Receive new posts as email.
This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator.
Entire site and all contents except otherwise noted © Copyright 2001-2009 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.
Linux, *BSD, and other Unix variants have lagged in Wi-Fi support due to chip vendor's stated concerns about access to the low-level radio functions on their chips: But a meeting last month in London, the Linux Wireless Summit, apparently has helped move development along. DesktopLinux.com reports that the meeting included Linux kernel developers, and representatives from Broadcom, Devicescape, Intel, MontaVista, and Nokia. The summit is part of an effort to standardize parts of Linux for reduced maintenance and complexity, as well as greater functionality.
The summit's organizer is quoted and paraphrased as stating that the FCC will only certify Wi-Fi devices that have a closed-source component for handling low-level radio settings, such as frequency choice and power levels. I don't know that there's actual evidence as to this fact, and would love to see. That would be an extra-regulatory step for the FCC, as there is no defined required for releasing radios that cannot be modified; the onus is typically on the purchaser who modifies hardware conforming to regulatory limits, and suffering the penalties if they fail to conform.
For instance, worldwide 802.11a equipment can use the 4.9 GHz band in some countries; it's limited to public safety purposes in the US and military uses elsewhere. Using 4.9 GHz in some parts of the world could get you thrown into jail for a long, long time.
It's interesting that these considerations are now being made openly. A couple of years ago, I was provided with some of this reasoning from sources I won't identify, but told that the concerns about the FCC and other regulators couldn't be discussed publicly.
You can read some of this history in a January 2005 post that starts off discussing an Economist article criticizing Atheros and Broadcom.
Fantastic article by Jem Matzan provides the background and specifics on why support for Wi-Fi in open-source, GPL, and free operating systems is so problematic: Matzan has done a superior job in tying together the technical, political, and legal reasons why it's just so darn hard for OS developers outside of major, proprietary, for-fee releases (i.e., Windows and Mac OS X) to obtain the necessary pieces to support any given Wi-Fi device. (Mac OS X is quasi-proprietary: Large parts of the system are dependent on open-source and related software, but Apple keeps many elements of its system private.)
Matzan points out that at the most minimal level, simple permission to redistribute firmware without conditions along with an OS would enable greater support with less effort. Few Wi-Fi equipment makers allow this. Further, direct access to underlying functions would also make integration simpler. Again, few companies allow this.
Going one step further, Matzan attempted to interview every major Wi-Fi adapter manufacturer, including Atheros, Broadcom, Intel, and Marvell, the big four that rewrote the Task Group N direction last year, but received no real information or response; same with Texas Instruments. Atmel, Ralink Technologies, and Realtek were enormously more forthcoming.
Interesting development in the cost structure for mesh-based architecture: The folks at Champaign-Urbana Community Wireless Network (CUWiN) have ported their open-source mesh routing system to the Meraki Mini platform. The port allows the CUWiN software to operate on inexpensive nodes. Meraki hasn't set its release price for its gear, but it's about $50 during beta testing for those to whom it's supplying equipment. This is a nice convergence, as Meraki's codebase is derived from MIT Roofnet, where two of the company's founders come from as well. MIT Roofnet and CUWiN were working in parallel towards similar aims.
I interviewed two of Meraki's founders in a podcast last week, in which we talked, in part, about the commoditization of node equipment. For instance, RoamAD down in New Zealand transformed its business a bit ago into selling its software and management platform; its code runs on commodity Wi-Fi gear that can cost 1/10 to 1/100 of metro-scale vendors who sell complete hardware and software solutions integrated together.
The GPL-licensed, free wicrawl provides an array of tools for poking at a Wi-Fi network and seeing what's vulnerable: The tool can be used for good and evil, of course, but I see a lot of good in it. It comes with a number of modules for prodding a network to see what's exposed. For instance, it can passively monitor traffic in an environment and determine SSID names on closed networks, in which the AP sends no beacon with the network name. However, a station that wants to join the network and knows the SSID does, in fact, send that information in the clear. Closed networks are invulnerable to attack only while no one is connecting to them, in other words.
wicrawl is designed around a plug-in architecture so that it can be extended to have modules for particular purposes, like using nmap to chart traffic patterns and usage, or aircrack to penetrate weak encryption keys. Corporations spend quite large sums for tools that allow them to probe for these kinds of weaknesses; wicrawl could wind up being a tool of choice (as it develops) for smaller firms that want to have the same ability.
Of course, the dark side of this tool is that it will be an even-more-automated method of penetrating weak networks through a comprehensive approach that looks like it could go far beyond tools like Kismet. The existence of these tools should continue to signal vigilance by those who run networks, and reinforces my point about using at least WPA Personal on every non-intentionally-open network.
A Champaign-Urbana-based group gets $500K from the National Science Foundation: The Champaign-Urbana Community Wireless Network (CuWIN) group in conjunction with the University of Urbana-Champaign (UIUC) will use the grant to continue to develop their open-source mesh routing protocol system over the three-year life of the grant. The group wants to produce software that creates self-configuring, self-healing mesh networks with advanced properties that would allow clusters of nodes in which some cannot hear all others can still function with a high degree of reliability.
The new firmware can be installed over the VxWorks operating system found in the Linksys WRT54G version 5 router: This router caused some irritation among those who wanted to use it with modified firmware that worked in version 4 and earlier, which relied on embedded Linux and contained double the volatile and flash memory. Linksys says it shaved costs on memory because the Linux they used couldn't be shrunk enough. (For more on this, see this very long set of comments on a thread I started after having reproducible, continuous problems with two newer Linksys devices that use VxWorks.)
Linksys did recognize the interest among the open-source and community wireless movement, and added the WRT54GL to its line-up, which is essentially the WRT54G v4--and which sells for about $20 more than the v4 and v5.
This latest wrinkle allows a non-reversible installation of a very compact version of the DD-WRT distribution. However, this is clearly a step along the road to more functionality. Making code smaller is always tricky because it often means stepping down below high-level programming languages to optimize inefficient libraries, which in turn requires much more testing and is harder to debug. (Take it from a guy who cut his teeth on 6502 machine language.)
Boingo Wireless becomes the latest firm to use open source to bypass licensing complexity for partners: When you hear open source, you think about software that has broad interest for either horizontal (think Firefox) or vertical (think Gimp) communities. Many well-known open-source projects involve hundreds of regular developers, some who are employees of firms like HP and IBM, and thousands of occasional projects. Boingo Wireless's open-source release of the Boingo Embedded Wi-Fi Toolkit has little to do with that group, although the principles are shared. (Read the press releases: Open Source, Partner Approval, E28 Ports Toolkit.)
In an interview, Boingo president and chief executive David Hagan explained that they wanted to put their authentication software out into a broader community of use to spread experience with their code base for companies that might want to partner with Boingo. "We're not looking for the college student in his room who is coding at midnight," Hagan said.
But their release of the toolkit doesn't prevent that college student from using the codebase. The toolkit includes Boingo's bag of tricks for detecting, connecting, and authenticating onto intentionally public hotspots. This represents hard-won knowledge spanning five years of the firm working on preventing their users from ever seeing a logon screen beyond their own. The first version of the toolkit supports Linux, BREW, Windows Mobile 2003, and Windows Mobile 5.
Releasing the toolkit allows any company or individual who wants to have hotspot features to adapt Boingo's software. Hagan notes that for the gaming, handset, and consumer electronics industries, there's enormous fragmentation on embedded software platforms. "For us to try to port our code and sell and license on code on every potential platform, we'd need a zillion engineers and a zillion business development," Hagan said.
The toolkit could be experimented by an in-house development team, and then, later, business-development folks could sign an agreement to sell access to Boingo's aggregated network. The software works fine without reselling hotspots, but that's the big value that's baked in.
Another advantage of the open-source route, Hagan said, is that cell handset makers and cell carriers don't like to be locked in. With an open-source approach, there's no exclusivity or control involved. "If it's truly an open platform, they won't feel locked in at all," Hagan said. The toolkit supports over-the-air provisioning, which allows a carrier to set up or reconfigure the software without requiring a visit to a carrier office or an Internet connection.
Hagan expects that one use of the toolkit would be to allow unlicensed mobile access (UMA), in which a dual-mode cell phone switches to Wi-Fi either automatically or by a user's request. Hagan notes that MVNOs (mobile virtual network operators) who buy their minutes from carriers like Verizon and Sprint and resell them to their customers have enormous motivation to migrate talking minutes from this purchased cell airtime to much less expensive Wi-Fi time. MVNOs might choose to switch to Wi-Fi whenever an authenticated network is available, while a more traditional carrier might provide that as a simple option for users.
This open-source effort for detection and connection coupled with Devicescape's similarly focused open-source release of its Wi-Fi authentication and encryption package could produce enormously better hotspot support in completely open projects with no connection to for-fee hotspots and in commercial projects that currently lack the finesse, exhaustiveness, or ease of either Boingo or Devicescape's packages.
Boingo is dual licensing its code based. In the open-source version, the application layer is licensed under Apache 2.0 terms, in which republishing of modifications is encouraged; the Wi-Fi toolkit is covered by the Lesser GPL, which requires republishing of modifications; and the Platform Abstraction Layer (the part that talks to devices) is under Apache 2.0's license. The commercial license allows all part of that stack to remain closed. The open-source version, because it doesn't require publishing changes to the interface layer and driver layer allows those to be kept private, too.
The embedded-software developer with a long history provides its expertise for integration with the Linux operating system: Devicescape has been developing stacks--the protocol implementations--for Wi-Fi for years for embedded devices, which includes equipment from major manufacturers like Palm and Gateway. They've contributed their proprietary software for the purpose of eventual integration with the main Linux kernel development tree. Their software includes the latest and greatest Wi-Fi properties, such as quality of service (QoS) via WMM (a Wi-Fi Alliance version of part of the IEEE 802.11e standard) and WPA security, and incorporates long-running projects for software host-based access points. There's great coverage at Linux Devices of this announcement.
Part of their motivation is to make it easier for developers who use Linux to integrate Wi-Fi into their projects. Their release allows programmers to write a thin layer of integration to the Devicescape API. There's apparently full Atheros support (via their own abstraction layer) and Broadcom support.
Where's the profit motive in this? The company can obviously still be a consultant, developer, and support operation for Linux customers, as well as providing an alternate license for developing software for folks who want a closed approach, and Windows CE and Windows Mobile developers.
Devicescape also said they're pushing out an update to its commercial software that will make securing networks easier using technology that's part of an effort in progress at the Wi-Fi Alliance called Easy Access that will tie together initiatives from multiple chipmakers and manufacturers.
Interesting development that open-source Wi-Fi gateway firmware project incorporates Sputnik software: The Sputnik Agent allows a gateway to be managed by Sputnik's central aggregation software. The DD-WRT project has gained props both from its extensive installed base in Germany, as well as Fon using it as the base on which they will develop their grassroots hotspot company.
Broadcom has declined so far to provide any non-licensed access to its Wi-Fi chips: A project that has been working to reverse engineer access using legal means has released its first working drivers for Broadcom 4300 series chips. The project requires the use of the SoftMAC software as well to compile working drivers within Linux. The first successful use was documented in email Dec. 4 to the developer's mailing sent from a PowerBook running Linux with the project's drivers installed.
Atheros has allowed a third party to create a layer between the low-level functions of its chips and high-level drivers. The madwifi Hardware Abstraction Layer (HAL) prevents developers from having access to most of the radio functionality, which would might allow use of frequencies that aren't legal in particular countries, use of encodings that aren't allowed, and other regulatory problems.
The Economist magazine ran an article early this year critiquing the timidity of Atheros and Broadcom, noting that "if the firms are really worried, they could release most of the interface, keeping back those features that are legally sensitive." Neither Atheros nor Broadcom speak much publicly about this matter. [Link via Jim Thompson]
The press release avoids the word "hack," but Sputnik isn't working with Linksys, just its routers: The Linksys WRT54G is one of the bestselling routers in the world, and its firmware uses software that comes with a variety of open-source and free software licensing requirements for publishing changes. Thus, there are many projects which hack the Linksys, turning its inexpensive hardware into powerful components of larger systems, like mesh networks. (Switched WLAN is more difficult as Linksys uses Broadcom chips, which do not have open-source but only binary distributions.)
By using a commodity AP, which has always been Sputnik's plan, they allow powerful centralized network management and monitoring through their applications, and that's where they insert value and extract revenue. The AP cost becomes so low that's its efficient to deploy more of them since management time and expense doesn't grow per AP.
Sputnik's Agent software works on the Linksys WRT54G and WRT54GS. Read the press release.
Atheros has taken its simplified scheme to set encryption keys into the open-source world: JumpStart lets multiple devices obtain a WPA encryption key of sufficient length and complexity to defeat crackers without that key being re-entered on each machine. Instead a secure key exchange is signed by a short password that can be used.
JumpStart solves a well-documented problem of weak passphrase choice in WPA in which a short, not very complicated, but perfectly legal passphrase (like "spaghetti") is used to derive the WPA master key. In JumpStart, a complex key is secured using Diffie-Hellman in such a way that a very simple password protects the transaction in a very strongly encrypted fashion. This allows compensation for the WPA key choice problem.
Atheros is putting JumpStart into open-source development but reserving its trademark to those that apply and pass interoperability testing. Atheros already allows limited access to its Wi-Fi chips through the independent madwifi project. I can only think that the results of allowing that openness make them think that an open-source project was a valid approach.
One highly useful part of open source is that the licensing is much simpler. There's still a copyright license and terms, but they're part of the package you obtain. You don't have to put legal time and money into signing contracts with every party. Everyone accepts the same license agreement.
Update: The project is hosted at jumpstart-wireless.sourceforge.net and is now live.