AirChat Code
Brought to you by:
fkorning
Menu
▾
▴
Tree [d3f044] master / History
fkorning
scentrics-fk
Read Me
[Airchat Video](https://vimeo.com/92651272)
#=============================================================================#
# AirChat 2.0
#=============================================================================#
_ _ .__ .__ __
__| || |_______ |__|______ ____ | |__ _____ _/ |_
\ __ /\__ \ | \_ __ \_/ ___\| | \\__ \\ __\
| || | / __ \| || | \/\ \___| Y \/ __ \| |
/_ ~~ _\(____ /__||__| \___ >___| (____ /__|
|_||_| \/ \/ \/ \/
#-----------------------------------------------------------------------------#
# Authors
#-----------------------------------------------------------------------------#
Airchat 2.0
Airchat 1.0 was released to github in 2004 by Anonymous, Lulzsec, and LulzLabs.
The code has not been updated and the authors have not been heard of since.
The authors of this new version have nothing to do with LulzSec or Anonymous.
In keeping with Tradition, the pronoun 'we' was kept, meaning 'we the people'
taking up the torch from the Anonymous Collective.
We hereafter use the 'original LulzSec AirChat' to refer to the original code.
Whereas anything semantically marked 'new, adapted, change, modified, improved,
enhanced, augmented, redacted, etc' means our new incarnation of the code.
#-----------------------------------------------------------------------------#
# Credits
#-----------------------------------------------------------------------------#
Anonymous, LulzSec, Lulzlabs, L0PHT Heavy Industries, 2600, and cypherpunks.
GNU, Open-Source, Linux, FreeBsd, the EFF, ZKS Freedom, and the TOR Project.
Wikileaks/Openleaks, RSF/RWB, MSF/DWB / MDM/DOW, and Amnesty international.
OSM OpenStreetMap/Nominatim, Leaflet: Vladimir Agafonkin, Fabien Nicollet
et al (various leaflet plugins). Fldigi: W1HKJ - Dave Freese, SB42, et al.
#=============================================================================#
# Abstract
#=============================================================================#
What is AirChat?
Airchat is a team communication, collaboration, and situation-awareness tool.
Airchat provides free communications, not just as in 'free beer', but as in
free from eavesdropping, from intercept, and from external coercive control.
It provides a primitive RF Wireless Mesh, ie a long-distance wide-area network,
allowing teams to communicate securely and privately in a robust resilient way.
It doesn't need the internet, wifi, nor even a cellphone network or bluetooth.
It bypasses mobile cell provider networks, using raw digital RF Radio packets.
It favours simplicity, ubiquity, low cost-of-entry and low-tech off-the-shelf
handheld radios, and can run on mobiles, embedded systems, laptops and desktops.
It uses encrypted digital packets to share message within a collaborative team.
Each node in the mesh extends the range a bit, but range is limited by RF signal.
These packets are end-to-end encrypted, and can be relayed on insecure networks.
This means they can safely be retransmitted on mobile networks and the internet.
For longer ranges, a node with a bigger antenna may be aact as a relay / gateway.
Such a relay may run on a laptop and may also act as an encrypted internet proxy.
AirChat is not just a draft proposal, but is a real working PoC Prototype.
We hope you will use it, and share in the beauty of 'free communications'.
#-----------------------------------------------------------------------------#
# UseCases
#-----------------------------------------------------------------------------#
Who needs Airchat?
Anyone wishing anonymity, privacy, and security without fear of interception.
Anyone needing a robust communication mode that is resillient to mobile outage.
Activists, Operatives, Protestors, Journalists, Ivestigators, Whistleblowers.
Humanitarian Organisations, Disaster Response crews, Search and Rescue team.
Off-Griders, Adventurers, Backpackers, Yachtsmen, Explorers and Expeditions.
Anyone operating in a conflict zone.
#-----------------------------------------------------------------------------#
# Features
#-----------------------------------------------------------------------------#
What can it do?
AirChat is not just a concept but a working prototype tested in the field.
The basic concept is a secure mesh framework and simplistic message board,
shared within a local network, that connects remote digital RF radio nodes.
Built on top of the messaging and routing framework, emergency web services
can be integrated, accessed, shared and proxied in a safe anonymous way.
Any node can act as a wifi relay, proxying local messages to distant nodes.
Any node with Internet access can acts as a gateway, and the access can be
anonymised via built-in support for an HTTPS proxy or a TOR / SOCKS proxy.
The current release is a minimal set functionalities, to suss what people
do with it and what they would need. We will refine it based on feedback.
Current Services include Twitter, RSS News Feeds, and Maps and Geolocation
using OpenStreetMap map providers, Nominatim geocoding, and Leaflet layers.
The services also support the sharing of data Files, which can be extended
to include progressive png images, vox audio conversations, calendars, etc.
It works! So far, we have played chess with our friends 180 miles away.
We have shared pictures, and talked in low bandwidth encrypted vox chats.
We have 3D printed over distances of 80 miles and placed medical orders
at distances of over 100 miles.
So Tune in, Turn on, and Transmit out.
#-----------------------------------------------------------------------------#
# Changes
#-----------------------------------------------------------------------------#
The original Lulzsec perl code has been extensively redacted and refactored.
Variables and methods have been reordered, renamed, their scopes changed,
Text and Web content heavily corrected, sanitised, expanded and elaborated.
Formatting and logic has also been cleaned up and extensive comments added.
Firstly this was done in order to decipher, understand, and validate the code,
and then because a lot of the old text and web presentation stuff was archaic,
klutzy, and ill-suited to our new concept of a handheld or palmtop client.
This is in no way a criticism on Lulzsec code, as Airchat was only ever a PoC.
In fact some of the original design decisions made, such a perl fork daemon,
on inspection revealed themselves to be judicious (only one modem/audio port).
We even got fond of and saw wisdom in the cgi-perl pseudo web-server concept.
Most of the new work has been on the web server and web services and features.
There are plans to augment the core messaging protocol (see the design docs).
This new version then, retains as main principle the local pseudo web-server.
However instead of in-lining data like images, fonts, css, js, this version
loads them from the file system. This is crucial as we are fetching, caching
loading, and relaying images, map tiles, geojson overlays, shared files, etc.
Menus have been augmented, new items added, and web text files rationalised.
The old interface, driven by a simple menu on a static web page, is now based
on a central scrolling viewport, with floating menu on top and status below.
The gui view is built for a smallscreen handheld Palmtop, Arduino, Raspberry,
or even a rooted Android phone ideally with a 800x600 or 1024x768 display.
We want a screen that avoids scrolling to get the latest message / status.
This view is also consistent with the OpenStreetMap and leaflet interface.
Twitter access remains, as does RSS feeds. Three feed lists are configurable.
New proxied web services include Nominatim geocoding and OSM maps and tiles.
Files are a new thing. We're still sorting out the various data types and
persistence, sequencing, and fragmentation and reassembly. (see below).
Maps are the main improvement. Airchat now runs as its own secure team APRS,
where team members can relay their GPS fixes and team positions are rendered
on a topographical map. For now it will rely on volunteered lat/lon positions
or named locations, voluntary calls to OSM geocoding and shared geojson files.
#=============================================================================#
# Implementation
#=============================================================================#
#-----------------------------------------------------------------------------#
# Protocol
#-----------------------------------------------------------------------------#
How does it work?
We ended up with a simple datagram packet: the Lulzpacket.
This packet contains padding and preamble, a hashcode for delivery address,
a timestamp, a checksum, a packet sequence number, a pseudonymous callsign
and the payload, which may be encrypted in symmetric AES or asymmetric RSA.
We define the address of a node as the hash of its asymmetric public key.
A node generates its hash/keys: to change its hash it must change its keys.
Node keys are managed locally: nothing is registered or tracked externally.
Each node keeps a list of its peer nodes and their public key/hash address.
Nodes only care for what is being received. Bar the callsign and node hash,
no ip adress, unique hardware id, nor any kind of identification is leaked.
Only packets matter. Packets are pseudonymous based on the hash / callsign.
The callsign can be pseudonymous and need not be tied to a real identity.
The padding and preamble is specific to a group, as is the group passphrase.
The passphrase is a shared secret used for group-wide symmetric encryption.
Each node encrypts the passphrase and uses its hash as a sending signature.
A special hashcode '000000' is used for public or group-wide messages.
Bar the hashcode, any other participant ID is stored in the packet payload.
Packets for the group can only be decrypted by nodes sharing the passphrase.
Packets encrypted for specific nodes can only be decrypted by those nodes.
It is not possible to spoof an address, a msg payload, or do a replay attack.
#-----------------------------------------------------------------------------#
# Disclaimer
#-----------------------------------------------------------------------------#
Did you say Encrypted RF?
You bet.
The design cares not for encryption restrictions on digital RF packet radio.
As a technical solution, it is not its remit to enforce any particular policy.
Firstly, Airchat is not meant to be used exclusively within a given country,
nor even necessarily in any territories governed by RF telecomm regulations.
Like airwaves, Airchat is global. Where signals go, it goes.
Secondly, Airchat has legitimate uses in zones outside of such jurisdictions:
out in the open sea, in wartime conflict zones, in lawless failed states, etc.
To wit, in the UK OFCOM has removed the 15min mandatory broadcast of callsign
and station identification, and removed the restriction on use of encryption.
This might come to change again given the volatility of a conflict climate.
The fact is these rules are arbitrary and are not based on any real technical
or fair use issues like interference and spectrum allocation.
But in good faith, we have provided the mechanisms for maximum compliance.
This allows everyone to play around and get familiar with it, and enables
its use in normal peacetime conditions, say disaster response, search and
rescue, out at sea on a sinking ship, etc.
Our belief in free personal responsibility means we make the choice yours:
Your call. Encryption is nececessary for the routing of private messages,
while non encrypted packets are compatible with Public general broadcasts.
Note that in an SHTF crisis one probably won't care about FCC regulations,
nor would one in a warzone with hostile factions marauding about the place.
Now we're talking!
#-----------------------------------------------------------------------------#
# Messaging
#-----------------------------------------------------------------------------#
The system has 4 communications modes:
The first is a Public broadcast, a signed but unencrypted clear text message
(use it for compliance with regulations banning the use of encryption over RF).
The second is a Private announcement using the group symmetric encryption.
Only team members with the shared secret Passphrase can decrypt the payload.
The third is a Personal message, encrypted asymmetrically for a single node.
This can be relayed via other nodes, but only the recipient can decrypt it.
Lastly the Fourth is a Protected communication, which has both the asymmetric
encryption of the peer node, but wrapped in the group symmetric encryption.
#-----------------------------------------------------------------------------#
# Capabilities
#-----------------------------------------------------------------------------#
Airchat is the first service which implements this protocol.
Airchat is an RF mesh packet network operating without cellphone or satellite.
It allows to track team or group health, activity, position in confidence.
It allows public annoucements and private encrypted group communications.
It also allows personal messages, protected and encrypted for specific peers.
It can chain and relay messages to remote peers reachable via other peers.
It also acts as an internet gateway that proxies anonymously to core services.
It connects to RSS news feeds and keeps your group updated on current events.
It can use Twitter, both to read posts and update a group hashtag status.
It shows a Map and geolocation using OpenStreetMap and Nominatim geocoding.
The Map has layers for team positions, locations, objectives, and features.
Map tile loading can be preloaded, proxied via TOR, and is cached locally.
All without SatPhones, CellPhones, or any Internet access.
#-----------------------------------------------------------------------------#
# Vulnerabilities
#-----------------------------------------------------------------------------#
When acting as wifi relay, local traffic is in clear-text (port to https).
Airchat hides message content, but not the act of communicating.
It doesn't obscure the fact that one is using encryption.
It hides participant identity, but not location.
It is possible to do a denial of service, to jam or scramble frequencies.
It is possible to scan for signals and triangulate node positions.
See the documentation to see where the future lies (EndRun).
#=============================================================================#
# Configuration
#=============================================================================#
#-----------------------------------------------------------------------------#
# diagram_1 - Remote Base Stations
#-----------------------------------------------------------------------------#
#-----------------------------------------------------------------------------#
# diagram_2 - Local Mesh and Relay
#-----------------------------------------------------------------------------#
#=============================================================================#
# Installation
#=============================================================================#
#-----------------------------------------------------------------------------#
# Windows
#-----------------------------------------------------------------------------#
(Cygwin)
Install Cygwin GNU POSIX, with full gcc, glibc, autotools.
## Install Cygwin Core
Make sure you are the real Windows Administrator and install base cygwin from here:
https://cygwin.com/
At minimum, install the following:
- wget
- curl
- git
- svn
## Install the apt-cyg package manager:
MIT's excellent apt-cyg script acts like a GNU-linux apt-get package manager for cygwin.
wget https://github.com/transcode-open/apt-cyg/blob/master/apt-cyg > /bin/apt-cyg
chmod a+x /bin/apt-cyg
## Install gcc/g++ Toolchain and Libraries:
Run this script to install a painless POSIX compliant GNU development toolchain:
./install-windows-base-cygwin.sh
## Install perl cpanminus package manager and libraries:
./install-windows-lib-packager.sh
## Resolve and install the required Perl CPAN modules:
./install-windows-modules.sh
## Install fldigi on the localhost:
https://sourceforge.net/projects/fldigi/files/latest/download?source=files
#-----------------------------------------------------------------------------#
# Linux
#-----------------------------------------------------------------------------#
(Debian / Ubuntu/ Trusty)
(NOTE: running fldigi requires a graphical environment, eg XWindows)
## Install perl cpanminus package manager and libraries:
./install-linux-lib-packager.sh
## Resolve and install the required Perl CPAN modules:
./install-linux-modules.sh
^ linux uses HTTP::Server::Simple::CGI::PreFork and Net::Twitter::Lite::WithAPIv1_1
There's an optional line for (# apt-get install libnet-sslglue-perl), which fixes LWP
for https requests when you want to include feeds only available via https proxy,
and you don't have the newer libwww-perl 6.05-2 and liblwp-protocol-https-perl 6.04-2
(should be available from the jessie repos) ...
In that case we advise you look to update libwww-perl and liblwp-protocol-https-perl
to latest versions, cause using SSLGlue might break https access to the twitter API.
Install fldigi on the localhost:
# apt-get install fldigi
#-----------------------------------------------------------------------------#
# FreeBSD
#-----------------------------------------------------------------------------#
(FreeBSD 10.x)
(NOTE: running fldigi requires a graphical environment, eg XWindows)
Install prerequisites and libraries:
# pkg install make
# pkg install perl-5.16.xx
## Install perl cpanminus package manager and libraries:
./install-freebsd-lib-packager.sh
## Resolve and install the required Perl CPAN modules:
./install-freebsd-modules.sh
^ BSD uses Net::SSLGlue::LWP and LWP::UserAgent
## Install fldigi on the localhost:
# pkg install fldigi-4.xx.xx
#-----------------------------------------------------------------------------#
# MacOS
#-----------------------------------------------------------------------------#
(MacOS X)
Install prerequisites:
Get XCode.
Launch XCode and bring up the Preferences panel.
Click on the Downloads tab.
Click to install the Command Line Tools.
Check you got 'make' installed.
## Install perl cpanminus package manager and libraries:
./install-macos-lib-packager.sh
## Resolve and install the required Perl CPAN modules:
./install-macos-modules.sh
Install fldigi on the localhost:
https://sourceforge.net/projects/fldigi/files/latest/download?source=files
#-----------------------------------------------------------------------------#
# Android
#-----------------------------------------------------------------------------#
(Termux)
## Install gcc/g++ Toolchain and Libraries:
Run this script to install a painless POSIX compliant GNU development toolchain:
./install-android-base-termux.sh
## Install perl cpanminus package manager and libraries:
./install-android-lib-packager.sh
## Resolve and install the required Perl CPAN modules:
./install-android-modules.sh
#=============================================================================#
# Operation
#=============================================================================#
READ THE CODE.
Run the script.
./airchat.sh
Connect your browser (default: http://localhost:8080).
If you have problem running it, first try updating modules and libraries.
We've found some issues related to outdated implementations.
(like '500 Bad arg length for Socket6::unpack_sockaddr_in'
happening in Ubuntu Precise when enabling the Twitter gateway)
#=============================================================================#
# Fldigi Setup
#=============================================================================#
Install and run fldigi.
Skip mostly everything but you must configure an audio device and packet radio
mode and connect it your audio card port.
Test if it's working capturing audio signals and playing audio.
And that's all. The rest is done by xmlrpc.
(Note: keep your fldigi updated always)
#=============================================================================#
# Hardware Configuration
#=============================================================================#
#-----------------------------------------------------------------------------#
# Connector Quality
#-----------------------------------------------------------------------------#
Mind the quality of cables and soldering used as that really impacts transmission.
Test the audio quality until getting the most optimal conditions possible, .
#-----------------------------------------------------------------------------#
# RF Radio Connectors
#-----------------------------------------------------------------------------#
Radio transceivers come in a variety of interfaces, modes, bands, and connectors.
Each brand deploys different connectors even within their own range of models and
sadly there's usually no standard which they follow.
We understand that some people have experience using more sophisticated and expensive
radio equipment and will know how to link those transceivers to their computers.
But we want AirChat to be usable by everyone, not just HAM operators and engineers.
As such we will focus on supporting the cheapest and most accesible models which are able
to offer the democratization of this solution worldwide even in the poorest regions.
Consider the ubiquitous Chinese VHF/UHFhandheld transceivers available for 40 USD.
Depending on the model, we might have to do some hardware cable connector hacking.
We can start with a simple Vox setup to avoid more complex Push-To-Talk PTT setups.
#-----------------------------------------------------------------------------#
# Vox audio on Kenwood combo 2.5mm / 3.5mm connector
#-----------------------------------------------------------------------------#
These devices use a Kenwood 2-pin combo connector: a 2.5mm jack and a 3.5mm one.
The 2.5mm is the speaker/headphnoe output and the 3.5mm is the microphone input.
First connect a 2.5mm male to 3.5mm male cable to the speaker output on the radio
and to the microphone input on your computer.
Then take a stereo 3.5mm male to 3.5mm male cable and cut the small cables inside
EXCEPT the red one (a red cable which is connected to the middle ring of the jack).
WARNING:
Only the red cable with the signal coming from the ring of the 3.5mm jack
should be connected and nothing else. neither the tip, nor the ground
(ground will be provided by the 2.5mm jack cable)).
Once you are done, connect this customised cable to the microphone input on the
radio transceiver and then to the speaker output of your computer.
You are done.
#-----------------------------------------------------------------------------#
# Fldigi Tuning
#-----------------------------------------------------------------------------#
Finally, set the carrier frequency everyone will use on the transceiver.
Don't forget to enable the VOX function (adjust the sensitivity to medium).
Set the transmission timer to more than 2 minutes, set the radio speaker volume to 50%.
#-----------------------------------------------------------------------------#
# Soundcard Tuning
#-----------------------------------------------------------------------------#
Set the computer microphone sensitivity to base levels with medium boost (if needed).
Set the computer headphones volume to around 70% or so and then you are ready to go.
Keep testing till getting the best audio quality for your transmission.
#=============================================================================#
# Operation
#=============================================================================#
#-----------------------------------------------------------------------------#
# Service Pages
#-----------------------------------------------------------------------------#
The original web page content and layout has been adapted and rationalised.
It's now a pseudo REST API, where every Page load can be scripted by message.
All Control text files are now served by loading the files, and file support
extends to registered file types (fonts, images, css style, js scripts, etc).
/* Public* (default)
/Public* Public Basic Broadcasting [cleartext*]
/Private Private Group Messaging [AES symmetric]
/Personal Personal private Messaging [RSA asymmetric]
/Protected Protected Advanced Messaging [RSA + AES]
/Silent Radio Silence mode options
/Song Song Beacon/Call-In mode options
/Squawk Squawk Request/Reply mode options
/Squeak Squeak Challenge/Response mode options
/Squeal Squeal Passphrase/Frequency Change options
/Config Configuration Settings editor
/Team Team Nodes and Routes editor
/Routes Node and Routes editor
/Help Airchat Help
/About About, License, Credits, Philosophy
/Design Design, Architecture, Features, Protocol
/Guide Installation, Configuration, Operation
/Twt Twitter services
/Twt?#hashtag Twitter services on a specific hashtag
/Rss? RSS Feed services
/Rss?news RSS Feed services for news feeds
/Img Image and Picture manager
/Img?#source/album Image manager on a specific album
/Map Map and geocoding Services
/Map?q=place,address Map Services on a geocode-searcch OSM location
/Map?z/x/y Map Services on a specific OSM position
/Map?M/L/z/x/y Map Services on a Map, Layer, and OSM position
/Htm HTM Pseudo Wiki (*tbd)
/Htm?index.htm HTM Pseudo Wiki index (*tbd)
/style.css CSS style sheet
/favicon.ico Airchat fave icon
/images/airchat-title-x1.png Airchat title logo
/images/airchat-diagram_1.png Airchat sample network diagram 1
/images/airchat-diagram_2.png Airchat sample network diagram 2
/fonts/droid_sans.woff droid sans regular webfont
/fonts/droid_mono.woff droid sans monospace webfont
/settings.json airchat settings file
/routes.json peer nodes, keys, and routes
/broadcasts.txt persisted public broadcast messages
/messages.txt persisted private encrypted messages
/outbound.txt persisted outbound messages
/inbound.txt persisted inbound messages
/htm/index.htm The Wiki index page
/htm/pagename1.htm A wiki page
/htm/pagename2.htm Another wiki page
/rss/news.txt latest RSS news feeds
/rss/world.txt latest RSS world feeds
/rss/local.txt latest RSS local feeds
/rss/feeds.txt latest RSS community feeds
/twt/twitter.txt latest Twitter status for @twitter_user
/twt/hashtag.txt latest Twitter mentions for #twitter_hashtag
/twt/mentions.txt latest Twitter mentions for @twitter_user
/twt/messages.txt latest Twitter messages for @twitter_user
/geo/positions.json current geojson position fixes
/geo/vectors.json current geojson vector path ways
/geo/polygons.json current geojson polygon arcs and zones.
/map/mapnik/z/y/x.png map tile symlink
/map/mapnik/z/y/x_1.png micro tile 16x16 1 KB 1 sec
/map/mapnik/z/y/x_2.png mini tile 32x32 4 KB 4 sec
/map/mapnik/z/y/x_3.png small tile 64x64 16 KB 15 sec
/map/mapnik/z/y/x_4.png medium tile 128x128 64 KB 1 min
/map/mapnik/z/y/x_5.png full map tile 256x256 256 KB 5 min
/map/mapnik/z/y/x_6.png stitched map 512x512 1 MB 15 min
/map/mapnik/z/y/x_7.png stitched map 768x768 3 MB 45 min
/img/folder/a/b/c.png still image symlink
/img/folder/a/b/c_1.png small icon 16x16 1 KB 1 sec
/img/folder/a/b/c_2.png medium icon 32x32 4 KB 4 sec
/img/folder/a/b/c_3.png large icon 64x64 16 KB 15 sec
/img/folder/a/b/c_4.png rough image 128x128 64 KB 1 min
/img/folder/a/b/c_5.png small image 256x256 256 KB 5 min
/img/folder/a/b/c_6.png medium image 512x512 1 MB 15 min
/img/folder/a/b/c_7.png large image 768x768 3 MB 45 min
/vox/album/a/b/c.png vox audio symlink
/vox/album/a/b/c_1.png micro audio sample (50 ms)
/vox/album/a/b/c_2.png mini audio syllable (200 ms)
/vox/album/a/b/c_3.png tiny audio wordlet (1 sec)
/vox/album/a/b/c_4.png short audio couplet (5 sec)
/vox/album/a/b/c_5.png medium audio phrase (20 sec)
/vox/album/a/b/c_6.png lengthy audio sentence (1 min)
/vox/album/a/b/c_7.png massive audio paragraph (5 min)
#-----------------------------------------------------------------------------#
# Message Commands
#-----------------------------------------------------------------------------#
The original IRC-inspired command set has been adapted and rationalised.
Every command message we will able to be scripted viad pseudo REST API.
:locate?Montreal,QC geocode-locate a fuzzy location name
:reverse?45.50,-75.60 geocode-reverse a lat/lon position
:lookup?W26932726 geocode-lookup a named OSM place/feature
:news? fetch RSS common news feeds
:world? fetch RSS world news feeds
:feeds? fetch RSS custom community feeds
:twitter? check twitter status
:hashtag? scan twitter mentions of default hashtag
:hashtag?#hashtag scan twitter mentions of another hashtag
:mentions? scan twitter mentions of default user
:mentions?@user scan twitter mentions of a user
:tweet? post twitter pulse to default hashtag
:tweet?status post twitter update on default hashtag
:tweet?#hashtag status post twitter update on another hashtag
:twoot?@user msg send a twitter message to another user
#=============================================================================#
# (c) 2017 AlasBabylon, Anonymous, LulzLabs - All your base are belong to us.
#=============================================================================#
