Receive new posts as email.
This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator. Part of the FM Tech advertising network.
Entire site and all contents except otherwise noted © Copyright 2001-2011 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.
Tech reporter Dwight Silverman writes from Europe of the lack of easily found free Wi-Fi: If you look hard enough in continental Europe, you can find Wi-Fi that you don't have to pay for, but it's far more of a struggle than in the US, where free Wi-Fi has flipped over in the last year or so to being a free amenity.
He didn't quite have a comedy of errors, but Dwight found that staying connected took a lot more effort, time, and money in Germany than in his travels around the US. He notes he could have dropped into McDonald's and Starbucks for some free Wi-Fi, but what's the point of going abroad to patronize businesses you have at home?
I was unaware it was illegal there: I haven't seen anything but machine translation of the original article, but TechDirt provides the detail that the normally open and sane Finns criminalized open Wi-Fi networks after a theft of money that had barely anything to do with open Wi-Fi and everything to do with normal insider embezzlement.
The Justice Ministry is working on a change in rules to allow open Wi-Fi networks without penalty, as there's been little enforcement, and it's just an ugly law.
Does that mean public Wi-Fi without a WEP or WPA key has been unavailable in Finland all this time?
Russian operator switches to LTE: Yota, a Russian telecom operator, had committed to WiMax, and has 500,000 subscribers in five Russian cities. It's switching to LTE for new deployments in 15 cities, and will migrate subscribers to LTE in existing WiMax-deployed locations.
Monica Paolini, the principal at Senza Fili, wrote that this wasn't unexpected, but the timing was sooner than anticipated. She points to an interview with Kommersant in which Yota's head says that LTE as a technology choice has more to do with a somewhat faster technology, and switching to a multi-vendor approach.
This announcement comes not long after Clearwire said that it would consider LTE in the future, a statement it reiterated today.
WiMax may turn out to be an interim technology, deployed because of particular advantages of timing, along with flexibility in encoding, channel widths, and bands. It's too early to say whether it's headed for the bin.
By the 2012 Olympics, Boris Johnson pledges full outdoor Wi-Fi network: The Wifi London project, about which I have heard nothing before today, will result in "every lamppost and every bus stop" having Wi-Fi nearby. Twenty-two London boroughs have signed on to the plan that would rely on existing poles to provide power and lighting.
Excuse my knowing laugh. From the dozens upon dozens of municipal networks that I followed over years, the biggest problem was getting power to poles. In some cities, like St. Louis, this proved impossible because lights were controlled for time of day through large master switches; there was no 24-hour power at the pole. In other cities, poles had ancient wiring, or were incapable of having additional juice pulled. In a very few cases, poles were available in most places with enough power. Very very few cases.
Google says it's inadvertently been recording packets from unsecured Wi-Fi networks while sniffing for publicly available information: Remember how Google said its scans of Wi-Fi networks while carrying out Street View photography were innocuous? Remember how I defended the practice, and said nothing in what Google was doing was different or more personally invasive than Skyhook Wireless or others? Oops.
Google now reveals that it's discovered code written in 2006 as the basis of its Wi-Fi scanning system in Street View contains a portion that samples data on networks that aren't secured, presumably as a tool for statistical analysis of what people are doing. That's a no-no in 2006 and today, and may result in fines and consent agreements.
Google might have caused themselves lasting harm. I can believe this was unintentional; the company is, frankly, sloppy about managing its projects. The firm said it has 600 GB of such data, mostly fragmentary as the Street View vehicles are in constant motion. Given the petabytes of Street View imagery, that's also plausible that it didn't notice the 600 GB of other data collected over years.
Street View was taken off the road briefly, and the company has said it won't be scanning for Wi-Fi temporarily as it assesses what's happened. I wouldn't be surprised if the firm is pressured into agreeing to not gather Wi-Fi info at all in the future by various countries, or possibly worldwide. That's good news for Skyhook Wireless, as it would be the only worldwide purveyor of such information.
I don't feel too foolish about my previous posts, because I was discussing the publicly available information that Wi-Fi networks announce from access points. The privacy concerns raised have to do with how such information could be associated with private information (Google searches, email, and other elements). I have to say that Google's accident makes that kind of association far more reasonable to raise, intentional or not.
Update: The German privacy commissioner has responded angrily.
The head of Electronic Frontiers Australia is making ridiculous statements about Wi-Fi positioning: Google is being excoriated now in Australia for failing to disclose that it is scanning public Wi-Fi network signals while driving for Street View image captures and mapping. The electronic privacy advocacy group EFA's vice-chair Geordie Guy is way off base in his technical statements about this matter.
As a refugee from Google Buzz and someone who deleted his Facebook account permanently (or so I hope) several weeks ago, I have no truck with the notion that corporations gathering and collating information about me will use it appropriately. Buzz was proof of that. Buzz was a betrayal of Gmail users.
But there's a sky-is-falling attitude here about Wi-Fi signal scanning that needs to be fought back against, because it's simply wrong. There is no sensible way for Google to associate specific Wi-Fi networks with specific queries or individuals because the Wi-Fi network scan simply doesn't contain information that's sent out as part of a query to Google. (I'd be terrified if it did, however.)
As I wrote on 23 April 2010, Google--like Skyhook Wireless, which is mentioned in this Australian article--only scans publicly available passively scannable data.
EFA's Guy says, Google is "collecting data that could enable it to physically map that information to a physical street and presumably a physical house." I categorically reject that. The Wi-Fi network name and BSSID (the unique MAC address assigned to a Wi-Fi access point) aren't associated with data that's sent over a browser. Google can't determine the gateway IP address or a public IP address from a Wi-Fi router signal, nor do browser queries contain that information.
If you're using Google's extensions for geolocation--which is part of the latest release of its Chrome browser--Google could conceivably take the Wi-Fi information your browser provides as part of geolocation data and associate it with queries...but it's already doing that. If you let Google look up your location, well, they have your location now, don't they?
Guy goes on to ask technically inaccurate questions that weaken his valid privacy concerns. "Google talks about wireless routers at home but what about the printers, computers, mobile phones and other devices that might be sending out wireless information?" Those devices don't send out beaconing information. On unsecured networks, you could sniff that data, which is likely illegal to do in most developed nations, including the United States, Europe, and Australia. I don't suspect Google is pulling that information down. On secured networks, that information isn't actually available even to sniffers.
Guy also says the EFA is unaware of similar efforts. He apparently wasn't previously aware of Skyhook Wireless, which has been driving all Australia for a few years, along with a good hunk of the rest of the world. Guy excuses this by stating that Skyhook doesn't have cached search information against which to correlate scans, but I've already explained why that's not a valid concern in the form stated.
He goes on (this guy doesn't stop) to explain incorrectly what a MAC address is: "A MAC address on a home wireless connection or any other piece of electronics that uses Wi-Fi is a serial number, it's unique." Sure, but since when does a serial number get you anything about a product or a device?
Guy says, speciously, "If Google rang you up...and asked you to read out a serial number of your mobile phone, what would you say? I'd tell them its none of their business. If I saw them on the street with binoculars trying to read it, I'd close the curtains."
Right. And the strawman here? The Wi-Fi router address that's being publicly broadcast is like the street number on your house, not the serial number on your mobile phone.
A more sensible response is in the article from Australia's privacy commissioner. And might I say, bravo, Oz, for having such a commissioner. "From a privacy perspective, our preliminary inquiries have indicated that the information about Wi-Fi data that Google is collecting would not be considered personal information under the Privacy Act," said Karen Curtis. Right.
If you don't want your Wi-Fi router's public data that doesn't identify you personally scanned, don't use Wi-Fi or set your network to "closed," which prevents the kind of passive scanning from being performed by Google et al. If you use Wi-Fi, it uses public unlicensed airwaves, and the notion that some data might be leaked is just part of the rules of the game.
You're not obliged to use Wi-Fi, Guy.
Trustive has released a fascinating worldwide connectivity plan that charges per MB for 3G and per minute for Wi-Fi: I've seen variants of this before, but I believe Trustive has the only service with this scope.
It works this way: you sign up for €99, which includes a €54 credit for service and a Trustive SIM card. If you don't have an unlocked USB 3G modem, Trustive offers one for €150. There's a €15 shipping fee, too. Trustive confirmed that shipping covers international transit.
With that in hand, you can connect to Wi-Fi and 3G network in over 70 countries (Trustive provides a list). All Wi-Fi access is billed at 9 euro cents (€0.09) per minute, with no minimum, regardless of data transferred.
3G use is tiered: Zone A countries, which include the United States, most European nations, India, and China (but not Canada or Mexico), cost €1.50 per MB. Zone B countries are a whopping €15 per MB.
Trustive has some bugs to work out in its explanation, however. The USA, Canada and other countries appear in both Zone A and Zone B lists with no explanation. And there are typos and some confusing information around the site.
The prices are extraordinarily steep, but in the universe of international roaming, may appear perfectly reasonable.
Fascinating report says high-power Wi-Fi adapter bundled with network key cracker: Owen Fletcher reports from China for the IDG News Service that kits are being sold for easy cracking of WEP/WPA-protected networks. Fletcher apparently bought one for about US$24 (¥165) at a bazaar, including setup help. The kit is a CD-ROM with software, a six-inch antenna and Wi-Fi adapter, and a live boot CD.
While WEP is easily cracked, sometimes in seconds, WPA requires a large precomputed set of keys in the terabytes. The reporter cracked a 40-bit WEP key ("sugar") in an hour, which is quite a while. That implies that the router had only strong initialization vectors and other improvements in WEP that typically only forestall cracking by minutes. (With weak IVs, a subset of the counters used to create separate keying material for each packet, an older or unpatched router's key could be broken in 30 seconds to about 5 minutes.)
IDG News Service reports that Apple has a version of the iPhone with China's WAPI security method on the road to release: Owen Fletcher at IDG News Service writes that China's spectrum regulator lists an iPhone with GSM-flavored 3G (used by Unicom) and Wi-Fi with WAPI alongside other encryption method.
The WAPI method is a proprietary measure for authentication used in China, with most of the spec secret, and controlled by a consortium of firms with strong ties to Chinese government. In order to use WAPI in the past, an outside firm would have to partner with one of this consortium, which could lead to the leak of intellectual property, as has happened in the past. China has cracked down on some aspects of IP theft and unauthorized manufacturing, but it's still a rampant problem.
While the inside details of WAPI are unknown, I have long stated that it must contain backdoors to allow easy monitoring by government officials, because that's simply how things work in China.
Google's global privacy counsel provides a detailed explanation about what data Street View gathers, including Wi-Fi signal information: As I wrote about last week, Germany's data privacy commissioner raised an alarm at Google scanning and recording data about Wi-Fi networks as it drives around snapping Street View pictures. The commissioner is off base in stating that publicly identifiable information is being grabbed, but perhaps it's better that a privacy czar errs on the side of the public at times.
Google's corporate counterpart to that commissioner, Peter Fleischer, penned a blog entry in which he explains in excruciating detail precisely what data is being collected in what fashion.
He writes, in response to the ersatz question, "Is it, as the German DPA states, illegal to collect WiFi network information?":
We do not believe it is illegal--this is all publicly broadcast information which is accessible to anyone with a WiFi-enabled device. Companies like Skyhook have been collecting this data cross Europe for longer than Google, as well as organizations like the German Fraunhofer Institute."
He does not note that Wi-Fi intentionally publicly broadcasts technical information for adapters to use to join the networks. Network users who don't want this information broadcast can disable beaconing (making it a "closed" network), or stop using Wi-Fi, or--to reduce range--even drop signal strength on many routers, or, in the 5 GHz band in some countries, choose a lower-numbered channel that uses far less signal strength than higher-numbered channels.
Boingo introduces UK plan with unlimited in-empire use: Boingo clearly has a pretty good grasp of costs in North America, where you can get unlimited use for $10 per month, but has always had to keep a firmer grip on international roaming. Its Boingo Global plan costs $59/mo with 2,000 included minutes, a revision back in late 2008 from a previous $39/mo and 3,000 minute offer. But it apparently has enough interest from UK customers to have an entirely new offering there.
The Boingo UK plan is £15/mo for unmetered access to over 5,000 UK hotspots, and £0.09 or £0.13 per minute for access across the rest of Boingo's aggregated hotspot network worldwide.
Boingo now operates service at six major UK airports, with an additional deal at London Gatwick announced today. This gives them the local leverage for roaming with partners to make the finances work, I'm sure. Boingo operates dozens of airport Wi-Fi networks across North America.
The Cloud has a competing, less-expensive offer: £10/mo for multiple devices with one account, or £7/mo for a single device. But The Cloud has about 3,500 locations, all of which are aggregated into Boingo's network.
Skype is promoting its Skype Access pay-per-minute Wi-Fi option by making it free this weekend: From the start 20 March (0000 GMT) to the end of 21 March (2359 GMT), you can use Skype Access to access 100,000 hotspots worldwide at no cost. The service, available since last July, must just have left beta testing, even though it was unclear to me that it wasn't a released service.
Skype Access uses Skype software to handle a Wi-Fi login transaction, and normally costs (including Luxembourg's VAT) US$0.22, Cdn$0.26, €0.16 per minute; fees are debited from the Skype Credit in your account. Skype itself is a free download and free to use for Skype-to-Skype IM, file transfer, audio chat, and video chat.
That's expensive in the U.S., where you can pay $10/mo for unlimited Boingo Wireless service at the same or more locations, and where $8 to $12 is the most you'd pay for 24 hours (the equivalent of about 30 to 60 minutes at Skype's per-minute rate).
However, elsewhere in the world, being able to get 10 minutes of Wi-Fi for a couple bucks might seem much more appealing without having a service plan or paying ludicrous European hotel prices, which can be $20 to $40 per night.
A full list of supported hotspots networks is available.
A UK law under consideration and much reviled by privacy advocates would make independent Wi-Fi hotspots legally indefensible: The Digital Economy Bill is a particularly odious piece of legislation that attempts to enforce copyright by requiring ISPs to keep records and disconnect customers who engage in such acts.
This puts the government in the business of taking people off the Internet by enforcing actions for what would otherwise be civil violations, previously needing to be proved in court. Now, something approximating an assertion and a few letters could cause an ISP that doesn't respond appropriately to face huge fines and other troubles. A similar law in France was initially struck down as unconstitutional, but was modified lightly before being approved.
The reason for these laws is to keep media industries from engaging in publicity-adverse lawsuits against individuals, such as those the RIAA (Recording Industry Association of America) led against college students, children, and dead people before sputtering out and moving to this approach.
The not-quite-unintentional consequence of the UK law would, according to advice provided by an arm of the government, put undue burden on hotspots, libraries, and academic institutions. The law requires that most parties be either subscribers (end users) or ISPs; ISPs primarily provide access, and subscribers use it, although there are some fine points. In either case, copyright holders can notify ISPs of violations who are required to notify subscribers. After a small number of violations, the subscriber can be disconnected from any Internet service for some period of time.
If someone downloads an allegedly pirated video over a library, university, or hotspot could force that institution off line if it failed to meet specific notification terms; it's unclear how a hotspot could restrict a banned user without imposing high bars for access, whether free or fee. Larger operations could have login and credit-card verification requirements--used mostly as a way to block people instead of allow them.
Danny O'Brien of the Electronic Frontier Foundation previously raised this concern on 2 December 2009 in a post to the EFF's site: "The repeated demand by the entertainment industry that intermediaries should police their networks has been expanded by the bill to include the subscribers on the edge of the network. If you're not an ISP, but other people use your network to get their net access — if you run an open Wi-Fi spot, for instance, like the British Library — you'll now be vulnerable to being terminated or constrained by the actions of those users."
None of these efforts, of course, deters privacy. As Cory Doctorow, a UK resident and editor of BoingBoing, wrote about this issue:
"The Digital Economy Bill is being sold to us on the grounds that copyright infringement harms the British economy because of the importance of our entertainment industry. But while the measures in the DEB won't stop copyright infringement (copying isn't going to slow down -- as computers and the technology they enable gets cheaper and more widely distributed, copying will continue to speed up, just as it has done since the dawn of the computer industry), they will harm British business and British families, by making the Internet generally less useful and more difficult and more expensive for honest people to use."
In the US, we don't have such a law underway--as far as I'm aware--but media firms have struck deals with some ISPs (and some ISPs have refused) to engage in the same sort of behavior without government involvement.
A pub in the UK that's part of The Cloud's network has been hit with £8,000 illegal download fine: ZDNet UK reports on some fragmentary information that a UK pub was hit with a fine in a civil case this last summer of £8,000 due to copyrighted material that was pirated over the pub's Wi-Fi network. The pieces don't entirely add up: it was a civil, not a criminal prosecution; UK law, like the US, seemingly should be exempt as a provider of service; and we don't know which pub nor what content. If the pub itself were downloading movies and making them available, then the fine would make some sort of sense.
Ruckus Wireless launches outdoor infrastructure for wireless broadband: Ruckus must like what Meraki has been up to, as the wireless firm has launched its own ecosystem for inexpensive, Wi-Fi based wireless broadband. The company has some remarkable international commitments to use the technology.
From where I sit, Wi-Fi-based broadband is a developing world and also-ran approach where either cellular or WiMax equipment isn't available or is too expensive. Wi-Fi emerged in the mid-oughties (2004-2007) as an option because it was an interim measure: a way to get faster speeds than cellular and often than most of the installed wireline broadband before those technologies had matured.
With an LTE and WiMax roadmap in the US and LTE in Europe, along with widely available WiMax gear for the quasi-licensed 3.5 GHz band in the US (for generally secondary markets), and vastly improved cable, DSL, and fiber rates across a good hunk of the installed broadband base, it's hard to see how broadband Wi-Fi carves out a niche where it can be cheaper, better, and ubiquitous.
However, there are 5 billion people in markets in which that's not going to be the case, and all research shows that those folks are heavy metered mobile data consumers where they can afford it. Layering broadband Wi-Fi on a best effort ability into areas where there's no reasonable or well-priced second choice could be a winning strategy.
It was earlier rumored that any iPhone releases in China would lack Wi-Fi; that's turned out to be true: I wrote back on 15 July 2009, in addressing what was a rumor at the time, why Apple couldn't release a Wi-Fi-enabled iPhone in China, because Apple would have to include WAPI, a proprietary government-backed non-disclosed Wi-Fi security spec. To use WAPI, non-Chinese firms have to partner with one of several in-country companies that are controlled by the military or government or both.
The AP notes, "Unicom's iPhones lack WiFi because it was temporarily banned by Beijing, which was promoting a rival Chinese system, according to BDA. The ban was relaxed in May after manufacturing had begun." That's incorrect. Wi-Fi wasn't banned, rather devices that used Wi-Fi with the internationally supported IEEE security standards that China doesn't like.
I have long maintained that China developed WAPI for two reasons: first, to provide an obvious back channel into encrypted communications that would allow the government to monitor as it desired; second, to provide access to foreign intellectual property by requiring companies to work with a local partner.
Widespread rumors say that Apple's release of an iPhone in China will strip out Wi-Fi. Why? I've already received emails from colleagues and reporters on this, and was even cited in a Slashdot story that I had nothing to do with because of my previous comments about WAPI, a Chinese-controlled proprietary security standard.
Why would Apple strip out Wi-Fi, which is the heart of the ubiquitous-access iPhone, which seamlessly moves among 2G, 2.5G, 3G, and Wi-Fi? It can't be cost. The Wi-Fi components are a few bucks of the total, and the engineering is already done. Removing Wi-Fi could cost more initially than including it. (For all I know, Apple will include the chip and disable functionality in firmware.)
The overt explanation appears to be that the Chinese government, which has highly intertwined interests with major corporations, wants to protect call revenue from VoIP. An iPhone with Wi-Fi could be used with a VoIP app like Skype, or, if restricted, could be jailbroken and used with VoIP programs over both Wi-Fi and 2G/3G systems. (China is far behind on 3G deployment due to years of conflict over homegrown standards and those used internationally.)
What's likely another contributing factor is that there's no way in the lord's little green valley that Steve Jobs and Apple will incorporate the WAPI spec into an iPhone. China tried to get WAPI made into an ISO standard, but was rejected because of the fundamental problem that the China Broadband Wireless IP Standard Group (the representative at ISO at the time) won't actually publish the full standard, and none of the cryptographic part. (You can read more that I've written about WAPI over the years.)
As long-time readers of this site know, I don't buy into security through obscurity. Nor do any credible security researchers that I know or follow. There's a good reason for this. Working in isolation is a great way to leave vectors for exploitation that exposure to light finds. But that's not really what's at work with WAPI.
WAPI is controlled by a number of companies that are controlled by and/or have investments in them by the military and government. This is typical in China, in which private firms aren't quite private. The military have extensive, separate investments and ownership separate from the main government, too.
A closed spec tied to firms tied to the government and military means only one thing: WAPI has backdoors designed to allow authorities to tap into datastreams when they please. The 802.11i spec as labeled WPA and WPA2 have no known backdoors nor vulnerabilities that would allow this. (There's one TKIP vulnerability for inserting a small number of short packets in particular circumstances that doesn't allow key recovery.)
The reason Apple won't buy into this, is that any company outside China that wants to conform to WAPI in order to release products with Wi-Fi--I'm unclear whether it's a strict requirement now, as that's come and gone--must partner with a Chinese firm which maintains control. As all firms outside China know, if you reveal your intellectual property to a Chinese firm, a few months or a year later, that firm now makes your product or incorporates your IP, and IP rights in China are extremely poorly enforced. Especially when a government or military controlled firm has just lifted your property.
By removing Wi-Fi, Apple gets to avoid a whole army of mess. The Chinese government gets to snoop on its easily monitored cell networks and maintain additional control--and preserve profit margins, too.
Venice, Italy, installs Wi-Fi free for those who live and work there, and for-fee for visitors: The city of canals has launched one of the largest outdoor Wi-Fi networks in continental Europe. (The UK has a number of outdoor networks that may be as large.) The network is free for residents, and in September will be opened at no cost to people who work or study in the city. Also in September, visitors can pay €5 per day for access, although advance-purchase discounted passes are also available as part of a visitors' program.
Fabio Zambelli has an extensive photo gallery (and coverage in Italian) at setteB.it.
Service initially covers downtown, the Lido, and public parks in Mestre. Additional islands and parks will be added by the fall.
The Australian wing of McDonald's is wrestling with the price of free: The company started offering free Wi-Fi to all comers--no purchase required--last November, and has exceed 1m user sessions since then, CeBIT09 reports, with 300K sessions in the month since installing free service in a majority of its outlets. Users spend an average of 35 minutes, instead of the 10 that a diner dwells. Usage is capped at 50 MB per session, but isn't limited by time.
McDonald's in the U.S. charges for service, although offers some promotions. AT&T, which operates the U.S. McDonald's locations as part of its AT&T WiFi hotspot network, includes free access to Mickey D and over 7,000 other hotspots to the telecom giant's broadband, iPhone, and many BlackBerry subscribers.
In Australia, the long dwell time is leading the company to think about variations, such as ghettoized Wi-Fi seating. The company might offer greater session bandwidth for a fee.
I regularly read accounts of a coffeeshop or chain changing Wi-Fi usage policies or adding purchase or other requirements because they feel that paying customers are walking in and out because they can't find seating, or low turnover results in the wrong atmosphere for the location.
I first wrote in detail about what seemed to me some kind of gap between one-off anecdotes and a minor trend four years ago (Victrola Cafe here in Seattle). Since then, I haven't seen an acceleration, just a regular ticking over of owners or managers of venues that get tired of behavior or dwell time.
It's fascinating how you can have cafes, especially, in the same part of town in which one cafe finds Wi-Fi users nearly intolerable and another who finds it critical for business.
More than a year after Starbucks swapped out T-Mobile for AT&T as its Wi-Fi provider at U.S. locations, the coffee retailer opts for BT in the UK and Ireland: BT will fold about 650 hotspots into its OpenZone footprint, but, even better, it will also fold those locations into its roaming deals with aggregators like iPass and Boingo. All BT broadband customers will gain access as will O2 cell subscribers with iPhones.