What sort of protections are in place against nefarious actors that gain access to this network? Do they do anything to isolate each connected device from each other so that two devices on the network cannot connect to each other, such as making use of subnets? Are users connections throttled, and if so, to what degree? Are certain websites blocked to prevent potential malicious actors from intercepting sensitive data more easily, such as bank sites?
I mean, the idea is a well intentioned one, but I can easily see this going very wrong very quickly.
Me: Expresses concern about potential cybersecurity issues with a free publicly joinable network
Lemmy: Furiously downvoting
Honestly, I am not sure what I was expecting, but it was clearly too much.
I don’t know, I find people do all sorts of stuff with their networks all the time that has me scratching my head trying to figure out why they set it that way when I am eventually called to fix it.
but in this case, the bank, or whatever good site, would probably not even allow non-TLS connections
and if the mesh necessitates TLS only on an exit node*. Then yeah, that’s a stupid and flawed network. And it also wouldn’t be transparent (in the sense of using just like a normal ISP)
*I’m not sure how it connects to the rest of the internet, but assuming there are exit nodes that connect to other networks
This seems like a bad idea.
What sort of protections are in place against nefarious actors that gain access to this network? Do they do anything to isolate each connected device from each other so that two devices on the network cannot connect to each other, such as making use of subnets? Are users connections throttled, and if so, to what degree? Are certain websites blocked to prevent potential malicious actors from intercepting sensitive data more easily, such as bank sites?
I mean, the idea is a well intentioned one, but I can easily see this going very wrong very quickly.
Me: Expresses concern about potential cybersecurity issues with a free publicly joinable network
Lemmy: Furiously downvoting
Honestly, I am not sure what I was expecting, but it was clearly too much.
Why would you not use TLS to connect to sites on a mesh network?
I don’t know, I find people do all sorts of stuff with their networks all the time that has me scratching my head trying to figure out why they set it that way when I am eventually called to fix it.
that makes sense
but in this case, the bank, or whatever good site, would probably not even allow non-TLS connections
and if the mesh necessitates TLS only on an exit node*. Then yeah, that’s a stupid and flawed network. And it also wouldn’t be transparent (in the sense of using just like a normal ISP)
*I’m not sure how it connects to the rest of the internet, but assuming there are exit nodes that connect to other networks
If your bank credentials can be intercepted that way, then the bank had poor security. They’re not responsible for that anymore than any other ISP.
Yet somehow ISPs are expected to police piracy.
As a service provider, you’re not legally responsible for what others do on your network.
Yes… But technically you do have other legal obligations like reporting and certain data collection, like who owns what IP for example.
Depends on the country. Thats not required for tor operators in the US and Germany