Bridgefy: The Hong Kong protest messenger app
The Hong Kong protests have captured the world’s attention for several months now. While we’ll leave the political commentary to others, one noteworthy feature of these events is the way in which technology has played a pivotal role in helping the protesters to organize and to thwart the efforts of a much more powerful adversary.
There are numerous examples of this, but one in particular may be of interest to people who follow cybersecurity (and who are interested in digital privacy generally): Bridgefy.
What is Bridgefy, and why should I care?
Bridgefy is a mobile messaging app that doesn’t require broadband cellular or WiFi network connections in order to function. Understanding how and why this is possible is not just technically interesting, it can also provide deeper insight into how our mobile devices work—and what this means for our own security and privacy.
How is Bridgefy being used?
Bridgefy is a mobile messaging app, and so obviously it is being used as a communications tool. It has gained popularity among the Hong Kong protesters because it can be used by anyone with a phone, and because unlike SMS or traditional messaging apps, it is difficult for authorities to monitor.
How does it work without a network connection?
Bridgefy sends messages using the Bluetooth capabilities of mobile phones. Bluetooth is a wireless technology that can be used to link digital devices over short distances. It was developed in the late 80s by Ericsson Mobile in Sweden, initially with the aim of building wireless headsets for desktop computers. The colorful name pays homage to the technology’s Scandanavian origins (Harald “Bluetooth” was a medieval Norse king), but functionally speaking, Bluetooth isn’t all that mysterious: It uses radio waves.
Since mobile phones routinely need to connect to fixed computers and other digital devices, they all come equipped with Bluetooth. It’s what allows your phone to discover other nearby devices; it’s what links your AirPods to your iPhone or lets you send photos via AirDrop.
Bridgefy simply took advantage of the fact that every mobile device in the world comes equipped with a short-range radio, and built a messaging app using that basic functionality.
But if Bluetooth is only good for short-range connections, how practical can it be as a messaging app? The answer has to do with network topology, and is where things get really interesting.
Enter the “mesh network”
By itself, Bluetooth only has a range of a few hundred feet. Thus, for purposes of messaging, it can connect users who are in very close physical proximity, but not anything beyond that.
Bridgefy works around this limitation by creating what’s known as a “mesh network”. To understand what this means, you first need to know a little bit about network topologies.
Basically, every network in existence has a virtual layout, or “shape”: its topology. This shape isn’t about the physical location of the different points (or “nodes”) on the network. Rather, it has to do with how those nodes are linked, and how data is routed between them.
A “star network”, for example, could be diagrammed as—you guessed it—a star. These asterisk-shaped networks have a central routing and control hub, with all the other points on the network connected directly to it (but not to one another).
A mesh network, by contrast, is a network topology in which all the nodes on the network connect to as many other nearby nodes as possible, without any one centralized routing and control point. If you were to draw a diagram of a mesh network, it would look like—wait for it—a mesh.
In a mesh network, the connections between nodes are not fixed, but rather change based on the presence or absence of other network nodes. This is why mesh networks are described as “dynamic”: because their shape is constantly changing and evolving based on environmental factors.
Moreover, because there is no centralized control point, mesh networks are described as self-organizing and self-configuring. No one needs to plan out and set up a specific network architecture ahead of time, because mesh network nodes automatically connect to any other nearby nodes.
This decentralization and self-organizing behavior has several advantages. For one thing, it means that the failure of one or two network nodes does not necessarily cripple the overall network, which is one of the great strengths of mesh topologies. It also means that the workload of routing and sending data between two nodes can be distributed across the network as a whole, as there is no need for a central command and control node. This last fact is crucial for overcoming the range limitations of Bluetooth.
Encrypted hopping
So how does a mesh network permit Bluetooth communication between two devices that are too far away for a direct connection? The answer has to do with the fact that mesh networks are distributed and decentralized.
Mesh networks allow data from one node to “hop” to the next closest node on the network, and from there, hop to another nearby node, and another, and so on, until it reaches its destination. Because mesh networks are, by their nature, somewhat anarchic, the data just follows the path of least resistance, hopping to the closest available point on the network again and again until it gets where it’s going. As long as there is some intermediate node within 100 meters to act as a relay point, messages sent over a mesh network can keep hopping indefinitely until they get to their intended recipient.
Bridgefy encrypts message data, so the intermediate network nodes are not able to read the sender’s data—only the message recipient can do that. In this way, Bridgefy allows for the creation of a distributed, secure communications network—limited only by the number of app users available to serve as relays.
Is it secure?
It’s an open question as to how easy it would be for governments or hackers to snoop on Bluetooth based communications. To intercept a Bluetooth data packet directly, one would have to be in close physical proximity to the sender or relay, which probably makes services like Bridgefy safer for the Hong Kong protesters than something like SMS (or even an app like WeChat, which is owned by a company with deep ties to the Chinese government).
Whether or not the encryption standard used by Bridgefy is strong enough to thwart government intelligence or police cybercrime units is also debatable. However, some forms of encryption are tremendously powerful (even the CIA decided that hacking phones directly was more feasible than attempting to break the encryption standards of private messaging apps).
Lastly, even if a government agency was unable to read the actual contents of a message sent over Bluetooth, they might be able to monitor network traffic well enough to collect sensitive metadata—for example, device-identifying information that would allow them to see who is sending messages to whom.
What can we learn from Bridgefy?
In terms of the security and privacy takeaways for everyday mobile users, the big thing to remember is that Bluetooth means that your devices can be connected to other nearby devices—even when you aren’t online. In other words, you don’t have to be using WiFi or mobile data to be “findable”.
This isn’t necessarily a bad thing. Apple’s enhanced Find My functionality, for example, makes use of this fact to allow offline iPhones which have been lost or stolen to be located by other nearby Apple devices. If a missing offline device is detected via Bluetooth, the online Apple devices can report its location back to Apple using their own network connection and GPS data (all of this is strongly encrypted, of course, to protect everyone’s privacy).
However, there are some issues as well. For one thing, Bluetooth can lead to trouble when potentially identifiable information is being broadcast to other devices, as iPhone users discovered this year with news of an AirDrop vulnerability which made their phone numbers discoverable by anyone with the right tools. From a privacy standpoint, Bluetooth is problematic because it can allow companies like Facebook to gather user location data indirectly, even if app users have opted out of traditional location sharing.
Fortunately for iPhone users, Apple is well aware of the sneaky ways in which app developers try to abuse Bluetooth to circumvent privacy settings. In iOS 13 Apple has started alerting folks when apps (yes, Facebook, that means you) are attempting to access Bluetooth data.
Next steps?
Hopefully you’ve just learned a bit more about a disruptive new technology, network topology, and the role of Bluetooth on your mobile devices.
But what practical steps can you take on the basis of this knowledge? Here are a few suggestions:
- 1
Be Bluetooth aware
By now you know that Bluetooth makes your phone discoverable by other devices—and that this is, as they say, a feature and not a bug! Based on what you know about how Bluetooth works, you should be able to make more informed decisions about when to enable it (and when to turn it off). For example, if you read a story about a Bluetooth vulnerability affecting iPhones, you may want to temporarily disable Bluetooth on your device until Apple releases a fix. If you’ve previously turned Bluetooth off, you may want to turn it back so you can locate your device offline if it goes missing.
- 2
Be cautious with app permissions
Apple has doubled down on its commitment to privacy in iOS 13, and will be informing you when apps are trying to access location information in the background. This will, as mentioned, also include apps trying to access Bluetooth data. Be aware that these requests may not be innocent: They could be a way of a developer or company attempting to ascertain your location by indirect means. If you receive an iOS alert, ask yourself a few questions before granting an app permission to see your Bluetooth data. Do you trust the developer? Does the company have a good track record when it comes to respecting user privacy? Does the app in question have a legitimate reason to be asking for this data? You don’t have to be paranoid, but give the matter a little consideration before you make your decision.
- 3
Try it out
Mesh network messaging apps have obvious benefits for activists and protesters. But are there any use cases for Bridgefy or similar apps in everyday life? Absolutely! Consider using mesh network messaging apps as backups in situations where you may need to message nearby friends, but may not have access to reliable data or WiFi. They can be useful, for example, on trips to remote areas (bearing in mind the range limitations). Mesh network apps can also come in handy at sporting events or concerts, when cellular and WiFi networks may be extremely slow due to large numbers of people all trying to send messages at the same time.
Clearly, most people would use something like Bridgefy as a backup only, since there still isn’t widespread enough adoption of the app to create a truly large and effective mesh network. But it can be fun—and maybe even helpful—to try this technology out with your friends and family.