Introduction
At BSidesSF 2025, Mayuresh Dani and I presented on APRS and Meshtastic: where these decentralized communication systems fail from a security standpoint.
Talk: "Decentralized Communications: Deep-Dive into APRS and Meshtastic" (schedule, Security Boulevard coverage)
Why these two protocols
APRS (Automatic Packet Reporting System) is a 1990s amateur radio protocol still in active use globally. Meshtastic is a LoRa-based mesh networking system used for off-grid and emergency communications. Both have security properties that are not obvious from the outside.
APRS: the open network
APRS is completely open. Every packet is unencrypted, unauthenticated and forwarded by anyone in the digipeater network. The attack surface: - Spoofed position reports - Message injection - Traffic analysis (you can track callsign movements globally via APRS-IS) - Denial of service via channel saturation
For the demo, we ran a live APRS packet capture and decoded raw AX.25 packets using a software TNC, showing the full frame structure: address field, control byte, PID, information field. The raw bytes have no integrity mechanism at all.
Then injection. We forged a beacon with a real-looking callsign and transmitted it. Within seconds it propagated through the digipeater network and appeared at a different location on aprs.fi. No authentication, no signature, nothing to verify the position. Anyone with a TNC and a radio can make any callsign appear anywhere in the world. You do not even need a valid callsign. APRS has no mechanism to verify that a transmitting station holds the callsign it claims.
We also demonstrated APRS message injection to an iGate. The message was accepted and forwarded with no authentication step at any point in the chain.
Meshtastic: encryption with caveats
Meshtastic adds AES encryption and a more structured node model. The encryption is only as useful as the key management behind it.
The default channel on Meshtastic is called "LongFast." Its encryption key is AQ==, a single byte, public, documented in the Meshtastic source code. This is the channel most nodes ship on. Any node using default configuration can decrypt any other node's messages on that channel. Encryption is present in the technical sense, but the effective security is zero because the key is public.
No out-of-band verification exists for private channels. If you and I agree to use a custom channel key, there is no cryptographic mechanism to confirm that the node claiming to be mine is actually mine. Node IDs are derived from MAC addresses, spoofable by reflashing firmware.
Any node can relay traffic. An attacker with a single node placed in range of the mesh can read all default-channel traffic, relay it and extend the effective network while silently capturing everything.
What we found in testing
APRS position spoofing is trivially easy. The global network propagates forged beacons without question. The live demonstration made clear how low the bar is. The only thing stopping widespread abuse is that most people do not think to do it.
APRS-IS is worth examining separately. APRS presents itself as a distributed RF network, but the internet gateway infrastructure (APRS-IS) provides centralized traffic aggregation. Every packet that hits an iGate ends up in a globally queryable database. The RF layer is distributed. The visibility layer is not.
The Meshtastic default channel is security theater. Users deploying Meshtastic for privacy-sensitive communications (protests, field operations, off-grid coordination) see that encryption is enabled and assume they are communicating securely. The key is public. A false sense of security is worse than knowing you are on a plaintext channel because it changes behavior.
A single passive node can read all traffic on the default channel within radio range. No special position needed. No node compromise needed. Just be physically nearby with a node running default configuration.
Conclusion
Slides are on GitHub: presentations