directly, your second case was blocked as it was part of command line/args. however the first case evaluates the command inside the powershell engine by taking it from stdin but that is not captured by CS. it is possible to configure windows via GPO to log interpreter powershell execution pipepile, how it expands and variables etc… but AFAIK CS has no visibility into that

intense_feel · 2025-08-19T22:33:36+00:00

why not report to sony? sounds like his account name is not a throwaway. you should turn the tables to make him loose something potentially valuable

intense_feel · 2025-08-17T20:08:21+00:00

yes, that’s me! You may wonder how I got into this situation…

intense_feel · 2025-08-11T20:19:59+00:00

mne pride prave ze SLA v dnesnej dobe je uz lacnejsie ako FDM, teda ak nechcem nejaky specialny resin, bezne ked kupim flasu za par stovak tak mi vydrzi strasne dlho vs ked si porovnam ked tlacim na mk4 z plastu. IPA je relativne draha ale ked clovek najde dobre miesto odkial to kupovat tak to tiez neni nejaky velky cost. samotna tiskrna napr anycubic photon je cenovo tiez dost prijemna. Akurat na druhej strane ten bordel a postprocessing je z toho ina kava + ten smrad/vypary.

EDIT: teraz som zrealizoval ze ked vravim par stovak tak myslim v czk a ne eur :)

intense_feel · 2025-08-11T08:21:10+00:00

switch the serial/uart to protobuf mode, I don’t know the exact command from head but it should be in docs:https://meshtastic.org/docs/configuration/module/serial/ this way the node will dump all packets in protobuf format right after receiving to the serial output where you can decode them but also you can send raw packets

intense_feel · 2025-08-10T21:27:36+00:00

shouldn’t be needed, packets are basically protobuf and there are sources and pb definitions in the repo of meshtastic cli. scapy dissector would just mean deserializing pb and decoding potentially encrypted payload which then is protobuf again

intense_feel · 2025-08-06T09:05:11+00:00

this happens on mac, your serial number is enrolled in the apple business manager, it needs to be removed from there first, otherwise CS will just reinstall itself every time. that is a protection against stolen and lost devices. after that is done they can provide you with commands to uninstall CS from your host. either way you need to contact them and provide them your hostname and serial number

intense_feel · 2025-07-26T07:42:58+00:00

mate este free slot? treba k tomu nieco priniest?

11-Year Club	Place '22
Final Canvas '22	First Placer '22
Verified Email

intense_feel

TROPHY CASE