Receive new posts as email.
This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator. Part of the FM Tech advertising network.
Entire site and all contents except otherwise noted © Copyright 2001-2010 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.
Om Malik breaks the latest story: high up on the spectrum, it's gigabit wireless: While you can squeeze gigabits per second out of long-haul wireless using equipment from Proxim and a few others, short-range Wi-Fi-like gigabit networking is out of the question. Or is it? Om Malik finds that a serial successful businessman in the networking space has his sights set up on the 56 GHz band in which he hopes to offer 2 Gbps on a wireless LAN with full security across each layer. When you're developing new protocols, you can think about layer-based encryption or embedding encryption into the stack.
Or, how do we get from here to there? A colleague wrote in to ask several questions about the path from WEP through WPA to 802.11i, the final IEEE security standard that's expected next year. I answered his questions in email, but I thought they were a good foundation for discussion.
Currently, all 802.11a, b, and g devices support WEP (Wired Equivalent Privacy) encryption which has had flaws and exploits well documented. The ultimate goal is 802.11i, a robust set of security improvements. On the road to 802.11i, the Wi-Fi Alliance has required WPA (Wi-Fi Protected Access), which fixes all of WEP's problems, is a subset of 802.11i, and which allows full backwards compatibility for most 802.11a and b devices made before 2003.
My colleague asked what would become of the current generation of 802.11 devices when 802.11i appeared? Because of WPA, I expect from promises made by manufacturers that virtually all client adapters and many (but not all) access points will have firmware upgrades that allow them to support the full WPA subset.
Equipment released in 2003, and some in 2002, already has the silicon in place to support full 802.11i, which has a more complex option for encryption (AES or Advanced Encryption System, in a couple of flavors), and a few more requirements. Broadcom, Texas Instruments, Intersil, Atheros, and others can merely push out firmware upgrades to enable AES and other features to their partners who will then push them out to customers.
Kuwait's main airport will have Wi-Fi access: The article doesn't note a timetable or cost, but about 4 million passengers a year wend their way across 35 international airlines. Intel's involved.
T-Mobile Austria is acquiring the 300-hot-spot strong Metronet.at (press release is in German): T-Mobile is continuing to expand its international presence through acquisition of Metronet. T-Mobile has partnered with Metronet on roaming since 2002. Metronet is the fourth-largest European WISP, according to their press release. "This deal is therefore bringing us a large step closer to the international objective of providing W-LAN around the entire globe," explains Dr. Georg Pölzl, Managing Director of T-Mobile Austria.
T-Mobile Austria charges €7.95 per hour, €15.95 for three hours, or €24.95 for 24 hours. This is enormously higher than the same rates charged by T-Mobile USA. T-Mobile customers can pay via SMS at €1.99 per 15-minute unit, but the service is currently free to subscribers.
Sprint PCS to pay for, roll out airport Wi-Fi in Kansas City: As with many other airport situations, the company with the largest deal wins the contract, even though I believe that's not in the airport's best interest as a general policy. Sprint PCS will pay for the equipment, but the airport will eventually own it. The cost per day: $9.95. Sprint PCS hasn't announced unlimited monthly usage plans yet; they have said they will resell access to their network to others. The expense to build out the airport's Wi-Fi wasn't released.
News.com's Richard Shim pulls together several related threads about the risks and liabilities of Wi-Fi networks in light of recent arrests: While there's not a simple connection between you leaving a Wi-Fi access point open and someone committing a crime across it, the recent child pornography and brain-dead IT department network exploitation arrests are causing a lot more discussion.
Because Wi-Fi networks aren't straightforward to secure now, the risk of lawsuits is low. This doesn't address purposely open APs in community networks or free networks either, or legitimate users who have paid to use commercial networks who then commit criminal acts!
Interestingly, Lowe's customers weren't hurt by the fact that three men apparently were able to gain easy access to their Wi-Fi networks in several places and insert a credit-card-collecting crack into the system. Because Lowe's has a corporate IT operation, I would imagine Lowe's would have been liable for negligence if customer information had been misused. They should have known better.
Correspondent Patrick Zandl writes with T-Mobile's pricing from the Czech Republic: The Czech T-Mobile locations will start charing in January, Zandl says. Pricing is well above the competition. Zandl notes that T-Mobile CZ charges 150 CZK (Czech crowns) or $5.50 US per hour, while Eurotel and WideNet charge a litlte over US$2.00. T-Mobile charges $6.00 per hour with a one-hour minimum in its US locations.
T-Mobile CZ cell users can pay as part of their cell phone bill, in which case they can charge in 15-minute intervals. More information is available in Czech here.
As Connexion by Boeing moves closer to its big 2004 rollout on many airlines, voice over IP (VoIP) looks more likely, too: Connexion has chosen its rugged, in the air AP vendor, and is talking vaguely about how VoIP might emerge on planes. They might also deploy a low-power cellular transmitter that would use the satellite link for backhaul.
The first-generation AP on planes, by the way, is 802.11b only -- probably due to regulatory certification issues. The next-generation system will be a/b/g.
The capital of New Brunswick, Canada, launches Wi-Fi project (follow link and download PDF press release): The Fred-eZone (short for Fredericton) project offers free Wi-Fi throughout public spaces with the first phase costing Cdn$150,000. Right now, this includes downtown and the airport, but the project will eventually span all business corridors and public places. Interestingly, the project stems in part from an earlier effort to deploy municipal fiber, which gave the city the easy access to bandwidth that made the Wi-Fi rollout possible.
Paul Gilster writes about the problem of audiences at events with Wi-Fi access: The not-so-silent clacking of keys provides a sensory backdrop much like a white-noise generator. You speak, and a constant barrage of tippity tap tap clack clickety clack echoes in the background. It's not symmetrical: at times, people listen and the typing stops. Other times, one lone typer hammers away--is he or she blogging what you're saying or playing Doom? The sounds rises and falls randomly in different parts of the room.
Interestingly, he talks about the second level of communication being a basement meeting, but I think he hasn't seen an O'Reilly conference in action. At Emerging Technology in April, there were always several simultaneous channels: it was more like instant analysis and commentary of a live event. People would blog and post; using IM, including IRC channels; use SubEthaEdit (ne Hydra) for Mac OS X Rendezvous collaborative note taking; use some of the unique services for discussion or note posting. [via Smart Mobs]
Shmoo offers Airsnarf, a proof of concept that a fake gateway page could act as a honeypot for legitimate hotspot users: The existence of Airsnarf, which puts up a fake but realistic looking hotspot gateway page, means that 802.1X authentication could become a viable method of hotspot logins faster than anticipated.
As I've written several times recently, while 802.1X clients aren't built in to Windows before XP and Mac OS X before version 10.3, Meetinghouse and Funk have software available that WISPs could license and distribute to users of practically all major platforms, including Linux (kernel 2.4) and Solaris.
802.1X doesn't entirely obviate rogue access points, it does make it much much harder to extract or intercept traffic.
Review of the ZyXEL ZyAIR B-3000 Intelligent Wireless LAN Access Point: The ZyAIR B-3000 piqued my interest: an inexpensive, full-featured 802.11b access point that could provide 802.1X authentication directly without a back-end RADIUS server? Had to be seen to be understood fully. The company graciously loaned me a unit to run through its paces.
The ZyAIR’s goal is obviously to be as multi-talented as possible. It allows you to create several network names (extended service set IDs or ESSIDs) to which you can assign different virtual LAN (VLAN) tags to restrict network traffic. Each VLAN can have its own set of WEP keys, but you can’t set firewall or IP routing parameters.
It can also handle up to 32 user accounts manually entered and perform 802.1X/EAP (Encapsulated Authentication Protocol) negotiation directly for those accounts. The B-3000 can also pass-through EAP messages to back-end RADIUS servers for more robust user authentication.
Configuring the B-3000 is extremely simple and straightforward. They’ve designed the interface well, and the manual, while a little scanty, has practically all of the necessary detail. I had to spend just a little time playing trial and error.
Because the unit can be set to only allow access via authentication and because it can support user accounts directly, it seems like an ideal secure small office access point and gateway.
But it does have a few provisos. First, the only 802.1X/EAP type supported is EAP-MD5 which, although it secures the password, is not considered robust enough for an enterprise solution because of the potential of various attacks that could allow others to gain access to the network.
Worse, Windows XP's original release supported EAP-MD5, but alert reader Eddie Rowe wrote in to note that service pack 1 (SP1) disables EAP-MD5 over 802.1X. A technical note I found from a third party cites the failure to secure the transmission of hashed passwords in EAP-MD5 over 802.1X as the reason for it not being allowed. So using EAP-MD5 is actually a higher bar for Windows XP users than PEAP (Protected EAP)! They would require third-party client software. (Mac OS X 10.3 includes EAP-MD5 as a valid 802.1X type.)
The company said that it was looking into supporting PEAP inside the B-3000, but hadn’t made a decision about this yet because of engineering issues. They said that EAP-TLS and EAP-TTLS aren’t feasible in a stand-alone device.
Second, the B-3000 only supports WEP encryption at the moment, and its dynamic WEP key exchange only works with a RADIUS server, not its internal authentication database. A company spokesperson said that WPA should be available by the end of the year.
Third, only 32 users can access the B-3000 at a time, with or without user accounts. This could be a limitation for offices that would otherwise be good candidates.
For a suggested retail price of $150, the B-3000 should have enough admirable features to make it an easy choice for a small network trying to dramatically improve its security without reaching government-grade levels, deterring all but the most determined crackers.
Unfortunately, the built-in support for just EAP-MD5 and the lack of current WPA support mean that the B-3000 can't live up to its potential as a stand-alone device. Without the firewall features to make the unique SSID/VLAN feature useful and without PEAP support to handle up-to-date Windows XP users, the B-3000 is just an expensive also-ran that handles pass-through AAA; a Linksys WRT54G would cost less and offers greater security and compatibility right now.
Truckstop.net, which recently signed a deal with Sprint to build hotspots in truck stops, signed a deal with Pilot Travel Centers. Pilot operates rest stops in 37 states and claims to be the largest "travel plaza network" in the country. Pilot's rest stops will get Wi-Fi aimed at truckers and other folks on the road.
The press release isn’t up yet but should be available here eventually.
Insight research expects service revenues from Wi-Fi to grow faster in Europe than in the U.S. : The research firm expects revenues worldwide to grow from $7 billion this year to over $44 billion by 2008. That figure for revenues this year sounds really high to me, given that in this country at least other recent research revealed that only 1 percent of Internet users had paid to use Wi-Fi.
Verizon drops payphone Wi-Fi count down to 500 from 1000: Verizon had originally said they'd roll out Wi-Fi service for their DSL customers at 1000 payphones across Manhattan. Now they're saying that 500 should be enough.
If you don't know what KVM stands for, you don't need it: A keyboard/video/mouse switcher allows an IT staffer to run a bunch of servers as quasi-headless computers in which a single mouse, keyboard, and monitor are shared via a switch. It's a big business, because especially in the Windows world, there are a lot of functions that are most easily carried out when directly connected to a computer instead of adding complication with terminal servers and other virtual remote controllers.
This wireless KVM controller is a single-PC device, however, for $995. It uses 802.11a and secures the connection with AES. It supports 24-bit color at a 30-frame-per-second refresh. This seems like an awfully high price except for specialized applications, and I expect we'll see switchers instead of one-to-one controllers in the near future.
802.11a is, as we know, a better choice for media because of the uncrowded 5 GHz band.
An alert reader noted that SBC hasn't formally announced its Wi-Fi service, but has this page up with prices: FreedomLink is the name of SBC's Wi-Fi service, and they've scaled back a bit from the numbers of hotspots they expect: 2,000 by the end of 2004, but they're including the 600+ locations run by Wayport, which is the primary (but not sole) contractor for building new hotspots for SBC.
SBC will charge $25 for three sessions, $50 for eight, and $100 for 20, which is identical to Wayport's pay-as-you-go pricing. Monthly plans will be available as well.
Acer said it will build Wi-Fi networks for free for 120 schools: Apparently it got a huge response to an earlier announcement about the plan so will now hold a drawing. Not to look a gift horse in the mouth, but the networks may be pretty small for some schools. Acer said it will build up to two sites comprised of four APs each within a school. Not enough to cover most schools but good for coverage in areas like libraries and study halls.
The new Boston Convention and Exhibit Center is entertaining bids for a Wi-Fi network: It plans to spend $204,000 on the wireless piece of the network. The city hopes to choose its vendor in three weeks. [via Kelly]
Eric Lin describes his Wi-Fi roaming woes: He pays $30 a month for T-Mobile hot spot service but isn't traveling as much as he used to. He lives in San Francisco where many of the previously free local cafes have now banded together to charge $15 a month to use any of them. Too bad he can't pay just one subscription so he can get on networks at home and when traveling.
We're at that point in the market where roaming deals have to speed up or the folks trying to make money from hot spots won't get enough customers and we'll start seeing them die off. The Jupiter study from last week that found 1 percent of computer users paying for Wi-Fi is making me nervous. People aren't paying because there aren't good subscription plans available.
Sony Ericsson reportedly is soon to introduce a combined Wi-Fi/GPRS card: This story refers to it as a tri-band card, but only notes that it will support 802.11b and GPRS. Nokia has had a combined card like this for ages.
The cops late last week arrested a third man accused of breaking into Lowe's Wi-Fi network and stealing credit card numbers: This one is not released on bond because in 2000 he was one of the first to be charged under Michigan's computer crime law for hacking into a local ISP.
I'm still really curious to know how secure Lowe's network was. While clearly these guys shouldn't have done what they did, Lowe's has some responsibility for making the network at least reasonably secure. Otherwise, it's an attractive menace.
Nevada, Missouri, a town of 10,000 has commissioned a Wi-Fi network to be built in town: The city is paying NeighborLink $25,000 to build the network. but it's not clear how extensive the network is. Without the network, which offers broadband to homes and businesses, city residents could only dial-up for Internet access.
The story notes that private providers may feel uncomfortable competing against a service like this one that is funded by the city government. I've been curious about how that may play out in a number of circumstances. However, here no other provider was willing to offer any kind of broadband so the city took the matter into its own hands.
Around the country a number of municipalities are funding broadband networks--wired and wireless--because the big boys won't serve them. In those cases I don't think a potential conflict is an issue. Cities can't be expected to wait forever for the big boys to pay attention to them.
El Camino Hospital in Mountain View, Calif. is using Vocera's Wi-fi badges: The nurses say the system reduces the time it takes them to track down doctors, increasing the time they spend with patients.
I'm wary of Vocera, mainly because it relies on voice commands. I've never, and I really mean absolutely never, been happy using any kind of system that requires voice recognition. It never works right. This article points out that people with accents have had trouble using it. I think there should always be a backup--a keypad or something in case the user is ready to throw the device out the window if the voice recognition doesn't work.
Scientists have figured out how to focus the energy in a microwave oven more precisely to avoid zapping Wi-Fi networks: The research was intended to improve radar technology, but the University of Michigan team sees great potential in helping microwave oven makers produce Wi-Fi and other 2.4 GHz spread-spectrum technology friendly home appliances.
And it's worth noting here again that microwave ovens do not irradiate food, as in exposing food to radioactive sources to sterilize them. Rather, beams of microwave energy reflected entirely inside the a sealed oven cause the dipole water molecules in food to twist as the energy is switched on and off, causing friction to heat food. (Here's a a whole pile of details on how these ovens work.)
The greatest risk from a microwave oven? Superheating water in a mug. It's very easy to do and extremely dangerous.
Princeton Public Library will offer Wi-Fi, and possibly laptops to check out: It's another routine piece about a local library adding free Wi-Fi, but with a couple of funny notes. Patrons unaccustomed to Wi-Fi technology must know it is less secure than a hard-wire connection, Ms. Burger [the library's head] said. "I wouldn't pay a bill (online) with it," she said. Actually, bill paying is almost always accomplished over an encrypted Web connection which is practically 100 percent secure if 128-bit encryption is used (the more usual default these days).
Another odd point. Although access will be free and The network will extend out to the new municipal plaza next to the library so a library user may sit outside and access the Internet they're also worried that the range typically spreads out so far that unauthorized users could take advantage of the service. So the library will set tighter limits. But if it's free and extends beyond the library, who is unauthorized?
Generally well-informed piece from CTV in Canada exposes man's kiddie porn downloads from unprotected Wi-Fi networks: It had to happen, but you can't have sympathy for a man driving the wrong way down a one-way street, naked from the waist down, downloading child pornography. Child porn is one of the worst crimes against humanity that doesn't (necessarily) involve direct violence, and now it's come to unprotected Wi-Fi networks.
The article makes it very clear that wardriving can be benign, which goes a lot further than similar writing elsewhere. The police don't sound as well informed as they should be given the accusations they're making. First, the report makes it sound as if they are calling wardriving itself telecommunications theft. Because wardriving is a passive activity at its heart, that's hard to make a case for. Second, the sex crimes child exploitation office notes people have actually gone to the trouble of spray painting red Xs in front of houses. I don't really believe this; it smacks of urban myth.
A few years ago, a neighbor across the street knocked on the door quite flustered. Someone had broken into the house she and two other folks were renting. She wasn't sure the burglar had left. We called the police. In the meantime, she discovered that not only were some of her underthings missing, so were her wisdom teeth--she'd had them pulled years before and they were in a manila envelope in her jewelry box. The policeman who arrived told us quite solemnly that the teeth were stolen to be used in a satanic ritual. He was reading a book about it.
The Red X of Free Wi-Fi sounds equally urban mythologized, but I'm ready to be proven wrong with photographic evidence that's not the result of utility workers marking gas and water lines.
I didn't buy into the series of ridiculous claims made over the last year or so about how open Wi-Fi access points would aid terrorists (terrorists don't need to be so conspicuous or easy to track to a physical location), spammers (who would apparently drive up and shoot millions of emails out instead of using the millions of unsecured mailers available worldwide), and other ne'er-do-wells (using Kazaa and downloading pirated music and software).
But this is more troubling. In fact, I can see that a very small number of child porn aficionados could ruin it for everyone, because if you're already mentally unbalanced or poorly made up enough to want to pursue one of the most prima facie illegal acts in most countries, an open Wi-Fi network is probably the ideal method of acting on it.
Hopefully, this won't turn into a weird backlash against community and other free networks that don't require accounts or tracking. I believe that purposely open networks are much less appealing than accidentally open networks: purposely open networks give the impression, at least, that someone's watching, and thus a malefactor would avoid it.
The Capital Cabal is offering a free one-hour online chat with Rich Dean, a wireless applications expert: Dean's history is fascinating, and he's ideally positioned to talk about how wireless of all kinds of being applied to work and home. The chat is Dec. 10, 2003, at 1 pm Eastern U.S. time.
Kevin Werbach points to a troubling factor of the FCC's recent decision to add more spectrum to the unlicensed 5 MHz band: The spectrum was freed up due to a compromise with military users, and the deal was done behind closed doors with private interests represented by a few large companies, Werbach says. He's concerned that rules around use of that band, which aren't clear yet, might hamper potential innovation there.
Werbach also notes that this new spectrum won't do much to help out last-mile access because the high frequency impedes running signals quite as far as the 2.4 GHz and other lower frequencies.
Intel is working on a chipset for PCs that will make the PC an access point for home users: Apple's offered a software base station feature for its operating system for many years (with a short gap during the early Mac OS X days). A software base station uses a Wi-Fi adapter and a software program to simulate the features of a dedicated access point. Windows XP can manage about the same task--with some technically missing access point features--using ad hoc networking and Internet network connection sharing.
Intel's plan dovetails with some other chipmakers who have enabled this feature. The difference between an access point and a Wi-Fi adapter is often very slight--just different firmware. Putting that firmware into a computer program that can run under Windows is pretty straightforward. Intel hopes to eliminate the AP for home networks, but they miss the point that a computer has to be on all the time when it's a software access point, and that when it's turned off, rebooting, crashed, or defunct, you're out of luck.
JiWire, a Wi-Fi Networking News partner, and WiFinder are competing for the hotspot search market: The two have different plans for how to make money off the business. The fact that there are a few companies looking to serve the market of people looking for hotspots indicates a need for such services. Maybe more than one can survive.
Dan Gillmor talks to some futurists and considers the wireless world of the future: One of the most interesting concepts discussed these days is ad hoc networks, where devices pass communications from one to the next without communicating with a central base station. Gillmor talks about wireless technologies that could get embedded in cars to create such networks that can communicate directly with other cars. The networks would enable fun and useful applications like music downloads and map updates but could also be involved in safety mechanisms.
The enterprise market in the U.K. is as confused as the market here when faced with an array of WLAN security and management solutions: The Bluesockets and ReefEdges of the world keep winning customers even though their products don't offer as much as the new switches. Perhaps that's an indication of the power of Cisco as many enterprises that choose gateway solutions do so for the option of buying APs from anyone, usually Cisco.
D-Link seems notably absent from the group of vendors offering WLAN switches now that NetGear has a WLAN switch that can support 15 APs.
Interestingly, this article refers to Broadcom's recent allegations about degradations caused by Atheros chips but notes that D-Link customers in the U.K. don't have to worry about the issue. That's because D-Link in Europe doesn't market the Super-G product that contains the Atheros chip. Spokespeople there say that's because D-Link wants better compatibility with previous products.
Jupiter Media found that just 1 percent of online consumers polled recently had paid to use a public hotspot: Six percent have used public hotspots. The report is full of similarly sobering figures.
The report concludes a point that I think Michael Oh of NewburyOpen.net is proving, even though it's not his intention: hotspot operators will need to make money on something other than charging users for straight Internet access. Operators will need to realize internal productivity gains as well as third-party revenues--from services like Oh offers, such as printing--to get a return on the investments.
So a hotspot will make the most sense to an airline, for example, that builds a network in gates where employees can benefit and the general public might pay to use the network for special services.
Researchers at Arc Chart wrote a paper offering a general description of MIMO, or multiple input, multiple output: The technology employs multiple antennas at the receiver and the transmitter which can ultimately have the effect of boosting throughput.
Arc Chart positions MIMO in competition to folks like Atheros who have developed their own methods for increasing throughput on Wi-Fi gear. Apparently Intel has said it fully supports MIMO and plans to build the technology into all its future gear, including WiMAX. Intel also wants MIMO included in the 802.11n standard.
For more background on MIMO, check this ZDNet article that ran in October.
Forbes columnist Stephen Manes rounds up a host of Wi-Fi devices: Manes writes about how Wi-Fi rules the world, but still has a host of frustrations in getting it running compatibly and reliably. Nonetheless, in this package of three stories, he provides solid advice on what to buy, especially focusing on interesting Wi-Fi gadgets that enhance a wireless network by adding audio, video, or still photo features to home entertainment equipment among other equipment.
Manes coins what must be a new word: wirelessless, the state of not having wireless access available. Manes describes one trip and how little Wi-Fi he found. In another sidebar, he recommends 802.11g over b because of the slight price difference.
eWeek's Jim Louderback sees Broadcom's interference demo, accuses both Atheros and Broadcom of pursuing the wrong course for consumers: Jim was at Comdex this week and he saw the private demonstration by Broadcom of Atheros's 108 Mbps Turbo mode in their Super G extension to 802.11g. Unfortunately for Broadcom, their demonstration didn't include a control test of Broadcom gear working in normal 802.11g mode.
Jim notes that D-Link, one of the Atheros chip users, stated that Broadcom-based devices running on channels 1 and 11 at full speed also produced enormous degradation in throughput -- even though the channels are widely spaced and should have virtually no effect on one another.
What this argues, of course, is that 802.11g itself might have a major flaw in its ability to work on different channels on adjacent networks. What effect could this have? Pushing enterprise users more rapidly into the uncrowded, 24-nonoverlapping-channel 5 GHz 802.11a band, that's what. Atheros would love that, having specialized initially in 802.11a, so this whole tempest might have the unintended effect of making 802.11a substantially more attractive to the business world.
Jim concludes that proprietary modes are bad, which is accurate, but I disagree slightly with his assessment. I would argue that early implementations of draft IEEE standards generally move towards more and more compatibility (look at 802.11g's evolution, for instance, and the WPA interim standard for 802.11i), while purely proprietary plays like Texas Instruments's 802.11b+ (PBCC) tend to peter out without general support.
Because Wireless Multimedia Extensions (WME) -- which include the frame bursting technology that Intersil, Atheros, Broadcom, and Texas Instruments are currently pushing out under many names -- is part of 802.11e, which is due for ratification probably by mid-2004, I expect that frame bursting will become more and more interoperable. Frame bursting also doesn't interfere with non-frame bursting devices: burst frames are just longer frames with more data but they're entirely legal within the 802.11b and 802.11g specification.
Jim's overarching point is well taken, and it's good to get a first-person report from someone who understands the technology and its implications.
Extreme just began shipping its combined wireless and wired switches: I talked to the company for a story I did a while back and was impressed. I hate to say it, but I suspect that the presence of already established switch makers like Extreme in the WLAN switch market is bad news for the WLAN switch startups.
Extreme's CEO, Gordon Stitt, is pretty critical of Cisco's approach to WLANs. Even though he's talking about his competitor, he's right when he says that Cisco is in a tough spot because it is trying to offer management features to an installed base of customers that already have Cisco APs, which were designed to operate independently. Cisco is now trying to add on central management functions, but I'm not sure that's possible as an afterthought.
Parks Associates anticipates a $2 billion market for unlicensed broadband wireless in 2008: That represents growth from $250 million today. WiMAX will offer a big boost around 2006.
Axalto, the new name for smart-card maker Schlumberger, has an 802.11b-enabled point of sale terminal: I've seen a handful of announcements about these devices so I think it's likely we'll start seeing certain types of retail shops using them that need temporarily cash registers or roaming salespeople.
Hot zones are popping up everywhere in London: This Guardian story is a very thorough roundup of hot zones and hotspots in London. It notes that a company called MyZones is planning to use gear from Vivato to set up a zone in central Manchester--the company is waiting for Vivato's radios to be licensed for use in the U.K.
Broadreach's CEO tells me that over 500 people have registered to use its hot zone, which covers Piccadilly and will reach to Leicester Square next month. Writers for the Register, which reported on the Broadreach network earlier in the month, wondered if wet and chilly weather this time of year might prevent users from getting on the network. Magnus McEwen-King, CEO for Broadreach, isn't sure if racking up 500 users in three weeks is an indication of a good service or good weather. For now, the service is free but Broadreach plans to begin charging in the new year, according to the Guardian article.
This sounds like the biggest toy train set in the world: Burlington Northern and Santa Fe Railway Co. use Wi-Fi to remotely control their engines in trainyards. You can't make this stuff up. Less amusing and more interesting, the company wants to look into opening up their private microwave network to public cellular and data communications as a way to provide service in underserved areas.
See usage across Carnegie-Mellon's campus Wi-Fi network: Three maps present a view of activity and accessibility across the university's Wi-Fi network. It's a great visualization of how a network is being used presented in a way that a non-technical user can understand. [via Warchalking via Jeff Pittelkau]
NDIS might sound like another obscure acronym, but this project could open use of a host of wireless LAN cards to the Linux world: Only Atheros has openly embraced the open-source community by working with an intermediary who has developed Linux and FreeBSD drivers. The intermediary was necessary because Atheros (along with many other radio firms) uses software-defined radio (SDR), which if not properly secured would allow a programmer to use illegal frequencies. To avoid FCC trouble, Atheros worked with Sam Leffler, who privately developed a hardware abstraction layer that sits between the driver and the hardware. That code remains private.
Broadcom has been mocked and criticized repeatedly in open-source forums for not making a similar abstraction layer available so that Linux, FreeBSD, and other Unix-like platforms could use Broadcom's gear. (Older cards have had Linux and similar drivers written and companies released more information because the cards were hardwired to use just legal unlicensed frequencies in legal ways.)
The NDIS wrapper software emulates the abstraction layer in Windows that makes it easier for hardware vendors to write to a common specification instead of having to constantly develop custom drivers for each release of Windows. NDIS also lets software developers write to a standard abstraction instead of supporting each card and release.
By emulating NDIS, Linux users could simply write to the NDIS layer to build applications, which would include standard network interface clients. [via Slashdot]
Iogear has an 802.11g USB 2.0 adapter that lets users rotate the device to point in various directions in search of optimum reception: It retails for $89.95. Iogear also came out with a regular 802.11g network card for $69.95. The press release doesn't seem to be up yet but should appear here eventually.
Pyramid Research makes some interesting observations about the future of WiMAX: The researchers speculate that Nextel might starting deploying WiMAX as early as 2005. Nextel has been very slow, compared to its competitors, to mark a path toward achieving higher data rates. The company just announced it will enhance its network to quadruple current data rates. While that sounds exciting, the enhancement only boosts throughput to less than dial-up modem speed. I'm not exactly sure why Pyramid thinks that WiMAX would make a good fit for Nextel, given Nextel's historical reluctance to stray from its existing iDEN network technology. But it would be great to see a major player like Nextel chase WiMAX. Pyramid also expects significant growth for WiMAX but not nearly as much as Intel expects.
Legra claims to be the first WLAN switch vendor to have its WPA certified by the Wi-Fi Alliance: The others should follow.
Aruba came out with a WLAN switch designed for medium-sized businesses: The initial WLAN switch products were designed for the large enterprises but that was troublesome for smaller companies for which the products were overkill. I've seen some WLAN switch products recently designed for small, branch offices and now it looks like the product developers may start targeting the middle market. Targeting the medium sized businesses is a good idea because it's probably not that hard to scale the original products down which opens up a broader market for these companies.
Research firm In-Stat/MDR expects to see chips in almost everything in the home, including pots: The firm predicts that the networking silicon market will grow from $650 million in 2002 to $1.07 billion this year, driven by Wi-Fi and other networking technologies. In fact, wireless LANs will be the biggest revenue opportunity for this market, according to the study.
Wi-Fi Planet writes about the Broadcom claims on Atheros's Super G turbo mode: This is only the second story I've seen (following Nancy and my report for PC World that she mentions in an item earlier today) on the claim Broadcom has made about Atheros's 108 Mbps mode degrading networks running at slower speeds. Broadcom told me that they would demonstrating their test setup at Comdex, and I haven't heard any reports back on that yet, nor have they released the methodology of their tests, which is still promised.
JetBlue Airways is offering free Wi-Fi to folks hanging out in its departure gates in Terminal 6 in New York's JFK Airport: The airline also offers the free Wi-Fi in its hub, the LA/Long Beach airport.
If more airlines start doing this, it will be interesting to watch what happens to the companies that are already offering fee-based services in airports. That seems to be a big business, with hotspot providers signing exclusive deals with airports. I wonder what sort of rights airlines have to build Wi-Fi networks in the gates they often use. Glenn has heard from some folks in the industry that airports are starting to assert rights to spectrum that they previously left alone, or encoding these rights in new contracts as airline leases expire.
Newsweek's general Wi-Fi article highlights some places Wi-Fi is popping up, including a minor league field in Sacramento: For now, stadium workers use the network to control lights and heating from their handheld computers and box seat owners can use the network. In the future, the stadium hopes to let all fans order food wirelessly.
While parents of some students in Illinois schools are concerned about potential health affects of Wi-Fi, one school in New York requires every kid to have a Wi-Fi-enabled laptop: Students use the laptops in every class and Columbia University is studying how the program works.
I’ll be interested to see how laptops are eventually used throughout the school system. Teachers at this New York school rave about the additional skills they can teach kids because of the laptops but also note the added distractions in games and the Internet. It must be difficult to control how the computers are used during class.
NetGear introduced an AP designed for small or medium businesses that can deliver 108Mbps throughput: NetGear uses the Atheros chip that Glenn and I reported on for PC World at the end of last week. Broadcom claims the Atheros chip causes extreme performance degradation in nearby Wi-Fi networks.
I tried hard to speak to a NetGear spokesperson for the PC World article but they weren't able to dig anyone up for me. It's somewhat amusing that the NetGear folks sent us the press release about a new 108Mbps product with no reference to our repeated conversations last week regarding the PC World article.
Lucent said it is working with InMotion to make sure InMotion's gear interoperates with Lucent's CDMA networks: InMotion supplies Wi-Fi networks on trains and can use the wide area networks for backhaul. Now Lucent has made sure that InMotion's gear will work with Lucent-built CDMA networks in North America.
Last week Lucent made a similar deal with Top Global. Looks like Lucent is trying to take the lead promoting wide area networks as good options for backhaul for Wi-Fi networks. It will take some time before the mobile Wi-Fi networks will be able to offer a broadband service using a wide area network for backhaul given how slow the wide area networks are to date in most areas.
AT&T Wireless said at Comdex today that EDGE is in 6,500 cities: EDGE is 2.5G service that extends GPRS's 10 to 50 Kpbs up to the 100 Kbps or faster range. EDGE has been gradually appearing, and Cingular had promised a full deployment probably by mid-2004. AT&T's announcement seems like a slight surprise.
AT&T is offering unlimited EDGE (and by extension, GPRS in any areas that don't have EDGE support) for $80/month. A card costs $150 after rebate for a two-year service commitment. AT&T said that they'd also offer and support the Nokia 6200 EDGE phone which can be used with a laptop or as a cell phone.
EDGE is available outside the U.S. on AT&T's network in Puerto Rico and Bermuda, as well as Vancouver, British Columbia. The plan is to expand throughout Canada in 2004. (As a Cingular subscriber, this is precisely the kind of thing that could get me to switch -- especially if that PC Card from Sony Ericsson has Mac OS X drivers.)
Finally, a well-balanced, non-alarmist article surveying what scientists know about the effects of cellular phone microwave radiation on human health: The answer is, not enough, but what we know is enough to be troubling. The studies don't show the clear-cut results in identical circumstances as routine cell phone use and aren't entirely conclusive. But taken in aggregate, there's enough smoke to worry about the fire, especially given the 10 to 20 years it takes for a brain tumor to grow large enough to become a problem.
Here's where the science gets fuzzy, though, when proponents of childrens' health point to these studies as a way to restrict Wi-Fi use. Wi-Fi is regulated at a much lower signal strength and is rarely directly next to someone's head. Because of this, Wi-Fi is substantially less powerful, and any studies that wind up proving or disproving cell signals' effects on health should similarly be able to show the threshold below which problems don't occur, which will in turn be applicable to Wi-Fi signal levels.
After reading this article and some recent studies, I don't think I'll ever spend much time with a cell phone next to my head again.
The hook on the article, by the way, isn't to frighten folks but to note that the federal government will spend $10 million to conduct research in this area. It's a large array of agencies: The methodology and direction will be set by the U.S. National Toxicology Program, a division of the National Institute of Environmental Health Sciences, part of the National Institutes of Health. The program will also get some guidance from the FDA and the National Institute of Standards and Technology.
Om Malik writes about how low costs and high bandwidth are bringing back broadband wireless: You'll probably see a lot of articles in the next 12 months that lack the back story to broadband wireless, which Malik's piece contains. Broadband wireless isn't new: in fact, I was corresponding yesterday with Brett Glass, a founder of Lariat.org in Wyoming, which was operating 2 Mbps WaveLAN gear in 1993.
In the late 90s, several major telcos invested heavily in licensed-spectrum wireless broadband, buying up licenses in the educational/institutional MMDS/ITU band (2.5 GHz). Congress had authorized holders of geographic licenses in these bands -- holders that included hospitals, schools, etc. -- to sublicense these broadcasting/distance learning/misc. services frequencies to commercial users.
Sprint and Worldcom bought up practically all of the MMDS licenses -- Sprint spent a billion on them -- and AT&T used a much higher but licensed band above 10 GHz. None of these operations succeeded because they were using proprietary technology on frequencies that only they could use! Manufacturers were pumping out ever cheaper, lower-powered Wi-Fi and other spread-spectrum gear while the licensed broadband folks saw their costs stay the same. If you're the only customer (or maybe there's two), there's no much competition.
Ultimately, broadband wireless by the big boys died, and Om Malik's article traces the resurgence. There are several hundred broadband wireless ISPs in the U.S. -- one source says 1,800, but I think that's a count of cities in which the service is offered, not unique firms. And that's mostly the mom and pops.
Malik documents both the growth in firms offering to-the-curb/final-mile service, and also the T-1 and higher replacement companies that can bring in tens of megabytes per second of quality service in a few days. One of the key benefits to broadband wireless is that it can be instantaneous. Once you have the tower secured and fiber or high-speed lines running to it, the line of sight is your oyster as an operator.
Vivato gets switch approved, makes interesting statement: It's rare that reading a press release gives you insight into a company's direction, but given some of our earlier postings on this site about Vivato and the fact that we hadn't seen press releases mentioning major businesses, ISPs, or institutions, the announcement of FCC approval of their Wi-Fi Bridge/Router product (dual radios, $495) gives one pause.
The VP of marketing, Phil Belanger, says in the press release, The FCC approval gives us the green light to offer customers a complete line of standardized Wi-Fi solutions. This statement makes it sound like the bridge/router is more critical to Vivato's operations than might be suspected.
Posted by Glenn Fleishman at 8:33 AM | Permanent Link | Categories:
Michael Oh may have one of the most unique versions of a free Wi-Fi network anywhere. Oh wanted to extend Wi-Fi around his office, located on a tony stretch of Newbury Street in Boston, and to the shops on the street. He quickly concluded that he would have to charge users too much if he wanted to build a robust and reliable network that customers would pay to use. Instead, he decided to build a free network in hopes that it might serve as good PR for his Mac consulting, sales, and support business, Tech Superpowers.
But building a free network that included more than one access point (AP) would be expensive to maintain because it would require paying for high speed data lines for backhaul. So Oh developed his own network architecture.
"From an economic standpoint, it's an interesting architecture because it's simple," Oh said. "We can put up nine locations with a single T1." At each remote location he uses Apple APs plus wireless bridges from Linksys that were originally designed to wirelessly enable printers. At his central location is an AP with two outdoor antennas, each pointing in a different direction. The remote repeaters look like any type of client to the central AP. "So the AP at our location sees each repeater as nine client cards out there," he said.
The San Jose Business Journal looks at cut backs at Trapeze and Vivato, referring to the setbacks as "leaks in the Wi-Fi bubble": The story also looks at Cometa's scaled down ambitions and is the fist place I've seen a Cometa spokesperson note that the company's original plans were overly optimistic. Cometa has gotten some flack for delivering on a slower pace but not admitting that its plans had changed.
The story also notes that Vivato has 40 customers, which is more than I thought.
I think the piece unfairly picks on Trapeze for requiring customers to use its proprietary APs--all the WLAN switch vendors require customers to use their APs. Otherwise they couldn't offer all their whiz-bang features.
But ultimately those whiz-bang features may not be worth it for customers who don't want to replace existing APs or who don't like to feel forced to buy only a certain AP. I keep reading about increasing sales at companies like Bluesocket and Reefedge which both offer beefed-up security solutions to customers regardless of the APs they use.
The Washington Post doesn't begin to describe what Koolspan, the company with the bad name, does: But I spoke with Koolspan's vice president of marketing at a conference a few weeks ago and got the scoop.
Koolspan is marketing a smart card solution that authenticates users and encrypts data over Wi-Fi networks. The solution is designed for small to medium sized businesses that don't already have a RADIUS server for authentication.
Customers must load software onto their APs which allows the APs to recognize user keys and authenticate the users.
End users have a smart card that plugs into the USB port of their computer. The card encrypts the data sent from the laptop. The data is decrypted by an appliance that sits in the enterprise network, where the data is sent onward. The card supports 802.1X and performs AES encryption.
The nice thing about smart cards is that they essentially authenticate the user. A user inputs a password to release the keys on the smart card. That means that it's virtually impossible for two people to log on as the same user at the same time.
Gemplus, a maker of smart cards (or subscriber identity modules, SIM cards) for GSM networks, is also making a solution aimed at securing Wi-Fi networks. Smart card solutions have a better chance of taking off in Europe where all cell phones already use SIM cards but it's a secure solution that's worth looking at in the U.S.
Broadcom says that Atheros's 108 Mbps mode in its Super G featureset found in NetGear and D-Link devices significantly degrades nearby network performance across the entire 2.4 GHz band: Associate Editor Nancy Gohring and I filed this breaking news for PC World's online news site today. The allegations by Broadcom could shake the consumer industry slightly. We wrote this story now because Broadcom plans to demonstrate their findings at Comdex next week, and we felt this was the right time to provide the context we'd be been researching all week for the story.
If the methodology Broadcom used to conduct the tests is reproducible -- they claim these tests show that Atheros's products have a large negative impact on 802.11b and 802.11g networks -- then D-Link, NetGear, and Atheros will need to issue firmware upgrades, disable the mode, or recall equipment. Equally problematic: if Broadcom's claims are not reproducible or their testing methods and assumptions are faulty, they've gone a long distance out of their way to make themselves look unreasonable.
You might wonder why Nancy and I filed for PC World instead of breaking this news directly at this site. When Broadcom first briefed me on this problem on Monday of this week, I turned to the PC World editor who had recently assembled an exhaustive coverage section on 802.11g access points and their configuration and compatibility. That set of articles showed that many current 802.11g devices still have bugs to be worked out.
In discussions with the reviews editor and the online news editor at PC World, we talked about how best this story could be written without being either speculative or sensationalist. Their advice and willingness to act as touchstones in our reporting made it clear that we should work with them on the story. They vetted this through their network experts as well to confirm that the technical details were right.
I had and have a lot of trepidation about this story. We don't want to seem naive and give credence to a claim that's scientifically provable and which I've seen the results of but not the process until we know that it's reproducible. But given that this is about to go prime time, as it were, we all felt it was the right point to provide as much background as possible to root Broadcom's claims and Atheros's rebuttal in reality.
The New America Foundation, Media Access Project, and some vendors say that the FCC hasn't gone far enough by adding more spectrum to the unlicensed band around 5 GHz: They complain that because the spectrum is high on the band and because of the power constraints set by the FCC, rural WISPs still can't adequately serve customers. They are asking for more unlicensed spectrum in the lower bands where signals can better penetrate interference like trees and travel farther.
Rural operators and vendors who try to serve them have long discussed the fact that while the existing power limitations may be useful in cities they unduly strap the potential of wireless in rural communities. Dave Hughes, who has done tons of research on the use of wireless in remote areas, has often suggested that the FCC might set different rules in rural areas. That's a good idea. But I fear that the needs of the rural communities may not mean enough to the FCC to encourage the commission to consider accommodating them.
UN Secretary General Kofi Annan said wireless technologies can help developing nations leapfrog more expensive telecom technologies and empower people: It's nice to see wireless getting such big time attention.
I couldn't agree more that wireless can be a low cost way of connecting poorer communities. I've written about an Indian tribe in the Northwest U.S. that's using wireless to connect the reservation to the Internet as a means of bringing jobs to tribal members and preserving its culture. We've all read about other examples of such communities benefiting from wireless.
Unfortunately, funding that might help rural communities in the United States build wireless networks is currently at risk. The Wireless Communications Association in tandem with a slew of other rural and technology organizations have been working hard to convince the House to retain an increase in funding for rural broadband development that the Senate included in its budget.
Hagiwara Sys-Com has developed a memory stick wireless LAN card for Sony Clié handhelds: The card only works on Cliés running Palm OS 5.0 or 5.1. Those Clies already have the option of using a compact flash Wi-Fi card but apparently people are lining up to get the stick--MobilePlanet is taking preorders to begin shipping product Dec. 1.
The Wi-Fi gear market grew 9 percent in the third quarter this year, according to research from the Dell'Oro Group: The author of this report concludes that the market is at a turning point where we may be just about to see significant growth in the enterprise sector. The market for access points for enterprise networks grew 25 percent in the quarter. Until now, the small and home office market has primarily driven growth, he said.
I'm not sure we're quite on the cusp of seeing major uptake in the large enterprise sector yet because I still see a lot of confusion, given the wide variety of startups and products available to address enterprise needs. That confusion will clear up with market consolidation but that may not happen for a while.
The press release with some more details is here.
Dewayne Hendricks noticed an interesting omission from the agenda of the FCC's Open Meeting today: Commissioners had planned to discuss adding 255 MHz to the 5 GHz band and Hendricks says observers expected the item to pass. But the item was dropped from the agenda. The reason why came out later: it was approved yesterday!
The FCC press release (in PDF format, no HTML) said that 255 MHz in the 5.470-5.725 GHz band are now available for unlicensed devices. This action will also harmonize the spectrum available for these U-NII devices throughout the world, enabling
manufacturers to reduce product development costs by allowing the
same products to be used in many parts of the world.
The FCC is also requiring the items covered in IEEE 802.11h, which was developed to conform to European/World Radio Congress concerns, also apply to the lower indoor bands of 5.250-5.350 GHz as well as the new 5.470-5.725 GHz bands: dynamic frequency selection (DFS) - a listen-before-talk mechanism -- and transmit power control (TPC).
That additional 255 MHz should translate into as many as 12 additional nonoverlapping channels for 802.11a, which already has 12 nonoverlapping channels. In a talk with Atheros that Glenn had recently, the company noted that bonding channels in 802.11a to create multiple channel throughput of 108 Mbps or higher has enormous potential because of the lack of channel overlap.
ICOA, which puts Internet terminals in places like airports and hotels, bought Airport Network Solutions: ANS supplies Wi-Fi to the Sacramento, Calif. airport and ICOA already offers Wi-Fi in the Baton Rouge airport. ICOA hopes to build Wi-Fi networks everywhere it has Internet terminals. ICOA says it already offers Internet terminals and hot spots in 180 locations, including over 100 Panera Bread shops.
The two groups developing ultrawideband (UWB) technology failed to come to agreement on a single solution: As a result, the IEEE group responsible for finalizing the standard didn't get the votes required to move onto the next stage of the standardization process. That means ultimately the two groups, the Multiband-OFDM Alliance on one side and Motorola, which recently announced intentions to acquire Xtreme Spectrum, on the other, may develop separate standards.
Analysts are concerned that a splintered vendor market may prohibit UWB from success, and rightly so. Even worse, the two groups might push incompatible products into the marketplace, leaving the consumer to make the choice with the wasted money and non-upgradable hardware that comes from that process.
A recent Intel study that ranked towns in the U.K. by the number of hot spots per capita, noticed that more hot spots in the U.K. are in pubs than anywhere else: That's certainly a big difference from the U.S. where cafes make up the largest group of hot spots. (As opposed to pub-based "hot sots," which are overheated regulars.)
The Intel study ranked Exeter number one, followed by Bangor in Wales and then Newcastle. London ranked 33 because even though it has the most hot spots in the U.K.--and the second most in the world behind New York--its large population puts it lower on the per capita-based listing.
This article points only to anecdotal evidence from a journalist to claim that the price of using public hot spots in the U.K. is dropping: In any developing market, service providers walk a tight rope between charging enough to cover their startup costs and failing to attract customers because of sky high prices. At the moment, the price of a subscription for Wi-Fi services is too high for most except the serious traveler, especially because there aren't yet enough hot spots. Hopefully a greater number of hot spots will attract more customers, which will in turn lead to lower prices. Maybe that's already starting to happen in the U.K.
Interestingly, this intrepid traveler rants about how insanely high the cost of Wi-Fi is in Europe. He visited nine cities in the U.S. and had Wi-Fi access in eight. Just one of those charged a mere $9 a day for access. He then stayed in seven hotels in Europe and one offered Wi-Fi, for $60 a day and it never worked. Two of the hotels in Europe didn't have phones so no Internet connection was available from the room.
To be fair, this traveler doesn't mention which cities he stayed in so maybe he was pretty far off the beaten path. Still, I've stayed in decent hotels in Europe that have these ancient phone systems through which you can't even dial up. By contrast, just last week I took a road trip from Seattle to northern California and even cheap hotels in tiny towns at least had dial up while some had broadband wired access.
Since the wired access in European hotels is generally poor, hotel managers there might see a great opportunity in Wi-Fi. Wireless networks will be much easier for them to deploy in a building that isn’t already wired.
Much of this study is really obvious: For example, it states that customers will either pay a monthly subscription or on a per-session basis. Ya think?
But, one interesting stat here is that just 17 percent of hot spots are in hotels, airports, train stations and conventions. These are the places, the study concludes, that business people will want Wi-Fi access. I suspect that number is a bit skewed because while maybe not so many conference centers have permanent Wi-Fi networks, often conference sponsors deploy a network for the duration of the show. Those instances wouldn't be included in the 17 percent figure.
Also, the study concludes that coffee shops are not conducive to business traveler usage. Really? I think they are. There's always a coffee shop and usually an empty seat nearby so seems to me a perfect place to park it and get some work done while on the road.
Singapore Airlines yesterday, today it's Japan Airlines: JAL said it will install Boeing's onboard Internet access service on 68 of its long-haul planes. Installations begin in 2004.
It will be interesting to watch the wars for Internet connectivity in the air. Frankly, I'm a bit surprised that Seattle-based Tenzing is still around, mostly because it's got to be tough to go head to head with Boeing. Plus the airlines are notorious for being touchy about deploying new technology on board. We'll see…
Cisco introduced its Aironet dual- and single-radio 802.11g APs: Existing Aironet users can get 802.11g radio upgrades. The new APs have WPA and also AES, though Cisco is setting the AES off until 802.11i is passed.
Villanova deployed RADIUS servers from Interlink in addition to 208 APs to deliver full WPA security on its wireless network: The university is using EAP-TTLS authentication. This network is pretty secure, especially for a university. Villanova is using the servers to authenticate the wireless network as well as dial-up services on campus.
Lucent has already demonstrated that 3G networks can be used to backhaul Wi-Fi: Now it says it is partnering with Top Mobile, which builds a product that integrates the two types of networks and supports authentication, authorization and accounting. Such a combined product might be useful to deliver Wi-Fi to commuters on a train, for example. The backhaul could be done via the cellular networks rather than satellite.
Three Los Gatos locations are using Firetide's mesh networking technology to provide hot spots: The Opera House Banquet Meeting Facility and the Hotel Los Gatos have both built networks. In addition, the Opera House donated an AP to the town of Los Gatos to provide Internet access to the town plaza located across the street.
Firetide caters to challenging deployments that are difficult to wire because Firetide uses 802.11 radios for backhaul. The release doesn't seem to be posted yet but should be here at some point.
Strix is another vendor that uses wireless for backhaul. These vendors should be attractive to the cases where wiring is really difficult, like old buildings on college campuses or downtown.
SciNet, a volunteer group, will build a massive network to support the SuperComputing Conference in Phoenix next week: Volunteers will build the network in a week then tear it down in two days. It sounds massive--the network will support 150 aggregate gigabits per second and will use more than $16 million in donated gear. Apparently that amount of bandwidth is more than some countries, including Germany, have available in total. As for the Wi-Fi component, the volunteers will deploy 67 access points to distribute the bandwidth around the conference.
A couple guys got nailed for hacking into Lowe's national computer system using a Wi-Fi connection from the parking lot of one of the stores: They're accused of changing files, stealing credit card info and installing malicious software. TechDirt wonders if those accusations are unfounded and if the press is going to have a field day with this.
This may offer an interesting case to watch. The original story says that the guys have been charged with causing damage to a protected computer system. I wonder how the court will define a protected Wi-Fi network. Will WEP count?
Here's a good excuse to go there: A tourism and technology conference will happen in Cannes, December 11-12. One topic on the agenda is the business case for Wi-Fi in hotels.
Sputnik sends version 2 into orbit: Small and medium size hot spot operators have a new network management tool with Sputnik's platform, which became commercially available yesterday.
With Sputnik's server software and access points (APs) that include Sputnik edge software, operators get centralized network management functions with usage analysis, security, AP provisioning, and an end user interface.
The software, known as Central Control 2.2, doesn't yet support 802.1X but it does offer classic AAA security. It authenticates and authorizes users who want to get on the network. Also, every 30 seconds, it logs packets sent over the network so an administrator can analyze network use at the AP level.
Central Control also includes hooks for functions like billing or an existing AAA security mechanism. For example, if a hotspot provider is also an ISP, it can use an existing billing or authentication platform. Operators that are new to the game can also link to any merchant billing site for credit card processing.
Intel's Sean Maloney, general manager of Intel’s Communications Group, offered a glimpse at what Intel sees for the future of wireless: While all of Intel's Wi-Fi chips so far have gone into computers, Maloney thinks in the future they will live in a wide array of electronics devices in the home.
He admits that Intel was late to wireless and comments that the company has caught up. I certainly wouldn't agree with that given Intel doesn't even have an 802.11g chip out yet.
Maloney offers the perfect example of how Intel may be torn about using the hype machine. He notes that Wi-Fi has been overhyped, which is certainly due in part to Intel's Centrino campaign, but says that on the other hand, broadband wireless is going to change everything. Maybe Intel has really high hopes for Wi-Fi but is partly afraid that the market may not lead to a genuine boom.
Iogear makes an 802.11g access point that includes a print server. Users can connect a USB-enabled printer to the gateway and wirelessly send jobs to the printer. The gateway costs $129.95. Iogear hasn’t posted the release yet but it should be here eventually.
Mayberry has moved on from the 60s: The town the creators of the Andy Griffith Show modeled Mayberry after now has a Wi-Fi network covering 18 blocks of downtown. Apparently the city, Mount Airy, North Carolina, has been hit by the disappearance of many of the manufacturing jobs that kept its citizens busy.
It's not totally clear why town leaders think the free Wi-Fi network will help out the area. It seems that some believe the network will attract entrepreneurs to live in the area. They also hope the network will attract people to downtown, where they may end up spending money in the shops. The network is cheap enough so it's worth a shot--the town estimates it spent $5,000 setting it up and $300 to $500 per month to maintain it.
Some folks in New Zealand have designed a race for the serious Wi-Fi enthusiast: Participants drive around town sniffing for APs. Each AP contains a clue in the SSID for where to find the next. The first to find all the APs wins.
For a small country that doesn't make headlines often, Estonia continues to be a leader in hotspot rollouts. It now has two different gas station chains offering Wi-Fi--one has 43 stations unwired and the other has 29. [via Veljo Haamer, the site is written in Estonian]
Wi-Fi Networking News partner JiWire said USA Today, PC World, CNET Networks, and AvantGo will use JiWire's hot spot directory on their sites: The directory lists 20,000 hot spots around the world. Via AvantGo, the directory will be available to users of mobile devices like cell phones and PDAs.
Apparently Malaysia is competing with Singapore and South Korea as an Asian tech leader and part of its efforts involve building lots of hot spots: Malaysian operator TM Net contracted with Aptilo, a Swedish Wi-Fi services and solutions company, to build out 1,000 hot spots, 300 of which are to be built by the end of the year.
Fiberlink, the remote access aggretator, said it will use Boingo’s SDK (software developer's kit) to build a client: The client will provide Wi-Fi and in the future 3G sniffing, connection and authentication. The deal also means that Fiberlink customers can access the hotspots that are part of Boingo’s service.
In another deal from an aggregator, Infonet, which caters to large multinationals, will use hot spots that are part of GRIC's network. GRIC is an aggregator that appeals to distributed enterprises.
I'm seeing an increasing number of announcements about aggregators like Fiberlink, iPass, and GRIC including as many hot spots into their networks as they can and making it easier for their customers to find and use the networks. They are aggressively trying to lock their customers into relying on them for Wi-Fi access before tons of roaming agreements happen between Wi-Fi operators, making the aggregators irrelevant. It will be interesting to watch what happens to these guys as the market evolves.
Boeing forwarded me the results of an Intel survey conducted Oct. 4 on business travel habits: Connexion by Boeing is deeply interested in these numbers, as you can imagine, and I'll fulfill the greatest wishes of a press person (whether at Intel or Boeing) by posting in full these details:
In-flight connectivity is the No. 1 amenity requested by business travelers, and that demand increases continually.
Seventy-five percent of business travelers carry their laptop in flight.
Seventy-one percent of business travelers are convinced that Wi-Fi will enable business travelers to seize a communications advantage over their competition.
While only one in 10 business travelers has tried Wi-Fi, nearly 90 percent see wireless computing in their future.
When working in the office, 31 percent of business travelers reply to e-mail within one hour. When traveling, only seven percent respond within that same time frame.
Thirty percent of business travelers do not respond to e-mail for 48 hours or more while on a business trip.
One third of survey respondents said they have suffered significant consequences-such as missed meetings, lost revenue, irate customers, disappointed family members and even job termination-as a result of not having timely access to the Internet while on the road.
Illinois lawsuit against school district for using wireless explained a little further: This is the first article I've seen which contained any reference to the studies that a group of parents in Oak Park have been citing as demonstrating that there is a correlative risk because specific exposure to Wi-Fi microwave radiation and human health.
Unfortunately, the study that's the only one linked to in the article, one conducted by Leif Salford, doesn't lead to the conclusion the parents say it does. The Salford study shows that exposure to uniform radiation over a period of time in the GSM band can produce some ill effects in rats' brains.
While this study should certainly disturb those in the cell industry, it's applicability to Wi-Fi is very very low. First, the band used in Wi-Fi is much higher than GSM and will have different characteristics. The researchers don't state the band in their study, for some reason, but mention that they have been working in the 900 MHz band for some time.
Second, the study shows that exposure over periods of time to uniform radiation cause the outcome. For cell phones, this is an issue, but for Wi-Fi, it is not. Wi-Fi is not only a bursty technology, in which there is not a constant transmission of peak signal power, but it's also a technology in which the brain is usually from a few feet to dozens of feet away from the radiation point source. Because signal strength varies by the inverse square of the distance from the source, comparing an enclosed uniform radiation field in the study with brains located even 18 inches away from a similarly powered Wi-Fi transmitter is meaningless.
The study that needs to be performed would have rats in a laboratory at a variety of distances from both bursty and continuously transmitting Wi-Fi transceivers using standard equipment that produces from 30 mW to 200 mW of power, and commercial omnidirectional and sectorized antennas.
Frankly, this study makes me glad that I don't stick my GSM cell phone up against my head. I use a Bluetooth headset, which produces a fraction of the signal strength that a GSM does in normal usage and in a different band.
The Portland Business Journal has another long article about the city of Portland’s plans to attract Wi-Fi networks and Wi-Fi companies: The Portland Telecommunications Steering Committee, a group of city government and business leaders pushing Wi-Fi in Portland, hope that a Wi-Fi cloud will cover not just downtown but the outlying suburbs. An Intel exec is part of the group and Nigel Ballard hopes that Intel Capital might encourage some of the wireless startups it funds to relocate to Portland.
Portland has been really ambitious in its encouragement of Wi-Fi and I hope it spells success for the city. In typical Portland fashion, the leaders hope to use Wi-Fi to bring more business to the city but only as far as that can benefit citizens--the leaders almost always talk about ensuring some degree of free access on the Wi-Fi networks.
Azimuth has come up with test gear for Wi-Fi vendors: The company claims there is a bit of a void in the market for test equipment that can check performance of networks in a lab. Rich Redelfs, the former CEO and president of Atheros is on the board at Azimuth and says this is the first platform that can test 802.11 networks as a system.
A There is a lot of talk and some confusion around the value of voice over Wi-Fi: It will take some time for the market to figure out how extensively it should be used.
I think voice over Wi-Fi can be really useful to certain workers, but the current products have so many shortcomings that a company must have enough of those workers and be able to benefit enough to suffer through the headaches. Voice over Wi-Fi will become a routine service only if the products improve significantly.
From the beautifully named city of Espoo, Finland, comes the news that seven Finnish WISPs are roaming freely across their networks starting in 2004: The networks include the cities of Hamina (operated by Haminan Energia), Lahti (Suomen 4G), Mäntsälä (Mäntsälän Sähkö), Porvoo (Porvoon Energia), Rauma (Rauman Energia), Vaasa and the Leppävaara area in Espoo (Netsafir) as well as Vantaa (Vantaan Energia). Radionet is providing the roaming technology.
Interestingly, TeliaSonera HomeRun, the largest trans-Scandinavian WISP, isn't part of this deal. HomeRun has extensive roaming agreements across Europe and elsewhere that require fees for their users when outside of the HomeRun network, but retain the single login, single bill convenience.
Singapore Airlines will install Connexion by Boeing: The latest airline with long-haul service has signed up to install Connexion during 2004. Singapore Airlines will equip 40 of its jets with the service, but could install more according to the press release about the deal. Connexion provides 1 Mbps of upstream and at least 5 Mbps of downstream via satellite.
One thing's for certain: you can't call Michael Powell, the chairman of the FCC, anything but smart: Powell is simultaneously the strongest advocate for innovative uses of wireless spectrum that has ever held the office of chairman, while also an incredible defender of big media and its desires. This article goes a long way towards reconciling the two sides, while painting a clear picture of his deep intelligence.
A clever fellow discovered that his Belkin router was marketing a Belkin service to him through Web redirection: If you're using any Belkin gateway that offers its fee-based Parental Control Web Content Filter, it apparently intercepts a Web request every eight hours to show you an ad for that service. Belkin has apologized on home page, but hasn't seemed to own up to precisely what they did. A firmware upgrade will remove the "feature."
Business Week notes that the Wi-Fi security market is heating up: As companies get more serious about deploying and more informed about the risks, money is flowing to companies that provide security solutions for local networks and roaming users.
Jim Louderback writes about Intel's experiments and hurdles in merging VOIP, Wi-Fi, and cellular communications in a single device: Problems abound, which Intel's researchers are working on solving, including when and how you hand a call off from cell to Wi-Fi as networks become available. Another issue is where handoffs happen: the corporate switch? the cell provider's switch?
Dell's new card for tri-mode GPRS is $99, but it allows unlimited GPRS use on T-Mobile's network for $30 per month: The card works on Dell Latitude and Inspiron notebooks, and you can subscribe to either AT&T Wireless or T-Mobile for service. However, AT&T's plan starts at $30 per month for 10 Mb, while T-Mobile's offering is $30 per month for unlimited usage or $50 per month for unlimited GPRS and hotspot use on T-Mobile's network.
Here's an important note, however: the unlimited GPRS for no additional fee does require activation and a one-year commitment, but it also only includes T-Mobile's GPRS network. How extensive that network is, I'm not sure, but the question is whether or not you're informed when you're roaming and using GPRS: can you just not connect or are you charged some enormous rate without knowing about?
McDonald's will have its networks certified as Enterprise Ready by iPass: Now the ostensible purpose of this announcement is that McDonald's restaurants with Wi-Fi access will be available to customers on the iPass collective network, which comprises over 2,000 hotspots and 400,000 users across the companies they serve.
But read a little closer and you find that the three networks that McDonald's currently uses to run its Wi-Fi service -- Wayport, Cometa, and Toshiba -- are either already certified or soon to be. So what's the news here?
Two pieces of news, really. First, McDonald's is making a corporate-level commitment to iPass, which means that even if they use other networks, they'll ostensibly make sure that other operators are or will be certified. Second, McDonald's gave iPass permission to use its name in a press release, which can't hurt on the credibility side. A little extra news at the end notes that McDonald's in China will also become iPass Enterprise Ready.
Because all iPass customers have a directory of hotspots that they are really required to use if they are to use hotspots at all -- the software can be set to only allow access to hotspots on iPass's list -- this provides McDonald's with more of those business bodies they want.
Broadreach says it has built Britain's first Wi-Fi zone: The multi-hot spot area stretches through a region of London. Until the end of the year the zone will be free to use, which is a bit limiting given that the weather will probably be too crappy for many to want to sit outside between now and the end of the year.
Proxim said it will provide the gear for hot spots in all of Norway's airports: The networks should be live by the end of the year. It's not clear how many airports are part of this deal but it may just include four.
This Austin Statesman story ran last week; if you missed it, it's worth checking out: Austin has a thriving Wi-Fi community, many of whom believe that hot spots should be free. One group of volunteers that will set up a hot spot for venue, sometimes using donated gear. I talked to Rich MacKinnon, the founder of Less Networks and a driving force behind Austin’s free networks movement, and was impressed by his passion and drive.
While this article points out that the free hot spots in Austin are often more crowded then the cafes where you have to pay to get online, I still think that ultimately there will be space for both free and fee. The trick will be offering something worth paying for in the fee sites, such as added security or guaranteed bandwidth.
Motorola plans to acquire XtremeSpectrum, the folks who own a pile of ultrawideband (UWB) patents: Read the article for an excellent summary of why UWB is powerful. Motorola and XtremeSpectrum were one standards voting bloc on the IEEE 802.15.3a task group, with Intel, Texas Instruments, and a bunch of other folks in the Multi-Band OFDM Alliance on the other side. 802.15.3a is designed to offer 100 to 480 Mbps at ranges from 10 to 30 meters for streaming media and instant peripheral attachment.
A host of proposals coalesced into these two camps, and it makes sense that Motorola wants a piece of the action, even though both they and XtremeSpectrum agreed to offer free licensing for 802.15.3a developers to sweeten their proposal.
Posted by Glenn Fleishman at 1:15 PM | Permanent Link | Categories:
Intel bought Mobilian, a Hillsboro, Oregon chip maker: The acquisition will allow Intel to integrate Bluetooth into 802.11b chips. Mobilian's combined 802.11b/Bluetooth chip is designed for cell phones. Intel's processor supported Bluetooth, but didn't offer it.
Maybe we'll see more Intel acquisitions as the company plays catch up to its competitors.
A company called PacketHop is working on a mesh technology that routes packets among clients: Instead of routing traffic from one AP to the next, it routes from one user device to the next. The technology is designed to allow users to access a network from farther away from an AP.
It looks like PacketHop is announcing that it acquired some patents from SRI International which has already done some development of a product. It's not clear when this product will be available. (FireTide has also licensed SRI patents for its products, which include a few mesh-like attributes.)
The companies developing technology that uses existing electrical wiring in a house to build a network seem doomed for failure: When Wi-Fi is cheap, easy and better, why bother using one of these HomePlug solutions? With Wi-Fi you can hang out anywhere and get online, instead of only next to an outlet. Seems like a no-brainer.
Before Wireless Distribution System (WDS) became widespread this year, a HomePlug bridge might have made sense to avoid running wire between access points. That's now moot.
Broadreach is building Wi-Fi hot spots in 20 stations along Virgin's west coast rail line in the U.K.: The hot spots will just cover the stations. The article says the network will "likely" use satellite for the downstream and cellular for the up. The operator of the east coast line in the U.K., GNER, is also building hot spots over its stations.
Busy train lines in the U.S. should be working on this too. One in San Jose already is, but I haven't heard of any Wi-Fi coverage over lines on the east coast along busy corridors around Washington, D.C., or New York.
Lisbon's Parque das Nações becomes massive Wi-Fi zone with 100 mesh access points covering 100 hecatres/250 acres: The park was the site of the 1998 World's Fair, and access will be free for the first six months. It then moves into a vendor-neutral host position in which any wireless ISP can resell access. The network will divide itself into VLANs with unique SSIDs for each WISP -- a very clever idea, indeed, because VLANs with unique SSIDs can run as an overlay on a single infrastructure. The project is backed by the government and the agency running the park.
Portugal is well on the way to becoming the most egalitarian promoter of Wi-Fi usage in the world, through its subsidies and loans for laptop purchase by students, implementation of networks at universities, and generally encouraging attitude towards this uptake.
3Com will shortly ship its a/b/g enterprise products: Proxim was first out of the gate with 802.11g enterprise gear, and 3Com now has a full line-up that they say will ship this month. The retail prices are quite extraordinarily high, and the question is whether in an age of commoditization in which a $100 consumer box handles WPA (TKIP), 802.1X, and other advanced features, whether you have enough value added in the enterprise realm to charge $750 for a more robust, more network-manageable version of the same thing.
In a short piece on warchalking, writer fails the test: The author of this article in Time magazine finds a warchalk symbol (so he says...I've yet to see one in the wild), and writes a good, short piece about it.
Good until he notes, Nobody knows who invented warchalking. This reminds me of some of the lines from my favorite canceled sci-fi animated series, Futurama, set 1,000 years in the future.
We're in the present, so I type who invented warchalking into Google, and most of the matches explain precisely, as is well known, Matt Jones invented it. He designed the sign, spread the meme, posted a PDF with the graphics in it. I wrote about him and warchalking for The New York Times, in fact.
Hilariously, the 2nd match on Google right now is this Time article. They have a lot of inbound links does Time magazine.
Time published a huge package of wireless stories about a week ago. They come off as a little bland to me, because I know everything that's in them. To an audience that knows little or nothing about Wi-Fi, I'm sure this sounds much more exciting. But it reads like circa 2002 newspaper coverage.
The articles all have some missed notes, too, mostly in the technical and statistical details. In an article detailing business use of Wi-Fi, this statistic is thrown in: a surprisingly small number of U.S. firms that have installed wi-fi networks. Fewer than 5% of U.S. workers use them today, according to an estimate by Gartner, a high-tech research firm.
Unfortunately, the author has confused five percent of workers with five percent of companies. In this News.com article from a few days ago, the reporter presents an array of statistics on business use, including overall industry sales figures, and cites Jupitermedia's number: 57 percent of businesses are using Wi-Fi already to some degree. (Damn, I even know that magazine reporter; we worked on our college paper together.)
Given that companies like Microsoft and Novell have thousands of workers -- basically everyone with a laptop -- using Wi-Fi all the time all day everywhere on campus, that five percent of all workers is the mobile, laptop-connected five percent. What percentage of U.S. workers have computers at all? What percentage have laptops? That would better contextualize the number.
Maryanne Murray Buechner's pieces, including this FAQ, are quite excellent, offering sensible accurate advice for installing and securing home networks. Her take on WEP and explanation of using WPA are on the money.
Posted by Glenn Fleishman at 2:50 PM | Permanent Link | Categories:
This big rambling article makes a lot of interesting observations scattered among slight misunderstandings: Technically, it's not 100 percent right on, but it's an interesting ramble among the minds, antenna sites, and interests of Tim Pozar and other wireless community builders.
A fully-loaded RV will allow Oregon governor Ted Kulongoski to travel beyond the I-5 corridor and meet with constituents while still carrying out his office's business: I grew up in Oregon, and while the state has population centers around Portland, Salem, Eugene, and Grants Pass, a big chunk of the state is reachable only through small highways and farm roads using passes crossing coastal and inland mountains.
The RV uses satellite for its connectivity and Wi-Fi within the vehicle. A business lobby has provided the vehicle, but it's awfully hard to see how there are any ethical problems given that the connections are completely exposed: this isn't a backroom deal, and the RV was made by an Oregon firm.
(Kulongoski is the first politician I ever stumped for when he ran for office back in the 1980s; he lost.)
An excellent analysis of the WPA key choice weakness problem: It's been a high-traffic week here at Wi-Fi Networking News since we posted Robert Moskowitz's paper on how short WPA passphrases comprised of words found in dictionaries could be broken. Many many thousands of people have read the paper, and a number of articles of varying levels of accuracy have been written. The IDG News Service story is about the best re-summarization in IT terms.
But, IDG News Service, really: Moskowitz's paper is circulating informally on the Internet. No, it isn't. Robert provided it to me and gave me permission to post it on my site, along with a less technical summary that I wrote and had him vet before posting.
This moment of wounded ego is over.
Telerama wants to take its local experiment and push it across the country: This Pennsylvania company has 8,000 DSL and dial-up customers, and 75 hotspots with 600 subscribers. They believe they've learned enough about usage, cost containment, and deployment to take their local hotspots model and deploy nationally. Today, they announced that they're spinning off a privately owned firm called Telerama Wireless Corporation for this purpose.
I spoke to Telerama's president, Doug Luce, a few days ago and asked him how he would cut through the clutter of other companies seeking the same venues -- often venues that had been approached time after time and often turned them down.
Luce said that Telerama's hotspot model has Telerama paying all costs for equipment, installation, customer service, ongoing maintenance, and bandwidth. The site operator pays nothing and receives a revenue share. Luce said that the company had brought the entire cost of installation down to about $500 and their monthly recurring costs were just $50. Luce said that they purchase the Linux computer at the heart of their system for $30 by the palette-load, while a DSL modem is $60 at their volume purchasing, and the access points (a generic off-the-shelf dumb unit) is under $50.
He estimates that three monthly subscribers at a location recover ongoing operational costs. Telerama has worked with Covad to provide their DSL service in Pittsburgh, and will be working them nationally as they roll out service.
Telerama's pricing is somewhat unique: they offer a combination of unlimited dial-up and Wi-Fi service at their hotspot network for $30 per month. National dial-up service is provided by Dial-Up USA, which resells access to several national networks, providing multiple numbers in each city served.
Subscribers to Telerama's DSL service, which will be rolled out alongside the hotspot offering with Covad providing the installation, will be able to add unlimited DSL service for $10 per month to any level of account. A 24-hour session on a pay-as-you-go basis is $5.
Telerama Wireless is close to announcing arrangements with Wi-Fi aggregators, but is not yet ready to release names. With aggregation, their hotspots will be available to members of these associated networks.
Luce believes that their experience over the last 2 1/2 years in Pittsburgh, a tight control on costs, and their "we pay everything" model will allow them to move rapidly into cities, picking up coffeeshops and similar venues for their audience.
Telerama Wireless's ideal customers, Luce noted, are students, local techies, and the free-agent nation, as well as the windshield warrior: an intra-city traveler, not the jetsetting road warrior targeting by firms like Cometa or Wayport.
With this additional entry into the national market, more price pressure will be placed on the current footprint, which may make it even easier for hotspot operators to finally agree to a comprehensive roaming plan.
Two Wi-Fi operators vie for customers in Whistler, B.C., Canada: The local municipality vies against the local cable company. The latter expects to pick up customers who spent extended but not year-round time in Whistler; the municipality thinks it will attract day and week trippers.
Businesses becoming more convinced the Wi-Fi security problem solved or nearly so: This article rounds up the last couple of years of security concerns about Wi-Fi and notes that they're all wrapped up with WPA and the coming 802.11i. With 802.1X combined with revised encryption algorithms, corporate managers should be spending more money and fast.
I've heard again and again from companies how they've kept wireless deployments small and manageable until they felt they had a handle on all the issues. The figure cited in the article, that 57 percent of companies surveyed had Wi-Fi networks, hides the fact that many of those companies might be using it as a test or in small areas. These same companies could turn around and buy hundreds of access points if they feel they can combine security and ubiquity.
New report from Consortium for School Networking shows massive uptake and spending: In a survey conducted by Quality Education data, 68 percent of U.S. school districts own wireless networks, up from 39 percent in 2002. Districts will spend $230 million in 2004 on infrastructure and related devices (laptop carts, etc.).
Malappuram aims to have 100 percent e-literacy with the help of wireless Internet: This district in the Indian state of Kerala is deploying networks in hundreds of regional centers which are located within a few kilometers of several villages each. The population of 600,000 families can pay about US$1.00 (if I have the conversion of rupees correctly calculated) for 15 lessons.
Astoundingly, the government claims that 400,000 households are already e-literate, without precisely defining what that means, and has a goal of 100 percent. The entire state of Kerala ultimately hopes to expand this mode of providing access throughout its 14 districts. Kerala claims 100 percent written literacy.
The Wall Street Journal says T-Mobile near signing a roaming agreement (link good for 7 days): The article reports that roaming is starting to become an inevitability. I'm curious whether T-Mobile envisions a model in which there is fee settlement across networks, or it's free roaming. The TeliaSonera model cited in the article involves one bill, one account, but usage fees outside of the home network range of Finland and Sweden and certain TeliaSonera-operated hotspots in other Scandinavian countries.
I stand by my prediction: within a year, all U.S. networks will have substantial inter-network roaming agreements that will allow unlimited usage by subscribers for $30 per month or less. The marginal but vital additional value of Wi-Fi will enhance cellular and landline businesses, and possibly that of wired ISPs, but it won't have the standalone value that some misguided souls believe it does today.
Cometa discusses using WiMax as back-haul for its hotspots: This is not a bandwagon, it's a whole parade. I've heard from many folks in the industry that to densely deploy hotspots, wireless back-haul is the only reasonable course of action to conserve costs and maximize availability. With WiMax, it's possible that hotspots could have several Mbps, not just 1.5 or 512 Kbps. [via TechDirt]
Industry and academia demonstrate connection handoff across wireless LAN, GPRS, wired LAN on commercial networks: A press release (not included on this site) says that TeliaSonera, Ericsson, Radionet, and the Helsinki University of Technology have demonstrated a seamless handoff across commercial networks. The benefits they cite are absolutely the case: users want uninterrupted services and no monkeying around.
Interestingly, if you use NetMotion Wireless software, you can achieve most of this effect today. While you're responsible as a user for changing your connectivity, the NetMotion client and server software maintain the persistent state of the Internet connection.
Microsoft releases a comprehensive set of patches that rolls up all extant Windows XP wireless updates: It's always nice to have one of these mega-packages in which all of the fixes from all of the separate patches are put into one update. [via LockerGnome]
Wi-Fi Protected Access (WPA) has a weakness: poorly chosen short human-readable passphrases can be cracked with a robust dictionary attack offline and without access to the network: Robert Moskowitz, the senior techncial director of TruSecure Corp.'s ICSA Labs, has given me permission to post this paper he has written that describes a weakness in the interface design for WPA-equipped access points and adapters.
Robert's paper is rather technical and specific, but I can summarize:
Short, text-based WPA keys can be broken through no fault in the WPA protocol.
The longer summary: If you use the standard interface for WPA key entry and provide a text passphrase that uses words found in dictionaries of fewer than 20 characters, a cracker passively intercepting initial key exchange messages can employ an offline dictionary attack and extract the encryption key, gaining access to the network. Key exchange messages occur at the beginning of a connection between an adapter (station) and an access point; that exchange can be forced to repeat by a cracker sending a disassociate message which forces a new exchange within about 30 seconds. So a cracker can be on and off the network in a couple of minutes with the information they need. This is actually much worse than WEP, but easily solved.
Robert points out that dictionary-based cracking programs abound, and that little modification would be needed to turn one of those into a weak-WPA-key attack.
The fundamentals of WPA remain intact; this is technically an interface problem given that manufacturers know -- as he points out in his paper -- that users won't enter long keys. Microsoft solved this problem with their 128-bit WEP solution for their broadband gateway by writing the key to a floppy disk after it was generated, allowing users to walk the key from machine to machine.
It should be made clear that WEP's flaw were deep within: WEP can be cracked regardless of how good your key selection is or how long the key. With WPA, the length of the passphrase and its quality has a direct relationship to its integrity.
The problem Robert describes isn't unknown; he's just isolated and expanded on it. The solution is also quite simple: choose a key of at least 96 bits or a passphrase that includes gibberish that's more than 20 characters long. So far, of all the WPA interfaces that I've seen, only Apple's allows you to enter raw hexadecimal and they require 64 hex characters (32 bytes or a full 256 bits).
Robert suggests generating a small random value, turning it into its hex equivalent, and then entering those hex digits as a text passphrase to have sufficient randomness. For more information on passphrase weaknesses and strategies for choosing them, Robert refers you to this FAQ.
This shouldn't be the shot heard round the world, but I hope those of you that read this site will take this concern to the manufacturers of Wi-Fi equipment. It's not too late for them to fix this problem by building in the ability to generate random keys that can be copied and pasted simply across systems, and by restricting the ability to enter weak keys by either requiring more characters or running a crack program against your passphrase choice as Unix password programs often do these days.
By Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of TruSecure Corp
Use of PSK as the key establishment method
WPA and 802.11i provide for a Pre-Shared Key (PSK) as an alternative to 802.1X based key establishment. A PSK is a 256 bit number or a passphrase 8 to 63 bytes long. Each station MAY have its own PSK, tied to its MAC address. To date, vendors are only providing for one PSK for an ESS, just as they do for WEP keying.
When a PSK is used instead of 802.1X, the PSK is the Pairwise Master Key (PMK) that is used to drive the 4-way handshake and the whole Pairwise Transient Key (PTK) keying hierarchy. There is a straightforward formula for converting a passphrase PSK to the 256-bit value needed for the PMK.
This paper will look into the risks of using a PSK and particularly the risk associated with a passphrase-based PSK.
How the PSK is used in WPA and 802.11i
The PSK provides an easily implemented alternative for the PMK as compared to using 802.1X to generate a PMK. A 256bit PSK is used directly as the PMK. When the PSK is a passphrase, the PMK is derived from the passphrase as follows:
PMK = PBKDF2(passphrase, ssid, ssidLength, 4096, 256)
Where the PBKDF2 method is from PKCS #5 v2.0: Password-based Cryptography Standard. This means that the concatenated string of the passphrase, SSID, and the SSIDlength is hashed 4096 times to generate a value of 256 bits. The lengths of the passphrase and the SSID have little impact on the speed of this operation.
The PTK is a keyed-HMAC function using the PMK on the two MAC addresses and the two nonces from the first two packets of the 4-Way Handshake. This is why the whole keying hierarchy falls into the hands of anyone possessing the PSK, as all the other information is knowable.
The Intra-PSK attack
The normal practice is to have a single PSK within an ESS. To generate any PTK, a device only needs to learn the two MAC addresses and nonces (and the selected ciphersuite). All of this is available in the initial exchange, from the ASSOCIATE through the 4-Way Handshake. Any device can passively listen for these frames and then generate the PTK. If the device missed these frames, it can send a DISASSOCIATE against the STA and force the STA to perform the ASSOCIATE through the 4-Way Handshake again.
Thus even though each unicast pairing in the ESS has unique keys (PTK) there is nothing private about these keys to any other device in the ESS.
The offline PSK dictionary attack
A station that does not know a passphrase-based PSK can attack it with an offline attack. This is effective for an outsider where there is a single PSK in the ESS, or an insider where there are unique PSKs.
The 802.11i standard points out that:
A passphrase typically has about 2.5 bits of security per character, so the passphrase of n bytes equates to a key with about 2.5n + 12 bits of security. Hence, it provides a relatively low level of security, with keys generated from short passwords subject to dictionary attack. Use of the key hash is recommended only where it is impractical to make use of a stronger form of user authentication. A key generated from a passphrase of less than about 20 characters is unlikely to deter attacks.
The PTK is used in the 4-Way handshake to produce a hash of the frames. There is a long history of offline dictionary attacks against hashes. Any of these programs can be altered to use the information in the 4-Way Handshake as input to perform the offline attack. Just about any 8-character string a user may select will be in the dictionary. As the standard states, passphrases longer than 20 characters are needed to start deterring attacks. This is considerably longer than most people will be willing to use.
This offline attack should be easier to execute than the WEP attacks.
Using Random values for the PSK
The PSK MAY be a 256-bit (64 hexadecimal) random number. This is a large number for human entry; 20 character passphrases are considered too long for entry. Given the nature of the attack against the 4-Way Handshake, a PSK with only 128 bits of security is really sufficient, and in fact against current brute-strength attacks, 96 bits SHOULD be adequate. This is still larger than a large passphrase, but is unlikely to be in a dictionary attack. Using a relatively small random value represented in hexadecimal, and entering it as a passphrase will expand it to a proper 256-bit PSK.
Anyone with knowledge of the PSK can determine any PTK in the ESS through passive sniffing of the wireless network, listening for those all-important key exchange data frames. Also, if a weak passphrase is used, for example, a short passphrase, an offline dictionary attack can readily guess the PSK. Since the common usage will be a single PSK for the ESS, once this is learned by the attacker, the attacker is now a member of the ESS, and the whole ESS is compromised. The attacker can now read and forge any traffic in the ESS.
Pre-Shared Keying is provided in the standard to simplify deployments in small, low risk, networks. The risk of using PSKs against internal attacks is almost as bad as WEP. The risk of using passphrase based PSKs against external attacks is greater than using WEP. Thus the only value PSK has is if only truly random keys are used, or for deploy testing of basic WPA or 802.11i functions. PSK should ONLY be used if this is fully understood by the deployers.
WPA has a gaping hole in its interface implementation for key choice: Watch for a full report later today on what I hope will spur the industry into fixing a massive security hole in WPA related to front-end implementation. I'll have a paper from a security expert and some non-technical translation that shows how while WPA's fundamentals remain intact, the choice of TKIP keys could render it as susceptible as WEP to cracking.
Yes, I'm teasing you all. Check back later today for more.
There's a careful dance done between mammoth partners and small companies as to when you can speak their name in a press release: Broadcom received the go ahead, as you can see, to state that Microsoft's new 802.11g home wireless products will use their chips. This was known for a while, but this is the first public announcement, and should be yet another boost for Broadcom.
Microsoft's products, which I haven't had the chance to use in their previous or new incarnation yet, have the unique and much-praised distinction of encouraging users to turn on security and actually facilitating distributing the key (using a floppy disk, but, hey, whatever works) among computers on the network.
In a routine new-store article, free Wi-Fi gets play: It's a news event in this New Hampshire town when a 5,400-square-foot Panera opens, partly because it represents a success for a local franchisee expanding operations. But note that the free Wi-Fi gets a couple of grafs. The cost of a couple of grafs that bring more people in to a Panera initially and as permanent lifetime customers is probably tens of thousands of dollars. The cost of free Wi-Fi? Hundreds.
Congressional caucus says exercise protection: A press release that appears to come from Rep. Mike Honda (D-Calif.), co-chair of The Internet Caucus Wireless Task Force, recommends some common sense advice often ignored or unknown to regular users of Wi-Fi networks. The advice includes the statement, Set and encrypt your wireless network password, if you want to close your network to strangers. That says an oceanful: they're not trying to implicitly deprecate community networks, for instance. The page linked to has more information relating to legally sharing your network.
Rep. Honda is a well-informed advocate of wireless technology, being one of the House lights who worked on freeing additional spectrum in the 5 GHz band for unlicensed use. I interviewed him through one of his lead staffers, who himself was a former IT trade magazine reporter.
Let's scratch the surface, though, shall we? The Congressional Internet Caucus is a non-profit 501(c)(3) corporation, which means, as I understand it, that they can't engage in politics, only education. The goals and nature of the group are pretty interesting, and 160 representatives and senators are signed on to the group.
But take a look at the advisory committee from industry. The MPAA. The RIAA. AOL Time-Warner. Excuse me, Time-Warner (pay no attention to the AOL part). VeriSign. The software cops at the Business Software Alliance who sent threatening letters without knowing whether someone's violated anyone's copyright.
And it gets weirder. Alongside these firms and organizations, the Center for Democracy and Technology, which is fighting the so-called PATRIOT Act. The World Wide Web Consortium (W3C). But also the People for the American Way Foundation and the Progress and Freedom Foundation. (It's code: say democracy, and it's liberals or left-of-center; say freedom and it's conservatives, or right-of-center.)
And weirder. Scroll down and you'll see the American Library Association, the ACM, the American Society of Newspaper Editors, Google, Intel, and Yahoo.
Is it just possible that this group actually represents a diverse set of interests all providing a complex interplay of information about the impact of the Internet on the lives of Americans? It seems to be.
A rogue access point on a company that takes its wireless LAN security seriously still painful to detect: You can see how even with a strong set of policies, it's easy for an employee to subvert them. You might understand now why some companies have strict bag searches for employees entering and leaving the building.
Those of you who saw the Al Pacino movie The Recruit will remember that one of the most plausible technology plot points involved a hidden USB hard drive. (Of course, CIA computers probably have their USB drives sealed and USB drivers set to restrict access, but you never know.)
One of the factors that makes rogue wireless access points difficult to cope with is that local wired networks are often security free. This is changing, of course, with the rise of VLANs and secure fileserver mounting. The Recruit 2: Revenge of the Nerds will obviously feature someone with a micro-Wi-Fi-antenna.
Like what you see at left? You can have it, too: The JIWIRE hotspot locator can be added in one of two dimensions to your page by following the link.
My full-length coverage in TidBITS on Apple's WPA update: In this longer article, I provide more details and more of the limitations of Apple's initial foray in Wi-Fi Protected Access. Sources say that AirPort Card support isn't too far in the future, while AirPort Base Station support isn't going to happen at all.
His wife is giving birth and he's posting pictures via the Wi-Fi network: "Push, honey, push! Push that file to the FTP server!" [via BoingBoing]
HotSpotVPN.com, a virtual private networking service provider with individual accounts, has added three regional VPN clusters: I had a chance to meet the company's founder, Glynn Taylor, during a spin through Seattle that he made on the rainiest day in history here (5.01 inches in 24 hours). Needless to say, his broughams got soaked.
Taylor's model is to offer a very inexpensive VPN connection -- $8.88 per month -- for the millions of business travels who don't have the luxury of a corporate-operated VPN service back to their network. HotSpotVPN.com uses the PPTP standard, and allows a fully secure encrypted connection between any PPTP client-equipped computer or handheld and their servers.
The addition of three clusters in California, Florida, and Virginia, on top of their existing Washington, D.C., servers, means that traffic should run even faster for existing and new clients closer in Internet topology to those areas.
(Full disclosure: HotSpotVPN.com has been an advertiser in the past. I'm a big fan of this services model, however, and I expect that Taylor will face more competition as he moves forward.)
Posted by Glenn Fleishman at 2:23 PM | Permanent Link | Categories:
Radio frequency identification tags are coming, but are they friend, foe, or just too expensive?: WalMart's mandate of RFID tags on products entering their maelstrom will push the adoption of the technology, but some of the futurists' visions of milk carton's reporting in to their home base when they're empty seem like a combination of The Jetsons and 1984.
RFID tags are also way too expensive for this vision of the future -- whether AT&T "You Will" utopic or Brave New World dystopic. The cost has to come way down to make them useful for individual products and shelves. Right now, the palette level is the right price point.
(Intrepid staffer Nancy Gohring filed the story for The Seattle Times; Nancy is on vacation this week.)
Vivato's switches save years and dollars at university: This installation would have been challenging for conventional wireless LANs, the press release notes, because the university spans many buildings across 400 acres. Many of the 40 buildings are historic, which probably translates into "no wiring closets" and an aging electrical physical plant.
The backstory of a press release like this is that Vivato finds it necessary to promote the installation of their equipment at institutions with unique characteristics rather than announcing the sale of their gear to Fortune 5000 companies or wireless ISPs.
Omnifi ships its Digital Media Player: It's a 20 Gb hard drive that can be used in a car or attached to a home stereo system, and using Wi-Fi (802.11b flavor) to transfer data. The system can schedule data transfers, and if your garage or parking spot is close enough to your wireless network, you can take advantage of car-area networking.
Tune in your media player and watch SeattleWireless TV's latest program: This month's "broadcast" includes Eric Hall demonstrating how to make a BiQuad antenna based on the Trevor Marshall design; Matt Westervelt explaining why Seattle Wireless is different from other community wireless organizations; and footage from the field day Seattle Wireless organized last summer.
Legra, the WLAN switch developer, announced today the general availability of its switch and AP platform. The slew of WLAN switch makers that have entered the market over the past year aim to make it easier for IT workers to manage large WLANs. While they all aim to solve the same set of problems, each has its own spin and Legra is no different.
One unique aspect of Legra's switch is the crypto engine, which lives on silicon specially developed by Legra. The chip allows four different engines to run at the same time so users can prioritize traffic through the encryption process. The capability could be important for some users, like hospitals that may want to make sure that critical information such as heart monitoring data is transmitted as quickly as possible. "Email won't impact the mission-critical communications," said Paul DeBaesi, vice president of product management and marketing for Legra.
The WiMax Forum is supposed to help settle on an approach that implement the IEEE 802.16a point-to-point wireless spec: But the sheer range and nature of the protocol might result in several incompatible approaches. Intel's involvement might focus efforts in one direction.
The article's side note that the 802.11g pre-ratification rush in the Wi-Fi space means even the Wi-Fi Alliance has found it difficult to maintain the original promise of interoperability is unfounded. I was dubious about the early 802.11g gear, too, but the rush was towards a single standard, not towards several. Ultimately, the IEEE approved 802.11g in summer and the Wi-Fi Alliance certified gear shortly thereafter.
Austin's free hotspot locations grow: This article implies that Austin is unique, and while it does have an interesting confluence of several trends -- and Schlotzsky's and Wayport are both headquartered there -- there are dozens of free locations in other large cities as well. It seems to be more of a coalescing community attitude, however, that free hotspots make more sense than for-fee ones that's provoked this and similar articles.
The Schlotzsky's survey, by the way, is months old, but the company keeps bringing it out. They have both free computer access (via Apple iMacs) and free wireless at their test stores, and their survey showed that six percent of visitors to the stores during the survey came because of wireless access. At $7 for an average customer purchase, that equates to $100,000 in gross additional revenue per store, not overall, as the article implied. But Schlotzsky's should really revamp those numbers given the massive publicity they've received and the length of the experiment. [via Smart Mobs]
Nortel's trials for mesh networking backhaul could threaten unknowns with similar products: Strix, FireTide, BelAir, Tropos, and others use wireless backhaul -- often 802.11a -- to create clouds or islands of access without bringing a wired connection to each location. But Nortel's product sounds similar and has their marketing and brand behind it.
802.1X poised to replace the wireless-outside-the-firewall philosophy, if only clients existed: As WPA has started to percolate slowly, so slowly, into Wi-Fi equipment, I've seen the simultaneous rise of interest in 802.1X, an authentication method in which WEP or WPA keys can be assigned through a three-role authentication process. (I wrote about this a bit a few days ago specifically in reference to Microsoft's upcoming wireless provisioning service and T-Mobile's also upcoming support of 802.1X.)
In brief: a client or supplicant connects to an access point or authenticator which passes credentials to an authentication server. Once the credentials have been confirmed, the authenticator hands back a unique WEP or WPA key, which can be replaced reguarly and automatically, and opens access to the supplicant to the rest of the network.
802.1X requires support in the client via the operating system or a third-party software application; in the access point, through the ability to accept EAP (extensible authentication protocol) messages and hand them off to a RADIUS or other authentication server defined in some area of the access point's configuration; and an authentication server that can respond with the right information to initiate the keying process after credentials are accepted.
None of these requirements is a high bar. Windows XP has shipped with an 802.1X client for some time, although it only supports a couple of flavors of secured EAP, in which the credential exchange is encrypted within tunnels. And virtually all mainstream RADIUS and similar servers are now equipped to talk 802.1X/EAP using various secured EAP methods.
The client is the weak point, because until last week, only Windows XP had a built-in 802.1X client. Mac OS X 10.3 (Panther) now includes 802.1X support, and they feature all of the EAP types, including PEAP, LEAP, EAP-TLS, EAP-TTLS, and MD5. Some of those are deprecated. (Because it's a Mac, if you're using a certificate-based EAP method, like EAP-TLS, you just drag a certificate from email into the Keychain program, and that's that.)
Other platforms and other versions of operating systems aren't out of luck because they can turn to Meetinghouse, which supports flavors of Windows and Mac OS X (before 10.3), as well as Linux 2.4 and Solaris. But there wasn't much motivation to buy 802.1X clients until the whole chain was available.
WPA has driven this process faster, it seems to me, because WPA solves the key-changing problem. With WEP, some scientists have told me that you've have to change the key every 300 packets to be sure that intercepted data couldn't be decrypted. That's a high bar. With WPA, an 802.1X system could change keys every few minutes -- or weeks or years potentially -- without any reduction in the level of security even with the TKIP key that's available as part of the WPA standard.
Another element driving 802.1X adoption is that it reduces VPN costs. If you're using a wireless-outside-the-firewall approach that requires a VPN client on the local network to tunnel through, you can completely eliminate the VPN client and per-seat server costs. For roaming users, you still need VPN connections, but local VPN systems that can support megabyte-per-second connections are quite expensive, where 802.1X can piggyback on existing RADIUS installations.
Finally, because 802.1X communicates between the authenticator (switch or access point) and authentication service using yet another standard -- EAP over LAN or WLAN (EAPOL or EAPOW) -- the authentication server can be remotely located on a local network or elsewhere on the Internet.
Follow this through, and you can see that with widely distributed client software that supports all EAP types, even small offices and hotspots could provide effective local link security by outsourcing the authentication server portion. One company, Wireless Security Corporation, is already offering this service -- and more will certainly follow.
What's the executive summary, here at the end? No more local VPNs. WPA is robust, trusted encryption. 802.1X clients should be purchased and installed on all wireless computers.
Welcome to our partnership with JIWIRE: If you're a previous visitor to Wi-Fi Networking News, you'll notice some changes today in our banner, the left navigation bar, and our site's coloring. We've partnered with JIWIRE, an editorial operation that combines a great hot-spot directory with a terrific editorial approach to teaching how to most effectively use Wi-Fi in specific and wireless in general. (That last part is self promotion: I helped plan the editorial mission and calendar over the last three months, and act as senior editor for JIWIRE: writing, planning, and working with freelance contributors.)
Our partnership with JIWIRE doesn't change anything editorially: we're still an independent organization, and Nancy Gohring and myself will continue to report in the fashion we have over the life of this site. JIWIRE will be handling the advertising sales for this site, however, and our connection back and forth should help us both reach more people. We link to their hotspot directory (see at upper left) and they link to our headlines.
JIWIRE has also begun its real editorial cycle starting today. If you visit their home page you'll see links to five regular daily themes: Wi-Fi, Hotspots, Cellular, Road Warrior, and Gadgets. Each of these themes is handled by a dedicated bloggers (with excellent credentials): Nancy Gohring (WNN, NY Times, InfoWorld), Mike Masnick (TechDirt, consultant), Brian Jepson (O'Reilly, book author), Paul Boutin (Slate, Wired), and Agen Schmitz (formerly of Amazon.com), respectively.
The idea of this section of the site was to provide timely and interesting items about subjects that appeal to a wireless audience, but without the formality and depth of a full-length feature.
I'm looking forward to working closely with JIWIRE on both sides of the fence: as an editor with them and as a partner on the news site. It's a great complementary combination, and I welcome your feedback!