A few in my area are attempting to establish a MESH.  Some have experimented for a while, others like me have just gotten some equipment and are looking to start. 

I understand that there are significant changes to the new firmware.  Do the others who have nodes ready to deploy have to upgrade their firmware to be compatible?  Is the new SSID Broadband-Hamnet or does the older HSMM-MESH still work?  The new firmware allows, by default, access to services and files on computers and servers on the net.  Will changing the setting to the older setting affect others on the net or the node's compatibility with the net?  I am very risk averse when dealing with network security and want to connect my laptop without having extra concerns.

Thanks to any and all who can provide help.

BBHN 1.0 does not talk to HSMM-MESH and vice versa. 

Go ahead and upgrade everyone to BBHN.  The new version is pretty well debugged at this time.

If I understand your concern about making services and files, just change the "LAN" setting on the basic setup page to "NAT" mode. 

You really shouldn't have your individual computer "wide open" to whatever LAN you're hooked to these days anyway, even if you're on a "trusted" network.  There are just too many poorly designed internet devices, Internet TV's, insecure home routers, friends with bot infected laptops, insecure smart phones, tablets, thermostats, etc.  Plus too many professional criminals wanting to take control of your PC for nefarious purposes.  You need a good firewall running on your PC, plus configuration to not share files willy-nilly. Plus, if you ever use a wifi hotspot, or a friend's wifi, something there may be infected.

However, even if your PC is "secure," if you're not going to offer any services or files to the mesh, setting your mesh node to NAT mode may not be a bad idea.  Just be SURE you remember your node is "crippled" and you know how to re-enable direct mode before you loan it out, or decide to do something on it, like use VOIP. 

(I'm not sure VOIP needs an "open" connection, but lots of apps do need to be routable.)

A bit more technical information:

Prior to and including version 0.4.3 we ran under hsmm-mesh for the SSID.

In version 1.0.0 we made a change at a low level (not usually visible to users) that was needed to enable device support across multiple vendors.  At that time we changed the SSID to BroadbandHamnet-V1 to show the networks are incompatible.

Going forward:

Anytime we make a change that will result in incompatibility the -V1 portion will change, next version is expected to be -V2 and so on and so forth.  This allows users an easy way to determine if their device can speak to the network they can see.

Anyone running under non-default SSID's is encouraged to use this format as well. An example would be if those of us in San Diego (we have a group called the San Diego Working Group or  SDWG)  created our mesh as SDWG  we should use SDWG-V1, when the next change that comes out occurs (which will happen from time to time)  it should be SDWG-V2 and so on.

A forward looking note:

An SSID jump -V2 is expected to come out in the near future. With the addition of Ubiquiti hardware having models with limited beamwidth patch antenna setups ticket BBHN->ticket:28  comes into play in creating a device to device linking, and BBHN->ticket:29 come in to play for new radios in 5ghz range which to allow RF changes. In addition re-adding the olsrd 'secure' (message authentication) module also requires a jump in SSID version number which is planned for the same time.

In regards to protecting the computer:

Some method certainly needs to be in place and don't think that the protection can be stressed enough (firewall,  running in NAT mode, etc),  While this is a Ham network, it is still a computer network, and all it takes is one infected laptop on the mesh to infect any unprotected system with a virus or other issues. One should really treat, in my opinion, the mesh as unsafe as the internet.  When you are in "Direct" mode you don't have the normal protection you have at home of having the router 'protect' your computer from direct attack .

right