Boingo Wireless becomes the latest firm to use open source to bypass licensing complexity for partners: When you hear open source, you think about software that has broad interest for either horizontal (think Firefox) or vertical (think Gimp) communities. Many well-known open-source projects involve hundreds of regular developers, some who are employees of firms like HP and IBM, and thousands of occasional projects. Boingo Wireless's open-source release of the Boingo Embedded Wi-Fi Toolkit has little to do with that group, although the principles are shared. (Read the press releases: Open Source, Partner Approval, E28 Ports Toolkit.)

In an interview, Boingo president and chief executive David Hagan explained that they wanted to put their authentication software out into a broader community of use to spread experience with their code base for companies that might want to partner with Boingo. "We're not looking for the college student in his room who is coding at midnight," Hagan said.

But their release of the toolkit doesn't prevent that college student from using the codebase. The toolkit includes Boingo's bag of tricks for detecting, connecting, and authenticating onto intentionally public hotspots. This represents hard-won knowledge spanning five years of the firm working on preventing their users from ever seeing a logon screen beyond their own. The first version of the toolkit supports Linux, BREW, Windows Mobile 2003, and Windows Mobile 5.

Releasing the toolkit allows any company or individual who wants to have hotspot features to adapt Boingo's software. Hagan notes that for the gaming, handset, and consumer electronics industries, there's enormous fragmentation on embedded software platforms. "For us to try to port our code and sell and license on code on every potential platform, we'd need a zillion engineers and a zillion business development," Hagan said.

The toolkit could be experimented by an in-house development team, and then, later, business-development folks could sign an agreement to sell access to Boingo's aggregated network. The software works fine without reselling hotspots, but that's the big value that's baked in.

Another advantage of the open-source route, Hagan said, is that cell handset makers and cell carriers don't like to be locked in. With an open-source approach, there's no exclusivity or control involved. "If it's truly an open platform, they won't feel locked in at all," Hagan said. The toolkit supports over-the-air provisioning, which allows a carrier to set up or reconfigure the software without requiring a visit to a carrier office or an Internet connection.

Hagan expects that one use of the toolkit would be to allow unlicensed mobile access (UMA), in which a dual-mode cell phone switches to Wi-Fi either automatically or by a user's request. Hagan notes that MVNOs (mobile virtual network operators) who buy their minutes from carriers like Verizon and Sprint and resell them to their customers have enormous motivation to migrate talking minutes from this purchased cell airtime to much less expensive Wi-Fi time. MVNOs might choose to switch to Wi-Fi whenever an authenticated network is available, while a more traditional carrier might provide that as a simple option for users.

This open-source effort for detection and connection coupled with Devicescape's similarly focused open-source release of its Wi-Fi authentication and encryption package could produce enormously better hotspot support in completely open projects with no connection to for-fee hotspots and in commercial projects that currently lack the finesse, exhaustiveness, or ease of either Boingo or Devicescape's packages.

Boingo is dual licensing its code based. In the open-source version, the application layer is licensed under Apache 2.0 terms, in which republishing of modifications is encouraged; the Wi-Fi toolkit is covered by the Lesser GPL, which requires republishing of modifications; and the Platform Abstraction Layer (the part that talks to devices) is under Apache 2.0's license. The commercial license allows all part of that stack to remain closed. The open-source version, because it doesn't require publishing changes to the interface layer and driver layer allows those to be kept private, too.