Slashdot Mirror
EFF To Unveil Open Wireless Router For Open Wireless Movement
hypnosec writes A new movement dubbed the Open Wireless Movement is asking users to open up their private Wi-Fi networks to total strangers – a random act of kindness – with an aim of better securing networks and facilitating better use of finite broadband resources. The movement is supported by non-profit and pro-internet rights organizations like the Electronic Frontier Foundation (EFF), Mozilla, Open Rights Group, and Free Press among others. The EFF is planning to unveil one such innovation – Open Wireless Router – at the Hackers on Planet Earth (HOPE X) conference to be held next month on New York. This firmware will allow individuals to share their private Wi-Fi to total strangers to anyone without a password.
I'm sure at least some ISPs stipulate in their terms of service that a subscriber cannot provide internet access to the general public without upgrading to some other (more expensive) plan. Surely we can move towards a more secure internet without strongly hinting that people should violate their contracts.
Recommending this to users who don't know exactly what they are doing can only be described as reckless. Without significant changes to the law and/or the way the internet works, opening up your network to complete strangers is a minefield and a lawsuit waiting to happen, even if you keep the public Wifi separate and only allow internet access. Please don't put "civilians" at risk to further your cause.
In UK. If you have your broadband from BT, you can use wifi from any router that is advertising FON service. You need to logon with your BT account credentials, but it's otherwise free to use. If you are out and about, and you need wifi, just drive into a residential area. There will one or more FON routers on almost any street.
"Cock Up Your Beaver" does not mean what you think. This sig is intended to clog filters and annoy do-gooders
I am fine with sharing my network and wi-fi bandwidth, as long as two conditions are met
1. That the open public Wi-Fi is QoS, so it cannot max out my connection, and starve my own private WPA2/AES wi-fi of needed bandwidth (So yes, I will share, but am gonna be a bit frugal on how much I am willing to share. Don't want someone streaming HD movies for free, but email and regular web browsing bandwidth is OK.)
2. That the open Wi-Fi is fully firewalled and separate from my own home network.
Uh, Linux geek since 1999.
"with an aim of better securing networks and facilitating better use of finite broadband resources"
If we have finite broadband resources, and they are already scarce enough that customers are demanding more from their connections that can be given to them, why will allowing random passing strangers to decrease the amount of available bandwidth to everyone else help?
Sorry, it's just an open wifi hotspot. We don't want really them in our homes. We certainly don't want random passing strangers to have them on our connection and traceable only to ourselves, for the hassle if nothing else.
Surely my freedom of using my own computing resources trumps anyone else's?
The only thing I can see them useful for is hacking their firmware. Otherwise, I could just switch back on the various options my ISP tries to force onto my router to share with random strangers that I turned off in the first place.
My current router allows me to grant guest access to my cable modem with no fear of the guests accessing my local network. Unfortunately thanks to Netflix and Amazon, I'm barely staying within my usage cap with Comcast as it is. Comcast is looking for any excuse to automatically "upgrade" my monthly service for an additional fee, and I'm not going to make that possible by giving away free internet access.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
This country is out of control. No other country on Earth puts large number of its own citizens in jails. Streets are filled with security forces like in some banana republic.
Two of my sons are welcomed by cop at the entrance to school. It is the same at grocery shop and movie theater. Police is buying military equipment and heavily trained forces in Iraq are under direct control of Washington administration in case people will unleash their unhappiness on the street.
North Korea man, it is freaking North Korea.
test comment
Spammers or hackers could get your IP turned off. But I'd do it anyway to be helpful.
OK a new size TV
funny you have no conditions regarding the legal framework; you are perfectly fine with getting blamed for the actions of those who use your network (e.g. door getting kicked in at 3am and armed statsi knocking you and your loved ones to the floor)
8 years and running:
http://en.wikipedia.org/wiki/FON
But keep in mind FON has weaknesses. It uses MAC filtering/whitelisting on an open network (at least it was when I stopped using it 2 years ago), users are at risk of session hijacking, so always logout when you are done using the accesspoint and avoid setting up any connection other that VPNs)
The innovation here is not opening a network on your router to perfect strangers, nor is it having FOSS running your wifi router. This is more of a theoretical experiment, to take the existing paid-for-services model and try and build an "information wants to be free" system knitted into it. Which will be fine until router owners hit their monthly limit and run sputtering back to their ISP or outside users realize they're getting 3G/ISDN speeds anywhere they please and don't like it. "The false notion that an IP address could be used as a sole identifier is finally a thing of the past, creating a privacy-enhancing norm of shared networks." Right. Good luck to the first several thousand defendants of DOJ warrants who claim anything noxious on their network was one of hundreds of strangers driving by their house. I'm not sure the EFF has the manpower to tackle that one. Nobility of intent is nice and all, but I think we're too far into the business model for networking for this to have much of an impact - the Neo900 of data networks.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
My WiFi SSID has been called "Help Yourself" for years. I've never had any issues, probably because every router I've had has turned out to be so crappy that I can barely get a signal from the other side of the house, let alone the street. Every now and then I see some people joining. I don't use WiFi encryption, because I don't think the speed loss is worth it, and all of the websites I visit that contain information I don't want to share use HTTPS.
All the people saying "don't open your router because then the gov't will hold you responsible for things other people use it for" are missing the point. This is exactly why this is a freedom of speech issue and why the EFF is involved in the first place.
The gov't would like every act online to be traceable to an individual who can then be held responsible for it.
Freedom of speech means freedom from punishment because of your speech. The Soviets used to have a joke "everybody in Russia is free to say what they like - they're just not free to stay out of prison afterwards."
The only way to guarantee FoS is anonymity. The gov't can't punish you if they can't find you. Which is why dictatorships hate online anonymity.
Even if it was true that you could be held responsible for things others do using your router, you'd still have a duty to let them do it.
IANAL but AFAIK there is no legal basis in either the UK or US to punish someone for enabling someone else to commit a crime, unless it was part of a deliberate conspiracy, or 'common purpose'. So, (if its true at all that this is 'dangerous') the authorities are trying to illegally blackmail people into supporting their unconstitutional attempt to destroy anonymous Internet access.
Submitting to this blackmail is treason. Keep your country free, Keep your WiFi free.
The FAQ and info on https://openwireless.org/ doesn't seem to address security and privacy from the "guest user" point of view. They do have a link at the top "Using a network named "openwireless.org"? Check out important information about this network." which provides information for a guest user - but only mentions about being considerate and not abusing the service.
How does a user establish trust with each Open Wireless access point in order to determine it is not a rogue/fake AP? How are potential guest users being educated, besides a mention of HTTPS Everywhere? (Which most potential guest users don't really understand, and can also easily be manipulated into overriding SSL security warnings, such as one that may come up if the guest is being routed through a mitm SSL proxy.)
If this does become more widespread, I could definitely see a lot of money to be made for "Open Wireless VPN proxy" subscription services. But if the point is to "help change the way people and businesses think about Internet service" then shouldn't the guest user security issues be in the forefront with at least as much important as the host?
Marcaen
Sometimes people do things when they're not "perfectly fine" with possible consequences because it's the right thing to do. Its called morality.
For a HD stream, it would take you over 80 hours to reach 250GB. 40, 2hr HD movies. Wow. Just Wow. The average American watches 2.8hrs of TV per day
With four Americans in a household, that could reach 11.2 hours per day, or over 330 hours per month.
this is one of the times in which busting the top off the thermometer is justified. unless the MafIAA is vanquished, this is infinite jeopardy.
if this is supposed to be a new economy, how come they still want my old fashioned money?
The vast majority of people are not jerks.
Help stamp out iliturcy.
There are a lot of posts here about scary legal problems for the router owner. But what if the routers allowed access to the Internet only through Tor, for example, so the router owner is not in danger of what people do with it? Couldn't the router help by running an internal Tor relay to help that network too?
I've got a reasonably fast connection (50 megs down, 10 megs up), but I have a cap. My ISP charges $0.50 per gig overage, who is going to pay for that when strangers pump my monthly bill up?
Sharing wifi is moral, but it's not an obligation.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
I've had a FON device, and I think its main protection against malicious (illegal, stupid) use is that other users on the open FON channel are either authenticated FON users roaming to your access point or paid users who again aren't really anonymous.
What I was wondering though is whether each of these openwireless devices could also be set up as a Tor entry node for all of the free traffic going out that way? Think something like the Tails distro, where you don't record anything, and don't really want to either. Keep it somewhat bandwidth-friendly for the rest of your network, and worry less about what some anonymous user does with it.
I've seen 34 people (connections once), it all works fine until you can feel something odd, as which time I'll shut down my HotSpot, for a few days.
I do help many people (34 mayhaps) as it's always being used, and I noticed cars parked across the street or out of the way.
Yes I run a HotSpot as per EFF, yet will shut it down in a heart beat if it just feels funny (my connection).
false conflation. sharing wifi used to be fairly common. i regularly connected to some neighbor's open network called "fuckin_theif" and i shared mine when i could afford to pay an ISP. it's the threat of legal action, not selfishness, that's changed the culture.
What does "funny" feel like?
(Serious question, not trolling you.)
Yup. If tomato or dd-wrt had this as a simple on/off feature, I would happily share 1/4 of my bandwidth.
I pay for my bandwidth. What I do with it once I've paid for it is none of my ISP's goddamned business. They aren't my parents, they aren't the government, they aren't the police.
You signed a contract.
One of many contracts you have signed which insist that you play by the rules --- and no less enforceable when push comes to shove.
How about open wifi over Tor - that would allow you to share but avoid problems associated with liability for actions done on your connection and an ISP would have a job proving you were sharing their network capacity too.
All you need is a router that supports multiple SSID's and segmentation of them, a couple of clever firewall rules and Tor's Transparent Proxy support.
Albuquerque Real Estate - Foreclosure Properties
Albuquerque Real Estate - Foreclosure Properties
Fools! They should be doing this with OpenBTS. WiFi range sucks.Yes the fight would be harder but WTF, the EFF has gotten wussy.
"In that case, out comes the ISP modem, in goes an aftermarket configurable modem.
That's an option available only to technically-knowledgeable users.
On my side, every single packet across the wireless side of the router, goes through a local Squid instance. Not only can I inspect the logs, but I have Squid filtering out tens of thousands of sites, domains, ad spamming pages and other things, so if there were any abuses coming, I could just block those too, or turn on other block index files and filter off even more.
Easey peasey.
In an alternate reality where every packet is magically stamped with an identifier of person directly responsible for its generation by an infallible "packet fairy" would the world be better or worse off?
Personally I believe as long as humans continue to prove themselves incapable of handling power the more access and anonymity the better off on balance we all are.
Seems insufficient to consider only risks on one side of the ledger when weighing a course of action. At least RTFA's FAQ...
Contracts entered into without alternative may be legally binding, but are generally held to be morally suspect.
If you have acted to prevent anyone from getting a fair deal, then I don't have to feel bad about acting to subvert your crooked deal without your knowledge.
And thus morality, ethics and legality splinter into a thousand pointy bits of subjectivity.
Personally, I play by the rules - but it's because I own property, and I don't want to give the corporate-owned mechanisms of state any excuse to confiscate any of it. It's not because I feel any moral obligation to the likes of Verizon or Comcast; the big ISPs appear to be pretty evil, judging from their past actions, and they've never earned any affection or respect from me.
Just as soon as someone will sign a contract with me to pay by connection bill for every bit of bandwidth over what I am paying for. Those of you living in high population density area's may not have to pay for every gigabyte, but those of us that have property that is measured in acre's instead of feet (if you even have property) don't have unmetered broadband. We pay for every byte, and we don't just give away what we pay for.
maybe your neighbor had equipment that couldn't deal with particular security method, and so had open network and really felt you and others were stealing from him. how moral would that be?
Nonsense. There is no law that makes you responsible for what other people download. (at least, not in any sane first world country)
It is a disgrace that you are so terrified of your government that you think sharing your bandwidth with a stranger is dangerous.
I have been helped many times in the past by the kindness of strangers who left their wifi open - and I will continue to leave my wifi open for other strangers to benefit in return.
Many (most?) modern routers support this safely by allowing you to provide a guest network which is isolated from your own wifi network.
VLC Remote for iPhone and Android
Why would I trust your wifi to start with ? It's name is "freewififorall" and I should hope it is not a honeypot to eavesdrop my credit card number when it is transiting on the wire(less), or scan my open ports if I connect ?