Slashdot Mirror
Contest For a Better Open-WRT Wireless Router GUI
Reader RoundSparrow sends word of a contest, with big cash prizes, being mounted by a commercial vender of open source Open-WRT routers. You have 10 months to come up with "the most impressive User Interface/Firmware for Ubiquiti's newly released open-source embedded wireless platform, the RouterStation." Entries are required to have open source licensing and will all be released. First prize is $160,000, with four runners-up receiving $10,000. RoundSparrow adds: "Could be built on top of existing X-WRT or LuCI OpenWRT web interfaces. OpenWRT Kamikaze 8.09 was just released. Now is perfect timing for OpenWRT to get some kick-ass interface and usability ideas. I'm not affiliated with the contest vendor."
What's wrong with X-WRT?
OpenWRT is something you set up, then forget. It doesn't need "themes" or "skins", or 3d effects. This is not "pimp my router".
I want to delete my account but Slashdot doesn't allow it.
Other OpenWRT news. The newest Atheros 9xxx radio chips is available in a number of OpenWRT supported routers now. I have been working to help organize new 802.11n support in OpenWRT. I have compiled a list of consumer routers that work with Linux ath9k driver and ar71xx CPU. In order of current recommendation:
Planex (PCI) MZK-W04NU, 32MB RAM and 8MB flash, USB port, 10/100 Ethernet
Trendnet TEW-652BRP, 32MB RAM and 4MB flash, 10/100 Ethernet
Trendnet TEW-632BRP, 32MB RAM and 4MB flash, 10/100 Ethernet
D-Link DIR-615 revision C1 (ONLY!), 32MB of RAM and 4MB flash, 10/100 Ethernet
TP-Link TL-WR941N WR941ND, 32MB RAM and 4MB flash, 10/100 Ethernet
OpenWRT team is pretty close also on the Netgear WNR2000.
These listed above all come from a common Atheros AP81 reference platform. see http://wiki.openwrt.org/AtherosAR9100
In USA and Japan, the Planex is available on Amazon.com for $59.99 with free shipping... it has more flash and USB port. 3 removable antennas, is a nice hacker system. In the USA, the Trendnet routers have been on sale from Newegg, Fry's, buy.com for only $25 a few times. I will try to post on Reddit / my Slashdot journal when I see them on sale for $25 next time.
The ath9k driver for Linux is not yet mature but is moving along... in 2 to 3 months I expect we have a very nice platform... and the router interface and ease of use of OpenWRT is getting attention with this contest! Now is an exciting time for OpenWRT and Linux routers - finally moving to some new N devices.
Tomato for the win!
The higher the technology, the sharper that two-edged sword.
You guys altered the name to Open-WRT :) Anyway, thanks for spreading the world on this and Kamikaze 8.09 release. the OpenWRT devs work hard.
Oh god no.....no Web 2.0 Crap. the router GUI is supposed to be fast, small, and compatible with EVERYTHING.
DDWRT has a problem with Firefox on the latest builds because of the stupid Web2.crap to make things more flashy instead of working right.
I am really tired of the "ooh shiny" becoming far more important than functionality lately in both projects.
Do not look at laser with remaining good eye.
interesting contest, but I searched and couldn't find an answer to my biggest questions:
does it run linux?
are there any requirements to use it in a beowulf configuration?
any requirement to be resistant to, and remain working, after having hot grits dumped on it?
should it support QoS by streaming naked photos of natalie portman at top priority?
It's not like it's your money! I currently use Tomato on one of my routers. I love the interface. I don't log in very often, mostly to check those fantastic real-time usage stats.
But when I do log in, it is nice to be able to find things quickly. I respect developers who take into account usability and style. In fact, I have basically no respect for those who discount it.
You probably can code circles around me. But in the end, the customer or user only sees the interface. They only see those "useless" graphics, and that "Web 2.0 Crap". Yet, a well designed interface will allow new users to appreciate the product faster, and hopefully keep them around.
Just because the majority of web developers suck at designing "web 2.0" interfaces doesn't mean that the problem lies with the "web 2.0" part. We'd have a lot less technology if we used that metric to measure a tools value.
I think the comments so far some up one of the major issues with the open source world and usability. At this point most of the comments are saying "we don't want themes" and "it's fine the way it is". The usability of a device has NOTHING to do with being able to skin it or apply themes. Usability is all about making the device simple for someone with limited knowledge or experience to use. This means things like dimming or disabling options if someone chooses a checkbox for an item that is incompatible those options. If they choose to only run the device as 802.11b (god knows why, but humour me), then don't ask them to set up the security options that only apply to 802.11g and higher. Explain what the options do in plain English. That's what usability is.
Not everyone should be administering a network either. Any literate adult meets all of the requirements necessary to learn how to do so but there are plenty of people who should not perform this task. The system is self-correcting however; the ones who shouldn't have done so are the ones who have most of the problems. If you a) don't know how to properly do something and b) refuse to learn how to properly do it, then it makes sense to ask (or hire) someone else to do it for you.
The people who think that this simple observation somehow does not apply to them, or that getting pissed off at someone like me who points that out is going to change the reality of the situation, well, I bet they wonder why they have such bad "luck" with these things. You attempted something that you don't actually know how to do and experienced undesired results; what a surprise, it must have been those evil elitist geeks! Seriously though it's amazing how upset people get sometimes when you dare to suggest that there are tasks which require a bit of skill and that doing them without that bit of skill can cause problems. You'd think that this were some kind of highly controversial position for which there was no conclusive evidence.
To more directly answer your post, I think iptables itself is rather irrelevant. The story is about a router GUI, which would probably be a front-end to iptables. There are some very nice GUI tools available for iptables; if Open-WRT's offerings are on a par with them, then they would provide a way to edit firewall rules that's about as easy as it's going to get. I do think that a firewall is one of those few applications where there is some inherent complexity that cannot be made much simpler without severely compromising the device. It's like that Albert Einstein quote (paraphrase): "Things should be made as simple as possible, but no simpler."
For that reason, I question the type of "easy to use" to which you refer. If you have a solid working knowledge of TCP/IP, then you should be able to handle any firewall and "easy to use" would mean automating what can be automated to save you some keystrokes and to avoid some unnecessary tedium. If you don't have a solid working knowledge of TCP/IP, it would probably mean dumbing things down to make up for your lack of understanding, which of course would result in a less thorough or a less accurate configuration.
Given the security issues that can arise from a misconfigured firewall, I would suggest that this is one area where enabling people who don't really understand what they're doing is asking for trouble. You're not really doing the less-knowledgable any favors by setting up a situation, in the name of convenience, where they are likely to have problems that they won't know how to solve. The good news is that there is abundant documentation on both TCP/IP and iptables, so anyone who is interested and motivated can easily learn how they work.
It is a miracle that curiosity survives formal education. - Einstein
In fact, I have basically no respect for those who discount it.
You probably can code circles around me. But in the end, the customer or user only sees the interface.
Actually you've hit on a major problem of programers that we don't like to talk about (well, except me, obviously..). The thing is, GUI design is a complex art, one that takes a long time to learn to do well, so its hard to be good both at visual interfaces and the often very complex code that they control.
I know this from my own work. I'm a pretty good coder (gosh, how modest of me). I can write code to just about anything, and charge a pretty penny to do so, but my ability to code a user interface is rather poor. Sure I know all the theory, but there's something extra you need, that 'eye for the visually pleasing' thats hard to cultivate unless user interfaces are what you do all the time.
I've used plenty of applications where the guy who wrote the backend code also coded the gui, and as a rule the gui is somewhat lacking. This is't just restricted to single coder projects, it also occurs when a project is full of able back end coders, and they build the gui to suit their own level of ability to use the code.
You can see this if you use Emacs. Nice though that software is in features, the interface is godawful, and actively prevents anyone new to computer usage or programing from using it.
A learning experience is one of those things that say, 'You know that thing you just did? Don't do that.' - D. Adams
"Simplicity and intuitiveness for the end user (both newbie and expert)"
Maybe this will be won by the most blinged-up interface but there's hope here that the competition organisers get some well thought out entries which help guide the users through the configuration of their routers.
Some installs are jargon heavy and just assume you know what all the options mean, little to no explanation or help. I've spent many hours sweating over some WRT GUIs that have (to me as a relative beginner) had meaningless options. I really really want to use these excellent installs but I get really put off by zero-to-poor documentation or explanations of what all the options are.
A simple interface with excellent documentation and guidance would be worth the prize.
Can it be Flash based? I've got some cool ideas involving fancy animated text effects and transitions that would be really useful for a router interface.
Better known as 318230.
I think that most people choose to pay others to change their oil because, for new cars, it may be covered by a service contract they signed, and changing the oil themselves may affect the warranty. Aside from that, their time and cleanliness may be more valuable to them than the money spent for the service or the equipment (jack stands / ramps) to to it safely.
The majority of the posts seems to be sneering down in elitism to these poor folks that don't know how to setup a router in the CLI and, god forgive them, try to setup their home network by themselves, without paying a sysadmin to do the work.
Yes, a sysadmin that can't configure a router without a good GUI should be hanged by the neck until death, but last time I checked, the majority of the routers supported by OpenWRT were SOHO ones.
Do you really expect people that just want to setup a minimal network of maybe a printer, one desktop and two lappies to read RFC 1123?
One shouldn't need to. Yes, networking is interesting and useful, but not everyone wants to be an expert on it.
I have seen a physics PhD setting up a wireless net for his lab with WEP, because the list of protocols was sorted alphabetically and it came before WPA. Well, he should have told the lab's undergrad to do the job but, nevertheless, a good GUI would at least put an (deprecated) near the option.
He wasn't being dumb. Would be if he put a short common word as password. Even if he didn't knew about dictionary attacks, common sense would have told him that they're easy to guess. Actually he chose some interval of the digits of pi because it had high information entropy. But how could he know that the router would offer an insecure option to him or which 3-letter acronym was better?
entropy happens
The thing is, GUI design is a complex art, one that takes a long time to learn to do well, so its hard to be good both at visual interfaces and the often very complex code that they control.
You hit the nail on the head. It's an art, and that means that, when all is said and done, it's the guy with the eye who polishes the job. Programmers can follow all the user-interface design rules laid down in the multitude of books on the subject, but if they don't have the touch, what they'll come up with may be functional, but will still look like crap. It's as inevitable as the tide. Good coding can be an art as well ... it is by no means always thus, but some developers do carry their work into the realm of true art.
Look at the history of video game development. Early products were as you describe: often designed by single coders, or maybe a team of coders. That worked, because the hardware was too crude to allow an artist to do much with it, although some companies did hire animators. Blocky programmer-drawn graphics were acceptable because that was about the limit of the equipment. However, as the resolution, color space, and processing power of graphics systems improved, you began to see specialization occur in game development. Much as happened in motion pictures decades before, the evolving complexity of the products demanded an expanding team effort. Designers, coders, artists, animators, level designers, writers, play testers, quality control testers, a whole host of wildly different disciplines are now required to produce a single game.
It's no different in the world of Web development. You need a team, with people capable of handling overall design responsibility, documentation (something coders are notoriously bad at doing), back-end requirements, the GUI, and many others. It's easy for developers who have no talent for user interface work to dismiss such as unnecessary glitz. Understandable, but entirely wrong when talking about software that is marketed or used by the general public (like a Web site.) Furthermore, in the real world people (especially people who write big checks) are impressed by a polished, well-written GUI.
Personally, I've spent almost thirty years in this business, and I started out doing largely embedded-type stuff for the game industry, and eventually got into doing higher-level graphics and artwork. Then I got into manufacturing and control systems, and discovered that users like software that is attractive, not overly-complicated for the problem it purports to solve, and above all does the job. The years I had spent learning graphic techniques paid off handsomely during that time, since my competitors generally couldn't draw their way out of a shoebox.
In any event, I found that while I had successfully worn a number of hats as an application developer over the years, it was getting harder and harder to be a solo act. So, nowadays I'm not, I work with lots of other people, and I've found that my skill set is complementary to many of them. It works out well, if you have a good team.
The higher the technology, the sharper that two-edged sword.
You sure can make firewalling stuff easier. You just have to think a bit outside of what is the norm. We have lots of computing power these days and your router can play games that were previously impossible.
1) If your router is also a switch/hub, it can analyze the internal network traffic and learn computer names (if windows file sharing is enabled anyway).
2) It can tap the internet to look up stuff like mac addresses and other statistical traffic patterns to identify things like your Tivo or XBox.
3) You can invent an internal protocol that enables your household computers and devices to communicate to the router what the fuck they are. Odds are good you can use fancy crypto to make sure that the computers and devices can't lie if they get compromised.
4) Make a training mode that lets everything go through and when you are done, the router uses the wealth of statistical bullshit it collected in steps 1->3 to give the user a report outlining the househouse hold traffic.
5) The user can then "lock" the router and not let anything but what was configured in #4
6) If something odd happens, or the router detects new computers (say a laptop, etc). The magic protocol in step 2 would send some kind of alert to a computer, your email, your phone... something... basically saying "hey man, something changed... you might have to retrain me".
My idea, obviously, is a very crude outline. But you get the idea. Everything can be simplified if you focus in on exactly what the task at hand is and leave the rest of the bullshit out. In fact, I bet you can design the firewall configuration in such a way that the user never needs to see IP addresses or port numbers. All they see is friendly computer names (deduced from #1->#3) and descriptions of the traffic.
Nerds, obviously, wouldn't like this--instead wanting some geeky bullshit. But they can piss up a rope as far as I'm concerned. This is a mass market device intended for people who just want to feel secure that nobody is hacking their shit.
Maybe the task is needlessly complex? Why should somebody connecting to a access point need to configure which encryption protocol to use? Why should the damn WiFi card and the access point negotiate automagically and *pick the damn best one they both support*?
^ this space reserved for replies telling me that the protocol doesn't allow it. Well you know what? The user isn't broken, the protocol is. 802.11/whatever is horribly insecure because the protocol doesn't fucking handle the encryption for you. Let me pick a key on the router, type it into the laptop, and the damn things can pick WAP, WPA, WEP, WAZOO or whatever the fuck some encryption dudes dream up all on their own. As long as it works and is secure, I dont really care what the hell protocol is used.
Blame the user is arrogant, stupid and is increasingly a black mark on employment. The world expects the programmer and the designer to do everything for them. That is the market. Deal with it. Programmers who design usable stuff will find their skills highly desired. Programmers who say users are spoiled children will rapidly find nobody wants to hire them.
You know who to blame? Blame the designers and programmers for not understanding what the goals and tasks are. Blame the designers (or lack thereof) and programmers for not removing all the roadblocks in the way of accomplishing said goals and tasks.
Honestly, the real reason programmers get bent out of shape (*cough*aside from the weird vibes coming from those still in the computing stone age like RMS*cough*) is that programming a usable interface is very hard. Lots of edge cases and you can't catch all of them. Really, the shit is hard and no silver bullet will ever be found that makes the hardness go away.
It looks like the overall discussion quickly drifted away from the actual topic and the further degrades into insults and endless discussions about cli vs. gui / enduser vs. professional etc. But hey, this is slashdot so I think it's expected.
Anyway, I think that most people miss the point here. The challange is about to implement a (new) gui for the Ubiquity Router Station, based on AirOS which is actually a snapshot of the OpenWrt Kamikaze trunk with some patches added for board support and another proprietary hal to drive the Atheros cards used with the board.
The RouterStation is not exactly a SOHO device, it's a bare embedded board featuring a fast MIPS cpu and three MiniPCI slots, POE and some other fuzz.
It has higher specs then the average Broadcom gear and is intended for larger infrastructure deployments, like wisps etc.
So far on the target hardware. Since one requirement is to use OpenWrt/AirOS as base operating system, one can rule out Tomato (which ppl quickly suggested) since it's built on top of the former disclosed Linksys SDK for WRT54G devices and relies heavily on a Linux 2.4 kernel to use bcm43xx wireless phy. Part of the original Linksys firmware design was the use of nvram as central configuration storage which is abandonned in nowadays Kamikaze releases. Anyway - I think it's nearly possible to rip the gui off an existing firmware project and refactor it to run on top of OpenWrt, it would be easier to just start from scratch.
Now the list of required features is pretty long and includes stuff that's not present in (half) open source firmwares like Tomato, DD-Wrt or OpenWrt. It includes things like bgp/ospf routing, bonding, snmp or layer 2 firewalling (ebtables, arp nat ...) just to name a few. That are things a normal ui designer can't draft without the support of one or more networking experts who actually know whats this about and how it's done properly. Some of that features also are inherently complex and can't be fully abstracted away with some fancy ui elements and a short help text on each page. On the other hand an ui allows to present complex relations like traffic flow, qos behaviour, wifi signal stength etc. in a visual way that can't be accomplished with a cli-only interface.
The to-be-developed ui is not intended for casual users that just want to hook up a bunch of computers and get into the internet. It's also not intended to be used by people who don't have a clue about networking or don't want to learn about the principles of the involved technologies. You have to keep in mind that the interface should be able to handle multiple wifi cards with multiple wireless networks each, that it should ease the setup of complex network configurations without limiting the amount of possible options. It's also not about a fancy web 2.0 portal or shiny flash interfaces, just to please possible customers.
Imho the ui should also be designed in such a way that it allows a smooth coexistance with cli-based workflows. Neither Tomato nor DD-Wrt provide such abilities since the underlying system is optimized to be used by the ui and hardly intuitive to use via the cli. Think of it like the relation of Linux and Xorg. You can uninstall all X related stuff and still have a functional system where you can access all resources etc.
Another fact to worry about is the portability of such an ui - if one wants to make it into a generic interface for OpenWrt, it would have to support a wide range of hardware from simple Linksys boxes to X86 gear like Avila or Alix boards, tt would have to support wireless configuration for madwifi, legacy broadcom and mac80211 based wireless drivers, each with different ways of configuration. Oh - and it should support kernel 2.4 and 2.6 which becomes a real pain if one relies on sysfs for state information.
Also the choice of the programming language and framework matters, one could go ahea
I'd say it's because DD-WRT has a nice GUI and is easy to configure... OpenWRT, not so much.
/etc/config/network and /etc/config/wireless, adding about 20 lines to each file. (source: http://forum.openwrt.org/viewtopic.php?pid=53924 )
I use a wireless router as a repeater, and upon searching for which firmware version I would like to use, I found that:
DD-WRT you click repeater, set the SSID of the source network, the SSID of the new repeater network, and assign it a WPA password. Done. Happy point and click. (source: I did it.)
OpenWRT I found that you have to edit the
The OpenWRT was doable, but would certainly take more than the 30 seconds I needed to setup, then forget, the DD-WRT firmware that I went with. I think this story is an advertisement because they are losing a popularity contest with DD-WRT. And yes, you can telnet into the DD-WRT and edit the files manually as well if that's your thing.
I use dd-wrt and find the interface good enough for everything I've tried to do with it... But I've been thinking that this stuff would get more wide-spread attention if end-users could have various scenarios auto-configured for them. ie: I want a firewall but I also want to provide an open access point while protecting my home network from anonymous users. I want to restrict anonymous users to 100kb/sec of bandwidth. I want my security cameras to be blocked from talking to the outside world .. blah blah blah... none of this "WDS" "VLAN" "DMZ" "QoS" "WPA2" unless you're in expert mode.