From 713ed6fce49f8be2ee6899ec5aed601c3aa3cfef Mon Sep 17 00:00:00 2001 From: n30nex Date: Tue, 16 Jun 2026 16:55:53 -0400 Subject: [PATCH 1/7] Add MQTT data access docs --- docs/analyzer/data-collection-access.md | 46 +++++++++++++++++++++++++ docs/analyzer/intro.md | 8 +++++ docs/index.md | 2 +- docs/resources/links.md | 2 ++ mkdocs.yml | 2 ++ 5 files changed, 59 insertions(+), 1 deletion(-) create mode 100644 docs/analyzer/data-collection-access.md diff --git a/docs/analyzer/data-collection-access.md b/docs/analyzer/data-collection-access.md new file mode 100644 index 0000000..48c0355 --- /dev/null +++ b/docs/analyzer/data-collection-access.md @@ -0,0 +1,46 @@ +# MQTT Data Collection & Access + +This page explains where MeshCore Canada MQTT data goes, who can access the broker feeds, and who administers the infrastructure. + +!!! warning "Treat Public channel traffic as public" + MeshCore Canada observers operate on the default MeshCore Canada network settings and Public channel. The default MeshCore encryption system and Public channel are for shared public mesh traffic, not private distribution to a closed group. Traffic sent on the Public channel should be treated as public. Do not transmit names, locations, notes, or other personal information over radio or MQTT unless you are comfortable with that information being stored and shown publicly. + +## What We Collect + +MeshCore Canada collects packet data from nodes that are on the MeshCore Canada network and are seen by an observer. + +Observers listen for all traffic they can hear on the default MeshCore Canada frequencies and settings. If a packet is heard by an observer and the observer path is configured to publish packet data, it can be sent to the MeshCore Canada MQTT brokers. + +## User Control + +Users can opt in or opt out of telemetry and location data uploading in their MeshCore clients where those settings are available. + +It is each user's responsibility to choose how much personal information to share from their radios over MQTT. If telemetry, location, or identifying profile information is enabled on a client, that data may be published, stored, and displayed by public viewer sites. + +## Where Data Goes + +| Step | What happens | +|------|--------------| +| Radio traffic | Nodes transmit on the MeshCore Canada default frequencies and Public channel. | +| Observer capture | MeshCore Canada observers listen to all traffic they can hear on those defaults. | +| MQTT publish | Observer paths publish packet data to MeshCore Canada MQTT infrastructure. | +| Storage and display | Data is stored on MeshCore Canada infrastructure and may be displayed by Beacon and other public websites operated by MeshCore Canada operators. | + +## MQTT Subscription Access + +Direct MQTT subscription access is not handed out to everyone. It is limited to local mesh administrators and people approved by MeshCore Canada administration. + +Even when direct broker subscription access is limited, the data can still be viewable by everyone through Beacon and other public websites that consume the MQTT feed using the MQTT subscription role. + +## Infrastructure Administrators + +The MeshCore Canada infrastructure administrators control the MQTT brokers and related infrastructure. + +| Administrator | Profile | +|---------------|---------| +| Mr. Alderson | [github.com/MrAlders0n](https://github.com/MrAlders0n) | +| Ded | [github.com/446564](https://github.com/446564) | +| n30nex | [github.com/n30nex](https://github.com/n30nex) | +| Kranic | [forum.meshcore.ca/u/djkranic](https://forum.meshcore.ca/u/djkranic) | + +Questions about privacy, MQTT access, or the MeshCore Canada project should be directed to these administrators. diff --git a/docs/analyzer/intro.md b/docs/analyzer/intro.md index 03c8478..23e8044 100644 --- a/docs/analyzer/intro.md +++ b/docs/analyzer/intro.md @@ -91,6 +91,14 @@ MeshCore observers capture mesh traffic and publish packet telemetry to MQTT bro [:octicons-arrow-right-24: Broker Details](broker-reference.md) +- :material-eye:{ .lg .middle } **Data Collection & Access** + + --- + + Learn what observer data is collected, where it is stored, and who administers MQTT access. + + [:octicons-arrow-right-24: Data Collection & Access](data-collection-access.md) + - :material-airplane:{ .lg .middle } **IATA Codes** --- diff --git a/docs/index.md b/docs/index.md index 7e1fa34..1d9b539 100644 --- a/docs/index.md +++ b/docs/index.md @@ -77,7 +77,7 @@ Whether you're brand new to mesh networking or looking to deploy repeaters acros We are a group of Canadian meshes across the country from British Columbia, Alberta, Ontario, and Quebec (hopefully more soon) that are working together to bring services and standards across Canada for all MeshCore users. We host MQTT servers and a packet analyzer at this site for all Canadians to use. -The servers and services are currently managed by **MrAlders0n**, **Ded**, and **n30nex**. +The servers and services are currently managed by [**Mr. Alderson**](https://github.com/MrAlders0n), [**Ded**](https://github.com/446564), [**n30nex**](https://github.com/n30nex), and [**Kranic**](https://forum.meshcore.ca/u/djkranic). The documentation on this site is open to all to contribute to and is backed by markdown files in GitHub at [MeshCore-ca/MeshCore-Canada](https://github.com/MeshCore-ca/MeshCore-Canada). diff --git a/docs/resources/links.md b/docs/resources/links.md index 96661ea..669a799 100644 --- a/docs/resources/links.md +++ b/docs/resources/links.md @@ -7,6 +7,7 @@ This page collects common MeshCore, MeshCore Canada, and supporting radio resour | Resource | Link | |----------|------| | MeshCore Canada site | | +| MeshCore Canada forum | | | Live CoreScope tools | | | MeshCore Canada GitHub | | | Add or update a community | [Contributing](../contributing.md) | @@ -29,6 +30,7 @@ This page collects common MeshCore, MeshCore Canada, and supporting radio resour | Resource | Link | |----------|------| | Observer setup overview | [Analyzer & MQTT](../analyzer/intro.md) | +| MQTT data collection and access | [Data Collection & Access](../analyzer/data-collection-access.md) | | Direct MQTT firmware | [MQTT Firmware](../analyzer/builds/mqtt-firmware.md) | | MCtoMQTT host bridge | [MCtoMQTT](../analyzer/builds/mctomqtt.md) | | Home Assistant integration setup | [MeshCore-HA](../analyzer/builds/meshcore-ha.md) | diff --git a/mkdocs.yml b/mkdocs.yml index 13bac31..b72f198 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -37,6 +37,7 @@ nav: - Welcome: index.md - Analyzer & MQTT: - Overview: analyzer/intro.md + - Data Collection & Access: analyzer/data-collection-access.md - Check Your Observer: analyzer/verify.md - Troubleshooting: analyzer/troubleshooting.md - Broker Reference: analyzer/broker-reference.md @@ -91,4 +92,5 @@ nav: - Getting Started: resources/getting-started.md - Useful Links: resources/links.md - Glossary: resources/glossary.md + - Forum: https://forum.meshcore.ca/ - Contributing: contributing.md From 4c0a7fa2c427e5915879fbf73bdebcda856abd23 Mon Sep 17 00:00:00 2001 From: n30nex Date: Tue, 16 Jun 2026 17:00:08 -0400 Subject: [PATCH 2/7] Update MQTT data collection access documentation Removed introductory explanation about MQTT data access. --- docs/analyzer/data-collection-access.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/analyzer/data-collection-access.md b/docs/analyzer/data-collection-access.md index 48c0355..ff9cd50 100644 --- a/docs/analyzer/data-collection-access.md +++ b/docs/analyzer/data-collection-access.md @@ -1,7 +1,5 @@ # MQTT Data Collection & Access -This page explains where MeshCore Canada MQTT data goes, who can access the broker feeds, and who administers the infrastructure. - !!! warning "Treat Public channel traffic as public" MeshCore Canada observers operate on the default MeshCore Canada network settings and Public channel. The default MeshCore encryption system and Public channel are for shared public mesh traffic, not private distribution to a closed group. Traffic sent on the Public channel should be treated as public. Do not transmit names, locations, notes, or other personal information over radio or MQTT unless you are comfortable with that information being stored and shown publicly. From 26b2c66fb8b9eea8f2fcaaf0cb7bc50b486896fa Mon Sep 17 00:00:00 2001 From: n30nex Date: Wed, 17 Jun 2026 16:20:51 -0400 Subject: [PATCH 3/7] Clarify MQTT collection privacy wording --- docs/analyzer/data-collection-access.md | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/docs/analyzer/data-collection-access.md b/docs/analyzer/data-collection-access.md index ff9cd50..292b5d6 100644 --- a/docs/analyzer/data-collection-access.md +++ b/docs/analyzer/data-collection-access.md @@ -1,17 +1,19 @@ # MQTT Data Collection & Access -!!! warning "Treat Public channel traffic as public" - MeshCore Canada observers operate on the default MeshCore Canada network settings and Public channel. The default MeshCore encryption system and Public channel are for shared public mesh traffic, not private distribution to a closed group. Traffic sent on the Public channel should be treated as public. Do not transmit names, locations, notes, or other personal information over radio or MQTT unless you are comfortable with that information being stored and shown publicly. +This page explains where MeshCore Canada MQTT data goes, who can access the broker feeds, and who administers the infrastructure. + +!!! warning "Treat MeshCore RF traffic as potentially public" + MeshCore traffic is intended for shared mesh use, and different networks may use different presets or frequencies (including non-default settings). Any node transmitting MeshCore packets over matching settings can be heard by observers on that mesh, not just one published default profile. Traffic forwarded over MQTT through this path should be treated as potentially public. Do not transmit names, locations, notes, or other personal information unless you are comfortable with that information being stored and viewable publicly. ## What We Collect -MeshCore Canada collects packet data from nodes that are on the MeshCore Canada network and are seen by an observer. +MeshCore Canada MQTT receives packet data from observer nodes that capture MeshCore packets and forward telemetry from matched channels. -Observers listen for all traffic they can hear on the default MeshCore Canada frequencies and settings. If a packet is heard by an observer and the observer path is configured to publish packet data, it can be sent to the MeshCore Canada MQTT brokers. +Observers listen for all MeshCore traffic they can hear on the channels and presets they are configured for. If a packet is heard by an observer and that observer has packet publishing enabled, that traffic can be sent to the MeshCore Canada MQTT brokers. ## User Control -Users can opt in or opt out of telemetry and location data uploading in their MeshCore clients where those settings are available. +For companion/client paths that expose controls, users can opt in or opt out of telemetry and location data uploading as part of their observer setup. It is each user's responsibility to choose how much personal information to share from their radios over MQTT. If telemetry, location, or identifying profile information is enabled on a client, that data may be published, stored, and displayed by public viewer sites. @@ -19,8 +21,8 @@ It is each user's responsibility to choose how much personal information to shar | Step | What happens | |------|--------------| -| Radio traffic | Nodes transmit on the MeshCore Canada default frequencies and Public channel. | -| Observer capture | MeshCore Canada observers listen to all traffic they can hear on those defaults. | +| Radio traffic | Nodes transmit MeshCore packets on the frequencies and settings configured for their local mesh and presets. | +| Observer capture | MeshCore Canada observers and other authorized observers listen to all traffic they can hear on their configured channels. | | MQTT publish | Observer paths publish packet data to MeshCore Canada MQTT infrastructure. | | Storage and display | Data is stored on MeshCore Canada infrastructure and may be displayed by Beacon and other public websites operated by MeshCore Canada operators. | From c528b22db045357bfc667bd431518d3a17dec66d Mon Sep 17 00:00:00 2001 From: n30nex Date: Wed, 17 Jun 2026 16:24:04 -0400 Subject: [PATCH 4/7] Add forum link to MQTT access documentation --- docs/analyzer/data-collection-access.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/analyzer/data-collection-access.md b/docs/analyzer/data-collection-access.md index 292b5d6..e7dc56b 100644 --- a/docs/analyzer/data-collection-access.md +++ b/docs/analyzer/data-collection-access.md @@ -44,3 +44,5 @@ The MeshCore Canada infrastructure administrators control the MQTT brokers and r | Kranic | [forum.meshcore.ca/u/djkranic](https://forum.meshcore.ca/u/djkranic) | Questions about privacy, MQTT access, or the MeshCore Canada project should be directed to these administrators. + +General discussion and support is also available on the forum at [https://forum.meshcore.ca/](https://forum.meshcore.ca/). From 7fe7e9347ddda97daa79e6598ed3d987cb925822 Mon Sep 17 00:00:00 2001 From: n30nex Date: Wed, 17 Jun 2026 16:26:58 -0400 Subject: [PATCH 5/7] Revise warnings on MeshCore RF traffic privacy Updated warning about MeshCore RF traffic to clarify its public nature and the risks associated with transmitting personal information. --- docs/analyzer/data-collection-access.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/analyzer/data-collection-access.md b/docs/analyzer/data-collection-access.md index e7dc56b..1aea066 100644 --- a/docs/analyzer/data-collection-access.md +++ b/docs/analyzer/data-collection-access.md @@ -1,9 +1,7 @@ # MQTT Data Collection & Access -This page explains where MeshCore Canada MQTT data goes, who can access the broker feeds, and who administers the infrastructure. - -!!! warning "Treat MeshCore RF traffic as potentially public" - MeshCore traffic is intended for shared mesh use, and different networks may use different presets or frequencies (including non-default settings). Any node transmitting MeshCore packets over matching settings can be heard by observers on that mesh, not just one published default profile. Traffic forwarded over MQTT through this path should be treated as potentially public. Do not transmit names, locations, notes, or other personal information unless you are comfortable with that information being stored and viewable publicly. +!!! warning "Treat MeshCore RF traffic as public data" + MeshCore traffic is intended for shared mesh use, and different networks may use different presets or frequencies (including non-default settings). Any node transmitting MeshCore packets over matching settings can be heard by observers on that mesh, not just one published default profile. Traffic forwarded over MQTT through this path should be treated as potentially public. Do not transmit names, locations, notes, or other personal information unless you are comfortable with that information being stored and viewable publicly. Assume that even with encryption on a private channel / setting can potentially be collected and decrypted by anyone with the means and know-how to do so. ## What We Collect From 6888b9003b128dc159700cb4d4f4855cd990b220 Mon Sep 17 00:00:00 2001 From: n30nex Date: Wed, 17 Jun 2026 16:33:04 -0400 Subject: [PATCH 6/7] Revise MeshCore RF traffic warning and user responsibility Updated warning about MeshCore RF traffic security and added reminder for users to check their settings regarding personal information sharing. --- docs/analyzer/data-collection-access.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/analyzer/data-collection-access.md b/docs/analyzer/data-collection-access.md index 1aea066..245da60 100644 --- a/docs/analyzer/data-collection-access.md +++ b/docs/analyzer/data-collection-access.md @@ -1,7 +1,7 @@ # MQTT Data Collection & Access -!!! warning "Treat MeshCore RF traffic as public data" - MeshCore traffic is intended for shared mesh use, and different networks may use different presets or frequencies (including non-default settings). Any node transmitting MeshCore packets over matching settings can be heard by observers on that mesh, not just one published default profile. Traffic forwarded over MQTT through this path should be treated as potentially public. Do not transmit names, locations, notes, or other personal information unless you are comfortable with that information being stored and viewable publicly. Assume that even with encryption on a private channel / setting can potentially be collected and decrypted by anyone with the means and know-how to do so. +!!! warning "Treat MeshCore RF traffic as public data" !!! + MeshCore traffic is intended for shared mesh use, and different networks may use different presets or frequencies (including non-default settings). All channels that use a shared public key (and private keys) should be considered inherantly insecure. Any node transmitting MeshCore packets over matching settings can be heard by observers on that mesh, not just one published default profile. Traffic forwarded over MQTT through this path should be treated as potentially public. Do not transmit names, locations, notes, or other personal information unless you are comfortable with that information being stored and viewable publicly. Assume that even with encryption on a private channel / setting can potentially be collected and decrypted by anyone with the means and know-how to do so. ## What We Collect @@ -13,7 +13,7 @@ Observers listen for all MeshCore traffic they can hear on the channels and pres For companion/client paths that expose controls, users can opt in or opt out of telemetry and location data uploading as part of their observer setup. -It is each user's responsibility to choose how much personal information to share from their radios over MQTT. If telemetry, location, or identifying profile information is enabled on a client, that data may be published, stored, and displayed by public viewer sites. +It is each user's responsibility to choose how much personal information to share from their radios over MQTT. If telemetry, location, or identifying profile information is enabled on a client, that data may be published, stored, and displayed by public viewer sites. Double check your settings. ## Where Data Goes From ead54b09c48cf1e46e3870689262b6e49e7cc049 Mon Sep 17 00:00:00 2001 From: n30nex Date: Wed, 17 Jun 2026 16:34:10 -0400 Subject: [PATCH 7/7] Fix typo in data collection access documentation --- docs/analyzer/data-collection-access.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/analyzer/data-collection-access.md b/docs/analyzer/data-collection-access.md index 245da60..f3c25f9 100644 --- a/docs/analyzer/data-collection-access.md +++ b/docs/analyzer/data-collection-access.md @@ -1,7 +1,7 @@ # MQTT Data Collection & Access !!! warning "Treat MeshCore RF traffic as public data" !!! - MeshCore traffic is intended for shared mesh use, and different networks may use different presets or frequencies (including non-default settings). All channels that use a shared public key (and private keys) should be considered inherantly insecure. Any node transmitting MeshCore packets over matching settings can be heard by observers on that mesh, not just one published default profile. Traffic forwarded over MQTT through this path should be treated as potentially public. Do not transmit names, locations, notes, or other personal information unless you are comfortable with that information being stored and viewable publicly. Assume that even with encryption on a private channel / setting can potentially be collected and decrypted by anyone with the means and know-how to do so. + MeshCore traffic is intended for shared mesh use, and different networks may use different presets or frequencies (including non-default settings). All channels that use a shared public key (and private keys) should be considered inherently insecure. Any node transmitting MeshCore packets over matching settings can be heard by observers on that mesh, not just one published default profile. Traffic forwarded over MQTT through this path should be treated as potentially public. Do not transmit names, locations, notes, or other personal information unless you are comfortable with that information being stored and viewable publicly. Assume that even with encryption on a private channel / setting can potentially be collected and decrypted by anyone with the means and know-how to do so. ## What We Collect