Online Learning: Free Lecture Courses on Data Communications, Networking, Cryptography and Computer Security

I've been meaning to bring these resources together into a post for some time now.  There are a ridiculous number of free university level courses on communications, networking, cryptography and computer security available online.  Here are some of the better courses, lectures and video tutorials that I've come across over the last six months, all of which are appropriate for people who are looking for in depth introductions to these fields, or more experienced folks who would like a refresher on the fundamentals.

Lecture Series

• Steve Gordon's Lecture Courses
Steve Gordon is an Associate Professor at Sirindhorn International Institute of Technology (SIIT), Thammasat University, Thailand.  On his Youtube page, you can find four complete lecture series on Security and Cryptography, IT Security, Data Communications and Networks, and Internet Technologies and Applications. 

•  Introduction to Cryptography
Christof Paar, a Professor at Ruhr University, Bochum Germany, provides an introduction to modern cryptography in this series of 24 lectures. 

•  Cryptography and Network Security
Prof. D. Mukhopadhyay, from the Department of Computer Science and Engineering at the Indian Institute of Technology provides a broad introduction to Cryptography and Network security in this series of 41 lectures.  Production quality could be better, but the video lectures are substantive in nature.

•  Computer System Engineering
This undergraduate course, taught by Prof. Robert Morris and Prof. Samuel Madden from MIT, covers the basics of networking and computer security.  The first few lectures are not available.  But the units on networking and cryptography are available in full beginning with lecture 9.  

•  Fundamentals of Computer Networking 
This series contains over 30 lectures by Professor Parviz Kermani Department of Electrical & Computer Engineering at Manhattan College, and provides an in depth introduction to the basics of computer networking.

Miscellaneous Video

•  Whitfield Diffie on the History of Public Key Cryptography
•  Google Tech Talks on Cryptography (Assorted lectures and seminars from the Google Tech Talk series relating to cryptography and computer security)
•  Intro to Network Scanning (Basic introduction to network scanning tools)
•  Intro to Pentesting (10 short tutorials)

British and US Spy Agencies Compromise Yahoo Chat

It needs to be said: the actions of intelligence agencies such as the NSA and the British GCHQ amount to an act of war against innocent civilian populations around the world.  This brings their actions into line with the definition of terrorism, the use of force or the threat of the use of force against civilian populations to achieve political ends.  It is time for people to stand up and call these government agencies out for what they are: state sponsored terrorist groups.  From The Guardian:

Britain's surveillance agency GCHQ, with aid from the US National Security internet users not suspected of wrongdoing, secret documents reveal.
Agency, intercepted and stored the webcam images of millions of GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.

In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally.

Yahoo reacted furiously to the webcam interception when approached by the Guardian. The company denied any prior knowledge of the program, accusing the agencies of "a whole new level of violation of our users' privacy".

Outernet: Project Seeks to Create Worldwide Free Satellite Internet

From Outernet:

There are more computing devices in the world than people, yet only 60% of the global population has access to the wealth of knowledge found on the Internet. The price of smartphones and tablets is dropping year after year, but the price of data in many parts of the world continues to be unaffordable for the majority of global citizens. In some places, such as rural areas and remote regions, cell towers and Internet cables simply don't exist. The primary objective of the Outernet is to bridge the global information divide.

Broadcasting data allows citizens to reduce their reliance on costly Internet data plans in places where monthly fees are too expensive for average citizens. And offering continuously updated web content from space bypasses censorship of the Internet. An additional benefit of a unidirectional information network is the creation of a global notification system during emergencies and natural disasters.

Access to knowledge and information is a human right and Outernet will guarantee this right by taking a practical approach to information delivery. By transmitting digital content to mobile devices, simple antennae, and existing satellite dishes, a basic level of news, information, education, and entertainment will be available to all of humanity.

Although Outernet's near-term goal is to provide the entire world with broadcast data, the long-term vision includes the addition of two-way Internet access for everyone. For free.

Snowden Drip: Government Funded Character Assassination Squads Rampant Online

From The Intercept:

One of the many pressing stories that remains to be told from the Snowden archive is how western intelligence agencies are attempting to manipulate and control online discourse with extreme tactics of deception and reputation-destruction. It’s time to tell a chunk of that story, complete with the relevant documents.

Over the last several weeks, I worked with NBC News to publish a series of articles about “dirty trick” tactics used by GCHQ’s previously secret unit, JTRIG (Joint Threat Research Intelligence Group). These were based on four classified GCHQ documents presented to the NSA and the other three partners in the English-speaking “Five Eyes” alliance. Today, we at the Intercept are publishing another new JTRIG document, in full, entitled “The Art of Deception: Training for Online Covert Operations.”

By publishing these stories one by one, our NBC reporting highlighted some of the key, discrete revelations: the monitoring of YouTube and Blogger, the targeting of Anonymous with the very same DDoS attacks they accuse “hacktivists” of using, the use of “honey traps” (luring people into compromising situations using sex) and destructive viruses. But, here, I want to focus and elaborate on the overarching point revealed by all of these documents: namely, that these agencies are attempting to control, infiltrate, manipulate, and warp online discourse, and in doing so, are compromising the integrity of the internet itself.

Follow the link for all the gory details.  Here's a sample slide from the leaked document:

Voice Chat App Aids Anti-Government Uprisings Across the World

From Defense One:

Entrepreneur Bill Moore was in his Austin, Texas, office last Thursday, watching explosive growth for his company’s walkie-talkpublic dissatisfaction over crime and multiple other factors.
ie app, Zello, inside Venezuela. Zello had become the favorite app of protest organizers there after recently hitting the mark as the most popular app in Ukraine. Over the past few days in Venezuela, the protests ballooned following rapidly rising food prices, controversy over President Nicolas Maduro’s economic policies,

Moore was finding that in Venezuela that popularity had a price. Shortly after 9 p.m., his Twitter feed blew up with messages from users inside the country. The government-owned Internet service provider, CANTV, which hosts 90 percent of Venezuela’s Internet traffic, was blocking the app as well as access to Zello’s website. Downloads were dropping off considerably.

Check out Zello here.

Goto Fail: Apple iOS Bug Compromises SSL, Opens Vector for Attackers

From ZDNet:

Apple on Friday revealed a major SSL (Secure Socket Layer) vulnerability in
its software that affects all devices, allowing hackers to intercept and alter communications such as email and login credentials for countless Apple hardware users.

A new version of Apple's iOS for its tablets and phones was rushed out the door Friday to patch the vulnerability, wherein its mobile, tablet and desktop software is not doing SSL/TLS hostname checking — communications meant to be encrypted, are not.

The patch has only been issued for the more recent iPhones (4 and later), iPod touch (5th generation) and iPad (2nd generation).

Security researchers across several communities believe that Mac computers are even more exposed, as they are currently left hanging without a patch.

Imperial Violet has details on the bug itself:

So here's the Apple bug:

static OSStatus
SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams,
                                 uint8_t *signature, UInt16 signatureLen)
{
 OSStatus        err;
 ...

 if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
  goto fail;
 if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
  goto fail;
  goto fail;
 if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
  goto fail;
 ...

fail:
 SSLFreeBuffer(&signedHashes);
 SSLFreeBuffer(&hashCtx);
 return err;
}

(Quoted from Apple's published source code.)
Note the two goto fail lines in a row. The first one is correctly bound to the if statement but the second, despite the indentation, isn't conditional at all. The code will always jump to the end from that second goto, err will contain a successful value because the SHA1 update operation was successful and so the signature verification will never fail.

If you're worried your system may be affected, follow the link above to Imperial Violent, who has created a tool to do a quick check.

Massive Data Breach at University of Maryland

Governments, corporations, educational institutions, all of them completely incompetent when it comes to basic data security.  This is going to be a headache for a lot of people.  From Malwarebytes:

The University of Maryland (UMD) said it was the victim of a recent cyberattack, according to their statement released Wednesday. In the letter, UMD President Wallace D. Loh said he was informed of the breach yesterday evening by Brian Voss, the Vice President of Information Technology at the university.

“A specific database of records maintained by our IT Division was breached yesterday. That database contained 309,079 records of faculty, staff, students and affiliated personnel,” Dr. Loh said. “The records included name, Social Security number, date of birth, and University identification number.”

Snowden Leaks Spurred Massive Growth at DuckDuckGo

From Fastcolabs:

When Gabriel Weinberg launched a search engine in 2008, plenty of people thought he was insane. How could DuckDuckGo, a tiny, Philadelphia-based startup, go up against Google? One way, he wagered, was by respecting user privacy. Six years later, we're living in the post-Snowden era, and the idea doesn't seem so crazy.

In fact, DuckDuckGo is exploding.  Looking at a chart of DuckDuckGo's daily search queries, the milestones are obvious. A $3 million investment from Union Square Ventures in 2011. Just prior to that, a San Francisco billboard campaign. Inclusion in Time's 50 Best Websites of 2011. Each of these things moved the traffic needle for DuckDuckGo, but none of them came close to sparking anything like the massive spike in queries the company saw last July. That's when Edward Snowden first revealed the NSA's extensive digital surveillance program to the world. The little blue line on the chart hasn't stopped climbing north since.

Google Exploring Plans to Roll Out Fiber to 34 New Cities

Given the planned Comcast/Time Warner merger, we need as much real competition as we can get.  From Google:

Over the last few years, gigabit Internet has moved from idea to reality, with dozens of communities (PDF) working hard to build networks with speeds 100 times faster than what most of us live with today. People are hungrier than ever for faster Internet, and as a result, cities across America are making speed a priority. Hundreds of mayors from across the U.S. have stated (PDF) that abundant high-speed Internet accessPortland, Nashville (PDF) and dozens of others have made high-speed broadband a pillar of their economic development plans. And Julian Castro, the mayor of San Antonio, declared in June that every school should have access to gigabit speeds by 2020.

We've long believed that the Internet’s next chapter will be built on gigabit speeds, so it’s fantastic to see this momentum. And now that we’ve learned a lot from our Google Fiber projects in Kansas City, Austin and Provo, we want to help build more ultra-fast networks. So we’ve invited cities in nine metro areas around the U.S.—34 cities altogether—to work with us to explore what it would take to bring them Google Fiber.
is essential for sparking innovation, driving economic growth and improving education.

Europe Considers Digital Independence

From the Register:

German Chancellor Angela Merkel has lent her support to the idea of building
out new European data networks to help keep Europeans' email and other data out of the hands of US spies.

In the latest edition of her weekly podcast on Saturday, Merkel said she planned to raise the issue among other topics in a meeting with French President François Hollande this week.

"We'll talk, above all, about which European suppliers we have that provide security for the citizens," Merkel said, speaking in German, "that they need not cross the Atlantic with their emails and other things, but we can also build communications networks within Europe."

Kickstarter Compromised: Info Hacked

If you're on Kickstarter, you should probably be busy changing up your passwords.  From CNET:

Hackers hit crowd-funding site Kickstarter and made off with user information,
the site said Saturday.  Though no credit card information was taken, the site said, attackers made off with usernames, e-mail addresses, mailing addresses, phone numbers, and encrypted passwords.

"Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one," the site said in a blog post, adding that "as a precaution, we strongly recommend that you create a new password for your Kickstarter account, and other accounts where you use this password."

Quick, Everyone Panic! Bitcoin Weathers a Stormy Week

There have been some serious shenanigans in the Bitcoin community and economy in recent days.  The Mt. Gox exchange continues its downward spiral, while people who (inexplicably) provided control of their Bitcoin to Silk Road 2 got taken for a ride.  Here's one of the best rundowns on the Gox flaw that I've found online, from IEEE Spectrum:

Here's what a terrible week looks like in the world of Bitcoin: Two of the most trafficked Bitcoin exchanges, Mt. Gox and Bitstamp, temporarily halt trading and suspend bitcoin withdrawals in the midst of a distributed denial of service attack (DDoS). On exchanges that are still open for business, the value of the currency takes a brutal, sudden hit and then continues to tumble. Bitcoin users notice strange errors in their wallet balances after making routine transactions. Rumor spreads that the Bitcoin protocol is critically flawed. And where rumor is lacking, conspiracy theories abound.  All this, and it's barely Thursday.

Word is that as of this morning, Bitstamp had begun allowing withdrawals once again. 

Nightmare: Comcast to Acquire Time Warner Cable

As if the internet and cable service of these two corporations weren't bad enough already!  One can only surmise that the service will we twice as bad if this merger is allowed to go through.  Media consolidation continues apace and represents a growing threat to the freedom of information in the United States.  I do not imagine that the Democratic and Republican parties, which are effectively nothing more than subsidiaries of these  corporations, will do much to prevent the further consolidation and monopolization of media in the United States. From Reuters:

Comcast Corp's proposed $45.2 billion takeover of Time Warner Cable Inc could face close scrutiny from U.S. antitrust regulators because of the deal's potential to reshape the country's pay TV and broadband markets.

The company resulting from the merger of the top two U.S. cable service providers would boast a footprint spanning from New York to Los Angeles, with a near 30 percent share of the pay TV market as well as a strong position in providing broadband Internet services.

The all-stock deal, announced on Thursday, would put Comcast in 19 of the 20 largest U.S. TV markets, and could give it unprecedented leverage in negotiations with content providers and advertisers.

The situation is bad enough already . . .

Big Government and Big Business Collude to Outlaw Municipal Broadband

As if you needed another reason to detest the dictatorship of the two-party state.  From Ars Technica:

It's no secret that private Internet service providers hate when cities and towns decide to enter the telecommunications business themselves. But with private ISPs facing little competition and offering slow speeds for high prices, municipalities occasionally get fed up and decide to build their own broadband networks.

To prevent this assault on their lucrative revenue streams, ISPs have teamed up with friends in state legislatures to pass laws that make it more difficult or impossible for cities and towns to offer broadband service.

Attorney James Baller of the Baller Herbst Law Group has been fighting attempts to restrict municipal broadband projects for years. He's catalogued restrictions placed upon public Internet service in 20 states, and that number could be much higher already if not for the efforts of consumer advocates.

The Internet Strikes Back

From the reddit blog:

Today we must fight back against mass, suspicionless surveillance. Today we must protect both our civil liberties and the digital tools connecting us all.

Indiscriminate bulk surveillance programs by the NSA and their allies (detailed below) violate the First and Fourth Amendments of the U.S. Constitution, which protect citizens' right to speak and associate anonymously, guard against unreasonable searches and seizures, and protect their right to privacy.

In addition to individual privacy issues, these surveillance programs are damaging for online businesses like reddit. These programs undermine the basic freedom, innovation, and economic opportunity that the Internet enables.  The potential for a business to be legally and secretly compelled to violate the privacy of both foreign and domestic users casts a pall over any U.S.-based site. In turn, this threatens to place U.S.-based internet companies, one of the most dynamic and booming sectors of our economy, at a global disadvantage.

Fortunately, there are real opportunities for reform, but they need our support. Please consider joining us in taking action today. Together we can push back against powers that seek to observe, collect, and analyze our every digital action. Together, we can make it clear that such behavior is not compatible with democratic governance. Together, if we persist, we will win this fight.

If you're in the U.S., Call Congress today. Dial 202-552-0505 or click here to enter your phone number and have the call tool connect you. Ask your legislators to oppose the FISA Improvements Act (a bill that attempts to legalize bulk data collection of phone records), support the USA Freedom Act (a bill that works to curtail NSA surveillance abuses), and enact protections for non-Americans. Details on these bills and other legislation can be found below.

Here's what you should say:

I'd like Senator/Representative __ to support and co-sponsor H.R. 3361/S. 1599, the USA Freedom Act. I would also like you to oppose S. 1631, the so-called FISA Improvements Act. Moreover, I'd like you to work to prevent the NSA from undermining encryption standards and to protect the privacy rights of non-Americans.

If you're not in the U.S., demand that privacy protections be instituted.

You can also join in one of the offline protests happening today around the world. A partial list is available at thedaywefightback.org/events.

Below are detailed resources on what the NSA is doing, what legislation is out there, and common excuses for NSA surveillance—and how to bust them, courtesy of the EFF.

Router Vulnerability Allows Easy Exploit

From the Hacker News:

In past months, we have reported about critical vulnerabilities in many wireless Routers including Netgear, Linksys, TP-LINK, Cisco, ASUS, TENDA and more vendors, installed by millions of home users worldwide.

Polish Computer Emergency Response Team (CERT Polska) recently noticed a large scale cyber attack ongoing campaign aimed at Polish e-banking users.

Cyber criminals are using known router vulnerability which allow attackers to change the router's DNS configuration remotely so they can lure users to fake bank websites or can perform Man-in-the-Middle attack . . .

NYPD Testing Google Glass

The next phase on the surveillance arms race has begun.  From Gothamist:

If we've learned anything from Hipster Cop, it's that even the NYPD isn't Google Glass. "We signed up, got a few pairs of the Google glasses, and we're trying them out, seeing if they have any value in investigations, mostly for patrol purposes," a law enforcement official told VentureBeat. "We're looking at them, you know, seeing how they work." . . .
immune to shifting fashion trends. To that end, the NYPD is reportedly experimented with outfitting its officers with

Vincent Cannistraro, a former ranking clandestine operator with the CIA, told VentureBeat that he doubted that Glass would be useful for cops, but the NYPD source noted, "We think it could help impact patrol operations in New York City. We shall see." That's one possible reason for it—but another is that the NYPD may finally be looking into Judge Shira Scheindlin's suggestion that the NYPD adopt body-mounted cameras to monitor officers' encounters with citizens.

UT: ISPs Continue Fight Against Competition and Better Service

From Ars Technica:

Kansas isn't the only state considering legislation that would limit the growth of government-funded broadband networks that threaten incumbent Internet service providers.

The latest such attempt we've learned of is a Utah House bill called the "Interlocal Entity Service Prohibition," which would prevent a regional fiber consortium from building infrastructure outside the boundaries of its member cities and towns.

While it would affect any such group, the bill seems to be directed at UTOPIA, the Utah Telecommunication Open Infrastructure Agency, a consortium of 16 cities that operates a fiber-to-the-premises broadband network. The bill explicitly targets fiber only, not affecting cable or other types of networks.

Lobbyist for Comcast, Cox, TWC wrote bill to stifle rivals like Google Fiber.

"It actually is aimed specifically at UTOPIA," the group's legislative policy director, Gary Crane, told Ars. Crane is also a city attorney for Layton, one of UTOPIA's member municipalities. "I think there's probably a lot of fear in those who hold the monopoly currently in our cities that this model may be a good model for other cities to adopt." 

The bill, sponsored by Republican legislator Curt Webb, "prohibits an interlocal entity that provides telecommunication service through a fiber optic network from constructing infrastructure or providing telecommunication service in locations outside the boundaries of its members."

We've tried to reach Webb by e-mail and phone but haven't heard back yet.
UTOPIA's network is open access, allowing private Internet service providers to sell broadband over the fiber.

Of course, this is not surprising, the very notion of utopia is anathema to the alliance of Big Business and Big Government.

NJ: Professional Political Hysteric Demands to Interrogate Students Over Proof-of-Concept Program

New Jersey's Attorney General, John Hoffman, and the rest of his office appear to be nothing more than a technophobic gaggle of professional hysterics.  And they are out to prove it by harassing a group of young student programmers who came up with an interesting new decentralized Bitcoin app.  It appears these students may get a real lesson on the ignorance, arrogance and degeneracy of the ruling political class.  From the EFF:

As the popularity of Bitcoins has increased, government officials are concerned about criminal activity associated with the virtual currency. But a recent issued by the New Jersey Division of Consumer Affairs to 19-year-old Bitcoin developer and MIT student Jeremy Rubin goes too far, and we're fighting back by moving to quash it.
subpoena

Rubin and some other MIT classmates developed a computer code called Tidbit for the Node Knockout Hackathon in November 2013. Tidbit uses a client's computer to mine for Bitcoins as an alternative to website advertising: in exchange for removing ads from a website, a user would give some CPU cycles to mine for Bitcoins instead. Tidbit was clearly presented as a proof of concept, with the developers making clear the code was configured not to mine for Bitcoins. That's because in addition to refining the code, they needed to work out the legal details, like drafting a terms of service, and the ethical details, like making sure there was a way for users to opt-in to the service so their computers weren't being used to mine Bitcoins without their knowledge. Tidbit won the Node Knockout award for innovation and the students thought they were on their way to continuing with their project.

But in December, the New Jersey Division of Consumer Affairs issued a subpoena to Rubin, requesting he turn over Tidbit's past and current source code, as well as other documents and agreements with any third parties. It also issued 27 interrogatories -- formal written questions -- requesting additional documents and ordering Rubin to turn over information like the names and identities of all Bitcoin wallet addresses associated with Tidbit, a list of all websites running Tidbit's code and the name of anybody whose computer mined for Bitcoins through the use of Tidbit, although Tidbit's code was not configured to mine for Bitcoins.

Who exactly are the people who continue to vote for the brain dead politicians in the Democratic and Republican parties?  And what the hell is wrong with them? 

EFF: No Easy Solutions for Net Neutrality

From the EFF:

In light of these threats it is tempting to reach for easy solutions. But handing the problem to a government agency with strong industry ties and poor mechanisms for public accountability to fix the very real problem of network neutrality is unsatisfying. There’s a real danger that we would just be creating more problems than we’d solve.

One alternative that would go a long way would be to foster a genuinely competitive market for Internet access. If subscribers and customers had adequate information about their options and could vote with their feet, ISPs would have strong incentives to treat all netowrk traffic fairly. The court agreed with us on this point:

“a broadband provider like Comcast would be unable to threaten Netflix that it would slow Netflix traffic if all Comcast subscribers would then immediately switch to a competing broadband provider.”

Another scenario would be for Congress to step in and pass network neutrality legislation that outlines what the ISPs are not allowed to do. But fighting giant mega-corporations like AT&T and Verizon (and their army of lobbyists) in Congress promises to be a tough battle.

Yet another option: empower subscribers to not just test their ISP but challenge it in court if they detect harmful non-neutral practices. That gives all of us the chance to be watchdogs of the public interest but it, too, is likely to face powerful ISP opposition.

These are not the only options. Internet users should be wary of any suggestion that there is an easy path to network neutrality. It’s a hard problem, and building solutions to resolve it is going to remain challenging. But here is one guiding principle: any effort to defend net neutrality should use the lightest touch possible, encourage a competitive marketplace, and focus on preventing discriminatory conduct by ISPs, rather than issuing broad mandatory obligations that are vulnerable to perverse consequences and likely to be outdated as soon as they take effect.

Tech Firms Publish Redacted Info on Government Spying

From Ars Technica:

Today, several companies including Google, Yahoo, LinkedIn, Facebook, and Microsoft are revealing the first information about the amount of user data they're handing over to FISA requests. The disclosures are very broad data that just gives a range of how many users had information requested on them. But it's a small victory for the group of companies, which pushed to be allowed to publish more about the data collection when they petitioned the intelligence court back in August.

New Device Promises Electronic Nano-management of All Employee Activities

And here we thought micro-management was bad enough already.  From CNN:

Hitachi, the big electronics company based in Japan, is manufacturing and selling to corporations a device intended to increase efficiency in the workplace. It has a rather bland and generic-sounding name: the Hitachi Business Microscope.

But what it is capable of doing ... well, just imagine being followed around the office or the factory all day by the snoopiest boss in the world. Even into the restroom . . . It tracks everything.

What is Project Meshnet? A Short Introductory Guide to Setting up a Cjdns Node

Project Meshnet aims to build a global decentralized computer network based "on secure protocols for routing traffic over private mesh or public internetworks independent of a central supporting infrastructure."  The basis of the project is a piece of software called cjdns, an open source protocol that implements an encrypted IPv6 network.  By installing and running cjdns on a home computer, for example, that computer becomes a cjdns node that can be networked with any other machine that is also running the protocol.  You can find the cjdns white paper here.


Individuals and groups involved in Project Meshnet are currently in the process of developing Mesh Locals, groups of cjdns nodes connected directly to one another (usually wirelessly) to create a geographically distinct peer-to-peer network.  The Seattle Meshnet is, at present, the most well-developed of these local networks in the United States.

Individual nodes and Mesh Locals can connect to one another over standard internet connections, though the ultimate plan of Project Meshnet is to build enough intermediary mesh locals and nodes so that it is no longer necessary to route traffic over existing ISP-based internet infrastructure.  There is already at least one cjdns-based global mesh network known as Hyperboria.

Earlier this month, after a bit of research and with the help of some folks from my Mesh Local in NYC, I set up my first cjdns node and successfully connected to Hyperboria.  So, you may be wondering, what's on Hyperboria?  Good question.  The best way to answer this question for yourself is to set up your own cjdns node, and connect up with your nearest Mesh Local! 

Step 1: Install cjdns by following the Getting Started guide at Project Meshnet.  

Step 2: Make sure your node is configured correctly, which can be determined from the Trouble Shooting guide. 

Step 3: Locate your nearest Mesh Local, find a peer, and connect your node up with the network. 

Currently, cjdns can be installed on Linux and Mac operating systems.  I initially attempted to install on a Macbook, but ran into some configuration difficulties, and, it turns out, there is currently less functionality in the Mac implementation than in the standard Linux install.  So I decided instead to create a couple Linux virtual machines on the Macbook and a desktop pc and installed cjdns on them.

After installing cjdns on those two hosts, I followed the trouble shooting guide to make sure that each host could ping itself.  Then I updated their config files to create a peer-to-peer connection between those two hosts, and (eventually) got them to successfully ping one another over cjdns.  I had set up my own home cjdns mesh network!

Finally, someone from my Mesh Local offered to peer with my node, and after I updated the config files with the peer info I was connected to Hyperboria.  The whole process took about three days, from my first serious look into cjdns to my first connection to Hyperboria.  Folks hanging out in my mesh local's IRC were a great help along the way.  Unfortunately, since then, I have not had much time to play around with the meshnet technology, but I will certainly be returning to the project in the near future.