Slashdot Mirror

← Back to Stories (view on slashdot.org)

EFF Releases Wireless Router Firmware For Open Access Points

Posted by Soulskill on from the secure-is-as-secure-does dept.

klapaucjusz writes: The EFF has released an experimental router firmware designed make it easy to deploy open (password-less) access points in a secure manner. The EFF's firmware is based on the CeroWRT fork of OpenWRT, but appears to remove some of its more advanced routing features. The EFF is asking for help to further develop the firmware. They want the open access point to co-exist on the same router as your typical private and secured access point. They want the owner to be able to share bandwidth, but with a cap, so guests don't degrade service for the owner. They're also looking to develop a network queueing, a minimalist web UI, and an auto-update mechanism. The EFF has also released the beta version of a plug-in called Privacy Badger for Firefox and Chrome that will prevent online advertisers from tracking you.

28 of 56 comments (clear)

  1. In Germany by Anonymous Coward · · Score: 3, Informative

    we have freifunk. They develop such software. It also bypass the so called "störerhaftung" (disturber liablility), which makes people liable for anyone that used their hotspot as long as they cannot prove they secured their wifi as much as they could.

    1. Re:In Germany by master5o1 · · Score: 1

      How does it bypass that?

      --
      signature is pants
  2. Buffalo DD-WRT routers please by Bodhammer · · Score: 1

    Buffalo Routers that run DD-WRT please! I'm sorry I don't have time to do the port...

    --
    "I say we take off, nuke the site from orbit. It's the only way to be sure."
    1. Re:Buffalo DD-WRT routers please by Anonymous Coward · · Score: 1

      Buffalo Routers that run DD-WRT please! I'm sorry I don't have time to do the port...

      Yes,
      From the EFF page..

      '..Currently the software runs on one specific model of hardware (the Netgear WNDR3800) ..'

      from the Cerowrt page..

      '..To minimize the effects of hardware dependencies, we have chosen the Netgear WNDR3700v2 or WNDR3800 as the sole hardware for the experiments. Note: The WNDR3700v3 and v4 models that have recently appeared on the market do not work with CeroWrt; purchase the WNDR3800 if you want to be future-proof...

      Quick check on the WNDR3800, it's been EOL'd by Netgear, and isn't that readily available on the second-hand market where I am. (and the currently still available WNDR3700 is a v4 which, from the Cerowrt page ' ..The WNDR3700v3 and v4 models that have recently appeared on the market do not work with CeroWrt..')

      So, by the looks of it, I'll be sticking to my linksys, d-link and tp-link hardware and a.n.other firmware for a while yet..you'd really think they'd check on the wider availability of their target system hardware before going down this apparently dead-end path.

    2. Re: Buffalo DD-WRT routers please by jones_supa · · Score: 1

      If you are running ddwrt, then it's trivial to configure this. What the fuck is there to "port"?

      Moron.

      Just relax now, the nurse will administer the morphine soon.

    3. Re:Buffalo DD-WRT routers please by Anonymous Coward · · Score: 1

      I'm sorry but Buffalo routers are fscking GARBAGE. I've purchased god-knows-how-many routers for clients and myself and I bought into the hype about how Buffalo routers are so wonderful and they run DD-WRT and they aren't like other brands. BULLSH!T. They are crippled by weak azz wifi and no matter how many times I factory reset (60, 60, 60) the settings from my previous configuration persist. Called their "tech support" line and was told that the features that I PAID FOR were unsupported and that they were NEVER going to to support the features because they're DD-WRT specific.

      FSCK Buffalo routers. I took another risk in purchasing Ubiquiti's line of products and I'm VERY pleasantly surprised, as I was certain their products (priced insanely cheap) would also turn out to be junk but instead, are some of the best routers and wifi units I've ever installed. Not sure about their cameras. I have another supplier for that tho.

      tl;dr: FSCK Buffalo routers. Worthless.

  3. Can't wait for the cops to bust down my house by Anonymous Coward · · Score: 1, Interesting

    because some pervert tried to download child pornography!

    1. Re:Can't wait for the cops to bust down my house by ChunderDownunder · · Score: 2

      The 'fraud squad' already contacted me about credit card skimming traced to our home internet, whereby someone had hacked our wifi in a drive-by usage. They suggested we change our password but you wonder how secure WPA2 is anyway...

      The local ISP, Telstra, is said to soon be trialling nationwide 'free wifi' to ADSL2 customers by offering a free modem with segregated wifi. So I wonder what firmware they plan to use.

    2. Re:Can't wait for the cops to bust down my house by Charliemopps · · Score: 2

      Why did someone mod this guy down?

      Illegal use of your access point could have serious consequences (unless it somehow confers Common Carrier Protection of Interneting +4 which I'm unaware of)

      And how many Starbucks owners do you see in federal prison?

    3. Re:Can't wait for the cops to bust down my house by Belial6 · · Score: 1

      Exactly. There is WAY too much free wifi access in the US for anyone but the most paranoid to think that open wifi would be anything but plausible deniability in the case that someone did get onto your router.

    4. Re:Can't wait for the cops to bust down my house by Anonymous Coward · · Score: 1

      If the EFF wanted to be really cool they could make their router firmware set up a transparent proxy so that the anonymous users are routed onto the TOR network. Their Internet access would be slower, but it couldn't be traced to the owner of the router. Also, increasing the size of the TOR network would increase the amount of anonymity it offered.

    5. Re:Can't wait for the cops to bust down my house by binarylarry · · Score: 1

      Starbucks owners have a lot of money and are incorporated with the state.

      Most people aren't in that category.

      --
      Mod me down, my New Earth Global Warmingist friends!
  4. WFA-UNAUTH-TLS by Anonymous Coward · · Score: 1

    WFA-UNAUTH-TLS

    Just gonna throw that out there.

    1. Re:WFA-UNAUTH-TLS by Anonymous Coward · · Score: 1

      > WFA-UNAUTH-TLS

      For those wondering WTF that is:

      Seems to be a TLS protocol standard for clients to talk to an open wifi access point but still encrypt the traffic over the air to prevent snooping ala firesheep.

  5. liability? by motorsabbath · · Score: 1

    So if you're sharing your wi-fi with the public at large and someone commits an "Internet Nasty" while connected via your router - who is criminally liable?

    --
    The heat from below can burn your eyes out
    1. Re:liability? by binarylarry · · Score: 1

      You could roll over to their house, connect to their access point and GNAA the fuck out of slashdot to get their IP banned.

      Oops.

      --
      Mod me down, my New Earth Global Warmingist friends!
    2. Re:liability? by Anonymous Coward · · Score: 1

      So if you're sharing your wi-fi with the public at large and someone commits an "Internet Nasty" while connected via your router - who is criminally liable?

      As lawyers, this is a bonus for the EFF. The innocent party who owned the wifi and shared, who gets caught up in all the legal nastiness is good for their donations and publicity.

    3. Re:liability? by Rick+Zeman · · Score: 1

      So if you're sharing your wi-fi with the public at large and someone commits an "Internet Nasty" while connected via your router - who is criminally liable?

      No kidding. I don't see the EFF offering to indemnify any users.

    4. Re:liability? by Charliemopps · · Score: 2

      So if you're sharing your wi-fi with the public at large and someone commits an "Internet Nasty" while connected via your router - who is criminally liable?

      Who's liable when they roll into the parking lot of the local Best Western and do the same thing?

      Making it public is what makes you immune. If it's not public, then you're verifying that all activity from your IP is your own. Making your connection free for others to use re-anonymizes your IP address.

    5. Re:liability? by Anonymous Coward · · Score: 2, Insightful

      Making it public is what makes you immune. If it's not public, then you're verifying that all activity from your IP is your own. Making your connection free for others to use re-anonymizes your IP address.

      Firstly, running an open wifi point would be against my TOS
      Secondly, being in breach of point the first, the police would then turn your argument round on it's head...running a public access point sir?, must be trying to bury your illegal traffic in amongst everyone else's..You're fuckin' nicked, me old beauty!

      immunity my arse...you do realise that the upstream monitoring logs and classification of the traffic which led them to you in the first instance will then be produced in a court of law against you, and you'll then have to account for it?
      I don't know if you've noticed, but the old innocent until proven guilty thing doesn't really apply when it comes to certain classes of crap nowadays, especially online, especially if there's a whiff of terrorism or paedophillia..

    6. Re:liability? by tlhIngan · · Score: 1

      Who's liable when they roll into the parking lot of the local Best Western and do the same thing?

      The fact it's usually traceable back to you?

      A lot of those free wifi things require actually staying at the hotel where they'll happily give you a login and password (tied to your account, of course).

      Though, I welcome the move - no more bandwidth limitations! I mean, the problem with all the wifi provided by ISPs Is you have to log into them and they often charge your account for bandwidth.

      But if you can have free wifi using someone else's account, well, that makes torrenting all those Blu-ray's (at 50GB a pop) much easier. Suddenly 250GB doesn't seem so limiting anymore.

  6. Re:The point? by binarylarry · · Score: 3, Insightful

    Do you really trust your mobile telco much more than a random wifi router?

    I dont.

    --
    Mod me down, my New Earth Global Warmingist friends!
  7. Re:The point? by Anonymous Coward · · Score: 2, Insightful

    > What I don't get is why on earth you'd want to give any of your internet bandwidth to the public if you're living in a private residence.
    > I see absolutely no benefit to me in running one.

    I do it because it costs me nothing to help out someone.

    > What's the point of 4G and shit like that if in the end you're sill relying on peoples' free wireless access points?

    Indeed. What is the point of paying for 4G by the bit when you can use free wifi instead?
    I think you've answered your own question.

  8. Re: The point? by Anonymous Coward · · Score: 3, Interesting

    It's called sharing. The world would be a better place if more people did it.

  9. Obsolete before it was released. by viperidaenz · · Score: 1

    That's cool, but the only hardware it officially supports is End of Life.
    WNDR3800 http://support.netgear.com/pro...

    1. Re:Obsolete before it was released. by Zebai · · Score: 1

      Other than reduced availability for sale I don't think being end of life should really matter you would not get support from netgear on a custom firmware.

      I just feels to me like the EFF wants to reinvent the wheel here. There are already routers/firmwares out there that support multiple wifi ssid's just make one of them a guest id public or not.

    2. Re:Obsolete before it was released. by Anonymous Coward · · Score: 1

      Other than reduced availability for sale I don't think being end of life should really matter you would not get support from netgear on a custom firmware.

      This isn't about Netgear support, the point is that by choosing a target system that you can now only get on the used market (and, from my cursory check this morning, it isn't exactly a common model you see coming up regularly, at least, here) they've (EFF) immediately scored an own-goal by putting off people who might want to try this out by making an apparently stupid choice of base distro and target hardware.

      A quick check of the spare routers I have currently doing nothing, Linksys, d-link, trend, tp-link, and, yes, netgear are represented, at work I've spare Linksys and d-link routers, a quick check of the local second-hand market throws up a lot of tp-link, linksys and d-link routers, some Netgear kit, but not this model.

      By picking a base distribution (Cerowrt) which was limited to only two router models (Netgear WNDR3700v2 or WNDR3800) then restricting the development to the one of these two (WNDR3800) which is EOL'd looks, to me, like a wee bit of a stupid move if they want any sort of mass adoption, I mean, just look at the number of boxes openwrt supports as an example.

  10. EFF strikes again... by Jay+Maynard · · Score: 1

    This is just another spammer and net criminal enabler. The EFF has long fought against efforts to end spam. Encouraging wide-open net access with no accountability is just another step down that road.

    The EFF: enabling spammers since the 1990s.

    --
    Disinfect the GNU General Public Virus!