Domain: bluesocket.com
Stories and comments across the archive that link to bluesocket.com.
Comments · 10
-
Right tools for the job.
It looks like you want to create a business with a business model that relies on you controlling access to your source code. If you really want to do that, you shouldn't build your software on top of a Free Software infrastructure. A lot of effort has been put into Free Software licenses to ensure that the software remains free, and trying to work around that is just going to cause you headaches. Use closed-source software instead. That world understands your needs and desires much better and, as a side benefit, won't make any annoying moral judgements against you. Sure, it costs money, but so will your product.
If instead you really want to build a build a business on top of Free Software, you should look at using a business model that is compatible with Free Software. That means no secret source code, but there are lots of other options for making money. Contrary to popular belief, there are quite a few companies out there legitimately making money from Free Software. Look at what they do.
A non-exhaustive list would include making your money off of support, hired development of new features, branding and packaging, access to non-infectious licensed libraries, early access to fixes, or sales of your hardware. The last option sounds promising for you, but this is something you should look into. -
Good luck
Simple:
1. Isolate Student machines by moving to their own VLAN
2. Have Student VLAN pass through firewall that limits access to specific traffic and limits total bandwidth for that network
3. Clean up machines on faculty and staff network
4. Sit back and totally do not care how screwed student machines get
Less Simple:
1. Isolate student machines by moving to their own VLAN
5. Have Student VLAN pass through something like these devices http://www.bluesocket.com/solutions/family.html (or build your own http://www.packetfence.org/). Make yourself popular by setting scans to require machines be clean and have up-to-date Virus and Firewall protection before assigning IP address to client (block access to manually assigned IP addresses).
6. Clean up machines on faculty and staff network
7. Lock your doors -
just to clarify...
I went to UTD several years ago (before they rolled out wireless,) but I still have several friends that live there, so I'm pretty familiar with their setup.
First of all, the housing on campus isn't run by the university at all. It's a "privately managed community
... and conveniently located on the UTD campus." http://www.utdallas.edu/student/slife/housing/Previous to the university's wireless rollout, residents were unable to connect to the university's network directly and had to rely solely on standard residential broadband (cable/DSL.) After enough pressure, the university caved in and started setting up their own wireless system using standard, unlicensed 802.11b. Each building has a panel antenna mounted on the roof for a backhaul to the campus (about 1/2 a mile away in parts.) That runs down to smaller panel antennas mounted in the center hallway of each floor. They use bluesocket centrally for access control.
Now theoretically you should be able to walk around the apartments and stay connected to their access points. It obviously never works like that, and even sitting in the same place you're subject to very frequent disconnects.
I'm still rather mixed as to how I feel about this overall. I can understand the interference issue with the university-sponsored network, but it was their choice to use unlicensed spectrum. Under FCC Part 15 there is no legal action they can take. I think its ridiculous they didn't even plan on a flood of unlicensed devices migrating in.
Puts on black hat. On the plus side, it was quite amusing to sit in any apartment and see 10-15 access points at once, only a small fraction being encrypted.
-
They don't know what they are saying!
The city's chief information officer, Dianah Neff, is quoted in the article:
"If you're out on your front porch with a laptop, you could dial in, register at no charge, and be able to access a high speed connection,"
[Emphasis added]
I have never seen a wirless dial up modem before, have you? I also hope they don't plan on using Blue Socket, out of personal experiences of a much smaller installation attempt.
On a side note, I don't think I want to sit on the front porch for too long in Philadelphia. That might be a big health risk! Shouldn't they fix those issues first, before they worry about being at the forfront of wirless access?
-
Re:It just takes a little bogus info over DHCP...Actually, the far better way (far more secure, that is) is to give everyone IPs in the same range and have a default rule on the outgoing firewall (REDIRECT would be the iptables target) to redirect the destination on outgoing TCP/80 packets to the local authentication http server and allow no outgoing connections. Only after authentication is a special passthrough allowed for that IP/MAC combo.
Even this method is open to session hijacking, depending largely on the behavior of the victim who's session is hijacked, but it's better than what you suggest (which only requires ignoring the DHCP server to bypass).
Incidentally, I've been wrapping up a slightly more complex system of this for my employer. I can't remember where I got the idea to redirect outgoing port 80, but it seems pretty obvious to me. I know a couple of companies, such as Reefedge and Bluesocket that do pretty much the same thing.
Prior art, anyone?
-
Re:It just takes a little bogus info over DHCP...
Most schools have a similar setup for incoming students on wired networks... and this company is claiming their patent is not specific to wireless.
Funny you should mention that. I'm an employee of a state system of higher education (I leave figuring out which one as an exercise for the reader). Several of the schools that I deal with in the system are using Bluesocket boxes which would almost certainly be considered infringing devices. It will be interesting to see if Nomadix only approaches other vendors, or if they use the SCO tactic and go straight to consumers. -
Re:Other ways they won't know
Thanks, good ideas. We've also been looking at something like bluesocket wifi gateway. No reason why it can't be adapted for wired as well as wireless for what it does from what I can tell.
-
Simple Management
Bluesocket makes 802.1x all better. Well worth the price.
-
why don't they realize
That trying to base wireless security on wired security will not work. There will always be a workaround if WEP is used/based on. The only way you're going to be able to secure wireless networks is through authorization and encryption. Tons of companies have already done this, and it seems to be transparent to them.
-
Re:Wireless is definately the way forward.
For corporate security, there are emerging some start-ups that I have seen that deal with restricting people's access to the wireless networks. Both of the units I have seen funtion as a firewall to the rest of the wired network. BlueSocket is one of them, and Vernier Networks are the two I've heard of. They seem resonably secure to the rest of the network, but they still don't address the issue of encryption over the air.