Slashdot Mirror

http://wifinetnews.com/archives/2006/11/fcc_smacks_down_boston-logans_dubious_wi-fi_claims.html

all over again?

There's probably more one than write up in Slashdot, but I couldn't find the one I was looking for

So if I invent a robot with my own ai code but it uses GPL apis

Presumably you mean "GPLed libraries"; I don't know of any interfaces that are GPLed in any sense, e.g. somebody could reimplement a GPLed library, duplicating all its APIs, and release it under the BSD license without violating the GPL. I guess you could see legal arguments about, say, header files for the library, but those arguments may already have come up and been resolved.

What if I onvested 5,000,000 making the code? Whoops competitors now use my code and undercut me because they didnt have to invest the 5,000,000. I go out of business.

Then whoops maybe you should have invested a little more to implement that functionality yourself, or paying somebody else to implement it, or even just to try to find a free-as-in-beer-at-least implementation with a non-GPL license, rather than using the work of somebody else who doesn't want you to use it in a fashion where you don't have to make source code available under the terms of the GPL.

Google gets a free ride because they are not redistributing. For everyone else who makes smart appliances you are screwed.

If a smart appliance maker is going to invest a lot of money in the software, they're not "screwed", they're just required to invest a little more money making or buying or finding non-GPL software. If their "secret sauce" is the hardware, and giving away the source to the software doesn't make it significantly easier for others to make that hardware - or if they have a patent on the hardware - they may not be "screwed" at all.

Small business owners are too. You cant sell your company as that too counts as redistribution.

A small business using GPLed software most definitely can sell their company. It's not as if using GPLed software GPLs your entire company, including the office desks and the software you bought to run on your computers and your customer lists and the software you've developed without incorporating GPLed code into it.

Just google router xompanies? Gnu went after them

...because they used GPLed code without complying with the requirements for doing so. A company that makes Wi-Fi access points managed to find an alternative to GPLed software for their access points.

WEP with a well-known password has the same vulnerability to passive Firesheep-type attacks as open Wi-Fi.

WEP is not secure, we've known this for a long time.

Even WPA is vulnerable to an active attack that forces a deauth and then snoops the pairwise transient key on reauth. WPA+PEAP is less vulnerable because the handshake takes place over TLS.

And either choice is a hell of a lot better than open, unencrypted wifi, hence my suggestion.

all wireless should be secured even if it is with a default password of 'password'.

WEP with a well-known password has the same vulnerability to passive Firesheep-type attacks as open Wi-Fi. Even WPA is vulnerable to an active attack that forces a deauth and then snoops the pairwise transient key on reauth. WPA+PEAP is less vulnerable because the handshake takes place over TLS.

Yeah I've suggested this before him, but at least I got that part right[1] :).

http://slashdot.org/comments.pl?sid=1578784&cid=31437480

http://it.slashdot.org/comments.pl?sid=457132&cid=22455074

It's quite sad "Sophos Researcher" doesn't seem to know how broken WiFi security is.

[1] Somewhat right anyway - seems like the "secure" mode I mentioned in those posts might not be that secure: http://wifinetnews.com/archives/2010/07/researchers_hints_8021x_wpa2_flaw.html

Blame the WiFi standards bunch, they can't seem to get stuff right. Why didn't they just copy ideas from SSL or SSH?

I've suggested this before a few times: http://it.slashdot.org/comments.pl?sid=457132&cid=22455074

Thing is he left out the part where there are two different modes of WPA2.

One (WPA2 PSK) where if everyone has the same password, it's still not secure (know the same key, sniff a session's 4 way handshake, and you can decrypt that session's traffic).

And one (the other WPA2) where it's supposedly more secure, but apparently still has problems: http://wifinetnews.com/archives/2010/07/researchers_hints_8021x_wpa2_flaw.html

Yeah, not so simple for Starbucks to get right...

Basically the WiFi standards bunch screwed up. So I actually blame them for a lot of the problems. So many years and they still haven't got WiFi to the level of TLS/HTTPS.

HTTPS doesn't solve the "stupid user problem", or the "browsers not warning users of changed CAs", but at least the tech/standard isn't that crap, it's more a people problem.

As this could effect MANY big players in unexpected ways.

Company's like Amazon will be effected due to the Kindle reader uses open source software ( http://news.cnet.com/8301-13505_3-10266319-16.html )

Apple would be pretty much killed on sight since all there products run on either OSX or a modified version which is programmed from UNIX ( http://en.wikipedia.org/wiki/Osx ) (which is open sourced) and the open source Mach Kernel from BSD ( http://en.wikipedia.org/wiki/Mach_kernel ).

While it is not in the US, the London Stock Exchange runs on the open source program MillenniumIT system ( http://linux.slashdot.org/story/09/10/06/1742203/London-Stock-Exchange-Rejects-NET-For-Open-Source )

Last I knew, Linksys routers run on Linux ( http://wifinetnews.com/archives/2005/12/the_l_in_linksys_wrt54gl_stands_for_linux.html )

Microsoft could also be effected due to their new deal with Amazon with issues towards the patents involved in said deal ( http://news.slashdot.org/story/10/02/23/1231255/Microsoft-Amazon-Ink-Kindle-and-Linux-Patent-Deal )

Then there is every Android phone since Android is made from Linux ( http://en.wikipedia.org/wiki/Android_(operating_system) ).

At thats pretty much the tip of the iceberg. Many company's and products run on different versions of OSS, which all would be effected with this. And as you can see, this list of company's effected aren't just a small group of no names, but the big players like Apple, Amazon, Microsoft, Google, Verizon, Linksys...

Cisco is absent because they are a valid licensee. http://wifinetnews.com/archives/2008/10/different_interpretation_of_buffalo_csiro_patent_appeal.html

Good point - I guess Buffalo is just an easier target (and more likely to give in to legal pressure) since it is selling the infringing items retail. The court injunction in the USA cost them millions of dollars in sales. This article points out that the patent relates to using OFDM technology to boost throughput: http://wifinetnews.com/archives/2008/10/different_interpretation_of_buffalo_csiro_patent_appeal.html
I don't quite understand how CSIRO patented a technology that has been around as long as CDMA cellular systems (which also uses OFDM).

Also, to answer your question, no, you don't pay royalties, because you already paid for the individual components. Unless those components came with a EULA, you are free to use them and resell them as you wish.

Well, you're right. Here's your reference. Each character provides about 2.5 bits of security:

How the PSK is used in WPA and 802.11i

The PSK provides an easily implemented alternative for the PMK as compared to using 802.1X to generate a PMK. A 256bit PSK is used directly as the PMK. When the PSK is a passphrase, the PMK is derived from the passphrase as follows:

PMK = PBKDF2(passphrase, ssid, ssidLength, 4096, 256)

Where the PBKDF2 method is from PKCS #5 v2.0: Password-based Cryptography Standard. This means that the concatenated string of the passphrase, SSID, and the SSIDlength is hashed 4096 times to generate a value of 256 bits. The lengths of the passphrase and the SSID have little impact on the speed of this operation.

The PTK is a keyed-HMAC function using the PMK on the two MAC addresses and the two nonces from the first two packets of the 4-Way Handshake. This is why the whole keying hierarchy falls into the hands of anyone possessing the PSK, as all the other information is knowable.

However, even using an offline attack, this article's author still says a PSK of about 20 characters should be enough for most purposes. I tend to agree.

According to this they have to lock out access to certain frequencies and power levels in order to get FCC certification. If those lockouts are implemented in the firmware, that means closed firmware.

I can't honestly believe that it costs that much extra for 8MB of flash compared to 2MB of flash.

Linksys sells a lot of these things per year. A whole lot. http://wifinetnews.com/archives/006101.html claims "hundreds of thousands per month" back in 2005. With numbers like that, even small savings add up. And frankly, I'm certain that they ran the numbers and found that it would be cheaper to go with VxWorks. These sorts of things aren't just decided willy-nilly.

They also managed to segregate their customers. Since they still ship a version based on Linux and running the Linux kernel, people who are buying the routers specifically to get the extra features of an alternate firmware will probably be buying a different model. They can increase the price of that model a bit and increase their profits even more.

Honestly, they can't call it unlimited anymore. Unlimited has a set definition. It's not open to interpretation. If you introduce caps, or limits, well, you're giving a different service.

Why? Helio still markets their "unlimited" internet with a *160MB*
limit.

3G with a 160MB limit, just like a firetruck using a silly-straw to put out fires.

At least Verizon's "unlimited" plans have a 5GB limit but they don't let you use Wifi.

This article reminds me of one from 2003 here in Illinois. There was a school district that got sued by a group of parents in Oak Park over the school installing WiFi, claiming a large body of evidence linking exposure to WiFi microwaves and human health.
Link: http://wifinetnews.com/archives/002496.html

You can buy a second-hand GPRS wireless modem off E-bay for less than 15 pounds. With a PAYG 3G Sim card straight from the local mobile phone shop you can surf the web for around 10 pence/10 Kilobytes. That isn't cheap compared the basic broadband offerings for land lines, but it is substantially cheaper than SMS.

1 SMS = 10 pence (maximum 150 bytes)

1 block of data = 10 pence (10 Kilobytes)

With SMS, 1 Megabyte = 70,000 pounds

With GPRS, 1 Megabyte = 5 pounds.

These are rates that are going on at the moment. Although sending/receiving an E-mail would probably take up much more data space as even a simple message now seems to come delivered with a whole loading of routing information, spam filter test results, MIME data formatting and HTML formatting.

Many mobile phone operators are now offering flat-rate 3G monthly rates, although there are some opponents.

http://www.wifinetnews.com/archives/007121.html

Doesn't the D620 use a Broadcom card? Didn't Jon Ellch release that code?
Seems like it was demostrated on other notebook models.

The best place I've found to get details on news like this is the blog "Wi-Fi Networking News", by Glenn Fleishmann. http://wifinetnews.com./

And a brute force attack isn't a real crack, either. Quoting MechaBlue on this site:

Thinking about it, though, I'd bet you could pick up traces of the unencrypted datastream in poorly designed cards. That's hardly a crack for the crypto, though.

This is so not news. The Wall Street Journal article got a number of details plain wrong.

I wrote extensively about the auctions last summer and AirCell's plan. I checked with AirCell this morning: cell phone service has nothing to do with their short-term interest, and they think it's at best a long-term possibility, but not one they're basing their business on. Here's my interview with the CEO from last June after they won the FCC auction.

Further, on the issues raised here about Boeing's "success" with Connexion, that service required days of installation time, their gear weighed 800 pounds, the antenna added drag, and they had leases for satellite transponders. AirCell is using ground-to-air spectrum via their own ground stations with a lightweight package and little drag that installs fast (overnight).

Please note that while iLounge's article is interesting, it's based on two unnamed Apple representatives, quoted without their position at the company being mentioned. This is fine, but let's not take this as an official Apple position or statement. I'm a regular print and online journalist, so I asked Apple about the $5 charge. They said they don't comment on rumors and speculation, and repeated that the updater would be available on the CD with the new AirPort Extreme update that will ship in February. To me, that's like saying, "hint, hint." The CD will have an unlocked updater that can be used with any compatible Core 2 Duo or Xeon Macintosh. Thus, Apple may or may not have a Sarbanes-Oxley issue (stranger things have happened), and they may or may not charge $5 for the updater. Nonetheless, an unlocked "enabler" application will be in the hands of thousands of early purchasers (like myself). I've written more about this on my Wi-Fi blog in a post about why I think the $5 charge is unlikely, but unnecessary for anyone to pay even if it's attempted to be levied.

Uh, right.

http://wifinetnews.com/archives/007280.html
..."the University of Washington's patent-licensing arm has sued four electronics makers that incorporate Bluetooth chips made by CSR into their products: Nokia, Samsung, and both Matsushita and its subsidiary Panasonic of North America. "

All the reports I've read of the situation sound like the classic (patented?!) submarine-patent scheme. :-(

Uh, everyone knows WEP is not secure. That's why there is WPA, which is not crackable as far as I know.

You didn't explicitly say which authentication method you are using with WPA. If you're talking about WPA with Pre-shared key, there is a chance of WPA being hacked:

http://wifinetnews.com/archives/002453.html

If you use an EAP (instead of PSK) with WPA, then WPA is a little less breakable.

No. The landlord cannot regulate Wifi.

Actually (if you RTFFCC'sD) the FCC asserts that only the FCC has the authority regulate unlicensed spectrum (such as 802.11). The landlord cannot put any terms in their lease that will 'regulate' the use of those airwaves. That's why Massport can't require Continental to give up free access. (Actual decision here)

BTW, I think that your landlord cannot prevent you from using a satellite dish. They may however be able to restrict you from mounting the dish on their physical property.

As always, daringfireball.net has an interesting article on this. And The Macalope chimes in, too, with a link to an article by Glenn Fleishman. Enjoy.

Or have the WiFi equipment auto-configure.

There's supposed to be Vista support for WPS, WiFi Protected Setup, an attempt at cross-vendor automatic setup.

If you're under a gag order, there's a decent possibility that the gag order forbids you to talk about the gag order.

Considering that they are willing to talk about the issue with some people, I don't think that excuse is applicable here.

Via Rail in Canada has it. Haven't tried it personally, but here is some info about it:

http://wifinetnews.com/archives/006321.html

Unfortunately, some of the coverage of this air-to-ground spectrum auction has had the wrong information and led to the wrong conclusions. I've been writing about this at Wi-Fi Networking News since early last year, and have covered the auction since its start in early May. Here's the real scoop. (You can read my run down of these auctions over at my Wi-Fi site. I was quoted in last week's Associated Press article on these auctions and on public radio's Marketplace early this week.)

First, it's not about Wi-Fi, it's about air-to-ground broadband. More on that in a second.

Second, JetBlue won the smaller of two licenses sold at auction.

Third, it'll be up to two years before service commences.

The auction determined which of three exclusive spectrum configurations would win out. The winning versions was 3 MHz to AC BidCo LLC, a sister company with AirCell, and 1 MHz to JetBlue. The 3 MHz license was widely seen as the desirable one because using standard EVDO Rev. A, there should be over 1.5 Mbps available in each direction. (The FCC designed the new licenses to handle EVDO and a few other standards, and the allotted spectrum is split symmetrically in air-to-ground and ground-to-air segments.)

JetBlue, the owners of license winners LiveTV, will likely use its approximately 500 Kbps downstream to carry streaming video or to spool video for inflight use through cached content. Upstream could be used for cabin surveillance and aircraft use. JetBlue might roll out this technology to other airlines.

AirCell already runs a general aviation (non-commercial) air-station network for in-flight broadband, and will be able now to cut deals with all the major airlines that want this. Their ultimate system should be lightweight (thus not a big fuel drag) and desirable.

Wi-Fi has to be tested separately, by the way. They won't be able to just turn this on. The FCC and FAA will require them to test their equipment with specific airlines and planes in order to roll it out.

With dual-mode cell phones (cell + Wi-Fi) plus Skype and other VoIP services on laptops plus Wi-Fi-only handsets, it will be likely that calling in flight will be very common.

The other part of this deal is that Verizon AirFone, which controls parts of the 4 MHz that was auctioned off, now has up to two years to move from 4 MHz to a vertically polarized 1 MHz (overlapping with LiveTV's license). License winners are allowed to give Verizon financial incentives to move faster. AirFone is on 4,500 planes, including government ones, and is highly underused. With this move to new equipment, AirFone might dramatically drop its pricing...or airlines might ask for the equipment to be entirely removed.

The Xinhua report is particularly odd because it says China "launched a case," which implies legal action, possibly in an international venue. But if you read on, they filed two appeals alleging ethical violations. These violations, according to reports over the last few months, include people suggesting that unless China publishes their entire specification for WAPI, that there might be elements in the standard that enable backdoors, etc. China doesn't want to publish but they want to be a standard. That's a problem.

I've been writing about this for years over at Wi-Fi Networking News, and what's interesting is that when I suggest a Chinese government sponsored proprietary standard might have the ability to be tapped very easily, I get a lot of interesting comments posted about how I'm paranoid. Today's post on this set of appeals has seen a good mix of comments.

.... but maybe the prudent thing to do is wait and see how these new products behave in the real world. Early indications are that there are "issues" as described in the articles below:

http://news.zdnet.co.uk/communications/wireless/0, 39020348,39265307,00.htm
http://www.eetimes.com/news/semi/showArticle.jhtml ?articleID=186700327
http://wifinetnews.com/archives/006507.html

You meant "now uses VxWorks instead of Linux", of course. I, too, have heard reports that the new version isn't terribly reliable. Like you, I suspect Wind River lowballed the specs to score a design win, but couldn't quite deliver.

Maybe a little more research is in order here...

http://www.linuxjournal.com/article/8312

From that article:

In November 2003, Robert Moskowitz, a senior technical director at ICSA Labs (part of TruSecure) released "Weakness in Passphrase Choice in WPA Interface". In this paper, Moskowitz described a straightforward formula that would reveal the passphrase by performing a dictionary attack against WPA-PSK networks. This weakness is based on the fact that the pairwise master key (PMK) is derived from the combination of the passphrase, SSID, length of the SSID and nonces. The concatenated string of this information is hashed 4,096 times to generate a 256-bit value and combine with nonce values. The information required to create and verify the session key is broadcast with normal traffic and is readily obtainable; the challenge then becomes the reconstruction of the original values. Moskowitz explains that the pairwise transient key (PTK) is a keyed-HMAC function based on the PMK; by capturing the four-way authentication handshake, the attacker has the data required to subject the passphrase to a dictionary attack. According to Moskowitz, "a key generated from a passphrase of less than about 20 characters is unlikely to deter attacks."

Reread that last sentence...

Robert's article can be found here:

http://wifinetnews.com/archives/002452.html

To quote Robert from the above article:

"The PTK is used in the 4-Way handshake to produce a hash of the frames. There is a long history of offline dictionary attacks against hashes. Any of these programs can be altered to use the information in the 4-Way Handshake as input to perform the offline attack. Just about any 8-character string a user may select will be in the dictionary. As the standard states, passphrases longer than 20 characters are needed to start deterring attacks. This is considerably longer than most people will be willing to use.

This offline attack should be easier to execute than the WEP attacks."

End quote. Reread THAT last sentence...

Current optimized attacks on WEP (assuming it's one of the more modern implementations that addresses the key scheduling problem and weak IVs) require something on the order of hundreds of thousands of packets with well distributed IVs. That's several megabytes of data. Then the WEP key can be recovered. There there is also "chop-chop" which is an active (and noisy) attack against WEP performed by generating controlled packet errors. All WEP is also vulnerable to the XOR known-codebook attack, but you have to accumulate over 2Gig of known data (one long packet for each unique IV) to recover the "code book" (the cypher stream). Yes, all of that is doable. I've done it. I'm well aware of the effort you have to go to in order to accomplish this. It all takes a LOT of data. Enough data, and it can be relatively quick to compute. One test I ran, I had over 500,000 "interesting" packets (unique IV) and Aircrack still couldn't break it after 3 hours of run time on a 2.4 GHz processor. Yes, it would eventually break it (but I ran out of time in my talk and I had only started the cracking run 2 hours before my talk began) and once it's broke, it's broke (but so is WPA-PSK). Obviously, if you have an older, or lame, implementation, the attacks against WEP work much much faster.

OTOH... WPA-PSK, you only need the first four packets of the session setup. Because you can cause the access point to "disassociate", you can force the nodes to reauthenticate and get your 4 packets at any time. Then you can brute force the PSK at your leasure. The longer and more complicated the passphrase is, the harder it will be to brute force. But, as Robert and other noted cryptographers had documented, it takes a LONG passphrase. 8 characters or less can be exhaustively broken in mere seconds. I've seen recommendations for passphrases that vary any

there are lots of other meaningful uses of mesh networking. http://wifinetnews.com/archives/005910.html look beyond 3G and there are lots of possiblities.

I do remember a coffee shop discontinuing free WiFi on the weekends due to people coming in, using the WiFi, hijacking tables, and not buying anything. http://wifinetnews.com/archives/005325.html http://slashdot.org/article.pl?sid=05/05/26/234225 6

I'd suggest "free WiFi with purchase". Buy something and a WiFi access code is printed on your receipt good for an hour or two. The customers get what they want and the freeloaders can go else where.

Granted, it is a slight hassle for the paying customer, and I'm sure dedicated freeloaders will dig through trash to find half-used access codes (or eventually figure out how you're generating codes), but it's still better than smelly nerds hogging tables for head-to-head D&D play over the access point.

According to the section chief of the Ohio ARRL, problems are minimal.
(at the bottom of the article:) "Joe Phillips of Fairfield, the Ohio section chief for the American Radio Relay League, says that so far the Cinergy roll-out hasn't created the radio interference many ham radio operators had feared."

Where I'm from, Calgary Alberta (Canada!), we have a 'wireless city' http://wifinetnews.com/archives/001821.html

Or at least, so is the 'hype', but let me explain how it is:

- Only a small portion of the city is, notably a portion of the downtown ocre
- Any one MAC address is only allowed one hour online at a time.

I realize the article is proposing more then what we have up here, but I was pretty impressed with what my city has done.

Basically, I can go out for lunch, and avoid some bad legal problems if I'm to use my work network for home coding, or what have you. An hour's just perfect for me: but if I want more, it's a Telus (http://www.telus.com/) hotspot, so naturally I can buy more minutes.

I'd love to see this spread city wide, but I'm not really sure the point: taxes would probably have to go up, and either noone will use it when they can use their home networks (over only using an hour a day), etc.

That said, it's a nice on-ramp, it's good for visitors, and I personally like it. :)

I've commented on the math that Mesh Dynamics uses to justify their system on several occasions -- needless to say, it's wrong and overstates degradation. More importantly, their systems is _extremely_ expensive. Meanwhile, groups like CUWiN, FreiFunk and others are developing free open source mesh networking systems. CUWiN's software (and, for full disclosure, I cofounded and coordinate the project) can be downloaded by anyone, it's under an open source license, and everything (including the developers' environment) is freely available. We haven't implemented multi-radio solutions yet -- mainly because the bandwidth degredation hasn't been bad enough to justify it. But to do so, we're only talking about a few weeks of work -- which can be done by anyone who wants to add the feature -- and then you'd have a system that does the same thing as Mesh Dynamics, but is freely avaialable to anyone who wants it.

"I think they're lying. Plain and simple."

You aren't the only one who's suspicious.

1) Free wifi is useful to the government as well as its citizens (think police, for starters).

2) Most of these municipal wifi plans aren't about competing with cable/telephone companies (though they will, obviously). Municipal wifi is usually about providing a basic level of internet ubiquitously

Source: Wi-Fi Networking News, February 1, 2005

Glenn Fleishman has done a neat job of identifying some of the leading groups and individuals that are trying to stop U.S. municipalities from setting up wireless internet systems, such as the Heartland Institute and the New Millennium Research Council, "a sock puppet for the incumbent telecommunications interests" that don't want municipalities to compete with their own private, for-profit services. According to tech columnist Dan Gillmor , the anti-WiFi campaign is yet another example of the "ongoing scandal" of "lack of transparency in the world of opinion-making. ... What we have today is a system of opinion laundering, where powerful interests try to create public support for their side of issues without disclosing the hidden agendas."

Source: Wi-Fi Networking News, February 1, 2005

Glenn Fleishman has done a neat job of identifying some of the leading groups and individuals that are trying to stop U.S. municipalities from setting up wireless internet systems, such as the Heartland Institute and the New Millennium Research Council, "a sock puppet for the incumbent telecommunications interests" that don't want municipalities to compete with their own private, for-profit services. According to tech columnist Dan Gillmor , the anti-WiFi campaign is yet another example of the "ongoing scandal" of "lack of transparency in the world of opinion-making. ... What we have today is a system of opinion laundering, where powerful interests try to create public support for their side of issues without disclosing the hidden agendas."

Ummm... what about the (growing ever ubiquitous) cell phone?

You might make the argument that they suck in areas where there's poor reception... but then, you expect these same areas to have kick-ass broadband that you can readily access for cheap?

And with a cell phone, you're getting data services that are getting faster and faster all the time.

UMTS is around the corner with Docomo offerings soon after.

Soon the question might be "why have a wired connection at all?" instead of "which broadband/VoIP combination gives me the best price?"

linky

The worst part, in my estimation, is that this generation of MIMO technology isn't what the final 802.11n specification will look like. So purchasing MIMO today except for specific applications in which you need substantially higher throughput and range from a single device over interoperable, certified 802.11g means you're buying a dead-end device.

Here's what I posted on Wi-Fi Networking News [wifinetnews.com] about why Starbucks efforts are misguided:

Starbucks reportedly to offer music burning service in up to 2,500 stores: The system will allow customers to have CDs burned while they wait; eventually, it will also allow downloads of music over Wi-Fi, the article in BusinessWeek says.

Starbucks demanded a T-1 (1.544 Mbps in each direction) digital service infrastructure from its first hotspot partner, MobileStar, as well as its second, T-Mobile. I've speculated for a while on how this high-speed network could be used to cache material in each Starbucks, like movie and music downloads.

This latest project sounds somewhat misguided for the reason cited by the Forrester analyst in the article: Your typical barista may be great at making espresso but is not in a position to fix the broken CD burner.

My cousin Steven was involved almost 20 years ago with a company called Personics. The company had worked out a catalog licensing deal with more than 70 labels from the largest down to some independents to allow them to offer custom mix tapes for about a buck a song. This was a reasonable price in those days. The system had a few thousand songs mastered onto CD-ROMs stored in a special employee-operated CD-ROM changer behind the counter. An employee would punch in your choices, and the system created a high-speed cassette tape dub.

The company failed for two primary reasons: the hardware was proprietary, meaning that engineers had to fly around the country to fix it when it inevitably had glitches; and the catalog they offered too small because labels balked at including their most popular stuff for fear of cannibalizing pre-recorded CD and tape sales. (Price, my cousin reports, was not a problem: many customers were willing to pay even more, he noted to me after this item was originally posted.)

If Starbucks creates the expectation of an easy process that's always available and then isn't available even part of the time at any given store, they lose their audience. Starbucks makes its money from processing a high volume of custom drinks--you don't want to distract from that. CD burners aren't that difficult to keep operating, but a failure rate that's a fraction of that experienced by typical home and business users could be a dramatic problem in a high-expectation retail environment.

The article says the price is comparable to Apple and other download services. Two problems with that comparison. First, it's not. It's $7 for five songs, or 40 percent, or $13 for an album, or 30 percent higher. That's a significantly different price when you're dealing with price sensitivity. It's comparable to a mass-produced discounted audio CD.

Second, you're receiving an audio CD, not digital music per se, which could be a turnoff for the audience that might be interested in a fast, in-store music service. (However, since HP is the partner, and is reselling their own version of the iPod, it's possible that the ultimate digital delivery system will be a version of the iTunes Music Store.)

This is the latest incarnation of Compaq-cum-Hewlett Packard's attempts to capitalize on their relationship as a supplier to Starbucks. In January 2001, when the MobileStar deal was announced for installing hotspots, Starbucks made a big deal about Microsoft and Compaq's participation. Compaq wasn't a partner, though; Starbucks had signed a $100 million, five-year deal to buy equipment and services. Microsoft was a partner, and it never seemed to amount to anything that saw the light of day.

In the years since this deal, Compaq and then HP have reaped advertising benefits, appearing in full-page newspaper advertisements as part of the Starbucks hotspot system, even though they had nothing to do with MobileStar and T-Mobile's deployment. At one point, Starbucks had Compaq iPaq's available for customers to play with, and those disappeared, too.

It's this fumb

Here's what I posted on Wi-Fi Networking News [wifinetnews.com] about why Starbucks efforts are misguided:

Starbucks reportedly to offer music burning service in up to 2,500 stores: The system will allow customers to have CDs burned while they wait; eventually, it will also allow downloads of music over Wi-Fi, the article in BusinessWeek says.

Starbucks demanded a T-1 (1.544 Mbps in each direction) digital service infrastructure from its first hotspot partner, MobileStar, as well as its second, T-Mobile. I've speculated for a while on how this high-speed network could be used to cache material in each Starbucks, like movie and music downloads.

This latest project sounds somewhat misguided for the reason cited by the Forrester analyst in the article: Your typical barista may be great at making espresso but is not in a position to fix the broken CD burner.

My cousin Steven was involved almost 20 years ago with a company called Personics. The company had worked out a catalog licensing deal with more than 70 labels from the largest down to some independents to allow them to offer custom mix tapes for about a buck a song. This was a reasonable price in those days. The system had a few thousand songs mastered onto CD-ROMs stored in a special employee-operated CD-ROM changer behind the counter. An employee would punch in your choices, and the system created a high-speed cassette tape dub.

The company failed for two primary reasons: the hardware was proprietary, meaning that engineers had to fly around the country to fix it when it inevitably had glitches; and the catalog they offered too small because labels balked at including their most popular stuff for fear of cannibalizing pre-recorded CD and tape sales. (Price, my cousin reports, was not a problem: many customers were willing to pay even more, he noted to me after this item was originally posted.)

If Starbucks creates the expectation of an easy process that's always available and then isn't available even part of the time at any given store, they lose their audience. Starbucks makes its money from processing a high volume of custom drinks--you don't want to distract from that. CD burners aren't that difficult to keep operating, but a failure rate that's a fraction of that experienced by typical home and business users could be a dramatic problem in a high-expectation retail environment.

The article says the price is comparable to Apple and other download services. Two problems with that comparison. First, it's not. It's $7 for five songs, or 40 percent, or $13 for an album, or 30 percent higher. That's a significantly different price when you're dealing with price sensitivity. It's comparable to a mass-produced discounted audio CD.

Second, you're receiving an audio CD, not digital music per se, which could be a turnoff for the audience that might be interested in a fast, in-store music service. (However, since HP is the partner, and is reselling their own version of the iPod, it's possible that the ultimate digital delivery system will be a version of the iTunes Music Store.)

This is the latest incarnation of Compaq-cum-Hewlett Packard's attempts to capitalize on their relationship as a supplier to Starbucks. In January 2001, when the MobileStar deal was announced for installing hotspots, Starbucks made a big deal about Microsoft and Compaq's participation. Compaq wasn't a partner, though; Starbucks had signed a $100 million, five-year deal to buy equipment and services. Microsoft was a partner, and it never seemed to amount to anything that saw the light of day.

In the years since this deal, Compaq and then HP have reaped advertising benefits, appearing in full-page newspaper advertisements as part of the Starbucks hotspot system, even though they had nothing to do with MobileStar and T-Mobile's deployment. At one point, Starbucks had Compaq iPaq's available for customers to play with, and those disappeared, too.

It's this fumb

Here's what I posted on Wi-Fi Networking News [wifinetnews.com] about why Starbucks efforts are misguided:

Starbucks reportedly to offer music burning service in up to 2,500 stores: The system will allow customers to have CDs burned while they wait; eventually, it will also allow downloads of music over Wi-Fi, the article in BusinessWeek says.

Starbucks demanded a T-1 (1.544 Mbps in each direction) digital service infrastructure from its first hotspot partner, MobileStar, as well as its second, T-Mobile. I've speculated for a while on how this high-speed network could be used to cache material in each Starbucks, like movie and music downloads.

This latest project sounds somewhat misguided for the reason cited by the Forrester analyst in the article: Your typical barista may be great at making espresso but is not in a position to fix the broken CD burner.

My cousin Steven was involved almost 20 years ago with a company called Personics. The company had worked out a catalog licensing deal with more than 70 labels from the largest down to some independents to allow them to offer custom mix tapes for about a buck a song. This was a reasonable price in those days. The system had a few thousand songs mastered onto CD-ROMs stored in a special employee-operated CD-ROM changer behind the counter. An employee would punch in your choices, and the system created a high-speed cassette tape dub.

The company failed for two primary reasons: the hardware was proprietary, meaning that engineers had to fly around the country to fix it when it inevitably had glitches; and the catalog they offered too small because labels balked at including their most popular stuff for fear of cannibalizing pre-recorded CD and tape sales. (Price, my cousin reports, was not a problem: many customers were willing to pay even more, he noted to me after this item was originally posted.)

If Starbucks creates the expectation of an easy process that's always available and then isn't available even part of the time at any given store, they lose their audience. Starbucks makes its money from processing a high volume of custom drinks--you don't want to distract from that. CD burners aren't that difficult to keep operating, but a failure rate that's a fraction of that experienced by typical home and business users could be a dramatic problem in a high-expectation retail environment.

The article says the price is comparable to Apple and other download services. Two problems with that comparison. First, it's not. It's $7 for five songs, or 40 percent, or $13 for an album, or 30 percent higher. That's a significantly different price when you're dealing with price sensitivity. It's comparable to a mass-produced discounted audio CD.

Second, you're receiving an audio CD, not digital music per se, which could be a turnoff for the audience that might be interested in a fast, in-store music service. (However, since HP is the partner, and is reselling their own version of the iPod, it's possible that the ultimate digital delivery system will be a version of the iTunes Music Store.)

This is the latest incarnation of Compaq-cum-Hewlett Packard's attempts to capitalize on their relationship as a supplier to Starbucks. In January 2001, when the MobileStar deal was announced for installing hotspots, Starbucks made a big deal about Microsoft and Compaq's participation. Compaq wasn't a partner, though; Starbucks had signed a $100 million, five-year deal to buy equipment and services. Microsoft was a partner, and it never seemed to amount to anything that saw the light of day.

In the years since this deal, Compaq and then HP have reaped advertising benefits, appearing in full-page newspaper advertisements as part of the Starbucks hotspot system, even though they had nothing to do with MobileStar and T-Mobile's deployment. At one point, Starbucks had Compaq iPaq's available for customers to play with, and those disappeared, too.

It's this fumb

Here's what I posted on Wi-Fi Networking News [wifinetnews.com] about why Starbucks efforts are misguided:

Starbucks reportedly to offer music burning service in up to 2,500 stores: The system will allow customers to have CDs burned while they wait; eventually, it will also allow downloads of music over Wi-Fi, the article in BusinessWeek says.

Starbucks demanded a T-1 (1.544 Mbps in each direction) digital service infrastructure from its first hotspot partner, MobileStar, as well as its second, T-Mobile. I've speculated for a while on how this high-speed network could be used to cache material in each Starbucks, like movie and music downloads.

This latest project sounds somewhat misguided for the reason cited by the Forrester analyst in the article: Your typical barista may be great at making espresso but is not in a position to fix the broken CD burner.

My cousin Steven was involved almost 20 years ago with a company called Personics. The company had worked out a catalog licensing deal with more than 70 labels from the largest down to some independents to allow them to offer custom mix tapes for about a buck a song. This was a reasonable price in those days. The system had a few thousand songs mastered onto CD-ROMs stored in a special employee-operated CD-ROM changer behind the counter. An employee would punch in your choices, and the system created a high-speed cassette tape dub.

The company failed for two primary reasons: the hardware was proprietary, meaning that engineers had to fly around the country to fix it when it inevitably had glitches; and the catalog they offered too small because labels balked at including their most popular stuff for fear of cannibalizing pre-recorded CD and tape sales. (Price, my cousin reports, was not a problem: many customers were willing to pay even more, he noted to me after this item was originally posted.)

If Starbucks creates the expectation of an easy process that's always available and then isn't available even part of the time at any given store, they lose their audience. Starbucks makes its money from processing a high volume of custom drinks--you don't want to distract from that. CD burners aren't that difficult to keep operating, but a failure rate that's a fraction of that experienced by typical home and business users could be a dramatic problem in a high-expectation retail environment.

The article says the price is comparable to Apple and other download services. Two problems with that comparison. First, it's not. It's $7 for five songs, or 40 percent, or $13 for an album, or 30 percent higher. That's a significantly different price when you're dealing with price sensitivity. It's comparable to a mass-produced discounted audio CD.

Second, you're receiving an audio CD, not digital music per se, which could be a turnoff for the audience that might be interested in a fast, in-store music service. (However, since HP is the partner, and is reselling their own version of the iPod, it's possible that the ultimate digital delivery system will be a version of the iTunes Music Store.)

This is the latest incarnation of Compaq-cum-Hewlett Packard's attempts to capitalize on their relationship as a supplier to Starbucks. In January 2001, when the MobileStar deal was announced for installing hotspots, Starbucks made a big deal about Microsoft and Compaq's participation. Compaq wasn't a partner, though; Starbucks had signed a $100 million, five-year deal to buy equipment and services. Microsoft was a partner, and it never seemed to amount to anything that saw the light of day.

In the years since this deal, Compaq and then HP have reaped advertising benefits, appearing in full-page newspaper advertisements as part of the Starbucks hotspot system, even though they had nothing to do with MobileStar and T-Mobile's deployment. At one point, Starbucks had Compaq iPaq's available for customers to play with, and those disappeared, too.

It's this fumb

Here's what I posted on Wi-Fi Networking News [wifinetnews.com] about why Starbucks efforts are misguided:

Starbucks reportedly to offer music burning service in up to 2,500 stores: The system will allow customers to have CDs burned while they wait; eventually, it will also allow downloads of music over Wi-Fi, the article in BusinessWeek says.

Starbucks demanded a T-1 (1.544 Mbps in each direction) digital service infrastructure from its first hotspot partner, MobileStar, as well as its second, T-Mobile. I've speculated for a while on how this high-speed network could be used to cache material in each Starbucks, like movie and music downloads.

This latest project sounds somewhat misguided for the reason cited by the Forrester analyst in the article: Your typical barista may be great at making espresso but is not in a position to fix the broken CD burner.

My cousin Steven was involved almost 20 years ago with a company called Personics. The company had worked out a catalog licensing deal with more than 70 labels from the largest down to some independents to allow them to offer custom mix tapes for about a buck a song. This was a reasonable price in those days. The system had a few thousand songs mastered onto CD-ROMs stored in a special employee-operated CD-ROM changer behind the counter. An employee would punch in your choices, and the system created a high-speed cassette tape dub.

The company failed for two primary reasons: the hardware was proprietary, meaning that engineers had to fly around the country to fix it when it inevitably had glitches; and the catalog they offered too small because labels balked at including their most popular stuff for fear of cannibalizing pre-recorded CD and tape sales. (Price, my cousin reports, was not a problem: many customers were willing to pay even more, he noted to me after this item was originally posted.)

If Starbucks creates the expectation of an easy process that's always available and then isn't available even part of the time at any given store, they lose their audience. Starbucks makes its money from processing a high volume of custom drinks--you don't want to distract from that. CD burners aren't that difficult to keep operating, but a failure rate that's a fraction of that experienced by typical home and business users could be a dramatic problem in a high-expectation retail environment.

The article says the price is comparable to Apple and other download services. Two problems with that comparison. First, it's not. It's $7 for five songs, or 40 percent, or $13 for an album, or 30 percent higher. That's a significantly different price when you're dealing with price sensitivity. It's comparable to a mass-produced discounted audio CD.

Second, you're receiving an audio CD, not digital music per se, which could be a turnoff for the audience that might be interested in a fast, in-store music service. (However, since HP is the partner, and is reselling their own version of the iPod, it's possible that the ultimate digital delivery system will be a version of the iTunes Music Store.)

This is the latest incarnation of Compaq-cum-Hewlett Packard's attempts to capitalize on their relationship as a supplier to Starbucks. In January 2001, when the MobileStar deal was announced for installing hotspots, Starbucks made a big deal about Microsoft and Compaq's participation. Compaq wasn't a partner, though; Starbucks had signed a $100 million, five-year deal to buy equipment and services. Microsoft was a partner, and it never seemed to amount to anything that saw the light of day.

In the years since this deal, Compaq and then HP have reaped advertising benefits, appearing in full-page newspaper advertisements as part of the Starbucks hotspot system, even though they had nothing to do with MobileStar and T-Mobile's deployment. At one point, Starbucks had Compaq iPaq's available for customers to play with, and those disappeared, too.

It's this fumb

Glenn Fleishman, of Wi-Fi Networking News has written a script to throttle the poorly-behaved aggregators and writes about it on his personal blog.