Slashdot Mirror
Linuxcare Founders Go Wireless
LinuxCare founders Dave Sifry, Art Tyde and Dave LaDuke have started their second company: Sputnik. Basically, they have an ISO you can download that will turn a laptop with an 802.11b card into a wireless gateway. They also wrote a user-authentication scheme that reroutes all traffic to the gateway until the user logs in via a web form. This should sound familiar to people who stay in broadband capable hotels a lot. Using this authentication technique, the software allows you to choose who can and cannot use your gateway, and in you'll be able to charge strangers for access (with Sputnik handling the billing). This will likely get some isps a wee bit upset. NewsForge has an article detailing what they are doing. Update: Turns out the authentication wasn't written by Sputnik, my bad. They use NoCatAuth
Disclaimer: I've known these guys for a long time and am pals with them, so I waited until someone else (in this case Grant at NewsForge and the NYT) put something up independently about them before linking to them.
Think about it. Those on the wrong side are going to be the #1 beneficiaries of a technology like this. It allows them to create their own secure networks and organize murderous attacks against the civilized world with total impunity.
In the past I might have thought putting all this power in the hands of just anyone was an unmitigated blessing. But now?
I'm only asking: Is it worth the risk? Can't anything be done to make this technology safe?
Sputnik didn't write the 'captive portal' authentication system. It's a GPL'd program called
NoCat. http://www.nocat.net/
OK, while I think this is some cool technology and is Linksys Done Right (tm), I have to ask...
In this post-dot-com era, where's the business model?
How do they expect to make money? LOTS of open-source software companies are making PLENTY of money these days, right?
Kudos to them for putting together what seems to be a really nice product -- I just wouldn't expect to get rich at this one.
Linuxcare -- the Clemens fastball down the middle...
Sputnik -- The breaking ball down and out that the Babe himself couldn't hit.
So where's strike 3 coming from?
--NBVB
Even with Ricochet coming back, this seems like a much better idea if it catches on. Granted, if there are no gateways, nobody can use it, but it'd be a lot faster than Ricochet and (it seems) based off actual usage, not monthly fees. It seems there's a lot of potential for abuse here, but I'd definately like to check this out, it seems like a good way to make a little extra cash (though I'm curious if there's a way to block out abusive users, I don't need any m4d h4x0rz cracking machines through my IP.) This will also probably violate a lot of ISPs ToSes, but who cares, most of us are violating them anyway. :)
I don't know if the ISPs will be pissed off or not. This seems like a fairly straight business deal. Running it from CD makes me wonder how customizable it'll be. They're planning to make money by charging roamers to connect, while letting their partners (w/ fat pipes) connect for free.
If anything, it should make the consumer broadband ISPs happy, since it restricts unauthorized use.
jred
I'm not a mechanic but I play one in my garage...
From the article I get the impression it seems like one could mistake this for one of those affiliate "scams." Let me get this straight, I set up a wireless node, and then I get paid for my bandwidth, or I can connect to other wireless sputnik nodes? Only problem with that is that my (and your) broadband providers aren't going to be to keen on the idea of me being a reseller of bandwidth, when I originally signed up as an end home consumer for DSL. I'm not harping on the hardware and code, that seems all nice and nifty, but the idea of reselling your bandwidth probably will not go over too well.
Gee, I was starting to make my own thing like this. I am not unhappy that they beat me to the gate though.
But where's the source? All I see is the ISO download. Unless the source can fit in the 48 or whatever megs.
Now, to burn it onto a mini-CD......
'cuz I know I sure would like to be able to roam at will and stay connected to my IV drip otherwise known as the Internet.
The more you know, the less you understand.
Is it wrong to ask if this technology can be made safe? How do we know if we don't ask the question?
how long will the LinuxCare founders last without a recharge? Not too long, I would guess...
(fuck metrollica)
ZDNet recently posted this interesting story about LinuxCare.
Personally, I'm sick of the fact that I have two choices for getting broadband into my house: the Cable Monopoly and the Telephone Monopoly. What incentive do I have to follow their "User Agreements" when both of them are in violation of numerous antitrust laws? None. Look at Verizon: they beat every last CLEC to death, and now they've introduced legislation to "deregulate" the broadband market, which means "exercise monopoly power over".
So, now we have a tool. A way for one person to subscribe for DSL or Cable Modem service and share their connection with the entire neighborhood, who can provide kickbacks in the form of cash. With a properly configured distribution of this package, it's entirely possible to make your routing/NAT'ing of your neighbors traffic completely undetectable.
How's that for sticking it to the man? Illegal monopolies: This Is Your Wakeup Call!
If guns kill people, then CmdrTaco's keyboard misspells words.
Reselling bandwidth this way is going to get a lot of people bumped off their Internet Provider. It's almost always one of the Terms of Service that customers can't do so. I would estimate that ISPs will just firewall people away from the Sputnik server that 'handles the billing.'
Or automatically close accounts of customers who access said server.
..somone sniffing the network either captures your 'login' session, or simple takes over your 802.11 session?
don't get me wrong, this is a good thing in many ways, but 802.11 is suck a leaky system that ANYTHING based on it has an inherent problem, short of limiting all connections to authenticated ssh or ipsec connections.
802.11a/b/x is simple broken, and NO 'standard' ip connection routed over it can improve this, hwich is unfortunate, it's ONLY safe if you use a suitable encryption/authentication layer on top of it.
of course, the number of people who realise just how public all internet data is seems to be a very small number, let alone the number of people who realise that email is in effect a public forum, and should NOT be used to forward their credit card numbers.
the part about a simple setup for an 802.11 gateway is a good thing, it can be a pain to set up under linux, but hardly a revolutionary step.
Wake up dude. Your missing the boat. We don't need ISPs anymore.
www.freenetworks.org
'not gonna work!' my university has a similar authentication system. basically, if your MAC address has been verified by our authentication server, DHCPD will issue correct DNS servers. otherwise, all non-authenticated MACs get DNS servers that route all traffic to the "registration" page. BUT you can put in your own DNS servers and voila, you're past this security feature fairly quickly.
I was considering buying a wireless router to share my cable connection with my laptop. From what I have read, it does not seem necessary to buy a wireless router anymore. Anyone disagree?
Wake up dude. Your missing the boat. We don't need ISPs anymore.
That's true if your traffic is local to your neighbourhood.
If you want to route traffic through more than your neighbourhood, though, you're going to run into problems. If the area you're routing traffic in is more than a few hops wide, you'll either be spending most of your bandwidth routing other peoples' messages, or you'll have to set up dedicated high-bandwidth links to let long routes bypass most users' nodes. Now if you have a network of these links... you have something that looks a lot like the existing backbone.
If you have a backbone to maintain, you have to charge for use of the backbone to amortize building and maintenance costs. This gives you a multi-level system where the people running the backbone sell bandwidth to people who locally redistribute the bandwidth.
Which looks a lot like the current system of multiple levels of ISPs.
ISPs exist for a reason. If you try to do away with them, you'll just end up having to reinvent them.
Not really a big deal when you consider that there is *no* way for them to know this is occuring... [...] None. Zip. Zilch. ZeRo.
Unless they just sniff packet headers and notice that you're web surfing while you're playing Quake. Kind of difficult to do that with only two hands and one pair of eyes.
Or unless they notice that you're viewing dozens of web pages per second.
Either way, they'd have a hard time *proving* you're up to something, but they can jerk your connection around under any number of pretenses on their end. If this becomes a big problem, believe me, they'll start squashing people who try this.
...but I can get a wireless gateway cheaper than a laptop...
...selling access probably violates my contract with my ISP...
...It sounds great for hotels wanting to buy a prepackaged deal, but most go through commercial ISPs...
I'm not really sure what market they're trying to corner here... They're not planning on profitting from this are they?
No offense guys, cool idea and all, but I wouldn't bet the farm on it.
Here in wisconsin our cable service is road runner. And the commercials for the service basically show two of the characters using the internet at the same time. They advertise multible computers online. Given that they only give you one modem and one IP, how can they then discurage NAT???
This sig is a virus, take it and use it.
LinuxWorx
Spelling errors are intentional as are gramatical error
You know -- Apple was the first major computer company to spread the use of 802.11b to the consumer market. Some people will argue that point, because people love to flame Apple, but the fact is that AirPort-ready laptops have been produced for years now, starting a good year or more ahead of mainstream 802.11b-ready Intel/AMD-based laptops.
:)
I know Sputnik is a startup, just taking its first steps, so I understand you still have work to do. But I will tell you, this is right down the alley of most of us Mac users. We've always been the rebellious types, that's why we do what we do. I hope we see this gateway for PowerPC machines soon.
As a side note, I do appreciate that you point out Macintosh clients can connect as easily as any other. It's true. And probably easier (one click in the AirPort menu!) But I hope you soon offer us the ability to spread the project, too.
Keep up the good work.
Ryan
"All your base are belong to this file I send in order to have your advice."
I wish they supported more than just the lame Intersil Prism II cards. I have two lucent/orinico, and a cisco aironet :( I was all set to download, but then I read the requirements.
Here's hoping that more coverage will come. Its all there in the kernel and/or pcmcia-cs.
Go over and read my latest troll, you skanky whore! Tell me what you think! PHEAR IT BITCH! SUCK MY BALLS!!
Linuxcare Founders Go Wireless I knew they were smart and all, but it's cool that they found a way to turn completely wireless. They must save a ton on airfare and bus tickets!
------
Today's Top Deals
What's all this about world domination and secure networks?
Note that the computer system you pick to host your Sputnik Gateway will boot and operate entirely from CD-ROM, and must be solely dedicated to functioning as a Sputnik Gateway
If I wanted to use my $2000 laptop (or $500 desktop) as a $200 wireless hub, couldn't I just download linux and set up some firewall rules? Where's the interesting new functionality here?
Why don't I just throw a web login on a can of cheez-whiz and make my own start-up! I'll encrypt it all with 4096 bit encryption and call it secur-a-whiz. Sure you'll have to plug it in to your laptop to use it, but it'll make millions, I swear!
So why am I sitting in an appartment in Bellevue (ie: close suburb of Seattle) reading this page over a 56k dialup link?
If the "last mile" ISP's don't get busy and do some inventing soon I, or someone like me, really will put them out of business.
I think the idea of this, if you read the post, is that once you establish a node, eventually you will be paid by GoWireless for everyone that connects to your node.
Well, how do you think they do that? This is just tunneling controlled net access to each of the nodes, you'd still use your ISP, just not sharing your ISP's "internet", you're sharing GoWireless's "internet".
So basically, you just need to calculate a billing rate by taking into account how much extra per month it costs the broadband user to implement (nothing), the cost of GoWireless's shared internet bandwith (which is probably bought and sold in GB chunks),so basically, anything more than their bandwith, and it's pure profit.
Then for their future services, I'm sure their will be a different pricing model altogether.
C'mon people, free wireless web proxies. What makes you think GoWireless won't start selling internet traffic. The one proven profitable business on the web, a la overture.com, formerly goto.com.
That's my little rant.
ChopSueyar
Lots of folks have been talking about ISPs get'n rectally aroused about this one, but what is to stop them (ISPs) from becoming gateways themselves and selling bandwidth?
For quite some time a trend has been worrying me.That trend is the internet turning into tv .I have always believed that How this phenomenon would occur is through a massive centralisation of isps.How I believed this centralisation would happen was through people like aol/time warner and sony who would start selling large chunks of there content ,(movies games tv/whatever),bundeled .I also believed that to compete the small isps would have to buy the rights to the content of big content companies and accept all of the strings that these content companies should choose to attach and hence that the internet would be controlled by about 5 ,(probably less),big isps.
.Also the whole concept of selling off ones bandwith to to help pay for the connection appeals to me ,as it stands over here in ireland monthly net connections for dsl are way way to much for me to afford and the prospect of selling on some of the bandwith which I would not be using is very appealing to me, If something like this existed over here i would support it.
.All in all thow I am very interested to see how this goes.It reminds me in some ways of a co-op only for bandwith.
with net access and offered exclusively to there customers and that this would lead over time to people thinking about the internet along the same lines as tv and not as something new
This story makes me a little more optimistic that the whole internet wiil = tv phenomenon does not have to happen.I also think that this would if adapted by alot of people make the internet alot harder to control and more competitive in terms of pricing
The only doughts I have about all of this is that
a),it will not make money and b) eventualy some big company will take over and subvert the whole thing to its own ends
_________________________________________________
won't work with wireless for security. someone who wants on the network can just take over someone elses MAC address that they sniffed. they can even be polite and wait until the original user goes offline before using it to be less likely that the original user would detect anything.
OK, so, *when* it gets hacked, *when* it breaks, *when* it's down, *when* your laptop craps out, *when* Murphy comes to town...
Who's stuck with the tech support?
For that matter, who's stuck with the 'level 1' support issues?
I owned/ran an ISP for 4 years (sold out, blah blah)... the myriad of non-related tech calls are amazing... UFie Greg's life isn't that too far off the the real thing...
So, who gets that call? I've got a family and a day job, and a night job already... seems to me someone is missing a large factor here.
Ever Onward, Forward Bound
LANRoamer is a GPL'ed system that has been doing this for a while. We gave presentations on it at Bay Area Wireless User Group and Sbay.org back in June, I believe, before even the NoCat project started.
If you're into "bazaar" style software development, one thing you should note is that LANRoamer does network booting and upgrade reboots. So, if you contribute a useful feature to LANRoamer, it can be widely deployed quickly (based on our stability labels and the stability level each gateway owner has selected). Also, in addition to free accounts and revenue sharing to our access point providers, we also offer free courtesy accounts for people who run open access points (not just during a free beta), partly in an effort to thank the developers and "evangelists", but also to get them involved.
Anyhow, here is the software, including the latest LANRoamer network boot floppy or CD-ROM.
The network boot floppy currently requires that the first ethernet card be compatible with 3COM 3c59x, 8139too, Ether Express Pro 100, NE2000 PCI cards, Via Rhine, Tulip cards and PC-Net PCMCIA ethernet (the 802.11 card or the ethernet connection to your access point can be just about any card that Linux supports). Unlike NoKat (the last time I checked), LANRoamer can work behind firewalls, including NAT routers, even ones that distribute IP addresses that LANRoamer would otherwise use. Once your gateway is up, client machines can obtain addresses from your wireless gateway by DHCP and are taken to an SSL-based login page when they try to go anywhere on the web until they log in.
As a former Linuxcare employee, I like this new venture because it's not likely to employ a lot of community people, promise them the planet and then go scrabbling for loose change under Sun's seatcovers. Good work boys, stay out of trouble.
However, I can't help but suspect that this is more likely to have a negative impact on community wireless networks than a positive impact. Charging for wireless, sort of the "anti-community" approach. On the other hand, if they're only targetting business users, maybe it won't have such a negative impact after all. They do say they've talked to ISP's about AUP. On the other, other hand, isn't this likely to encourage local ISP's to be aggressive about competing with community wireless to make a little money in a new market? Don't they have the option of altering their AUP's to leave community wireless out in the cold?
It's the usual slippery slope, boys. But at least you're not a major community road hazard this time around....
just because todays wireless technology only supports a handful of users at a time (say 20 to 30 comfortably) it doesn't mean that tomorrow, we won't have standards that can route wirelessly and support gigabits of traffic at a time, enough for global internet wirelessly.
I'm afraid there are hard limits on how much you'll ever be able to route with a (broadcast) wireless scheme.
The window of frequencies you can use is limited. Above a certain frequency range, your signal will be blocked by things like rain or fog (and of course, walls and windows). This limit is probably in the 10-20 GHz range. No amount of technological development will change this - it's a physical limit.
This places an upper limit on the bandwidth that any given "cell" (broadcast region) can support (no matter how many base stations you put in that cell).
Divide the bandwidth available per cell by the bandwidth a user wants, and you have the maximum number of users per cell. This means your cell must be small enough to have *only* that number of users in it.
This ends up being about 100 people/cell, if they each want 100 kbytes/second access and your broadcasting can handle 100 Gbit (20 GHz of spectrum at 10 bits/Hz with half the bandwidth upstream and half the bandwidth downstream).
This gives a maximum cell size of maybe a hundred metres or so.
When you start to route traffic, things get _much_ worse. If the area you're trying to cover is only a kilometre wide (part of a city's core), the average path length will be on the order of 5-8 hops. If you're distributing *only* through broadcast wireless, your bandwidth use goes up by a factor of 5-8 on average, because you have that many more repeated messages flying through the mesh.
So either everyone gets 10 kbytes/sec, or you shrink your cells, which makes the number of hops needed larger, which means that even *more* of the traffic you're routing is other peoples' messages in flight...
Summary: You need high-capacity point-to-point links. You're not getting around this.
And fiber's a whole lot more reliable than microwave for this (no rain), and can carry a whole lot more (gain-bandwidth product for erbium-doped fiber is in the 100-gigahertz range if I remember correctly, and maximum theoretical limit for optical communication is around 1 petahertz).
Microwave is especially bad for between-city communication, as your range is limited by atmospheric quality and curvature of the earth (and you still need a big expensive tower, which means you still have the ISP problem).
Having read the part about using a laptop as an 802.11b gateway, I immediate thought about the technical possibility of reselling the overpriced broadband they sell at hotels. The target market for resold broadband is not the hotel you stay in, it's the hotel on the other side of the street whose windows are a direct shot from your window. Even better if the hotel across the street lacks broadband. Now, all they need is a freeware client that people can download to search for "renegade ISPs".
What would stop someone from setting up a bunch of these things concealed in suspended ceilings and remotely controllable, offering service all over a metropolitan area just by staying in various hotel rooms and leaving behind some cleverly concealed hardware?
I don't see it as a good news/bad news thing at all!
The people who are motivated to freely give away some of their bandwidth for the good of the community won't suddenly say "Oh darn, now I have to charge for it because this new wireless gateway is designed around a fee structure! There goes my idea for a freenet!" They'll just use other tools to get the job done. It's much easier to offer free access than to find ways of limiting access to paying customers.
This venture simply makes controlled wireless access more feasible (at a reasonable price), and gives more people a new option to share part of their bandwidth while charging for it.
This can't be a bad thing at all. Worst case: It ends up being a rather unpopular thing.
Much more realistic case: It doesn't have massive impact on the industry, but coffee houses and hotels start to catch on, and some of them make good use of it. So do a few enterprising individuals.
Things like sharing connections and the ability to run servers without having to worry about being cut off are a good reason to spend the extra money for a business-grade DSL connection. Sure it costs more, but for a lot of Slashdot readers the extra cost wouldn't be that much of an issue.
fencepost
just a little off
Is there anyway to add a wireless card to a regular PC? I've heard of PCMCIA to PCI cards. Does anyone knw if they actually work? Are they any good? I want to set up my entire house using a wireless network, but I can't justify it w/ having only one laptop! Does any one know of a good brand of PCMCIA/PCI cards?
If you're not a Liberal in your 20's, then you have no heart.If you're still a Liberal in your 30's you have no brain.
Apple's AirPort already has all of these capabilities. Tell me, does Sputnik's product support both 40-bit and 128-bit encryption like the AirPort does? By the way, if you're using an 802.11b card as a wireless gateway, the range isn't very good. The spec is 5m although people have reported being able to use it over 15m in line-of-sight situations. Apple uses a standard Lucent chipset in their cards, although the software supports 3rd party cards, usually without additional drivers, however non-lucent chipsets are limited to 2Mbps with Apple's software, rather than the 11Mbps that AirPort-spec cards can get.
Karma: Ran over your dogma.
"With a properly configured distribution of this package, it's entirely possible to make your routing/NAT'ing of your neighbors traffic completely undetectable."
Any references to how to do this?
Thanx.
^z
People just haven't started hijacking the fibre off the lines for their own inet.
:)
I'd do it if I knew how. Any good FAQs on it?
Jake
Dating: while( 1 ){ call_girl(); get_rejected(); drink_40(); } return 0;
Well, it's true that unencrypted layer 2 traffic sucks over wireless. However, NoCatAuth combats this by requiring credentials to be resubmitted every so often. These credentials are sent only via SSL and are in theory secure. Therefore, if a MAC address is hijacked, the hijacker will only have at best a couple minutes before the session expires on them. This was considered "good enough", given what we have to work with. Any further questions, don't hesitate to visit the website & join the mailing list.
Two minor factual corrections:
(1) LANRoamer and NoCatAuth appear to have started around the same time.
(2) NoCatAuth does indeed authenticate from behind NAT'ed firewalls.
LANRoamer and NoCatAuth appear to have started around the same time.
The two people who started NoCat gave a talk at the Bay Area Wireless User Group about a week after they started development, and I talked to them there. They (or at least one of them) said that they knew about LANRoamer when they started but thought that the LANRoamer back end was proprietary (we had publicly released it as free software by that time, but there was a period of about two weeks from when we announced LANRoamer to when we decided to free the back end, so I understand how they got that impression).