Share good ideas and conversation.   Login, Join Us, or Take a Tour!
comment by user-inactivated
user-inactivated  ·  1809 days ago  ·  link  ·    ·  parent  ·  post: Tin-Can is working and we are testing it.

for the use-case that TinCan is intended for, it would be prudent to consider mac sniffing a threat. if a state-level adversary can collect your mac addr, they could track you in a way similar to what grocery stores do already, noting your presence or absence at subsequent events, or even spot you somewhere else.

we know that police already set up wifi sniffers at protests, and there's no reason to expect that practice to decrease, so you should probably have TinCan spoof a random mac addr on boot if not every time a new master is chosen.




mk  ·  1809 days ago  ·  link  ·  

AFAIK there is no way to determine if you are the originator or propagator unless someone physically has your phone, and your username remains. I'll verify this and get back. Thus, your address should only be linked to TC propagation but not a specific username.

Btw it's a use case, but not the only one. :)

insomniasexx  ·  1809 days ago  ·  link  ·  

This is correct. The phones store and push all messages on the phone. The message is the username, time code, and the message. There is no way to tell which message came from which phone.