Slashdot Mirror
EFF To Unveil Open Wireless Router For Open Wireless Movement
hypnosec writes A new movement dubbed the Open Wireless Movement is asking users to open up their private Wi-Fi networks to total strangers – a random act of kindness – with an aim of better securing networks and facilitating better use of finite broadband resources. The movement is supported by non-profit and pro-internet rights organizations like the Electronic Frontier Foundation (EFF), Mozilla, Open Rights Group, and Free Press among others. The EFF is planning to unveil one such innovation – Open Wireless Router – at the Hackers on Planet Earth (HOPE X) conference to be held next month on New York. This firmware will allow individuals to share their private Wi-Fi to total strangers to anyone without a password.
I'm sure at least some ISPs stipulate in their terms of service that a subscriber cannot provide internet access to the general public without upgrading to some other (more expensive) plan. Surely we can move towards a more secure internet without strongly hinting that people should violate their contracts.
Recommending this to users who don't know exactly what they are doing can only be described as reckless. Without significant changes to the law and/or the way the internet works, opening up your network to complete strangers is a minefield and a lawsuit waiting to happen, even if you keep the public Wifi separate and only allow internet access. Please don't put "civilians" at risk to further your cause.
In UK. If you have your broadband from BT, you can use wifi from any router that is advertising FON service. You need to logon with your BT account credentials, but it's otherwise free to use. If you are out and about, and you need wifi, just drive into a residential area. There will one or more FON routers on almost any street.
"Cock Up Your Beaver" does not mean what you think. This sig is intended to clog filters and annoy do-gooders
I am fine with sharing my network and wi-fi bandwidth, as long as two conditions are met
1. That the open public Wi-Fi is QoS, so it cannot max out my connection, and starve my own private WPA2/AES wi-fi of needed bandwidth (So yes, I will share, but am gonna be a bit frugal on how much I am willing to share. Don't want someone streaming HD movies for free, but email and regular web browsing bandwidth is OK.)
2. That the open Wi-Fi is fully firewalled and separate from my own home network.
Uh, Linux geek since 1999.
"with an aim of better securing networks and facilitating better use of finite broadband resources"
If we have finite broadband resources, and they are already scarce enough that customers are demanding more from their connections that can be given to them, why will allowing random passing strangers to decrease the amount of available bandwidth to everyone else help?
Sorry, it's just an open wifi hotspot. We don't want really them in our homes. We certainly don't want random passing strangers to have them on our connection and traceable only to ourselves, for the hassle if nothing else.
Surely my freedom of using my own computing resources trumps anyone else's?
The only thing I can see them useful for is hacking their firmware. Otherwise, I could just switch back on the various options my ISP tries to force onto my router to share with random strangers that I turned off in the first place.
My current router allows me to grant guest access to my cable modem with no fear of the guests accessing my local network. Unfortunately thanks to Netflix and Amazon, I'm barely staying within my usage cap with Comcast as it is. Comcast is looking for any excuse to automatically "upgrade" my monthly service for an additional fee, and I'm not going to make that possible by giving away free internet access.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
This country is out of control. No other country on Earth puts large number of its own citizens in jails. Streets are filled with security forces like in some banana republic.
Two of my sons are welcomed by cop at the entrance to school. It is the same at grocery shop and movie theater. Police is buying military equipment and heavily trained forces in Iraq are under direct control of Washington administration in case people will unleash their unhappiness on the street.
North Korea man, it is freaking North Korea.
This will raise the price for everyone even if they don't want to "share". In essence, just like taxes/gov. People taking something for doing nothing. Nice.
If this gained enough adopters, how would the regulation of free wifi users work if they download a bunch of kiddie porn or something? Does the homeowner get prosecuted?
OR, can the homeowner do the same thing and claim "I don't know it must have been one of those darn free wifi users."
test comment
Spammers or hackers could get your IP turned off. But I'd do it anyway to be helpful.
OK a new size TV
funny you have no conditions regarding the legal framework; you are perfectly fine with getting blamed for the actions of those who use your network (e.g. door getting kicked in at 3am and armed statsi knocking you and your loved ones to the floor)
8 years and running:
http://en.wikipedia.org/wiki/FON
But keep in mind FON has weaknesses. It uses MAC filtering/whitelisting on an open network (at least it was when I stopped using it 2 years ago), users are at risk of session hijacking, so always logout when you are done using the accesspoint and avoid setting up any connection other that VPNs)
The innovation here is not opening a network on your router to perfect strangers, nor is it having FOSS running your wifi router. This is more of a theoretical experiment, to take the existing paid-for-services model and try and build an "information wants to be free" system knitted into it. Which will be fine until router owners hit their monthly limit and run sputtering back to their ISP or outside users realize they're getting 3G/ISDN speeds anywhere they please and don't like it. "The false notion that an IP address could be used as a sole identifier is finally a thing of the past, creating a privacy-enhancing norm of shared networks." Right. Good luck to the first several thousand defendants of DOJ warrants who claim anything noxious on their network was one of hundreds of strangers driving by their house. I'm not sure the EFF has the manpower to tackle that one. Nobility of intent is nice and all, but I think we're too far into the business model for networking for this to have much of an impact - the Neo900 of data networks.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
Someone uses one's Open WiFi to call in the Police/SWAT on another party and presto they come looking for you to blame for the incident.
Houseguest downloads child porn, cops show up - http://arstechnica.com/tech-policy/2014/05/houseguest-downloads-child-porn-cops-show-up/
Someone sits outside one's WiFi location and slurps up images and videos sucking one's bandwidth alocation dry before moving on to the next unsuspecting Open WiFi.
These issues will have to be limited, delimited or totaly removed before any reasonable person would Open their WiFi.
EFF - time for you to step in and create some release forms and software to clearly indicate who did what with one's Open WiFi!
My WiFi SSID has been called "Help Yourself" for years. I've never had any issues, probably because every router I've had has turned out to be so crappy that I can barely get a signal from the other side of the house, let alone the street. Every now and then I see some people joining. I don't use WiFi encryption, because I don't think the speed loss is worth it, and all of the websites I visit that contain information I don't want to share use HTTPS.
Too many ISPs now mandate that the user has at least WEP as a bare minimum on their wireless...
You would need to write a law making such clauses in an ISP's ToS illegal as quite often, ISPs tend to enforce it regardless of wherever it's your ISP's provided router or your own.
All the people saying "don't open your router because then the gov't will hold you responsible for things other people use it for" are missing the point. This is exactly why this is a freedom of speech issue and why the EFF is involved in the first place.
The gov't would like every act online to be traceable to an individual who can then be held responsible for it.
Freedom of speech means freedom from punishment because of your speech. The Soviets used to have a joke "everybody in Russia is free to say what they like - they're just not free to stay out of prison afterwards."
The only way to guarantee FoS is anonymity. The gov't can't punish you if they can't find you. Which is why dictatorships hate online anonymity.
Even if it was true that you could be held responsible for things others do using your router, you'd still have a duty to let them do it.
IANAL but AFAIK there is no legal basis in either the UK or US to punish someone for enabling someone else to commit a crime, unless it was part of a deliberate conspiracy, or 'common purpose'. So, (if its true at all that this is 'dangerous') the authorities are trying to illegally blackmail people into supporting their unconstitutional attempt to destroy anonymous Internet access.
Submitting to this blackmail is treason. Keep your country free, Keep your WiFi free.
The FAQ and info on https://openwireless.org/ doesn't seem to address security and privacy from the "guest user" point of view. They do have a link at the top "Using a network named "openwireless.org"? Check out important information about this network." which provides information for a guest user - but only mentions about being considerate and not abusing the service.
How does a user establish trust with each Open Wireless access point in order to determine it is not a rogue/fake AP? How are potential guest users being educated, besides a mention of HTTPS Everywhere? (Which most potential guest users don't really understand, and can also easily be manipulated into overriding SSL security warnings, such as one that may come up if the guest is being routed through a mitm SSL proxy.)
If this does become more widespread, I could definitely see a lot of money to be made for "Open Wireless VPN proxy" subscription services. But if the point is to "help change the way people and businesses think about Internet service" then shouldn't the guest user security issues be in the forefront with at least as much important as the host?
Marcaen
If this gained enough adopters, how would the regulation of free wifi users work if they download a bunch of kiddie porn or something? Does the homeowner get prosecuted?
OR, can the homeowner do the same thing and claim "I don't know it must have been one of those darn free wifi users."
Unless of course, we stop going after IP addresses and start going after CC numbers instead... Which will stop this nonsense.
Come to NYC on July 18-20, http://x.hope.net/ at the Hotel Pennsylvania, just across the street from Penn Station and Madison Square Garden.
Tickets are only $120 for all three days.
This year's keynote is Daniel Ellsberg of Pentagon Papers fame.
"To those who are overly cautious, everything is impossible. "
Sometimes people do things when they're not "perfectly fine" with possible consequences because it's the right thing to do. Its called morality.
That is NOT happening.
It's all fun and games until the heavily armed tactial team is kicking down my doors, smashing my windows, and messing my house up like an Israeli bulldozer, with the media in tow, because some random sick fuck decided to use my connection to procure his daily fix of sick shit involving three year olds, or attempt to arrange a murder, or even something that is 100% benign like download yesterday's soccer match, or whatever gets made illegal next week.
Another issue is that I only have 250 gigs to spare a month, up and down combined. It's a struggle keeping under that as it is. A fair chunk of that goes to an internal tor relay, and even running a non exit relay gets me more attention than I like sometimes. I used to run a freenet node too but I just can't spare the bandwidth anymore.
Anybody who does this, I salute you and your giant brass balls.
For a HD stream, it would take you over 80 hours to reach 250GB. 40, 2hr HD movies. Wow. Just Wow. The average American watches 2.8hrs of TV per day
With four Americans in a household, that could reach 11.2 hours per day, or over 330 hours per month.
I use a separate router to give open access to WiFi, and can connect its wired ports inside the house if necessary. The open router is mostly used by guests. Our primary router (and the LAN, printers, servers, etc. behind it) is inaccessible to the open router. Both routers are plugged into the optical switch and get different IP addresses, and both share a 100/100Mbps symmetric link.
Add this to the list of things that will never ever happen.
Guess who gets to go to prison when some "complete stranger" starts downloading kiddie pr0n through my home Internet connection.
Personally, my router is nailed to the wall of the basement at my demarc, so no matter which one I've used (latest NetGear has actually been pretty bombproof going on 4 years), it pretty much hits the floors above it and drops off dramatically after that. Which is fine. I don't surf and mow the lawn, my access logs look good, just can't figure out if it's the wife or the kids visiting who have a device called IMNSA. Gotta remember to ask them if I think of it.
use their powers only for good. And they are backed by hackers - the smartest people in the world.
There is NOTHING wrong with this project. Rly.
oh, sharing wifi is a moral obligation and "the right thing to do"? you are funny
this is one of the times in which busting the top off the thermometer is justified. unless the MafIAA is vanquished, this is infinite jeopardy.
if this is supposed to be a new economy, how come they still want my old fashioned money?
The vast majority of people are not jerks.
Help stamp out iliturcy.
There are a lot of posts here about scary legal problems for the router owner. But what if the routers allowed access to the Internet only through Tor, for example, so the router owner is not in danger of what people do with it? Couldn't the router help by running an internal Tor relay to help that network too?
Personally, my router is nailed to the wall of the basement at my demarc, so no matter which one I've used (latest NetGear has actually been pretty bombproof going on 4 years), it pretty much hits the floors above it and drops off dramatically after that. Which is fine. I don't surf and mow the lawn, my access logs look good, just can't figure out if it's the wife or the kids visiting who have a device called IMNSA. Gotta remember to ask them if I think of it.
Probably the same guy who connects to my WiFi with the name IMCIA
I've got a reasonably fast connection (50 megs down, 10 megs up), but I have a cap. My ISP charges $0.50 per gig overage, who is going to pay for that when strangers pump my monthly bill up?
Sharing wifi is moral, but it's not an obligation.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
I've had a FON device, and I think its main protection against malicious (illegal, stupid) use is that other users on the open FON channel are either authenticated FON users roaming to your access point or paid users who again aren't really anonymous.
What I was wondering though is whether each of these openwireless devices could also be set up as a Tor entry node for all of the free traffic going out that way? Think something like the Tails distro, where you don't record anything, and don't really want to either. Keep it somewhat bandwidth-friendly for the rest of your network, and worry less about what some anonymous user does with it.
I've seen 34 people (connections once), it all works fine until you can feel something odd, as which time I'll shut down my HotSpot, for a few days.
I do help many people (34 mayhaps) as it's always being used, and I noticed cars parked across the street or out of the way.
Yes I run a HotSpot as per EFF, yet will shut it down in a heart beat if it just feels funny (my connection).
false conflation. sharing wifi used to be fairly common. i regularly connected to some neighbor's open network called "fuckin_theif" and i shared mine when i could afford to pay an ISP. it's the threat of legal action, not selfishness, that's changed the culture.
As this violates most likely everyone's agreement that they sign when they purchase their Internet service from their ISP, don't do it.
Besides, who will pay your legal bill for you when the police charge you with a crime? None of these people! If you are lucky you'll only go bankrupt.
Why does Slashdot go the way of the Dodo and Obamas and disappear? This is just stupid it really isn't worth typing these characters.
Automatically sending guest connections through tor should address this issue.
What does "funny" feel like?
(Serious question, not trolling you.)
I also would like to know. I imagine it's you getting paranoid every so often and thinking 'this isn't a good idea'.
Yup. If tomato or dd-wrt had this as a simple on/off feature, I would happily share 1/4 of my bandwidth.
I pay for my bandwidth. What I do with it once I've paid for it is none of my ISP's goddamned business. They aren't my parents, they aren't the government, they aren't the police.
You signed a contract.
One of many contracts you have signed which insist that you play by the rules --- and no less enforceable when push comes to shove.
My SSID is Xfinity Wi-Fi.
I rate limit it to 50kb/sec and I have a lot of Comcast usernames and passwords saved.
I can't believe nobody has yet mentioned the utter stupidity of writing another firmware, for one device. We have ftp://ftp.dd-wrt.com/betas/ a fully working firmware for several if not "most" routers already out there. http://tomato.groov.pl/ for the devices dd-wrt doesn't support. And finally https://openwrt.org .
For the ignorant, EFF could adapt existing firmware to their device.
btw. The article mentions FON and others which are perfect examples of how things will fail, there is a exponential multitude of left over devices from failed projects where someone thought that locking was a viable option.
How about open wifi over Tor - that would allow you to share but avoid problems associated with liability for actions done on your connection and an ISP would have a job proving you were sharing their network capacity too.
All you need is a router that supports multiple SSID's and segmentation of them, a couple of clever firewall rules and Tor's Transparent Proxy support.
Tell that to my brother. One of his neighbour's kids cracked his wifi and changed the AP to read "Free WIFI for all!" and used his cap in an afternoon.
Albuquerque Real Estate - Foreclosure Properties
Albuquerque Real Estate - Foreclosure Properties
This.
ISPs are now a basic utility. They provide bandwidth through which you perform your online activities. That "series of tubes" analogy, while simplistic, applies quite well here. You're renting a small tube.
If you start attempting to operate an electric charging station, a public water filling station, or otherwise re-sell or distribute the utilities from your residential service... you're going to find out that it's not allowed.
You are NOT renting a "small tube". You are purchasing access to the internet, via your ISP's network. In order to make it affordable to the average person, they have to share the cost of a "tube" across multiple users. You ARE more than welcome to a) purchase a business account which does not have the same TOS restrictions, and b) purchase a dedicated bandwidth connection which you can fully utilize 24/7. And no, you do not need to be actually registered as a business or on business zoned property to set up such a connection.
You are not purchasing a service which puts you ON the internet. You're using THEIR IP space registered under THEIR name and AS. They DO have at least some responsibility to make sure their space is not a source of problems for other ISP's. If an ISP becomes a widely-known source of spam, they start getting blacklisted... so most ISP's block port 25 on their dynamic user space, just as one example.
If you REALLY want to be ON the internet, it's really not that hard. Go register for an ASN, buy yourself some IP space (be a leader, use v6 even!), and get a business account with an ISP, who will be more than happy to charge you a nominal fee to setup a BGP session with you.
What most people seem to be asking for is for their ISP to act like a Transit provider, not an ISP. If you want that, you can have that. But MOST people just want their email, their Netflix, their Facebook, and Youtube.
Sometimes people do things when they're not "perfectly fine" with possible consequences because it's the right thing to do. Its called morality.
You signed an agreement which included a condition that you NOT run a public access point, then reneged on that agreement. Sorry, I fail to see you taking the moral high road here.
Then they should provide a free VPN tunneling service that puts THEM on hook for any legal ramifications for abuse of such service. But, no they want ME to assume all the legal risk risk for them so they can make a political statement that an IP address is not a person. Are their lawyers going to pay for my legal expenses, loss of income, and damage to my reputation should one of their routers let on some douchebag that likes to download CP and I get raided by the cops and my face shows up in the local media? I'm not volunteering to be a martyr for their cause.
Fools! They should be doing this with OpenBTS. WiFi range sucks.Yes the fight would be harder but WTF, the EFF has gotten wussy.
This resembles the idea used by the now-disgraced Spanish Fon wifi outfit. I was Fon's most widely read English language fan blogger at http://elfonblog.fondoo.net/ Share wifi at home, receive wifi from your community elsewhere, even abroad. Except with OWM, no money is demanded and there's no hungry octopus in the center that swipes the majority of the wealth, and maintains obstacles instead of adding real value to the system . wink
I would add at least one feature to this project. The wifi can be unencrypted. The routers should have onboard VPN servers so people using the hotspots can encrypt their wifi to protect from nearby eavesdropping. Another option would be to forward the client's VPN tunnel to another OWM router somewhere else. This obscures the user's location. There would be automatic choice of endpoint depending on load. Idle routers with no local clients would not go to waste. A vip option could be to choose where your VPN tunnel makes you appear. If you're a contributor to the project, you would be a vip+ who could also choose his own router as endpoint so he can access LAN and file shares. OWM would provide a custom VPN client that ensures that the user is not using a fake hotspot, and facilitate making the choice of where the VPN endpoint is. It would be fairly simple to build a darknet available to those using the VPN clients.
Or, the wifi could be WPA encrypted... Whisher.com (now defunct and bought by wifi.com for no purpose) was working on a replacement/enhancement to the wifi manager on your windows, mac and linux pcs. It worked just like the regular one, but it also held an encrypted database of wifi router mac addresses and WPA keys for them. It indicated when you were in range of one, and would connect you to the router with full WPA encryption - without revealing the key to you (optimally). The owner of the hotspot could open his router to all, all but those on his blacklist, or only his friends on his whitelist. Privileges could be added or revoked on the fly. You could use any router with Whisher, as the router didn't require custom firmware, your pc simply used a custom wifi mgr. So, the Whisher app acted like DRM. It also supported a darknet sort of community and chat app, but I would say it was superfluous. The custom OWM client I describe above would do what Whisher did, though Whisher did not have any anonymization features. The OWM routers could still tunnel encrypted traffic to other endpoints.
WPA is more secure in one sense, but the key database could someday be cracked. Perfect Forward Secrecy type VPN encryption (if it exists) would be more work to crack, but also a higher load on the routers. Perhaps if a trustworthy VPN company was partnered with OWM so the endpoints could be independent of the embedded router systems. Faster speeds and more choices would be available with a paid subscription (but you could use any VPN provider).
"In that case, out comes the ISP modem, in goes an aftermarket configurable modem.
That's an option available only to technically-knowledgeable users.
Adding code to the public access portion of your wi-fi that asks the user for their phone number, then texts them an access code?
So what happens to me when all these 'strangers' i open my network to end up illegally downloading music, movies, and God knows what else... ?
In an alternate reality where every packet is magically stamped with an identifier of person directly responsible for its generation by an infallible "packet fairy" would the world be better or worse off?
Personally I believe as long as humans continue to prove themselves incapable of handling power the more access and anonymity the better off on balance we all are.
Seems insufficient to consider only risks on one side of the ledger when weighing a course of action. At least RTFA's FAQ...
it wasn't this complicated back then
Contracts entered into without alternative may be legally binding, but are generally held to be morally suspect.
If you have acted to prevent anyone from getting a fair deal, then I don't have to feel bad about acting to subvert your crooked deal without your knowledge.
And thus morality, ethics and legality splinter into a thousand pointy bits of subjectivity.
Personally, I play by the rules - but it's because I own property, and I don't want to give the corporate-owned mechanisms of state any excuse to confiscate any of it. It's not because I feel any moral obligation to the likes of Verizon or Comcast; the big ISPs appear to be pretty evil, judging from their past actions, and they've never earned any affection or respect from me.
Just as soon as someone will sign a contract with me to pay by connection bill for every bit of bandwidth over what I am paying for. Those of you living in high population density area's may not have to pay for every gigabyte, but those of us that have property that is measured in acre's instead of feet (if you even have property) don't have unmetered broadband. We pay for every byte, and we don't just give away what we pay for.
maybe your neighbor had equipment that couldn't deal with particular security method, and so had open network and really felt you and others were stealing from him. how moral would that be?
Nonsense. There is no law that makes you responsible for what other people download. (at least, not in any sane first world country)
It is a disgrace that you are so terrified of your government that you think sharing your bandwidth with a stranger is dangerous.
I have been helped many times in the past by the kindness of strangers who left their wifi open - and I will continue to leave my wifi open for other strangers to benefit in return.
Many (most?) modern routers support this safely by allowing you to provide a guest network which is isolated from your own wifi network.
VLC Remote for iPhone and Android
Why would I trust your wifi to start with ? It's name is "freewififorall" and I should hope it is not a honeypot to eavesdrop my credit card number when it is transiting on the wire(less), or scan my open ports if I connect ?