Receive new posts as email.
This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator. Part of the FM Tech advertising network.
Entire site and all contents except otherwise noted © Copyright 2001-2010 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.
Amazon.com is offering a so-called Black Friday special on Eye-Fi Share:
The 2 GB Wi-Fi-enabled Secure Digital card normally runs $90; it's $65 while the sale lasts.
Given that Eye-Fi introduced a limited-time-only 4 GB "Anniversary" model that replaced the 2 GB Share version in its current line-up, and that the Anniversary model was $130 list but $100 for Costco members, it's pretty clear that the 2 GB won't re-appear, the 4 GB model will drop in price, and Amazon's acting as a clearance center.
The Eye-Fi Share lets you upload pictures over a local network to a designated computer, or upload via a Wi-Fi network for which the Eye-Fi is configured to connect over the Internet to Eye-Fi's servers, and from there to a specified photo-sharing, social-network, or photo-printing service.
I'm a fan of the Eye-Fi, although I favor the currently $130 Explore model (see my review), which comes with geotagging (via Skyhook Wireless) and adds a year of included uploading via Wayport locations (now part of AT&T).
I was digging around my basement looking for a USB extender and came across this gem: Anyone remember Tenzing? Anyone? First folks to put Internet access (sort of) on planes? Well, I do. Tenzing was a Seattle company that was later merged into what became OnAir (a Airbus/SITA joint venture).
Tenzing's ultimate goal was Internet access via satellite on planes, but they started with a clever workaround. Using Verizon AirFone's narrowband air-to-ground phone service and an onboard proxy server, Tenzing offered email on United and, I believe, Delta for a short period. The service offered subject lines for a small fixed fee (a few dollars a flight) along with the first part of a message, with longer messages being charged by the K.
The service didn't catch on fast enough, and then 9/11 hit, which put the domestic airline industry on the skids from which it still hasn't recovered. Tenzing shed workers, and then reorganized its assets into what was transferred to OnAir.
This Connectivity Kit that I dug up was a promo to let people test out Tenzing's service. It came with a card good for a short, free Verizon AirFone call; a code for one free Webmail session; and a retractable RJ11 phone cable because this required a modem connection over the local phone network. A CD came with Windows software; Mac users just entered 123-4567 for the dial-up number.
Now, what's amusing about this blast from the past? This is precisely the service--sans phone cord--that JetBlue is offering on its single equipped test plane that has Internet access. Back on 8-June-2008, the LiveTV division of JetBlue that won 1 MHz in the U.S. air-to-ground spectrum auctions in 2006 purchased AirFone's ground assets--communication gear on 100 towers.
While I don't have direct proof that JetBlue is using the same sort of system as Tenzing, the reported onboard features and speeds make it pretty clear that the company hasn't upgraded equipment on the towers yet, though they plan to do so.
Happy Thanksgiving to my fellow Americans; enjoy a few days of peace and quiet, the rest of the world.
My interview with Aircell CEO Jack Blumenstein is now available: Through a variety of happy accidents, I wound up interviewing Blumenstein for BoingBoingTV while we were on Virgin America's inaugural Wi-Fi flight/press launch last Saturday.
If we appear hurried, we were trying to finish the interview in the remaining window for access as we were getting close to starting an approach for landing at SFO. Aircell's service is ground-to-air, and they're covering only domestic U.S. flights (and Air Canada's flights for their intra-U.S. portions).
For this test flight, which left and returned from SFO, the route was carefully plotted to keep the plane over the ocean, but oriented towards ground stations to make a loop that wouldn't interfere with SFO ground traffic but which would provide continuous coverage. The company flew a test in their own smaller craft, and then did a test run with the actual Virgin America flight before the press event.
Yesterday was the party flight, today the light of day: For a couple hours on Saturday evening, I was on the hottest flight in the air--well orchestrated by Virgin America to bring together bloggers, press, online celebrities, and a few others, along with a hunk of the staff from Aircell and Virgin America's PR and marketing group. I've uploaded a small set of photos (some a bit abstract due to low lighting).
It seemed like a rousing success to me from both the technical and marketing angle. The service received positive reviews from all aboard, including me, Gizmodo, Engadget, and Cnet. (I was surprised to not see more blog entries or news stories given the quantity of press aboard, but many of those stories will likely follow during the work week.)
I spoke briefly with Dave Cush, the chief executive of Virgin America. He seems very taken with the idea of having a service that no other airline is offering fleet wide. There's a predictability with fleet wide deployment. American's tentative step has probably resulted in low usage due to travelers simply not being aware of the service or trusting that it's available.
Gogo's sign-up process is the only friction in using the service. You must sign up for an account, just like at Amazon or any ecommerce site, and that's irritating although perfectly reasonable. One trick to sidestep this on flight is to sign up in advance. There's no cost, and this allows you to put your credit card number on file. The company has a deal in place with iPass that hasn't turned into anything public yet, but I expect that when that goes live, iPass customers will have the single sign-in they have now, which will bring hundreds of thousands of business travelers into the mix. (This also avoids separate expensing and itemization--and rejection of same--because IT departments can pre-approve certain extra charges via iPass, as I recall.)
Although I didn't have to a chance in my conversations with Jack Blumenstein, the chief executive of Aircell, to talk about the future of the service, I did glean that Aircell is interested in LTE as that standard develops. Aircell uses essentially off-the-shelf EVDO Rev. A over their exclusively licensed frequencies. EVDO Rev. A uses 1.25 MHz channels; Aircell has 1.5 MHz in each direction, so it's a neat fit. That gives them a raw rate of 3.1 Mbps over 1.8 Mbps, with actual top performance somewhat lower. (In some tests, people have gotten 2 Mbps downstream on an American Airline flight with Gogo installed.)
LTE could potentially double to quadruple that rate when it's commercially available, and there should be 1.25 MHz profiles available, even though LTE will typically be used with 5 MHz to 20 MHz channels.
In talks with various folks at Aircell, it's clear that the company is still early into its settling-in period with airlines, and that more baroque and interesting options will be appearing over time. For instance, should the charge for a red-eye flight be the same as a daytime flight? Right now, it is, but the company is interested in dynamic pricing, in which time of day and other factors play in.
They're also aware that that their two-tier pricing ($10 for 3 hours and shorter; $13 for longer flights) isn't that appealing for short hops, such as the one I took yesterday from Seattle to San Francisco. Right now, most of system will be built on cross-country or 3- to 4-hour flights, and as more planes come online, all of this will be examined.
Aircell staff mentioned in passing yesterday--and FlightGlobal expands on--that there's another airline in the wings beyond the four announced airlines. Aircell told FlightGlobal that a sixth airline is near a decision, too.
One staffer told me that the company is also working on planes to integrate satellite Internet at the peripheries of their American profile, so that airlines that fly into and out of the Aircell ground footprint would be able to have some kind of seamless access. I'm looking to get more details about this.
Beyond the Wi-Fi, the Virgin America experience is rather marvelous, because you're flying new planes that were designed with 2006/2007 in mind, not 1996/1997. For every seat in first class and between each seat (thus two per row) is a charging/networking setup: power, using a normal North American three-prong jack; USB; and Ethernet.
The seatback entertainment system, Red, didn't live up to reports. I used Red on three different planes, and was unimpressed by the system's responsiveness. It's a very "heavy touch" touch screen, and doesn't support gesture. Navigating the TV schedule was baffling. The TV system didn't show more than a couple channels on the two commercial flights I took, showing a technical error screen from Dish TV instead. The selection of music was good, along with the ability to create a playlist, but the sluggish interaction coupled with touch responsiveness made it a chore.
Several Red features will require Internet connectivity, and it was interesting that they listed those options (like email and chat) with a "not yet available" label, to pique interest. In every arm rest is a tethered two-sided controller: a keyboard on one side and buttons for the entertainment system on the other. The keyboard makes chat and other features possible, especially as Internet access is rolled out.
Virgin America doesn't take cash, which is fascinating and makes a lot of sense. Every Red screen and every controller can handle a credit card swipe. You order drinks and food from the Red system, paying for them with the card. Once Internet access is in place, it looks like you'll be able to set up an account with Virgin, and simply login and charge movies, premium TV shows, food, drink, and even Internet access to that account.
This is a first for yours truly--Wi-Fi from a commercial flight: I'm blogging from somewhere above 10,000 feet on Virgin America's press event flight to kick off its commercial launch of Internet in-flight Internet service. The flight is littered with e-celebrities and a few real ones (a couple of the great ensemble from 30 Rock are here). We're flying over the ocean. And the Gogo Internet service from Aircell seems to be working just fine. I've Twittered, I've IM'd, and I'm about to post this blog entry. (Success! Updated later.)
There are about 130-odd people aboard, and I should apparently recognize lots of people, but I am so unhip, as Douglas Adams once wrote, that it's a wonder my bum doesn't fall off. I was able to talk briefly with Dave Cush, the head of Virgin America, who is very keen on having this rolled out, and at some length with Jack Blumenstein, the head of Aircell. (I did a in-flight air-to-ground interview with Blumenstein for BoingBoingTV which I'll link to when my fine friends there have the segment edited and up.)
The service works as one might expect: Aircell has had months to troubleshoot problems via the American pilot, and we're flying right around San Francisco, so nothing unpredictable in the middle part of the country. In a quick test using Qwest's bandwidth tester, I was able to get 700 Kbps downstream--while there were 100 other people using the service, too.
This wasn't a commercial flight (it was technically a charter), but it was on a regular Virgin America Airbus 320 using Aircell's ground network. Some material was broadcast live from the plane to YouTube Live, which was hosting a simultaneous event on the ground at Fort Mason in San Francisco.
This is the first time I've used Internet service on a commercial plane. Back a few years ago, I was on a Connexion by Boeing press flight that used ground stations for the flight instead of the production satellite servers.
Virgin isn't the first domestic airline to launch Internet service; American Airlines has a pilot with 15 planes that have been in the air on cross country routes for nearly three months. But Virgin is poised to be the first airline to launch Wi-Fi fleet wide. Delta has made a commitment--and they have several hundred planes in the U.S.--but hasn't gotten its first bird launched with service. Alaska, Southwest, and JetBlue have various plans that seem to have been pushed into 2009.
(Photo courtesy Virgin America. I'm the guy in an oatmeal sweater holding a white MacBook up. Disclosure for clarity: I paid my own way to San Francisco for the event.)
Startup VoIP provider DeFi makes big claims, but delivers worldwide calling from a smartphone for $40 or $50 per month: DeFi has a very stripped down business model designed to appeal to a specific, but large class of traveler. They make software that's currently available for Nokia S60 phones (E and N series), and later this year for the iPhone, that acts as a kind of VoIP shunt for calling behavior. When you place a call, the software determines whether you're on a Wi-Fi network, and routes the call out that way; if not, it goes to cell. It also routes inbound calls, and can ring your cell phone's number if you're not on a Wi-Fi network and your inbound DeFi number gets a call.
For $40 or $50 per month (1 or 3 inbound phone numbers, respectively, in any of about 30 countries), you get 3,000 minutes (they call it "unlimited") of calling to and from 75 countries. This includes cell lines in Europe, typically a huge extra for most VoIP plans. DeFi said they signed deals directly with carriers, which they say most VoIP providers have not.
Wi-Fi access works at what they say is "1 million" hotspots, but is really Fon plus several tens of thousands of typical hotel, café, and airport venues. Wi-Fi fees are included for VoIP and data in the monthly subscription. DeFi uses Devicescape behind the scenes to handle no-entry authentication to their Wi-Fi footprint.
The integration is the key point DeFi makes about their product, and may be a stumbling block for an iPhone application. The head of DeFi told me that the company wants their service to require no behavioral changes for customers. Of course, users still have to make sure when they're in areas in which a cell call would be expensive that they don't accidentally wander away from a Wi-Fi hotspot. And Apple doesn't currently allow the kind of integration that would be required for call handling and interception, although DeFi said it's having no problems in its development work.
SNCF in France says they'll install Internet service on their entire TGV Est fleet by 2010: We've seen this promise before, so excuse me if I'm a wee bit dubious about the French train operator SNCF's claim that the service will span all their equipment. Despite Internet access over Wi-Fi being available on several train lines in Europe, including multiple lines in the UK, the biggest announcements always seem to fizzle out. The Dutch train operator was supposed to unwire their fleet a couple years ago and backed away, for instance.
SNCF says they'll have for-fee service in 1st and 2nd class areas of TGV Est trains (about 50 of them) by third quarter 2009 in some trains, and full coverage in 2010. These high-speed trains cross borders in all directions.
A free portal will be available for information and entertainment access within a train. Fees for access might cost €5 to €10, which is outrageously high, unless you compare it to the very high costs of Wi-Fi across Europe, where you can pay US$30 or more for 24 hours access in some hotels.
Virgin America has formally announced their in-flight Internet launch and plans: Virgin put out the news a few weeks ago that they'd have a press event flight on 22-November to show off their in-flight Wi-Fi with GoGo (AirCell's branded service). They're now formally noting that service will start for all flyers on a single aircraft 24-November, and expand to their entire fleet by second quarter 2009. Earlier reports indicated the airline would equip about one plane per week, which probably conforms to overnight maintenance schedules for their fairly new planes.
Virgin America goes quite a bit beyond other airlines in the electronic amenity department. They have an advanced seat-back system that includes in-flight chat (currently intra-plane, soon across the fleet as Internet access is added); it's gotten rave reviews. They also have power available at every seat, which is an easy choice to make when you're building planes for today's passengers.
I'll be on the press event flight, covering it for a few publications including this fine site, and will try to blog from the air just for the fun of it. If you can blog from the top of mountain, it seems necessary to do so. (Disclosure: I'm paying for all my expense associated with getting to and from the press event.)
Virgin America is the only airline worldwide that's committed to putting Internet service on all its planes, although it has a fairly small fleet. (Planespotters has the full list of 27, including their names, such as the BoingBoing-plumed Unicorn Chaser.)
For a mainstream media article I'm writing, I'd love to hear the experience of anyone who has used American Airlines' GoGo service, which has been in operational on long-haul 767-200s for the last few months. (Email me at email@example.com.)
Are you noticing that hosted services are starting to disappear? Me, too: I haven't launched a new blog in some time, but was motivated to start up ItDied.com recently after receiving about one email a day about a photo gallery, video service, online storage, or other company or division shutting down. It's not related to Wi-Fi, but if you're tracking what's about to go belly up--or worried that a service that stores your data in their cloud is about to disappear--check 'er out.
Meraki offers wall plug, solar unit, apartment package: Meraki has added two products to its line up. A wall plug ($179) can be screwed into an outlet's center screw hole for theft prevention and stability, perfect for hotels and public venues. The long-awaited solar product is nearly ready, with a 4-December ship date ($749 with no solar panel up to $1,499 with highest-end panel).
Meraki switched battery technology to lithium iron-phosphate during the year-long delay, partly due to an increase in cost and shortage in solar panels. Meraki's also got a new bundle: $5,000 for a set of nodes designed to cover an apartment building.
Over at Ars Technica, I wrote a long recap of the state of municipal Wi-Fi, noting that Meraki seems to be on the winning side of the equation with its start-small approach. A number of municipal wireless projects (not all Wi-Fi) are getting rave reviews. We may be over the hump: applications (purposes as it were) are now driving network building rather than networks seeking reasons to be.
Violet prepares to ship an RFID tag reader, Mir:ror: The new device plugs in via USB to a computer and can read standard RFID tags, as well as new ones offered by the company. Some of Violet's tags look like postage stamps and are adhesive; others, like tiny versions of their Nabaztag/tag bunny. It's weird, but interesting, like all their stuff.
Qualcomm brings in Skyhook's Wi-Fi positioning: Qualcomm becomes the latest GPS giant to add Skyhook Wireless's technology to their platform. The gpsOne system, found in 400 million cell phones, will be enhanced in future versions with an option for Skyhook data to assist and integrate with GPS lookups. Qualcomm's sold so many chipsets due to E911 requirements for location finding.
Boingo adds biggest U.S. ferry system to network: On the heels of acquiring the Opti-Fi set of airport Wi-Fi networks from Parsons and ARINC, Boingo Wireless has purchased Parsons's separate business operating Wi-Fi-based Internet access on the Washington State Ferry (WSF) system. WSF handles 26 million passenger rides per year, which is about half of all U.S. passenger ferry volume. (Just north, British Columbia's ferry system handles slightly more riders.) The announcement is slated for Monday.
Boingo already had a roaming relationship in place with Parsons for ferry use, and thus the purchase doesn't affect users of any of Boingo's monthly subscription plans; subscribers still have access folded in to the company's $8 per month handheld/mobile, $22 per month unlimited North America U.S., and $59 per month global (2,000 minutes) plans.
While neither Parsons nor Boingo released statistics on use, I ride ferry on a regular (not routine) basis, and have found the Wi-Fi relied and widely used. WSF runs two big routes that serve Seattle metro commuters: from Bainbridge Island, which unloads passenger after a half-hour run in downtown Seattle (right near Pioneer Square), and from Kingston, which brings riders also after a half hour into Edmonds where they catch express buses. Those two routes represent half of all WSF passenger trips.
Wi-Fi service is available on the majority of WSF's routes, as well as in terminals and in the car waiting areas. For regular rush hour commuters who drive, they may spend over 2 hours round-trip between waiting and the ferry passage, and far more on bad days.
WSF runs on time, however. This may baffle people used to train, bus, and plane schedules, but it's a thing of wonder to watch the ferry workers cast their lines, tie the boats up, and shepherd hundreds of cars and passengers off and on in a matter of minutes, and then return to the bay or sound for the direction or next stop. I'm not saying the system is a miracle, but it's well-tuned. A notable failure, due to initiative-driven cuts in transportation spending, has led to devastating reductions in service to Port Townsend; its regular boats were found to be irreparable. Replacements haven't yet begun to be built for a variety of reasons.
Port Townsend occupies a significant role in the history of Internet access on the ferry system, however. A small firm, Mobilisa, located in "PT" (the affectionate name town residents use) was able to secure a Department of Transportation no-bid contract to unwire the boats. The line it tested service on was the Port Townsend-Keystone run, and it's where I first encountered the service, when I visited PT to write a New York Times article about commuter Wi-Fi: "Destination Wi-Fi, by Rail, Bus or Boat," 8-July-2004. (Mobilisa has been adept at using earmarks to obtain contracts, the Seattle Times reported in a detailed article on 29-December-2007.)
The service launched for production use in late 2004, and on the Bainbridge route in early 2005. The original contract called for an RFP to be issued, and for Mobilisa to operate the network just briefly--perhaps for a year or so, building out service that another firm would take over. Mobilisa was, I was told, specifically barred from bidding on operating the completed network.
Parsons got the contract in late 2006, and slowly extended service to routes that weren't yet covered. At one point, Parsons seemed to be developing a specialty business in building and operating difficult Internet service networks. That line of business is apparently being shed, however, given that only VIA Rail (operated under the Opti-Fi name) apparently remains in its holdings.
Boingo's original plan was to never operate any physical infrastructure. But the opportunity arose a few years ago for it to buy Concourse Communications, which already managed several major airports' Wi-Fi (and sometimes cellular) networks, and it leapt in with both feet. Boingo now runs vastly more large-scale commuter and business traveler nodes than the next largest operator in the space worldwide.
The in-car Internet system gets reviews: Autonet is packaging a car-oriented router that combines a cell data modem and subscription with a Wi-Fi gateway. The device costs $500 and plans are $30 per month for a measly 1 GB of data or $60 for 5 GB. The higher rate is precisely what you'd pay a carrier directly for such an item with a 2-year contract; Autonet requires just a 1-year commitment. Unlike portable cell routers that come with car-power adapters, Autonet's device is installed in the trunk or back, and is wired into a car's electrical system. Antennas are part of the unit, however.
Edward Baig of USA Today reminded potential buyers that a 3G connection requires a 3G cell network, and traveling in areas with spotty or no 3G coverage could be disappointing. Overall, he's not unhappy with it. He concludes, "Having a rolling hot spot is an appealing, if expensive, service for a lot of families. Just keep your expectations — and those of your kids — in check."
The Wall Street Journal's elder tech statesman Walt Mossberg finds the service too slow for video beyond YouTube snippets, just as Baig does, but seems to agree that for the right person or family, having continuous Internet access is worth the cost.
I haven't tested Autonet, but the router's cost isn't out of line with similar systems: Junxion, acquired recently by Sierra Wireless, sells its devices for $600 to $700 a pop, with discounts for quantity, because they're aimed at corporate road warriors.
But I can't see the benefit of getting a box with a sealed 3G card permanently installed in your car. For those who might find the Autonet a reasonable choice, the Kyocera KR2 ($220) coupled with the 3G EVDO card of your choice--including tethered handsets. The KR2 is portable, cheaper, and more flexible. The disadvantage is having to use a car-power adapter, an increased likelihood of theft if left in the car, and a unit that's not designed to be as rugged.
First, it was the poles; then the performance; then the lawsuit: Now, the settlement. The city of St. Louis Park, Minn., wanted to build a city-owned Wi-Fi network that would cope with the problems of its dense canopy. They chose a vendor, unfortunately, that had never built a network using the technology that the vendor chose to use.
The network required 16-foot tall poles that were originally rather unsightly. And 400 poles would be needed city wide. Citizens were revolted and did revolt; a new design for the poles reduced their ugliness, one can see from photos, but the network--solar powered to boot--never achieved the performance required under the contract, the city said.
Last December, the city moved to terminate its contract and later filed a lawsuit. The settlement signed by Arinc and approved by the city a few days ago calls from Arinc to pay $1m, and grant ownership of about 8 miles of fiber run by Arinc along with related gear. The city will be responsible for the estimated $150,000 cost to remove the equipment from poles and take the poles down, but the Wi-Fi nodes and solar panels go back to Arinc. (Which will sell them on eBay, most likely.)
Arinc claimed at various times that it had performed the tasks for which it was contracted, and that interference was beyond its control. Given that there's an incredibly successful network nearby in Minneapolis that appears to have suffered from few or none of the problems in St. Louis Park, it's hard to credit that. (Minneapolis paid nothing for the network, but is paying $1.25m a year for 10 years for services.)
St. Louis Park is thus left without a network, with at least hundreds of thousands of dollars in hard costs and staff time that lacks recompense (as the settlement covers only expenses after the network started to be built), and with a bunch of fiber they say they have no particular plan for.
Starbucks U.S. operations have launched its Gold card, a paid membership with Wi-Fi included: The Starbucks Gold card was in testing for some time in Seattle--the outlet near my office has had a Gold logo in the window for months, I believe--but it's now unleashed for general consumption. The card costs $25 per year, and includes two hours of continuous Wi-Fi access each day; the firm's stored value card offers Wi-Fi for 30 days following a purchase or adding value.
Gold has a bunch of frequent sipper benefits: a free drink when you purchase the membership, followed by 10 percent discounts on most stuff you buy (drinks, food, merchandise, hard goods), a free beverage on your birthday each year, and other discounts and deals that will be announced during the year.
I suppose the logic is that for someone who spends over $175 per year at Starbucks would likely make up the difference (10% of $175 plus a couple free drinks should top $25). It's possible I spend that much, even though I only have casual interest in their shops, because of frequenting them in strange towns, enjoying their sandwiches (not their roasts), and airport purchases.
Update: Contrary to the plain text with no footnote on the Gold sign-up site--"Free Wi-Fi access for up to 2 hours each day in participating Starbucks stores"--Starbucks contacted me to clarify that Gold card holders must also make a purchase or add value every 30 days to have continuous access to the Wi-Fi offer.
Houston, we have a problem: While the city reports its Wi-Fi-connected parking meters work great doubling as Wi-Fi hotspots downtown, their much-ballyhooed "bubbles" efforts to unwire housing projects seems to have narrowed in scope. The headline on the story in the Houston Chronicle, in which yours truly is quoted, is perfect: "Houston's Plan for Wi-Fi Bubbles Has Burst." The city now plans to use Wi-Fi only to connect up community centers rather than bring service to residents. As far as I and the reporter I spoke to for this story could figure out, the networks will be running as password-protected clouds that only computers in central locations will be able to access. I have no idea why anyone would think this is a good idea. Bringing Internet access to libraries, schools, and community centers is a perfectly marvelous idea, but in low-income neighborhoods, the notion of putting free or affordable Internet access in the home, paired with programs to offer inexpensive or free refurbished computers along with training, is to deal with the commensurate problem that kids can work from their homes instead of being out on the mean streets. In many neighborhoods that are both poor and high crime, parents keep their children in to avoid trouble. Thus, community centers aren't the logical way to ensure greater access and bridge the digital divide. These efforts should be trying to bring access parity across income levels to match the ecumenical availability of information to rich and poor.
Freakonomics notices funny network names: A Dutch cafe using a service from a company called They displays messages via network names (SSIDs) that remind freeloaders to buy something: BuyAnotherCupYouCheapskate. I confess to finding this story amusing, but not above the threshold to share, until the New York Times's Freakonomics blog picked it up. That's partly because even though the cafe is in the Netherlands, all the messages are in English. Are Brits and Americans the only freeloaders. They, the company, not an inchoate group of people, told me that they use a technique to change the text display name of the SSID, while the underlying network identifier remains the same. This keeps customers from being booted off even as messages are dynamically rotated.
WEP in 24,000 packets: I forgot to mention in all the hubbub about the WPA flaw discovered by two German researchers last week that they also combined a variety of WEP-cracking techniques to reduce the number of packets necessary to extract a key. The fellows from two technical universities examined and improved previously known algorithms and code for extracting a WEP key, and optimized the process.
Erik Tews and Martin Beck's paper, Practical Attacks against WEP and WPA (now available for download), walks through how they re-examined and combined processing attacks. But the takeaway is that WEP, already known to be very broken is, well, very very very broken. Previous attacks, per their analysis, required from 32,000 to 40,000 packets to be processed to gain a 50-percent likelihood of key recovery. They moved that down to about 24,000.
WEP is still widely used in certain quarters, by home users who don't care about security but simply are setting up a no trespassing sign (which is enforceable by law in many states and countries now); by those who know no better; and by retailers who use systems that are either expensive to upgrade or must be replaced to stop using WEP.
Retailers who accept credit cards may not deploy new systems with WEP starting 1-April-2009, and must discontinue all use of WEP by 30-June-2010 according to new guidelines set by the credit industry giants.
The open-license 3.65 GHz band could be a great opportunity for startups: The band is available in a good hunk of the U.S. under a licensing regime that allows anyone to obtain a license, and providers in the same geographic areas have to work to coordinate among themselves. Redline Communications and the extremely sharp Monica Paolini of Senza Fili Consulting are offering a free 45-minute Webinar (Web-based seminar) on 12-November at 11 am PST/2 pm EST on the topic. Redline is one of several firms offering 3.65 GHz gear.
Meru further virtualizes virtual SSIDs: This might seem a little technical, but it's fascinating. Enterprise Wi-Fi maker Meru says they've developed virtual ports, that allows each Wi-Fi connection to act as if there's a separate AP controlling it. This has been used for quite a while to create virtual SSIDs: unique network names fed by a single access point. Meru says their approach centralizes the virtual SSIDs (which use BSSIDs, the underlying network address for a Wi-Fi access point), allowing roaming without the adapter appearing to change its network association. That goes one level beyond current roaming. The connection is essentially virtualized to be independent of the access point. With a unique per-user virtual WLAN, Meru says that they can optimize a connection, including throttling and provisioning to provide guaranteed bandwidth and priority.
Boingo Wireless acquires Opt-Fi Networks and its 25 airports: Boingo already operates 30 airports (mostly in North America) as part of its Concourse Communications networks. The purchase of Opti-Fi from its owners, Parsons and ARINC, means they cover 43 percent of "passenger enplanements" (i.e., the count of people getting on a plane, even counting transfers) in the U.S.
Opti-Fi runs smaller airports, such as Edmonton, El Paso, and Buffalo Niagara, but you add those together, and you still get millions of yearly passengers. Opti-Fi was already part of Boingo's network, so the acquisition means Boingo will derive more revenue from keeping sessions in house, as well as be able to use portals at the new airports to acquire more customers. It also increases Boingo's leverage with other WiFi networks in the U.S. and worldwide.
Under the Opti-Fi brand, Parsons also powers VIA Rail of Canada's train-based Internet service. Separately from Opti-Fi, Parsons provides Wi-Fi across the Washington State Ferry system, which handles about 50 percent of all ferry passenger trips in the U.S.--some tens of million of trips per year. (In fact, two runs alone account for 25 percent of all U.S. rider trips.) Neither project was mentioned in today's announcement. Odd, huh?
Oakland goes free: FreeFi has added the Oakland International Airport to its existing service in Denver. The company says that its deal with Denver, nearly a year old, has meant more income for the airport, even as the service went free. FreeFi sells ads and offers digital movie downloads in Denver. It said daily unique users nearly septupled after switching from from fee to free. The service filters Web content, which has drawn some criticism from David Byrne and BoingBoing.
WPA isn't as broken as reported: If you read the coverage early this week on two German researchers' paper on a vulnerability in Temporal Key Integrity Protocol (TKIP), the weaker of two encryption and integrity algorithms in the Wi-Fi Protected Access (WPA) certified standard (and part of the underlying 802.11i protocol), you'd think that TKIP was broken. It's not.
As I wrote Friday, don't panic, but do pay attention. I'm posting about this again just to be clear.
The flaw that was discovered does not allow a WPA-protected network's key to be recovered. It does allow short packets (network data quanta) used typically for network identification purposes to have their encryption keystream recovered: that's the overlay of per-packet encryption derived from a key that two Wi-Fi components use to protect information sent to one another.
With a recovered keystream, a single packet of the same length can be sent back into the network (using another flaw) to fool a client (but not an access point).
That's not to say that WPA keys (both the weaker TKIP and strong AES-CCMP) cannot be recovered. That's just not part of this weakness.
As was theorized back in 2003, in an article Robert Moskowitz allow me to post on my site, choosing a weak passphrase could lead to a key that can be cracked through brute force. Moskowitz was part of the IEEE 802.11i security task group, and he knew of what he spoke.
His advice? For effective security, choose a passphrase that's at least 20 characters long and contains no words found in dictionaries of any language.
Substituting 3 for e and 0 for o isn't a good choice, by the way: Brute-force attackers build dictionaries with common substitutions. Changing "camel back liposuction" to "!cmale bc@@k lippppo___!!sction" would make much more sense. Anyway, which among us manually enters a passphrase more than once per client?
Within a couple of years, effective brute-force methods appeared that could crack shorts keys that used only words found in dictionaries. There are pre-computed dictionaries that combine the SSID (network name) and billions of short key combinations. (The network name is used as an element in creating the key, but "linksys" and other default network names are often unchanged by users. Apple names its networks by default with part of the base station identifier, making a brute-force crack probably a million, maybe a billion times harder.)
ElcomSoft recently updated their "key recovery software" to use the graphical processing unit (GPU) in modern computers, which the company said in press releases--they haven't gotten back to a request I made for a briefing weeks ago--could improve key cracking by a factor of 100. Their software is also distributed, so you could conceivably put 1,000 computers on the task.
How does Elcomsoft's breakthrough affect the 2003 advice on passphrases? Security experts I've talked to, including Erik Tews, the co-author of the paper on the new WPA flaw, said that 20 characters should still require such a vast amount of time even with all the horsepower that one could throw at it, that there's no risk.
If there were a risk, you could increase a passphrase to 22 characters in length, and suddenly push the time to crack out by another factor of 100 (more or less; dissenting opinions welcome).
Average users can bypass all this by buying Wi-Fi gear that uses Wi-Fi Protection Setup (WPS), which uses for its source material a passphrase longer than the 20-character minimum, and employs excellent methods of securely exchanging key material over the untrusted network.
Of course, as I discovered when reviewing the excellent Linksys WRT610N (concurrent dual-band 802.11n router) for Macworld magazine, there's surprisingly no precise standard for WPS interface implementation. That is, the Wi-Fi Alliance defines the way in which WPS works on a protocol level, but not how the details are presented to a user.
Apple has two methods neither of which match up correctly with Linksys's three or four methods (depending on how you count). It's frustrating. Apple never responded to a comment about the mismatch; Linksys said they're looking in how to improve compatibility in future releases.
Wayport acquisition by AT&T makes me go whoompf: Yesterday's announcement that AT&T would purchase hotspot operator Wayport for $275m in cash gave me pause for reflection. I started covering the Wi-Fi field in late 2000, spurred by testing Apple's AirPort system, which, despite being on the market for a year, I was quite dubious about. It worked well, and it led me to find that Wi-Fi was being deployed as an amenity. I hopped on the story, and wrote a very early feature for The New York Times about public-space Wi-Fi in airports, cafes, and elsewhere. (See The Web, Without Wires, Wherever, 22-Feb-2001.)
Of the firms mentioned in the article, several disappeared within a year. And later startups like Cometa had big runs up and then giant flameouts. (I run down the failures as well as some other details of the Wayport deal at Ars Technica.)
Wayport may have survived and thrived due to two moves. First, the operator was an early partner with Boingo, renegotiating its contracts with venues to allow the pricing model of wholesale aggregation resale to work. On a panel at 802.11 Planet after Boingo launched, if I recall correctly, Wi-Fi veteran Phil Belanger (then at Wayport) explained that contracts with its venues needed to be renegotiated, but it was worth it to increase volume of use.
Wayport was right. Firms that resisted reasonable resale pricing or availability seem to have all gone by the wayside. The latest of these was T-Mobile, which had very restrictive roaming/resale agreements, and was replaced at Starbucks by AT&T, which has expansive agreements.
The other element was Wayport grabbing the McDonald's contract through the use of a still-innovative pricing model. Instead of reselling sessions at McDonald's to aggregators or others, Wayport offered only a flat rate based on the piece of the McDonald's network that a reseller sliced. It had hoped to get cable systems interested as a competitive tool against 2.5G networks and other telecom advantages. It didn't happen.
But the Wi-Fi World model, as it called the program at launch, proved the right approach for consumer electronics and gaming firms, like Nintendo for its Wi-Fi-enabled DS system, ZipIt Wireless for its instant-messaging handheld for teens, and Eye-Fi for the geotagging Explore model of its Wi-Fi memory card.
Wayport also was able to snag AT&T as a resale partner early on; AT&T was providing backhaul to many stores, and wound up buying access to resell to some of its customers. That later expanded into Wayport becoming AT&T's managed services provider, and AT&T slowly but dramatically expanding cheap ($1.99 per month) and then free access to its base Wi-Fi network to a large portion of its wireline, fiber, business, and smartphone customers.
I'd say Wi-Fi World paid off as an approach.
Some might ask where this puts Boingo in relation to AT&T. Since Boingo is an aggregator, the advantage of which is to take many disparate networks and repackage them for resale at a predictable and reasonable price, why would you need Boingo when you can get 20,000 U.S. locations at no cost (if you're a qualifying AT&T subscriber) or as part of AT&T's own aggregated worldwide network of 80,000 locations ($20 per month for non-subscribers; $10 per month for those who qualify for free service)?
I checked with Boingo yesterday, and it has about 24,000 U.S. locations in its network. So...that's nearly 85 percent AT&T when the Wayport acquisition closes. But don't worry about Boingo. The company has a trump card: Airports.
Its acquisition a few years ago of Concourse Communications gave them the golden ticket: Boingo controls Wi-Fi access in most major airports in North America. AT&T and T-Mobile each have a handful that they operate, but Boingo has the big plums. Boingo operates the big NY/NJ airports (EWR, JFK, LGA), Detroit, Minneapolis, Chicago (ORD and Midway), and on and on. The firm has 24 airports, most of them biggies, across the U.S.
Boingo told me some time ago that the Concourse acquisition was partly for revenue, partly for marketing, and partly for strategy. With airports in hand, it has better bargaining power with networks onto which it wants its users to roam, including outside the U.S.
If AT&T were to try to push to hard as the new Wayport owner with 85 percent of Boingo's domestic footprint, Boingo has the counterbalance of the critical airports that AT&T's business travelers want--and increasingly consumer and leisure travelers as those categories of passenger carry mobile devices that rely on a Wi-Fi network for their sole or best performance. (Think iPod Touch as well as iPhone.)
The end of Wayport spells the end of a long period in which many hotspot operators were in play. Now it's AT&T and a number of much smaller firms--T-Mobile will still have perhaps 3,000 locations--and company-operated networks, like Panera, run through in-house divisions or through managed services.
The flaw in WPA is minor but important, and won't affect home users or most networks (yet): I spoke yesterday to Eric Tews, one of the co-authors of a paper covering a WPA flaw that he'll present next week in Japan at PacSec, a security conference. Tews and his collaborator Martin Beck, who discovered and tested the flaw, found that it's possible to use weaknesses that remain in WPA's TKIP encryption type (the weaker of two available in WPA2) to decrypt certain data.
I wrote about this at great technical length at Ars Technica--see Battered, But Not Broken--but let me provide the high-level summary here.
The flaw is not a generic crack: it doesn't allow a WPA key to be recovered, nor does it work on all data passing the network. The flaw only affects packets encrypted using the TKIP system, which is a backwards-compatible upgrade to 802.11's original WEP system. It's also only possible at this point to recover the original text for short packets--those with predictable contents that are quite short. And it requires the use of 802.11e, the Quality of Service (QoS) standard that prioritizes voice and streaming data above that of normal data to provide voice quality and avoid video and audio stuttering.
With the Tews/Beck technique, short packets with mostly predictable content can be cracked through first applying a WEP-style crack that gets an attacker most of the way there, and then using a very slow method of determining the value of the remaining unknown bytes. This allows the keystream--the cryptographic overlay used to encrypt data as it flows, not the network key itself--to be recovered and used to "replay" arbitrary data, such as a changed packet. While TKIP includes replay protection, the graduate students found that the QoS queues would let them replay the same keystream, sidestepping this protection. (Their flaw discovery is very very clever, combining the use of three interrelated protocols' weaknesses.)
The solution for the flaw at present is to use AES, an encryption option that's part of WPA2 (and 802.11i, the underlying standard). If your network comprises all WPA2 devices, which nearly all equipment sold starting in 2003 is capable of, then you can opt to set routers to use just the AES type. For home networks or small offices, this would mean choose WPA2-PSK or WPA2 Personal in most cases. (While Windows lets you choose to identify a WPA2 key as TKIP or AES, the router is what controls which algorithms are acceptable.)
And because the crack potentially allows only the injection of changed packets for very specific network stuff, it's likely that you'd never see this used against a home network because there's very little you could do with such a flaw. On a corporate network, someone might try to redirect traffic through certain kinds of short forged messages, and that could be a problem.
However, corporate networks should be using robust enough equipment that the keys used for network communication are frequently swapped out, which disrupts this crack; and corporations may already have standardized on WPA2's AES, which is immune to any attack of this kind.
In the end, you should be wary, but not freaked out. Switching to AES has a price: older computers won't be able to join your network. But in 2008, the odds are increasingly low that anyone concerned about security would have a Wi-Fi adapter so old that it couldn't use WPA2.
It's always in threes: Three big pieces of Wi-Fi news today, folks, and I'll post more information as I have it.
Wayport is being purchased for $275m by AT&T: This is a purely logical move, because Wayport not only has 10,000 McDonald's that they operate the Wi-Fi service for under a direct contract and resell to AT&T for the telecom's customers, but Wayport is also the managed services provider--the outsourced company--that handles AT&T's "internal" Wi-Fi network of Starbucks, Barnes & Noble, and other locations. The deal is cost conservation, bringing outsourced expense inhouse. With the close of the deal, AT&T's Basic footprint--free to its broadband, laptop 3G, iPhone, and some BlackBerry users--expands from 17,000 U.S. to 20,000 U.S. locations, sweeping in premium hotels and other locations.
Is TKIP dead, already? A report in advance of the PacSec conference from IDG News Service says that researchers have found a non-brute-force method of sending data to a Wi-Fi client that it accepts was transmitted by an access point. I've gotten more information than the IDG reporter, and the attack works only on small packets and only with the weaker TKIP key type that's part of WPA and WPA2. The stronger AES key method isn't vulnerable. This isn't a generic vulnerability, and is likely to be of concern only to corporate users.
Virgin America has press flight set for 22-November: I'll be on the plane if all goes well. The promotional flight of the one Wi-Fi equipped craft will be followed each week by an additional plane being unwired with the whole fleet set for Internet access by Q2 2009.
Clearwire, Sprint venture to be called New Clearwire: Along with FCC approval and the new name, New Clearwire has to build out 37,000 cells and raise money in a difficult climate--although they already have commitments from Google, Intel, and others.
Wi-Fi chipset sales will top $3b in 2008: So says ABI Research, which has a good track record on analysis and estimation. This number does not include anything but Wi-Fi chips and a few associated components; the sales figures for assembled cards and access points would have to be at least an order of magnitude higher. ABI says chip sales in 2006 were $1b and $2b in 2007.
Meraki offers 1 sq mi of Wi-Fi for 10 grand: The mesh-networking equipment vendor has a special deal for cities: $10,000 buys all the equipment and service needed to cover 1 sq mi, and includes a 60-day money-back guarantee.
Because we didn't have enough on our minds on election day, the FCC met and made three relatively massive decisions: Let's start with white spaces. I have been avoiding posting too much about the topic, because it's mindbendingly boring to the average reader or businessperson who is more interested in technology or developments when they happen, not when they're discussed ad nauseum. The gist of the white spaces proposal is that computer industry giants want television channels that are unused in specific markets to provide assurance of a lack of interference among adjacent channels.
Microsoft, Google, Intel, HP, and many others covet the space to use for high-speed wireless networking for broadband and wireless LANs. Over short distances, rates rival 802.11n Wi-Fi speeds; over longer distances, speeds will likely be closer to 10 Mbps. The expectation is that the frequencies, way down in the 54 to 698 MHz range, would have enormously superior propagation characteristics when coupled with higher power limits than Wi-Fi's 2.4 GHz or 5 GHz deployments. With adaptive scanning required to avoid stepping on licensed users, the white spaces technology would likely be much more resilient than Wi-Fi, too, as well as having a larger span of channels on which to choose to operate.
The National Association of Broadcasters, representing owners of TV stations and networks, protested that regardless of how well designed devices were to avoid interfering with TV signals, it was inevitable that they would. Dolly Parton surprisingly entered the fray--nearly a la Wi-Fi patron Hedy Lamarr--on behalf of the wireless microphone industry, which has a licensed low-power use for theater and performance.
The FCC voted 5-0 to move forward. Manufacturers would still be going through tightly controlled FCC certification and testing for their devices, and one imagines the NAB will be watching very closely as well.
The FCC also voted 5-0 to approve a WiMax merger/spinoff that allows Sprint Nextel to reorganize its Xohm broadband operation into a new firm that would be merged with Clearwire's assets and be named Clearwire. The new operation already has billions lined up from Google, Intel, and cable operators to invest. The Justice Department already gave its general go-ahead, too.
This move sets the stage for a real battle among all broadband providers: it will force AT&T and Verizon to move quite aggressively to use the new 700 MHz bandwidth they acquired (and plan to deploy GSM-based LTE over, even though LTE is still officially in the lab, not in production); and for wireline provides like AT&T and Verizon, as well as Comcast, Cablevision, Qwest, and all the rest, to rethink pricing, speed, and services that Clearwire enters. If WiMax pans out as a viable third or even fourth pipe into the home, other broadband options in the same markets will be cheaper and faster.
Finally, in the least-interesting part of the news, the FCC voted to approve, with Dems partially dissenting--procedural thing, it appears--to allow Alltel to be acquired by Verizon to create the biggest U.S. cell carrier. Alltel was the largest of the smaller carriers, as it were, providing service in areas that the major carriers often overlooked. The Alltel acquisition is partially an infrastructure play that reduces Verizon's roaming costs while expanding its customer base.
Ultrawideband's future as personal area networking technology seems dim: With leading UWB chipmaker WiQuest going out of business last week, with very few devices on the market two years after UWB was supposed to have its big introduction, and with apparent little interest in that changing, it's hard to see how UWB winds up in printers, cameras, laptops, desktops, and hard drives. It's not that UWB will disappear (likely): the technology has other uses, some niche, and some as mainstream as being one of the options for wireless high-definition streaming as an HDMI cable replacement.
Alereon, another chipmaker, announced today that it would acquire Certified Wireless USB assets of Stonestreet One, a firm involved in tests of UWB in mobile devices, like smartphones. Alereon's CEO Eric Broockman would like to spin the story, as he writes in his blog, that there's a very long timeframe for most new technology adoption, and that market leaders are rarely the first to capitalize on the advantages.
Right. But with Intel, a leading UWB backer, seemingly having shifted its interests; with a leading UWB chipmaker gone; with just Lenovo and Toshiba offering any kind of UWB option; with no word on any UWB-enabled peripherals going into Christmas; well, I could go on.
Broockman is certainly correct that there's always a shakeout, but I'm surprised how long UWB has been under development without any deep niche adoption. Early flavors of Wi-Fi were in devices sometimes years before standards were ratified. Airgo, for instance, had its MIMO flavor of 802.11 on the market long before competitors, and it was acquired by Qualcomm (disappearing from sight, but not unsuccessfully in terms of the investors' interest or in spreading MIMO as an essentially mandatory element of 802.11n).
I wrote more about this at Ars Technica along with the historical background.