Sensors

Network


An overlay network, it uses I2P for a base level of anonymity P2P and Tor when accessing clearnet web services. The module participates with the DID module for self-sovereign identity and reputation based access. The system survives even if the internet goes down or is cut off by supporting peer-to-peer direct wireless mesh networks. As long as enough people still have their device, the network survives.

The core sensors are I2P, Tor, and in the future 1DM. Additional Sensors will be added as desired by the community.

1DM - Invisible Direct Mesh

Wireless ad-hoc network (WANETs), a continuously self-configuring, self-healing, infrastructure-less network of devices connected wirelessly in the ISM band of 2.4 GHz (unlicensed in the United States). This capability enables building of personal networks in areas with no cellular network availability, during protests where hostile governments threaten shutdown of the internet around the protest area, natural disasters where cellular towers become inoperable, and temporary large scale events like festivals where the infrastructure is unable to support the scale up. Considering most WANETs are proprietary or written in native code and thus not easily installed in a variety of operating systems, our WANET is being developed internally and will include advanced features similar to I2P to ensure anonymity and privacy over 1M5's mesh network.

Bluetooth

A wireless technology standard for exchanging data over short distances using short-wavelength UHF radio waves in the ISM band from 2.4 to 2.485 GHz for building personal area networks (PANs). Ranges are typically less than 33 ft but can be up to 330 ft. Version 5.0 range is expected to be up to 100-1000ft.

Bluetooth Low Energy

Similar to classical Bluetooth with similar ranges yet using less energy for smaller devices.

Clearnet

The unencrypted no anonymity internet. 1M5 supports clearnet communications when configured so by acting as a client for http(s) communications and by acting as a web server serving http(s) content. This is supported today in 1M5 using OkHTTP for client APIs and Jetty as an embedded web server for serving up local HTML UIs.

I2P

The Invisible Internet Project, an anonymous overlay network for censorship-resistant peer-to-peer (P2P) communication. Anonymity is achieved through garlic routing where ultimate source and destination IPs are extremely difficult to determine. Encryption is also provided by default end-to-end. 1M5 currently supports I2P for real-time communications peer-to-peer (P2P) with optional random delays up to 90 seconds for battling timing attacks. All communications between 1M5 nodes defaults to I2P using it as a message-oriented middleware (MOM) similar to what enterprises use in the application stacks.

Nearby

When applications using 1M5 have their Nearby feature activated, a list of nearby 1M5 Nearby activated devices are provided for application integration for a number of possibilities.

NFC

Near-Field Communication, a set of communication protocols that enable two electronic devices to establish communications between them within very short distances (within 1.6 inches) for security reasons. Current use in 1M5 is for exchange of any data that requires physical verification of each end user such as swapping shared symmetric keys. May get replaced with WiFi as minimum distance can be configurable.

Tor

An anonymous network for accessing clearnet internet sites through using onion routing with end-to-end encryption.

Wi-Fi Aware

Continuously discovers other devices within a user’s Wi-Fi range prior to association, making it easy to find nearby information and services available that match preferences set by the user.

Wi-Fi Direct

A Wi-Fi standard enabling devices to easily connect with each other without requiring a wireless access point. Wi-Fi Direct allows two devices to establish a direct Wi-Fi connection without requiring a wireless router. Hence, Wi-Fi Direct is single radio hop communication, not multihop wireless communication, unlike wireless ad hoc networks and mobile ad hoc networks. Wi-Fi ad hoc mode, however, supports multi-hop radio communications, with intermediate Wi-Fi nodes as packet relays. Implementation started but not yet tested.

Wi-Fi Internet

Classic Wi-Fi connections using a wireless access point such as a Wi-Fi router accessing the internet. This is supported naturally by the hardware device although 1M5 will eventually be routing this types of requests through a Sensor for better end-user control.

Wi-Fi HaLow

Wi-Fi standard for operating in frequency bands below 1 GHz offering longer range, lower power connectivity to Wi-Fi enabled systems roughly doubling range while improving penetration of materials. Considered important long-term for working within the Internet of Things (IoT) concepts.

Sensor Managers


Ensure blocked nodes can communicate by re-routing through multiple networks and their nodes.

Simple Sensor Manager

The default Sensor Manager that comes with the Sensors service is the Simple Sensor Manager. It manages all Sensors including their lifecycles while maintaining an overall sensor status and providing different methods to select a Sensor for communications - by URL/Sensitivity/Operation while handling errors. No database of peers are maintained. Future work includes basic re-routing based on sensor status.

Neo4J Sensor Manager

Extends Simple Sensor Manager above but includes maintaining a graph of networked peers. Future work includes determining shortest path as well as additional features leveraging a real-time graph.

Countermeasures


Responds to exploitation attempts by learning and acting on them.

Honeypot

A low-interaction honeypot module for attempting to deceive external attackers into believing they're working with different hardware/software than they would otherwise believe and to fend off malware introduced by into the system including via USB drives. Theft of cryptocurrencies is growing through the use of such malware.

Exploit

Once attackers are identified, the exploit module can then start working to determine the attackers' weak points and begin reverse attacking to aid in defense. Not yet prioritized but expected to be started after honeypots.

Filters


Comes with threat filters built-in for threat mitigation including Silent SMS Blocking and IMSI-Catcher detection/blocking.

Silent SMS Blocking

Block attempts at pinging cellular based devices using SMS.

IMSI-Catcher

False mobile towers (base stations) acting between the target mobile phone(s) and the real towers of service providers. As such they are considered a Man-In-The-Middle (MITM) attack. This surveillance technology is also known as "StingRay", "Cellular Interception" and alike. The IMSI-Catcher Sensor discovers IMSI-Catchers and automatically blocks the phone from connecting to them. Future versions may support sharing of known IMSI-Catchers, honeypotting them to learn more about them, and using exploits to shut them down. Current project on GitHub is trying to get more interested developers to help.

Utilities


Sensors that ensure the application maintains clean of privacy robbing viruses and additional application assistance.

Surveillance Cleaner

Looks for software associated with surveillance tactics recommending removable by end-user if possible or isolating if approved by end-user.

Threat Identification

Monitors inbound requests for threat potentials.