Slashdot Mirror
From "Happy Hacking" to "Screw You"
tquid writes "Trying to bridge the digital divide in Canada's poorest postal code, a principled group of hackers adopt "open source"-based technology spun off from an MIT project. Then the terms on the hardware are changed, and changed again, and then firmware to lock out the frustrated group's software is installed, screwing them out of their investment and many hours of development work."
Wasn't this was originally developed as an open source project at MIT? I imagine their original agreement with MIT probably precluded this very thing (locking it down). If not, I would be very disappointed with MIT.
SJW: Someone who has run out of real oppression, and has to fake it.
I've been following the development of mesh wifi technology for several years now. From the moment I first grokked what was going on with it, it struck me as a great disruptive technology. One of the most successful early projects, and one that I followed with a great deal of interest was MIT's Roofnet project - an implementation of commodity hardware and open source software, built on Linux, which provides wifi coverage for MIT's campus.
In 2006 a spin-off company named Meraki was formed to develop and commercialize the MIT Roofnet technology. At the time I was on the board of the Vancouver Community Network and had been championing more development of wireless technology. We immediately ordered 9 of the first beta units to try out. The technology was cheap ($50/unit) and it worked but what prevented us from going any further with it was the pricing model that they decided to adopt - $5/node/month for access to the "dashboard" - the real-time monitoring software that they were developing for managing the networks. We decided that this cost was prohibitive for our purposes and the Merakis were shelved.
In September of 2007 I heard about a group of Vancouver community wifi enthusiasts who were getting together with the goal of setting up community wifi in Canada's poorest neighbourhood. I came out to a meeting and invited along some people whom I know are interested in any project that is about bridging the digital divide. The technology that was trumpeted at that meeting was Meraki. Since my previous brush with them they had changed their pricing structure and now they would let you run a free network (with free access to their dashboard) or a subscription (paid) network for 10% of your charges. We (the group, which came to call itself " FreeTheNet ") were unanimous that the free option was what we wanted to do and we quickly began building out a public network.
In October Meraki announced that they were changing their pricing model (yet again) and that they would be vastly raising the costs of their hardware (tripling, in fact). I remember going to their website to learn more about what they were doing and their new marketing slogan was something like "Build your business using exciting new technology where the rules of the game keep changing " How ironic; I wish I'd kept a screenshot of that! Under their new system there was no way that we could build out the network we envisioned. At roughly that point, one of our most experienced hackers said "forget Meraki", we're going to write our own firmware and dashboard and promptly started researching that. By late Novermber he was able to demostrate an open routing firmware called B.A.T.M.A.N. running with a mesh helper inside called Robin, that provided the same functionality as the Meraki firmware. This could be installed in the commodity Meraki hardware which greeted you with a friendly and encouraging "happy hacking" when you logged into it via the console.
Over December and January he worked on adding features that we wanted to our network to have (and that we had previously been encouraging Meraki to build to improve their system - things like per node custom splash screen, enhancements to the dashboard to improve scalability, etc.) All of this was being tested on Meraki hardware because this is what we had spent our money on back when they supported and encouraged the kind of work we were doing.
Then in February Meraki announced a change to their EULA (End User Licence Agreement) which precluded anyone from changing any of the software that they install on t
Their wiki article has no Controversy section. It needs one. I strongly suggest that someone who was abused by them edit the wiki article setting out the case. Given their hippie like idealistic looking web site, I would have to accuse them of hypocrisy at least.
I talked to Meraki about using their mesh network fro a resort I wanted to equip, but when I asked what would happen to our investment if they went belly up, they told me it the network hardware would be unusable if that happened. I said thanks but that's not acceptable.
Who would walk a client into that sort of scenario? How many bright hopeful startups have we seen disappear without a mention? It's not like they would ever be honest and tell you they are running low on cash.
I wouldn't mind if their service was value added, billing or accounting or something, but the network could still be used in the event they vanished. If the hardware was open and I could install a Open Source version later, I might have done it.
Maybe Meraki needs to revisit their model and look at it from a customer's viewpoint.
CM www.cometenergysystems.com Blog: http://caribbeanrenewable.blogspot.com/
Georgia Tech, the leader in Chia(tm) technology.
They sold the first taste of Heroin at less than cost in the hopes of locking people into an ongoing profit stream, and their hopes didn't materialize. That's terrible. Those poor business people.
The hackers did show a lack of savvy. They were trying to help people who have no means to pay, and they put themselves in a position where they were relying on a for-profit corporation to achieve their goals. That's just stupid. Make deals with the devil, end up on fire. They should have known better than to leave themselves vulnerable to external leverage like that.
-1 Uncomfortable Truth
IANAL, but it sounds like time for them to find a nice CDN lawyer who would do some pro-bono work to see if they have grounds for legal action. It would seem to me tha a "Tortuous interference" claim might be valid; given the actions appear to interfere with the owners of the hardware's ability to provide services as a result of the update.
I'm a consultant - I convert gibberish into cash-flow.
I found the contrast between most of Vancouver, which is otherwise one of Canada's most prosperous cities, and the Downtown Eastside so stark as to be completely overwhelming. There was a time when I had been one of the urban unfortunates myself, as I have a mental illness that was at one time quite severe.
I became determined to help those that I could, often buying meals for those who asked me for spare change. But it got to be more than I could bear; the stress of it put me back in the mental hospital - I was brought to St. Paul's hospital on Burrard by an ambulance, where I stayed for three weeks in their Two-South Mental Health ward.
I discuss Vancouver, and many of those who I met there, in my weblog The Vancouver Diaries. That is, the entries before June 30th, 2007, when I moved back to the US. I kept blogging at the site, as I intend to go back someday, but for now I live in Silicon Valley.
I have to say, that the company that remotely installed this firmware, breaking their project, why they have to be worse than The Grinch Who Stole Christmas. I don't think I have in my entire life met so many people who are so unfortunate as the residents of the Downtown Eastside. I hope they have a change of heart.
Request your free CD of my piano music.
until I read this article. My building is going condo and I am considering bringing up the concept of a building wide wireless network at our first board meeting. I am even toying with the idea of sharing with the neighboring buildings. The only commercial product I have been able to find is Meraki. Does anybody have any other suggestions?
Please forgive my English, it's Monday.
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
How the hell would they now whether or not the company was taking a loss on each box? Is this something I need to research on everything I buy? You seem to consider this ok? Maybe I should check out the details on my monitor, to make sure that I am not supposed to make up some of the income for the company by visiting certain websites.
If some company screws up and sells my "faulty" goods, then how is this any of my responsibility. And how does this allow them to go in and change the goods they already sold me?
I am having great difficulty understanding your logic on this one.
Have you ever tried talking technology with a lawyer? Talking nuclear physics with a pig is more rewarding.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Is it the hackers fault that Meraki instituted a poor business model? Is it the hackers fault that Meraki is incapable of finding a profit model that suits their needs? Is it the hackers fault that Meraki is retroactively applying their license by updating boxes without notice or consent?
What a company hopes for and the reality of what they get is not my problem or concern. They are from fricking MIT. If they can't do a simple business analysis to come up with a workable pricing and support model, then what the hell are they doing staying in business. This is elementary level thinking, so no, the eggheads from MIT get no sympathy from me.
G
I wish there was a fscking blue pill
This decline was something people have foreseen for a while. There is a rapidly maturing collection of open source projects to create a real open source Meraki replacement (disclaimer: I am helping develop one of these).
ROBIN is an open source mesh firmware that can run on reflashed Meraki nodes (well, I don't think it's "allowed" by Meraki anymore, since they've changed their license agreement to forbid 3rd party firmware and have made it really difficult to access the bootloader).
Open-Mesh is the dashboard management service that ROBIN nodes are configured to use. The guy who develops this actually started working on this dashboard when Meraki was still Roofnet - compare the Open-Mesh dashboard to the Meraki dashboard, the similarity is obvious. Also, you can buy pre-flashed, fully featured ROBIN nodes from Open-Mesh.com for $50 each, the same price that Meraki sells their crippled "standard version" of their nodes.
OrangeMesh, is an open-source version of the dashboard being developed that will allow you to host your own dashboard server, completely freeing you from reliance on any third party. You can check out it's progress here.
'Every story, if continued long enough, ends in death.' --Ernest Hemingway
You're blaming the "hackers" for this? This was a project for a poor community with a limited, fixed budget. The hackers got involved because volunteer efforts were likely the only way this project was going to happen. The only thing that changed was that Meraki switched from one unaffordable model to a different, still-unaffordable one, and in the process alienated a group of hackers with a vested interest in helping them improve their product. Perhaps Meraki should have instead open-sourced their Dashboard code and tried to leverage the efforts of people who are able and willing to help them make it better. And at the same time take a long, hard look at their business model. Because it's threatened by a bunch of hobbyists with some spare time on their hands, they're going to be in real trouble. Rather than trying to extort (too strong a word?) subscription fees for their software, perhaps they would be better served by slightly raising the price on the hardware (which they did) and offering support/services contracts to those customers who can afford them. It's a pretty safe bet that these other customers are going to be evaluating vendors not just on the hardware and software, but also on how open their code is, how robust the user and developer communities are, and whether or not they can count on the vendor (Meraki in this case) to act in their best interests in the future.
A company selling hardware at a loss trying to recover that loss with software sales is their problem. Not mine. Printer manufacturers do that, too, selling their ink printers at a loss to cash in with cartridges. Of course, third party vendors quickly tried to push their own cardridges onto the market, along with refill kits, both of which are being battled fiercly by the vendors of the printers who want to protect their business model. You now have chips in cartridges, protected by law against being duplicated... and so on.
It is a vendor lock in attempt. Try to sell the original part cheaply to win a customer, then milk the customer when he got the item and needs "fuel" to keep it running. Whenever something like this happens, you see a company get all defensive and try their utmost to keep their business model working.
This of course raises the question, why don't they just raise the price to match the cost? You offered that question yourself, why didn't they just raise the price by 70 bucks to make a profit with the original piece of hardware? The answer is simple: There's more money in milking locked in customers.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Couldn't just get a bunch of Linksys WRT 54GLs, load OpenWRT, and setup that way?
Software licensing isn't the issue; updating his legacy hardware which he purchased under a specific license with specific rights without his knowledge or consent is the issue. Especially when this new firmware update (which he did not authorize but was automatically applied by Meraki despite having been sold with a different EULA) effectively bricks his hardware. This raises the question - Whose hardware is it?
I'll grant you that the goal of the do-gooders was a little ephemeral compared to giving the poor food, but if your goal is sustainable improvement of the lives of the economically downtrodden, you need to do more than simply give them something to eat. Also, it's pretty damn insulting to a poor person to imply that their biggest problem is putting food on the table. Maybe their biggest problem, now that they've solved the food and housing issue, is helping their kids to a better life. You know what might help with that? Access to a computer and the internet at home.
One of the most difficult barriers to entry for folks from low-income backgrounds trying to gain some upward mobility is the lack of access to technological services/devices that those of us raised in a middle-class environment consider basic tools of life. How can you move from slinging burgers or picking strawberries (definitive low class jobs) to secretarial or temp office work (entry level middle class jobs) if you don't have a computer, or access to the internet, or excel, or MS word, etc? These guys were setting out to help bridge the "digital divide" -- explicitly trying to provide access to the online resources the middle and upper classes have to people who don't normally have access to them.
The poor have a variety of needs, don't patronize them by assuming the only need you see is the only need they have.
If you want to have a "rewarding" conversation with an IP lawyer, you need to figure out which bucket they are in so you can understand the motivation behind their selected language. If you assume "logic", or "reason" are involved you may as well just bang your head against the wall.
Did anyone read TFA?
Meraki patched a not-for-profit group's hardware from remote without permission so that it would no longer run the firmware same not-for-profit developed in-house. They did this to hardware that was BSD licensed when purchased. They either employed a backdoor or abused known customer access credentials (likely the former) to do it.
This is probably illegal and certainly wrong.
(TFA doesn't say if a contract was in play between Meraki and the client that would have authorized them to apply the patches, but its clear that the customer had put an end to the agreement so a complaint against Meraki would be legit.)
At the very least, this is a malicious hack against a customer. But I think its more than that.
If the peeps in Vancouver were left to continue their work, they certainly would have had a "competitive" solution which they would likely have offered up online for all to use. This would effectively make them a competitor, and a dangerous one because unhappy Meraki customers would be the most likely to check it out. I would go so far to say that this was a pre-emptive sabotage (with poor Vancouverites in the crossfire).
I have no problem with Meraki adapting their business model to find something that works. But their actions way overstepped the boundaries of the law. They would have been wiser to handle the whole affair in a more benevolent fashion in the first place. They could have, for example, cut a partnership deal with the non-profit to allow them to participate in feature development under NDA and enjoy a subsidized service. Both parties would have come out winners.
Whenever financiers get involved, they always want to lock up the tech because it is the only tangible asset they can claim ownership of. Meanwhile, they miss the essence of business value, which is in the people and the partnerships and the innovation.
I think that the only way community wifi is going to work is if it is community-run, not-for-profit, and vendor independent. There is no question that we will have this soon enough and it will be running on top of WRTs and other similar APs which are abundant and cheap and have loads of after-market conversion options for outdoor use. I'm disappointed to read all these comments bashing the Vancouver hackers, who deserve kudos for their inventiveness, determination, and good will.
Don't you mean "In a fascist society like this one"?
-1 Uncomfortable Truth
The company is taking a loss on each box at $50.
And? Your point?
If they unwisely chose to sell them at a loss - TFB. They have every right to change the terms and price on new units, but IMO they have committed an outright crime (computer trespass, at the very least) by forcing new firmware on already-purchased units.
but these hackers come along and provide the service for free on the same hardware.
Any company that hasn't learned that lesson yet, deserves their fate. If your business model critically depends on something that a third party can provide cheaper (or free), your customers will use the cheaper version.
They showed a clear lack of political savvy
Riiiight - Because we engineers normally have legendary people-skills and political-prowess?
Meraki presented a problem to people who live for solving them. Politics? Gimme a break. If you add non-game rules to the puzzle, someone will find a way to take them out to achieve a better solution.
The article suggests that a Meraki software upgrade has made it impossible to reflash them.
/storage/config.local file with whatever you want; in my case: /storage/config.local"
Actually, you can still easily make them revert to an earlier version which can be reflashed.
As described here:
http://robin.forumup.it/about99-15-robin.html
"you can ssh into the Meraki and create edit the
Code:
echo "firmware.mips.version 6-9163" >
And they'll update themselves to an earlier version.
The founders of Meraki have made huge contributions to open source software and it is good to see that others are taking advantage of their great work and making further improvements.
Your claim that they are taking a loss at $50/unit doesn't make a lot of sense. First of all, if that's true, then why is it that the open-mesh guys are able to sell an identical unit for $50? The problem isn't that they were taking a loss - it's that they weren't making enough profit. Secondly, consider Linksys routers. You can routinely buy these for $50 a pop, and they contain a lot more hardware than the Meraki. If Linksys is making a decent living in this business, why can't Meraki?
The bottom line is that Meraki has a losing business plan, and that's why we're seeing all this thrashing. There's no way they can make money fast enough to satisfy their investors at $50/pop, they need to monetize their dashboard system, they need ads, and that's just not what most end-users want. All of this stupid price model tweaking stuff they're doing is almost certainly motivated by promises they made to investors that they subsequently couldn't keep.
If they are in fact poisoning the firmware (I have two Meraki minis, but haven't had a chance to confirm that their firmware is poisoned), I'm pretty sure this is a felony, but I'm not sure it's worth the trouble to prove it and fix it. Given that the open mesh boxes are $50 each, I can just buy two and replace the two Merakis I bought as a test project, and I'll come out ahead. It's too bad for the people who bought hundreds or thousands of these devices, though. For them, it might be worth consulting a lawyer.