My name is Laurent, I work in a local authority and we are setting up a LoRa network via TTN in order to bring up different types of data in the region.
We use a community server where everyone could use our gateways, to do good (personal use) or bad things (illegal action, illegal surveillance …).
I was wondering if there are any “good practices” to adopt on gateways or TTN:
log management on gateways.
monitoring of the flow on TTN.
So I’m turning to the TTN community to get answers to my questions.
Thank you.
Je m’appelle Laurent, je travaille dans une collectivité et nous mettons en place un réseaux LoRa via TTN afin de remonté différents types de données dans la régions.
Pour cela nous mettons donc en place nos propre gateways.
On utilise donc un serveur communautaire ou tous le mondes pourrais utilisé nos gateways, pour faire de bonne (utilisation personnel) ou de mauvaise chose (action illégale, surveillance illégale…).
Je me posait la question de savoir si il y a de “bonne pratique” à adopté sur les gateways ou TTN:
gestion de log sur les gateways.
surveillance du flux sur TTN.
Voila je me tourne donc vers la communauté TTN afin d’avoir des réponse à mes questions.
Merci.
Hi Laurent,
I don’t think it is possible to monitor in detail the traffic of a gateway. It is possible to see the address of the transmitting node and if a downlink is sent with their corresponding timestamps but not much more. I’m not sure that the gateway logs themselves are of any use either.
However I could be wrong
I think that on the subject of positioning and the gateway/antenna model, more members will be happy to answer you
I wanted to know out of curiosity in which city do you want to deploy them?
With kind regards
Bonjour Laurent,
Je ne pense pas qu’il soit possible de monitorer en détail le trafic d’une gateway. Certes on peut voir l’adresse du nœud qui transmet et si un downlink est envoyé avec leurs horodatages respectifs mais pas vraiment plus. Je ne suis pas sûr non plus que les logs de la gateway elle même ne soit d’une grande utilité.
Cependant je peux me tromper.
Je pense que sur le sujet du positionnement et le module de gateway / antenne plus de membres seront ravis de vous réponde
Je voulais savoir par curiosité dans quelle ville voulez-vous les déployer ?
Given the packet sizes, I’d be interested to know what you think could be achieved with LoRaWAN that would be illegal.
As for logs & monitoring, apart from something to check the gateway is alive, there isn’t realistically much you can do - radio waves will transmit, gateway will pickup LoRaWAN ones, simples.
With the money you save on not monitoring & reading logs all the time, you can go plural and have gateways - one gateway is a good start, but coverage may be variable.
“Given the packet sizes, I’d be interested to know what you think could be achieved with LoRaWAN that would be illegal.”
In my intended use I am not doing anything illegal. The objective is to develop IOT.
I said that in the event that someone uses it, what would be my responsibility since I am the owner of the gateways.
“With the money you save on not monitoring & reading logs all the time, you can go plural and have gateways - one gateway is a good start, but coverage may be variable.”
I don’t intend to read the logs all the time. Just archiving them so we can keep track. And we don’t just have one gateway - we’ll cover a whole territory.
“As for logs & monitoring, apart from something to check the gateway is alive, there isn’t realistically much you can do - radio waves will transmit, gateway will pick up LoRaWAN ones, simples.”
In the logs it seems to me that there is an identifier linked to a user (or an object) that would identify the author of the packet. Unless I’m wrong.
You are wrong, there is no way to link packets to a user at gateway level. This can only be done by TTN and only at the moment the packet arrives. Due to privacy concerns (GDPR) TTN will not provide the information unless required by law.
I didn’t say you would, I was asking what you think could be achieved with LoRaWAN that would be illegal? Personally I’m hard pressed to think of anything useful. So it’s hard to comment on an academic situation. But as the idea arose in your mind, maybe you have some ideas.
As most of us here aren’t lawyers, perhaps you should direct this question to someone with appropriate expertise. But I do know that the people that build roads aren’t prosecuted when someone breaks the speed limit on them.
Archiving is generally good practise. There aren’t that many logs to archive that have any real information - gateways are just a media convertor - RF LoRaWAN chirps to IP packets - they don’t know what they have converted.
Which, as @kersing says, the data stream is encrypted which makes the logs even more academic. If someone is very active you can try and track down the location using Radio Direction Finding but you’ll find many threads on here of people taking forever to do that & failing.
I’m wondering if you’ve got a couple of devices & a gateway - because creating a small setup will fill in some of the details and allow you to show things to your colleagues & legal team as questions arise.
You are wrong, there is no way to link packets to a user at gateway level. This can only be done by TTN and only at the moment the packet arrives. Due to privacy concerns (GDPR) TTN will not provide the information unless required by law.
I see on my gateways a DevAddr (devices address) so this can be connect to a device so TTN can find the user.
I need to check if we find it on the log in the gateways.
In the event of an investigation by the police, I may be obliged to provide them with this information.
A DevAddr is not unique, there are simply not enough of them to make them unique. Multiple devices in the world will have the same DevAddr at any given time. TTN would be able to find which DevAddr belongs to which device given the entire uplink data packet but only at the time of transmission because some of the information required will change over time.
If the police want to investigate they will need a ‘tap’ at TTN level, not the limited information you can provide.
Which, as @kersing says, the data stream is encrypted which makes the logs even more academic. If someone is very active you can try and track down the location using Radio Direction Finding but you’ll find many threads on here of people taking forever to do that & failing.
I have reply to @kersing the objective was just to do what it’s possible
e.g. a shopkeeper can install surveillance cameras to provide images, even if they are not always useful.
I’m wondering if you’ve got a couple of devices & a gateway - because creating a small setup will fill in some of the details and allow you to show things to your colleagues & legal team as questions arise.
I have a configuration, which gave me an idea of the log file.
I want the community’s opinion for another solution.
But as the idea arose in your mind, maybe you have some ideas.
I’m not pushing my ideas to the limit but the example that everyone is afraid of is the activation of a remote device.
I didn’t dwell on the feasibility of these actions nor the interest of going through the LoRa network.
As most of us here aren’t lawyers, perhaps you should direct this question to someone with appropriate expertise. But I do know that the people that build roads aren’t prosecuted when someone breaks the speed limit on them.
I have contact several organization in frensh (because I work in fresh) to have some help to.
With your answer I think I should rather look at the responsible agencies in France to get answers to my questions.
I’m thinking of keeping the logs anyway, it seems a good practice.
LoRaWAN bandwidth can’t even send still images. You need to spend more time with your configuration and perhaps look at the normal use cases for LoRaWAN and perhaps concentrate on how they can be used. And what can’t be done, before telling people about the facility and finding they come up with a range of ideas that won’t be possible.
Another solution implies you have a problem, which I don’t think you do. I think you are overthinking things here. You can archive the gateway logs. Or not. Best practise is to have a known good device about 50m away from the gateway and setup monitoring scripts (that are nothing to do with the gateway logs) that check the gateway is alive and that the TTN delivery of uplinks is working so you get early notification if something has happened. But that’s not gateway logs.
Depending on the gateway, you may not even be able to archive the logs as getting them off may be problematic or the interface to it may not be conducive to doing so.
Really? That’s very far fetched - what’s wrong with a mobile phone like in the movies? Does the network provider get prosecuted because their network relayed an SMS or call?? What about a trip wire? If you live in a high risk area, there are other people to talk to about these sorts of matters. Having people dream up bad uses for neutral technology is part of human nature, as is a tendency to paranoia but trying to write such potentials in to risk plan can only lead to un-necessary worry. Even publishing a statement that suggests you have reviewed it as a risk is would lead people to worry.