Email Delivery

Receive new posts as email.

Email address

Syndicate this site

RSS | Atom


About This Site
Contact Us
Privacy Policy


November 2010
Sun Mon Tues Wed Thurs Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        

Stories by Category

Basics :: Basics
Casting :: Casting Listen In Podcasts Videocasts
Culture :: Culture Hacking
Deals :: Deals
Future :: Future
Hardware :: Hardware Adapters Appliances Chips Consumer Electronics Gaming Home Entertainment Music Photography Video Gadgets Mesh Monitoring and Testing PDAs Phones Smartphones
Industry :: Industry Conferences Financial Free Health Legal Research Vendor analysis
International :: International
Media :: Media Locally cached Streaming
Metro-Scale Networks :: Metro-Scale Networks Community Networking Municipal
Network Types :: Network Types Broadband Wireless Cellular 2.5G and 3G 4G Power Line Satellite
News :: News Mainstream Media
Politics :: Politics Regulation Sock Puppets
Schedules :: Schedules
Security :: Security 802.1X
Site Specific :: Site Specific Administrative Detail April Fool's Blogging Book review Cluelessness Guest Commentary History Humor Self-Promotion Unique Wee-Fi Who's Hot Today?
Software :: Software Open Source
Spectrum :: Spectrum 60 GHz
Standards :: Standards 802.11a 802.11ac 802.11ad 802.11e 802.11g 802.11n 802.20 Bluetooth MIMO UWB WiGig WiMAX ZigBee
Transportation and Lodging :: Transportation and Lodging Air Travel Aquatic Commuting Hotels Rails
Unclassified :: Unclassified
Vertical Markets :: Vertical Markets Academia Enterprise WLAN Switches Home Hot Spot Aggregators Hot Spot Advertising Road Warrior Roaming Libraries Location Medical Public Safety Residential Rural SOHO Small-Medium Sized Business Universities Utilities wISP
Voice :: Voice


November 2010 | October 2010 | September 2010 | August 2010 | July 2010 | June 2010 | May 2010 | April 2010 | March 2010 | February 2010 | January 2010 | December 2009 | November 2009 | October 2009 | September 2009 | August 2009 | July 2009 | June 2009 | May 2009 | April 2009 | March 2009 | February 2009 | January 2009 | December 2008 | November 2008 | October 2008 | September 2008 | August 2008 | July 2008 | June 2008 | May 2008 | April 2008 | March 2008 | February 2008 | January 2008 | December 2007 | November 2007 | October 2007 | September 2007 | August 2007 | July 2007 | June 2007 | May 2007 | April 2007 | March 2007 | February 2007 | January 2007 | December 2006 | November 2006 | October 2006 | September 2006 | August 2006 | July 2006 | June 2006 | May 2006 | April 2006 | March 2006 | February 2006 | January 2006 | December 2005 | November 2005 | October 2005 | September 2005 | August 2005 | July 2005 | June 2005 | May 2005 | April 2005 | March 2005 | February 2005 | January 2005 | December 2004 | November 2004 | October 2004 | September 2004 | August 2004 | July 2004 | June 2004 | May 2004 | April 2004 | March 2004 | February 2004 | January 2004 | December 2003 | November 2003 | October 2003 | September 2003 | August 2003 | July 2003 | June 2003 | May 2003 | April 2003 | March 2003 | February 2003 | January 2003 | December 2002 | November 2002 | October 2002 | September 2002 | August 2002 | July 2002 | June 2002 | May 2002 | April 2002 | March 2002 | February 2002 | January 2002 | December 2001 | November 2001 | October 2001 | September 2001 | August 2001 | July 2001 | June 2001 | May 2001 | April 2001 |

Recent Entries

Wee-Fi: Short Items for March 30
MetroFi Changing Its Model? Not Quite
Wee-Fi: Short Items for March 29
Metro Round-Up: Moorhead (Minn.), Tri-Cities (Ill.), San Marcos (Tex.)
Yahoo Megabounce for Email-Based Readers of This Site
Airport Access Gets Its Own Community Site
T-Mobile Launches LAX, ONT Airport Wi-Fi
Wee-Fi: Short Items for March 28
Bluetooth 2.1: Simpler, Longer Lived
Wee-Fi: Short Items for March 26

Site Philosophy

This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator. Part of the FM Tech advertising network.


Entire site and all contents except otherwise noted © Copyright 2001-2010 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.

Powered by
Movable Type

March 2007 Archives

March 30, 2007

Wee-Fi: Short Items for March 30

By Glenn Fleishman

Portland's network gets failing grade: Not exactly a report card, Personal Telco examined the first stages of MetroFi's Portland, Ore., build out and found 50 percent coverage with 500 feet of an access point in the areas they tested rather than 90 percent. Portland has hired Uptown Services to perform its own independent tests. Portland's go-to guy on Wi-Fi said that if the network doesn't meet the stated goals, "it would have to be remedied." This isn't the first network of this sort that MetroFi has built, but it's the first network that's both large and has an RFP-mandated coverage requirement for them. MetroFi has a response: "Personal Telco’s own unofficial testing effort is clearly not independent or impartial, and we can only presume that it’s driven by their perception that we are a competitor in their local hotspot deployment project." will issue information request to integrators, vendors: The City of Boston's appointed non-profit for broadband infrastructure buildout plans to release an RFI (request for information) to hear ideas from potential vendors or partners, and interested others.

Nokia N800 table users get free EarthLink metro-scale access: The promotion will last through Jan. 1, 2008. The N800 is also now supported by Devicescape for its entry-free Wi-Fi network login system.

Posted by Glenn Fleishman at 10:05 AM | Permanent Link | Categories: Wee-Fi | 1 Comment

March 29, 2007

MetroFi Changing Its Model? Not Quite

By Glenn Fleishman

MetroFi changes business model? This Illinois paper says that MetroFi is no longer "offering free Wi-Fi to municipalities it has not contracted with already," and that means that the tri-cities of Batavia, Geneva, and St. Charles have to reconsider their metro Wi-Fi plans. I spoke to Adrian van Haaften, MetroFi's vice president of marketing, who explained the paper had gotten some of the details wrong.

MetroFi is now requiring that cities in which it provides free, ad-supported Wi-Fi access to residents and visitors agree to a minimum service buy as part of the contract, van Haaften said. The firm previously had language in the contract that expressed more of a statement of intent that cities would buy wireless services, but didn't require them. "We're making that a stronger part of our RFP requirement," van Haaften said. "We still build the network for free, but there is a requirement that there is a certain amount of services bought by from us by city departments."

This marks part of a change that I've seen as metro-scale Wi-Fi networks move into a more mature build-out phase, especially in smaller towns that have fewer variables, but still contain unknowns. MetroFi's Aurora, Ill., deployment has taken much longer due to issues in sorting out ownership of utility poles, a problem plaguing network buildouts across the US.

Service providers are increasingly likely to need an anchor tenant commitment by municipalities to bid on a project and come to a successful conclusion. Some metropolises, like San Francisco, have been able to leverage their size against making anchor tenant commitments, and, in the process, try to sidestep some of the issues of franchise and exclusivity that go with commitments to purchasing services. Some smaller towns are waking up to this change, seeing few bids for networks that ask private firms to assume too much risk.

Van Haaften said that MetroFi sees the commitments as being expense-neutral to cities, as MetroFi is typically either replacing existing or enhancing existing services, often saving money in the process. He noted that smart parking meters connected via Wi-Fi can pay for their cost by improving fraud protection or replacing more expensive cellular backhaul contracts.

Posted by Glenn Fleishman at 12:25 PM | Permanent Link | Categories: Metro-Scale Networks, Municipal

Wee-Fi: Short Items for March 29

By Glenn Fleishman

Get on the rural Internet bus: Caching useful pages from the Internet allows traveling Internet buses and motorcycles to deliver useful information to remote areas of India, Rwanda, Cambodia, and Paraguay, the BBC reports. This includes cricket scores, Aishwrya Rai photos, and Bollywood tunes in rural India. It also distributes a kind of ecommerce, where orders are placed through online, but not Internet connected systems, which sync up when the vehicles return to a central station. It's the ultimate store-and-forward system.

Sony PlayStation Portable upgrade offers free T-Mobile HotSpot use: The PSP 3.30 firmware allows access to T-Mobile Wi-Fi hotspots at no cost for six months, as long as they log in within a year (deal ends Mar. 28, 2008). A special rate, not yet disclosed, will apply after that.

The detailed attack plan for WPA pre-shared keys: Lisa Phifer brings her usual exhaustive approach to detailing exactly how crackers can break short, dictionary-based pre-shared keys in WPA. It's quite technical, but worth reading. The same takeaway first published on this site over three years ago still applies: choose words not found in dictionaries and make passphrases long; have a strong password generator create a phrase for you; or use WPA/WPA2 Enterprise to avoid the whole mess. Wi-Fi Protected Setup (WPS) will also obviate the problem as it rolls out.

Posted by Glenn Fleishman at 10:34 AM | Permanent Link | Categories: Wee-Fi

Metro Round-Up: Moorhead (Minn.), Tri-Cities (Ill.), San Marcos (Tex.)

By Glenn Fleishman

Trouble in the tiny town with a capital W: Moorhead owns its own Wi-Fi network, and they've had problems getting it to work for residents. With 32,000 residents (in 2000), the city estimates they need more than 10 percent to sign up for service to break even; they're at about 6 or 7 percent now, and the churn rate isn't mentioned . This Minnesota Public Radio story looks at a few residents and their experiences. The moral is that the city relied on recommendations rather than running gear through exhaustive tests themselves, and had to revise their original plans. I'd also say that it sounds like based on performance, node density or line of sight to nodes is a problem, too. Adding more nodes doesn't fix all metro Wi-Fi ills, but we're going to continue to hear a lot about how "we put in too few nodes per square mile for the service we intended to offer."

San Marcos signs contract for network: MetroNetIQ of Austin will work the city to find an infrastructure builder and manage the Wi-Fi rollout. The network will be used for public access and municipal purposes, such as the oft-cited remote meter reading. The city has about 50,000 residents, and 25,000 college students attending Texas State University. The city network will co-exist with a 2 sq mi university Wi-Fi network. Cost is estimated from $2.5m to $5m, and the network will span 25 sq mi. MetroNetIQ has a long blog post about the city and how the network will be developed.

Posted by Glenn Fleishman at 9:31 AM | Permanent Link | Categories: Metro-Scale Networks, Municipal

March 28, 2007

Yahoo Megabounce for Email-Based Readers of This Site

By Glenn Fleishman

This is one of those Dilbert situations: if you read Wi-Fi Networking News via email and you're a Yahoo subscriber anywhere in the world, we have a problem: Okay, so I am aware that I can't notify you very easily that there's a problem when you receive these notes via email. But I just discovered via massive bounces from all Yahoo subscribers to the email version of Wi-Fi Networking News--the daily posts sent individually or as a collected digest each night--that Yahoo is using silent rejection on my email.

(Update: I was contacted by Yahoo, and they said they've tweaked their settings for my email server. Thanks!)

Despite using double opt-in methods of subscription and having received no complaints that I'm aware of from people trying to unsubscribe in the years of running the email distribution list for this site, Yahoo "deferred" every message sent to my double opted-in subscribers, did this for several days, and now has bounced all these messages.

As a matter of good Internet policy, all these subscribers accounts are now in suspension on my site to avoid any concern of sending mail after a mail server has said that the delivery has entirely failed.

Yahoo, like most large Internet companies, has little useful information about how to contact them when this kind of problem happens. If you have ideas (or work with or for Yahoo), let me or them know. In the meantime, I feel like a little part of my world has just disappeared!

Posted by Glenn Fleishman at 12:56 PM | Permanent Link | Categories: Administrative Detail | 4 Comments

Airport Access Gets Its Own Community Site

By Glenn Fleishman

CNet and launches for pooling knowledge about airport access: The site has information about which airports have Wi-Fi and mobile access, how good that service is, and traveler feedback. Mapping and navigation are wired in directly. You can be all jet-set, and enter the three-letter IATA code for an airport, or go new school and type in the name of the airport or its city. The site is in beta, so it's not yet well populated with comments. They'll aggregate ratings and remarks, and allow people to vote on which comments are most useful.

One problem with sites of this kind that accept user feedback is that there's no good scatterplot across time of responses. CNet has opted to show Most Popular (by user voting) and Most Recent comments, but that doesn't tell the whole story. A venue changes over time, and particular events or periods may be marked by good or bad service. There are many variables they're tracking, including electrical outlets (which they call "powerpoints," I expect because of the UK HQ of the site), but there's no way to separate out information in a user-submitted review by the particular qualities being rated.

I have had a dream that I fear I will not realize of creating an airport access site myself, one that would use publicly available maps of airports to allow people to click on points where there were outlets, or even be tied in with a Wi-Fi mapping system--Skyhook Wireless comes to mind--that would work by voting. The more clicks by unique registered users that a power outlet was in a given place, the more likely that outlet existed in that spot. (This kind of voting prevents spurious information and vandalism.) Information would age, so that you would hover over points and know whether a review or a piece of wayfinding information was left yesterday or last year, and whether 100 concurred that there was an outlet in that place, or one person. is a great start, and I hope they see enough traffic (and hence revenue) to drive more sophisticated features that would work in hotels, coffeeshops, and airports, tying in time and geography to pure reviews.

Posted by Glenn Fleishman at 10:24 AM | Permanent Link | Categories: Air Travel, Hot Spot

T-Mobile Launches LAX, ONT Airport Wi-Fi

By Glenn Fleishman

The long-awaited Los Angeles service is live: For years, I have heard people moaning about the lack of LAX Wi-Fi service, and rightly so. SFO seemed to take forever, but San Francisco's service has now been live for years (also run by T-Mobile). The Los Angeles airport contracts were awarded last year, and T-Mobile launched the service today at both Los Angeles International (LAX) and the Ontario (ONT) airports. The LAX service will ultimately cover 3.8m sq ft. It's unclear how much coverage is in place now, because the announcement and other press reports talk about the scope of service in the future tense.

Posted by Glenn Fleishman at 9:39 AM | Permanent Link | Categories: Air Travel, Hot Spot

Wee-Fi: Short Items for March 28

By Glenn Fleishman

Speakeasy acquired by Best Buy: The national ISP--offering dial-up, DSL, and T-1 as a branded Covad and telco reseller--is the only US firm operating nationally to allow (even encourage) sharing any level of broadband connection for free or fee. (Some regional and local ISPs do allow sharing.) The firm assured me via a spokesperson that this policy remains unchanged after the acquisition.

Devicescape updates its device-centric hotspot connection software, service: Adds a software client for Mac OS X, as well as Windows Vista support. Some additional networks are now included. Devicescape lets you log into hot spot networks by maintaining your credentials on their central servers, bypassing gateway pages and other tedious intermediary steps.

Skyhook lands bigger deal with Navteq: Skyhook Wireless will work more broadly with Navteq, one of the world's biggest providers of navigation and mapping software (look at the copyright on almost any online map). Skyhook maps public Wi-Fi signals into a software GPS system. The deal makes it more likely that Skyhook's system would be built into major Internet brands' products.

Skyhook plug-in gets police criticism: A Florida TV station is pairing the Near Me feature for AOL Instant Messenger added through a downloadable plug-in and the potential for predators to find kids. The software, powered by Skyhook Wi-Fi location algorithms, lets you choose to show people in your buddy list where you are (and see where they are). There are levels of intentionality required to enable this feature, but it is, actually, another level of risk that parents and online services need to be aware of. (A kid can, of course, tell someone their street address, too, or be found through many other means.)

Thames-Fi: Punters have had access to Wi-Fi on the River Thames before, but this appears to be a much larger deployment. Global Reach Group, a London service provider, has covered 20 km (12 /12 mi.) of the river from Greenwich in South East London to Milbank in the West, the release says. Service is available to commercial and pleasure boaters and those on other side of the river along the route. Service costs £2.95 per hour up to £9.95 per month. The network uses Proxim gear.

SMC offers hybrid powerline, coax networking adapter: In May, SMC will ship a 200 Mbps hybrid HomePlug AV/coax device. It's a mite-bit confusing, as HomePlug AV doesn't support coax, so this device has some kind of SMC magic that allows it to route among powerline and coax connections. It will retail at $99.

DHL's two faces: Yes, on Wi-Fi; no, on RFID: Two stories appeared coincidentally about the international package carrier DHL. They're combining Wi-Fi with cellular and Bluetooth to make for faster updates in package status; this is catchup with UPS and FedEx, who have had varying degrees of this for years. An unrelated article notes that the firm has abandoned a previous goal of equipping every package with an RFID tag by 2015. But demand for RFID has been weak and costs remain high, as the technology lumbers towards its inevitable future.

Posted by Glenn Fleishman at 7:34 AM | Permanent Link | Categories: Wee-Fi

March 27, 2007

Bluetooth 2.1: Simpler, Longer Lived

By Glenn Fleishman

The Bluetooth SIG unveiled its 2.1 spec today: Ephraim Schwartz of InfoWorld gave a preview 10 days ago, and the wraps were taken off at the cell industry trade show CTIA today. Bluetooth 2.1 makes pairing two devices a snap. Power usage has been taken down several notches, too, allowing five times the battery life for devices that don't send continuous data, such as mice, keyboards, watches, sensors, and "medical devices," the SIG says.

As a 2.1 spec, one hopes that some devices will upgradable to support new pairing. There was no announcement as to whether manufacturers were planning upgrades. Conceivably, most of the changes are at the application layer, and existing silicon could support the process using existing circuits, or by offloading elements to the operating system driver. The lower-power mode sounds like a protocol change that could be handled in a firmware upgrade, except that the devices likely to benefit from it also are likely to have no rewritable memory nor an interface by which to update their firmware.

I haven't seen a demonstration yet, but I'm familiar with the methods by which Bluetooth pairing has been simplified. In the past, pairing two devices meant navigating down several menus or depressing buttons, and then inventing a code on one device and entering it on the other, or finding the code that was embedded in the device by default. It could take as many as 14 steps with some sets of devices to pair them.

The new method is much simpler. You'll push a button on a headless Bluetooth device, and then choose Add Bluetooth Device or a similar simple item from a top-level entry on a phone, computer, or handheld. You're done. If you need security, such as pairing two computers, you'll push one computer into pairing mode, and enter a code that computer generates into an interface on the other machine. And you're done.

And you beat the man-in-the-middle attack. The new system creates a strong passkey, so you don't have to invent a PIN, and the out-of-band display of the passkey on the initiating device allows confirmation of the integrity of the encrypted connection. (Apple had its own version of this with a PIN: when pairing, Mac OS X generates a random PIN you enter in the paired device.)

It's so simple, you wish that they had developed this, say, four years ago. But times change, and ideas evolve. Nobody invented Bluetooth pairing to make life hard. And engineers don't think that 14 well-documented steps are a bar to use.

The new Bluetooth 2.1 methods are rather similar to a couple of modes in Wi-Fi Protected Setup (WPS), with some differences in implementation, but the same ease of use. (I've tested WPS with the new 802.11n AirPort Extreme Base Station and a properly equipped Mac with an N adapter. Lovely, simple, fast--and very secure.)

Bluetooth 2.1 also supports near-field communication (NFC) as an option, where you hold two devices close to each other when engaged in the pairing process. NFC isn't available on a widespread basis yet, but there's a lot of interest in it.

Posted by Glenn Fleishman at 2:20 PM | Permanent Link | Categories: Bluetooth

March 26, 2007

Wee-Fi: Short Items for March 26

By Glenn Fleishman

Spectrum auction heats up: The 700 MHz auction is the "last beachfront property in the wireless world," John Markoff writes in The New York Times. Barring further delays, rules for the auction should be set next month. There's a lot of jockeying in the band among major cell carriers and companies like Google and Yahoo. The tech companies probably won't bid, but they're concerned about the lack of protection for equal access to existing broadband systems. Several proposals in front of the FCC want the auction rejiggered to include more or different kinds of network access rules or public-safety spectrum allotments.

Singapore mooching case sets precedent: The AFP reports that the conviction in Singapore of a youth who had "mooched" Wi-Fi from a neighbor may set a precedent across legal systems. There are specific laws in South Korea or Hong Kong when hacking into a network isn't involved in using it. Another Singapore case involved mooching just a few weeks later: a man was imprisoned and fined for posting a bomb hoax using a neighbor's wireless network.

Las Vegas Strip unwired: Too easy to make jokes, but CWTI has unwired a hunk of the Strip. There's no mention of hotel or city partners, so this appears to be entirely a private and independent effort. Oddly, the company's press release page hasn't been updated since mid-2005.

Itsy-bitsy Wi-Fi chip: NXP will produce a 5 mm square 802.11g chip with all essential features. They're sampling the chip to manufacturers now with driver support for all major embedded operating systems. The smaller, typically the less power required to operate.

Wi-Fi into wine: Grape Networks uses wireless mesh technology to monitor vineyard conditions. The network's battery- and solar-powered nodes can check for a variety of soil and weather conditions. Cost is about $150 per acre with a 100-acre minimum for installation and about $75 per acre for yearly maintenance fees.

Jefferson Parish approves moving forward on Wi-Fi: Next step, RFPs.

Orlando launches Wi-Fi: Free wireless starts up in downtown Orlando. The full nine-square-mile test area will be up and running by July; this article says it was promised for late last year. The firm installing the network changed its hardware vendor midstream.

Daisy chained wireless for rural areas: Intel researchers consider daisy chains of up to 100 km by relying through intermediate antennas to avoid fiber-optic cost. This is the same group that helped install remote diagnostic link-ups in India that enabled eye checkups.

Posted by Glenn Fleishman at 10:51 AM | Permanent Link | Categories: Wee-Fi

March 22, 2007

Wee-Fi: Short Items for Thursday, March 22

By Glenn Fleishman

FCC classifies wireless broadband as information service (PDF): This is to give it regulatory parity and privileges to cable, DSL, and fiber services--all wireline. It's unclear to me whether this gives wireless ISPs and metro-scale service providers better or worse access to pole rights, as I thought telecom services get nondiscriminatory access under the Telecom Act of 1996, but information services are in a different category. Any experts out there?

New York Times has more on FCC chair's disinterest in cell calls in-flight: Seems like chair Martin will cite the technical issue of tower handoffs to keep the ban on in-flight mobile calling, even though the on-board picocell would resolve that, as has been shown in testing. Nonetheless, thank all that is good in the universe.

Mesh placement via Google Earth: Interesting piece at GigaOm about the use of Google Earth in placing and monitoring Wi-Fi mesh networks. Katie Fehrenbacher writes about an Indian network operator that used Google Earth to plan its 20 sq km Strix mesh rollout in Mumbai. SkyPilot and Meraki also make use of the Google mapping software. Google Earth is the scariest and coolest piece of software I've seen since the original Mozilla.

Kissimmee, I'm wireless! The Florida town is adding Wi-Fi to the airport and downtown.

The Dalles (Ore.) issues muni RFP: The city has interesting historic roots due to its placement on the Columbia River. Google recently built a mammoth data center there in the midst of its typical secrecy, which should be anathema to government (sorry, wrong planet), and yet to which local municipalities are catering all over to avoid scotching the deals.

Posted by Glenn Fleishman at 2:40 PM | Permanent Link | Categories: Wee-Fi | 3 Comments

March 21, 2007

FCC To Retain In-Flight Cell Ban, Reports Say

By Glenn Fleishman

USA Today is reporting that FCC chair Kevin Martin won't pursue dropping an in-flight cell phone use ban: The FAA has one set of airworthiness objections that have been working their way through technical advisory committees; the FCC has another set, related to use of the spectrum in air and, frankly, the social issues. The thousands of comments they received on lifting the ban made for amusing reading: in sum, lord no! The paper reports that most of the FCC commissioners support Martin's position. (USA Today got the lead from Communications Daily, they note.)

Aircell's chief Jack Blumenstein is quoted in this article as expressing little concern; Aircell made no bones over the last couple of years that their business was broadband, not mobile phones--unless carriers and passengers wanted it. Major carriers I spoke to last fall, including United and Delta, said their passengers had no interest in it and thus neither did they.

Aircell is in an advantageous situation, because they purchased enough bandwidth at a decent price in the air-to-ground spectrum auction last summer to provide broadband service at a fee that should result in good uptake. The finances are there for that to work. They don't need mobile calling to make their business work.

In Europe and Asia, there's been no similar comprehensive air-to-ground auctions that I'm aware of that would allow an overland offering, and in-flight telecom is limited to expensive satellite service. OnAir's rollout of mobile calling in Europe--at about $2.50 per minute--should see its first connected aircraft any day now. Satellite bandwidth with the system that OnAir, Aeromobile, and others have committed to so far is financially untenable for mass-market in-flight broadband.

Posted by Glenn Fleishman at 9:01 PM | Permanent Link | Categories: Air Travel, Regulation

Skyhook Not Violating Your Privacy, Stealing Sheep, Eating Your Young

By Glenn Fleishman

A bit of backlash emerged from Skyhook Wireless's partnership with AOL: Skyhook has been driving the streets of major cities for years gathering pinpointed signal strength information about Wi-Fi access points. It now has 16m access points recorded in 2,500 cities. This allows it to use a laptop or other device's scan of its surrounding Wi-Fi environment to produce a GPS-like result. They just announced a partnership with AOL that couples their results via a free plug-in for AOL Instant Messenger (AIM) for Windows, that allows you and your buddies to see when you are physically near each other.

Anne P. Mitchell, a greatly respected unsolicited commercial everything fighter, seems to have misinterpreted what Skyhook does: "Skyhook’s trucks have been cruising your street, have identified your home wireless router by its unique code that only your home wifi has - and is correlating it with your location using GPS. And then they put it in a database." Mitchell's posting was picked up at Slashdot and amplified at Computerworld.

I told Mitchell via email that I thought she was looking at this through the wrong end the telescope. Wi-Fi uses a public band. There is no expectation of privacy. It's one reason why I stress that everyone should employ Wi-Fi encryption of some sort or use a virtual private network (VPN) connection to make sure that their locally transferred data isn't sent in the clear. (This is true mostly in urban areas, because proximity to potential crackers and sniffers is the real reason to employ these methods.)

While you can protect your data, you can't protect your base station's identity. That's part of the risk and part of the benefit of using a public band. The BSSID, or unique interface address of the base station, is put out there as public information because it's part of the protocol: Wi-Fi adapters need BSSIDs to identify base stations uniquely. (Spoofing the BSSID is one of the ways that evil twins and other attacks work by fooling your computer into thinking it's connecting to a known network.)

The fact that BSSIDs are spat out with great abandon is why large-scale networks and coffeeshop hotspots work so well: the public space is flooded with information about what's available. The next step is whether what's available is designed for everyone to access or for just the owners of the access point. That requires an attempt at association, and then some kind of authentication if that's enabled. But those next steps involve active attempts at infiltration: they don't rely on passive monitoring of the public space.

The "unique code" that Mitchell refers to is the BSSID, but it only uniquely identifies a piece of hardware that has some temporal existence in your home and business. The correlation in Skyhook's systems is by signal strength and coordinates, not by exact street address. I would suspect that Skyhook could probably connect the BSSID to an actual home in single-family house neighborhoods, but I don't believe that they do, nor have a reason to: databases already exist that map most US residents to their household address, along with details about their income and so forth. What's the benefit of knowing that a given BSSID is matched to a given address? I can't tell, beyond knowing what hardware (Linksys? Beklin? Actiontec?) that someone at that address uses for a Wi-Fi network. Perhaps Linksys would direct mail addresses that used competing access points with coupons?

So they're not really associating your BSSID with your address; they're associating a cluster of BSSIDs by their signal strength with a set of coordinates that represents a given Skyhook truck's position on the street. BSSIDs aren't persistent: they live and die with the life of the particular hardware. When it dies (or is turned off) or a new access point is purchased, the BSSID changes, too. I suspect that hundreds of thousands of BSSIDs disappear or move over the course of a month.

As a public band with no expectation of privacy, there's no way for Skyhook's scanning activities to be taken as an invasion of privacy. When Amazon drove its A9 trucks around cities taking photos of houses and businesses and exactly correlating those with street addresses, I don't recall any outcry about privacy partly because Amazon was using the visible spectrum, publicly available, and public streets. In some countries, both Skyhook and Amazon's activities would probably be illegal, but not for any reason that benefits the public.

Now the partnership with AOL is interesting, because Skyhook and AOL could conceivably associate a BSSID with a particular AIM user at a particular time. That's tricky because the BSSID isn't sent as part of any network communication to higher layers, and it would require AIM to reach down into the network stack (which is possible) and have the computer retrieve the BSSID information, and then AIM could send that along with other instant messaging data. And anyone who downloads the Skyhook plug-in for AIM conceivably wants their location to be known--presumably they're not at home--so they can find their buddies. Perhaps a user ID plus the locations they use would be useful, but AOL can already do that by tracking the IP addresses at which AIM users log in, to a lesser degree of location precision.

There's a related point, which is that Skyhook has no interest in revealing the contents of its database, which represents billions of scans they've performed, as well as scans submitted automatically by their Loki toolbar on individual computers. (The Loki scans help correct and enhance existing information and fill in gaps.) What they sell to partners is the ability to take a reading of all the signals via a Wi-Fi adapter and produce coordinates. Their database is their crown jewel, and one hopes they protect it well.

And anyone with similar resources can reproduce their database. People have been wardriving with GPS receivers for several years, and posting the results into giant databases that are publicly accessible. Skyhook's system does even less and more: they post no information about individual access points, and they provide location information based on a scan, which the wardriving databases don't offer directly.

The takeaway here is that if you use a public band, open to all comers, you can't expect privacy. If you don't like it, you can turn down the signal strength in your router, paint your home's interior with signal-blocking paint, or switch from Wi-Fi to powerline and Ethernet. You could use cell data networks, which are highly private, but the operators know everything about you, and market based on that, anyway.

It's a choice to use Wi-Fi, and it's the same choice we made when entering any public space. People may take our picture, walk up to us and try to talk to us, stare at us--or ignore us.

Posted by Glenn Fleishman at 10:10 AM | Permanent Link | Categories: Home, Location, Security | 4 Comments

March 20, 2007

Metro-Scale Neworks Seem to Have Security Act Together

By Glenn Fleishman

The largest metro-scale Wi-Fi service providers are engaged in safe behavior: Over the last three years, I have heard the bugbear of metro-scale network security raised a number of times. People used to broadband or dial-up connections would fail to take the proper precautions--or be totally unaware of them--and shoot their personal data hither and yon, allowing sniffers and crackers to take advantage of their poor protection. (Update: This article was updated April 11 with new information provided by Kite Networks.)

Of special concern were the link from a user to a nearby Wi-Fi node, and among Wi-Fi nodes that might aggregate hundreds of users' data.

That's a generalized set of fears, and AirDefense, a firm that specializes in providing Wi-Fi monitoring and protection against rogues, crackers, and careless employees, provided me with a more specific list. Richard Rushing, the firm's chief security officer, said that he was concerned that the headlong rush into metro-scale networks without specific security requirements baked into the requests for proposals (RFPs) issued by cities, counties, and other entities might lead to security holes that could be readily exploited.

Rushing said that the edge of the network, the individual Wi-Fi node to which users connect, could be particularly vulnerable to a host of well-known attacks, including DNS (domain name system) poisoning, DHCP poisoning, evil twins, cross-VLAN sniffing, and denial of service (DoS). (Those attacks are, respectively, pushing out bad DNS information to redirect users to malicious sites, pushing out bad addresses to take control of some parts of IP networking, putting up fake access points named the same as the legitimate network, breaking the virtual LAN information segregation to see data that was intended to be private, and flooding or otherwise damaging radio frequency or network space to prevent legitimate use of a network.)

I should emphasize that Rushing wasn't engaged in fear-mongering. He's not engaged in a campaign to bad mouth metro-scale networks, nor does AirDefense (yet) have a specific product that would target the service operators in that field. In fact, most of the hardware vendors have various tools already built into their management systems that provide some monitoring of various kinds--nothing as extensive as AirDefense or its competitors, of course, and we'll see an increasing number of partnerships as large-scale networks are built. (AirDefense has partnerships with Motorola and Nortel, for instance.)

These are all reasonable concerns, and I asked the three most extensively deployed domestic metro-scale service providers for information on their architecture and how they cope and plan to cope with these problems. EarthLink and MetroFi agreed to talk; Kite Networks (the current name for NeoReach's municipal efforts in Arizona and elsewhere) didn't respond to a request, but later provided details of their network operations. (This article was updated to include that information from Kite.)

Rushing said, "You can't guarantee security unless you backhaul it all the way back," meaning that if the edge of a network has any ability for communicate among devices at the edge, then there's risk. It turns out that EarthLink and MetroFi agree with this philosophy: there's little risk at the edge in their view because the edge barely exists.

There are a few different issues involved, and let me walk through each of them in turn.

More after the jump...

Read the rest of "Metro-Scale Neworks Seem to Have Security Act Together"

Posted by Glenn Fleishman at 1:59 PM | Permanent Link | Categories: Metro-Scale Networks, Security | 2 Comments

EarthLink Unveils Beta Metro-Scale Wi-Fi VoIP Phone

By Glenn Fleishman

AcctonphoneearthlinkEarthLink will test a custom Accton voice over IP (VoIP) over Wi-Fi phone on their metro-scale networks, starting in Anaheim: The service and handset are free during a testing period, and includes only domestic calling in this period. The phone's charging cradle is also an 802.11g gateway. Anaheim customers can contact the company to sign up for testing; Anaheim is one of EarthLink's earlier large-scale deployments.

The phone and cradle/gateway are expected to cost $100 at launch. Unlimited domestic inbound and outbound calling will likely be $25 per month, and 500 outbound/unlimited inbound domestic calls would run $15 per month.

The service and phone don't require a subscription to EarthLink's metro-scale network, as it will work with any broadband network. Of course, if you want wide-area roaming, their networks are the obvious choice as a provider.

Posted by Glenn Fleishman at 5:00 AM | Permanent Link | Categories: Metro-Scale Networks, Voice | 2 Comments

March 19, 2007

Wee-Fi: Short Items for Monday, March 19

By Glenn Fleishman

Hearst's new 46-story building in New York designed for Wi-Fi top to bottom: The 856,000-square-foot tower has distributed antennas, allowing the wireless Wi-Fi and cellular access points and base stations to live centrally. There are eight antennas per floor and 280 Cisco APs serving the building. Internal cell base stations allow in-building use; it took six to eight months to light up the cell service.

Samsung shows digital photo frame: They demonstrated 8- and 12-inch versions that aren't yet released. At €229 for a 7-inch version that will be released in May, I have to think that prices have to plunge for people to invest in this sort trinket. Reminds me of the "every kitchen will have a computer to manage recipes" maxim of years past.

Rockland County, NY, considers Wi-Fi: Wants some free access for some residents, facilities.

Meraki mini, minimized: Netequality repackages Meraki Mini Repeater, designed for inexpensive mesh networking, into a form factor that incorporates power, guts, and antenna, and plugs right into a wall socket. $79. (It doens't have powerline networking built in; that would be a nice upgrade.)

Roadside spies: The Times of London reports on what all those boxes with cameras and antennas all over Britain are about. Only one of the boxes they identify contains a Wi-Fi transceiver.

T-Mobile about to launch national converged calling? Business 2.0 has a tiny item without much detail that says that HotSpot@Home is about to launch. It's a confusing item to me, because the service--converged Wi-Fi and cell voice calling in one handset and on one plan--launched commercially in Washington State last year. "Rolling out" ostensibly means "extending it to other/all markets."

Posted by Glenn Fleishman at 11:29 AM | Permanent Link | Categories: Wee-Fi

Metro-North Adds Wi-Fi to Stations

By Glenn Fleishman

Commuters would probably also like to have Wi-Fi on trains: Cities along the Metro-North New Haven Line have added Wi-Fi to some stations: South Norwalk last week and Westport this week. The state's busiest train station, Stamford, will have service next. The funding came from federal grants designed to improve commerce in Fairfield County, and the grant pays for a year's worth of service. "If I miss my train and have to wait, I'll be able to use my laptop," one commuter said.

Posted by Glenn Fleishman at 11:20 AM | Permanent Link | Categories: Commuting, Rails

March 18, 2007

Skyhook Plug-In for AOL Instant Messenger Adds Buddies Near Me

By Glenn Fleishman

The Wi-Fi locator firm Skyhook, which relies on public and private Wi-Fi beacons to provide a GPS-like service, has deal with AOL: A free downloadable plug-in for AOL Instant Messenger (AIM) adds a buddy list grouping labeled Near Me, which shows buddies in physical proximity; they can be plotted on a map, even. Skyhook's database now contains 16m access points in the US and Canada. They use 200 trucks to troll 2,500 cities.

Posted by Glenn Fleishman at 5:02 PM | Permanent Link | Categories: Location

March 16, 2007

Simpler Bluetooth Due in Late 2007

By Glenn Fleishman

Good news from the simplicity front: The Bluetooth SIG told InfoWorld's Ephraim Schwartz that the 2.1 update to the standard that would appear later this year would automate parts of the pairing process to reduce hooking up two devices down to perhaps 2 to 3 steps.

In writing about Bluetooth, I've always been stunned by how many steps are necessary to create a connection, even in ideal circumstances. The Wi-Fi Alliance learned from this, and their Wi-Fi Protected Setup--a kind of pairing for simple WPA security--involves as few as two steps on a base station and one on a computer trying to associate to form an encrypted pairing.

The new 2.1+EDR spec also uses as little as 20 percent as much power through better sleep modes. Schwartz writes the spec should ship to device manufacturers in two months, but I wonder if he means that chipmakers will have implemented versions that can be integrated in devices in two months?

Posted by Glenn Fleishman at 10:09 AM | Permanent Link | Categories: Bluetooth | 1 Comment

Bay Buses Abound with Wi-Fi

By Glenn Fleishman

AC Transit latest bus line in SF Bay Area to add or test Wi-Fi: Checking my archives, it seems that nearly every transportation authority with long runs around the San Francisco Bay Area is considering or testing Wi-Fi-based Internet access on buses. The latest is AC Transit, which carries 11,000 passengers daily across three major Bay bridges (the big one, Dumbarton, and San Mateo-Hayward).

Service will be free. It will operate on 78* green motorcoaches starting in stages in March, and all ready by April. The cost for the buses is just $138,000 to equip and $60 per month per bus for service, the price of a long-term cell data contract.

*The article states 78 buses and 88 buses; AC Transit's site notes 79 buses in this category.

Posted by Glenn Fleishman at 9:21 AM | Permanent Link | Categories: Transportation and Lodging

Wee-Fi: Short Items for Friday, March 16

By Glenn Fleishman

Welcome to the weekend: Please turn off your computers at the end of the day, enjoy the weather (whatever the temperature), and return to your full, upright positions on Monday. In the meantime:

The Wi-Fi is strong in this one: Make a Wi-Fi sensor that puts a signal heartbeat in your pocket (via BoingBoing).

Wi-Fi stays in with this paint: EM-SEC Technologies will sell a coating costing $4 to $5 per square foot (in small quantities) that can block electromagnetic transmission to create secure rooms in buildings. I'll be curious if people who have self-identified as electrosensitive will use this paint to keep signals out?

Posted by Glenn Fleishman at 7:43 AM | Permanent Link | Categories: Wee-Fi

March 15, 2007

Metro Round-Up: Savannah (Geor.), Elk Grove (Calif.)

By Glenn Fleishman

Savannah, Geor., picks NetMethods: The city will use the network for video surveillance, public safety, and municipal worker access. Tropos gear was chosen.

Elk Grove, Calif., agrees to no-bid deal with Frontier: The city council agreed to a contact that gives Frontier access to 650 light poles; the company will initially provide coverage to 11 square miles of the 42 square miles comprising the city. Frontier will pay $100, 000 for the rights, which extend over five years. Existing Frontier customers will pay $10 a month for use; others can buy access on demand.

Posted by Glenn Fleishman at 3:14 PM | Permanent Link | Categories: Municipal

HomePlug AV Gridlock Unjams

By Glenn Fleishman

HomePlug AV finally starts to appear in gear: The 2.0 spec of the powerline networking standard was in place more than a year ago, but products started to appear only relatively recently. Zyxel offered up its products last October, but it's taken a while to see major brands follow suit: Linksys finally announced their product today, the Register reports. There are competing, proprietary standards made by firms like DS2, that can't interoperate with HomePlug AV. The standard's trade-group backer, the HomePlug Alliance, however, might finally gain some traction with multiple firms in the marketplace with devices. We'll see: The Alliance's products page only mentions 1.0 and their list of products for sale don't distinguish between earlier and AV designs.

Posted by Glenn Fleishman at 2:59 PM | Permanent Link | Categories: Power Line | 1 Comment

March 14, 2007

Wee-Fi: Short Items for Wednesday, March 14

By Glenn Fleishman

Slacker radio combines satellite, Wi-Fi: An interesting mash-up of Internet radio, satellite downlink, and music player. The $150 to $300 models can download music conforming to customized or prefabricated "stations" via satellite or Wi-Fi networks. Satellite service launches later in the year. The device will ship in early summer. The Web site is live now.

Excellent explanation of 700 MHz upper band issues: Some companies and organizations want more public-safety spectrum allocated in the upper ranges of 700 MHz in order to offer a privately funded national network that can be used for commercial purposes with priority overrides in emergencies. Om Malik explains it all.

NTIA issues rule for analog-to-digital television conversion box coupons: When analog TV broadcasts end, those left with analog sets will get up to two $40 coupons from the US gummint to get converters. Feb. 17, 2009, is the day analog TV broadcasting dies.

Wi-Fi robot warriors: I, for one, welcome our new robot overlords.

JiWire wins Microsoft deal: The hotspot directory will power various Microsoft Wi-Fi listing engines, including (Disclosure: I have an exceedingly small financial interest in JiWire.)

Buenos Aires subway-Fi: Service expected in 70 stations through the Argentinean capital.

Posted by Glenn Fleishman at 11:41 AM | Permanent Link | Categories: Wee-Fi

March 13, 2007

Wee-Fi: Short Items for Tuesday, March 13

By Glenn Fleishman

Are you finding Wee-Fi useful? Let me know if this short round-up of events that don't get the full treatment at Wi-Fi Networking News is useful to you. It lets me "catch" news that otherwise falls through the cracks without overwhelming you fine folks with two many individual postings.

802.11n now slated for April 2009 approval: Don't worry. The hard work is over. There's more refinement, but a bit hunk of the timetable is a formal process. In fact, I'm wrong. It's bad graphic design on the Web page, making it almost impossible to read across without literally holding a straight edge of a piece of paper to the screen. Final approval is still slated for Sept. 2008.

SkyPilot adds mesh extender: SkyPilot adds a new kind of node for its metro-scale network. The higher ends of its network use eight sector antennas, to allow point-to-point communication on a scheduled basis, combining some of the best access of point-to-point and frequency reuse. Their new SkyAccess DualBand has just one sectorized antenna in 5 GHz to point to an existing multi-antenna node, and a omnidirectional antenna for Wi-Fi use. This reduces the cost of extending the edge of the network.

White paper for Cognio, Airspy detail defenses: The two firms collaborated on a white paper that covers how to deal with physical-layer threats to Wi-Fi networks, both accidental and intentional. It's a download with minimal registration details required.

WiPeer allows computer-to-computer file sharing: This was one of the features that I liked in Whisher, too.

Toledo meets with MetroFi; Officals from the Ohio town meet with one of two potential network providers. Local paper--the owners of which also own the competing bidder--has an article on how MetroFi's advertising-driven free service might not be up to sniff. Interesting comment: Three years ago, MetroFi's CEO Chuck Haas said the model would be proven by 2005; the paper asked him recently if that had happened, and he said that no market was yet mature enough. Which is true. Metro-scale networks have taken a lot longer to arrive than anticipated. A lot of financial detail about MetroFi is also in this piece.

Moscow subway gets Wi-Fi: Three busy underground stations have service from Comstar. One hour is 5 "currency units," which, if that's rubles, means US 20 cents. Service is 128 Kbps supporting up to 48 users—each at that speed? It's unclear. Update: Currency units aren't rubles, Martyn Levy from RoamAD notes via email (he's a fluent Russian speaker). They're "uslovnaya edinitsa," which are roughly a buck. So an hour costs about five bucks U.S., which is an awful lot.

Walmart's RFID scanners interfere with 900 MHz wireless ISP signals: We tend to forget about this lower band, which is used in some WISP's infrastructure.

Posted by Glenn Fleishman at 5:59 AM | Permanent Link | Categories: Wee-Fi

March 12, 2007

Fill the White Spaces

By Glenn Fleishman

Microsoft, Google, Dell, HP, Intel, and Philips want underused, unused spectrum freed up: The six companies would like the FCC to approve technology for television channels that aren't in use in each market, opening hundred of megahertz to new purposes. Microsoft was to give the FCC a prototype device to day. Equipment could be on the market as soon as 2009.

An article at Marketwatch misstates what white space means, by the way. Unlicensed spectrum is unlicensed spectrum; white space is underutilized (or unused, depending on your orientation) parts of broadcast bands. You can read an analysis of what could be recovered at the New America Foundation.

Ultrawideband uses a kind of lowdown white space, or signals so low power that they sound like noise to licensed equipment.

Posted by Glenn Fleishman at 9:26 PM | Permanent Link | Categories: Regulation, Spectrum

Wee-Fi: Short Items for Monday, March 12

By Glenn Fleishman

Draft N advances another big step: Draft 2.0 of the 802.11n standard has been approved by the larger 802.11 Working Group. This is another clear step forward towards a final, ratified standard, and increases the likelihood of more compatible equipment appearing in the market faster. In January, Draft 1.10 was approved by just the task group in charge.

Downtown Wi-Fi in Two Rivers, Wisc.: "Just like in big cities..."

Spartanburg, S.C., adds Wi-Fi: Limited service in downtown, with more to come. Nearby cities Greenville and Greer have had Wi-Fi for longer. "It's definitely brought people into downtown who probably would've gone elsewhere," said a Greer Development Corp. representative. What happens when everyone has downtown Wi-Fi, then?

Posted by Glenn Fleishman at 8:58 AM | Permanent Link | Categories: Wee-Fi

March 11, 2007

Wee-Fi: Short Items for Sunday, March 11

By Glenn Fleishman

El Monte, Calif., puts Wi-Fi on 60-foot tandem buses: Commuters will take fancy new buses into work in Los Angeles. Foothill Transit will launch 30 buses.

Dwight Silverman kills Wi-Fi routers: He's not the only one, but he's got a bad track record. Of course, the Deadline Monitoring Protocol (DMP) works perfectly well in all hardware ever sold, which is why he had so many fail in sequence.

Wi-FI Bedouins: An interesting runthrough of the office-in-coffeeshop lifestyle in San Francisco, with cameos by Om Malik and Craig Newmark. The cafe owner who says he spends $2,000 a month in electricity, ostensibly blaming this rate on laptop users--it's unclear--a typical high-end laptop pulls less than 100 watts. A kilowatt-hour, or 100 watts used over 10 hours, costs no more than 20 cents anywhere in the urban US that I'm aware of. So $2,000 = at least 10,000 laptops hours per month, and probably a lot more. I'm guessing it's the espresso machines, lights, and refrigeration.

Future Berkeley ferry will be Wi-Fi'd: It's just a passing mention, but service could be up and running in 2010.

Oregonian keeps beating drum of low signal strength indoors: Mike Rogoway files another story about how the MetroFi network, covering just part of the city so far, has poor indoor signal strength. The company and city say that they should have promoted that fact, earlier. The network sees 500 daily users with 90 minutes of average use. Personal Telco's Michael Weinberg notes that you could build a network with indoor coverage at a far higher cost that wouldn't require bridges.

Posted by Glenn Fleishman at 11:26 AM | Permanent Link | Categories: Wee-Fi

March 8, 2007

The Slow Death of Modems

By Glenn Fleishman

I wrote about the inevitable, but slow decline of dial-up modems in this week's Economist (paid sub.): The article was sparked when I read a prediction a few months ago that the UK would have almost no dial-up lines in place in just a few years. I wondered if that were true. After speaking to a dozen people inside and outside of the industry, I believe it is; we in the US, however, will have millions of dial-up modems still employed and probably hundreds of thousands of dial-up lines at ISPs.

I also heard repeatedly a delightful statement: modem users tend to be elderly, rural, or contrary--the last of which is a great category. It's people who think a modem is good enough, or have concerns about always-on connectivity. The contrary will stick with narrowband much longer than the rest of us.

Posted by Glenn Fleishman at 10:59 AM | Permanent Link | Categories: Future | 4 Comments

Metro Round-Up: Michigan City (Ind.), Seminole County (Flor.)

By Glenn Fleishman

Michigan City, Mich., to add downtown Wi-Fi: Free service in the Franklin Street corridor, including a nearby marina. The service is designed for mostly outdoor coverage, but the designers expect some indoor coverage, too, which could attract businesses.

Seminole County, Flor., considers Wi-Fi: They'll probably commission a study.

Mesa, Ariz., has free Wi-Fi, cheap soda: The small airport offers direct flights to Gary, Indiana's airport, close to Chicago.

Posted by Glenn Fleishman at 10:32 AM | Permanent Link | Categories: Municipal

Wee-Fi: Short Items for Thursday, March 8

By Glenn Fleishman

Trying to set up a hotspot yourself? Buy this book: Eric Geier's Wi-Fi Hotspots from Cisco Press is a terrific introduction to setting up a public hotspot, aimed at people with relatively little technical knowledge. The book, which came out last October, and has been sitting on my desk staring at me to read until today, offers a number of scenarios to help someone decide to charge or offer service for free, and whether to go it alone (and how), or join a network. There are four chapters devoted one each to complete setup of different solutions, including a Linux-based option that's quite interesting. It's not comprehensive, but for under $40, it's a great investment, and might be the only book that you need to set up a location.

Veteran Mac writer likes AirPort Extreme Base Station, too: Mostly positive reviews of the Apple 802.11n router have been coming in, with provisos about slow and sometimes erratic USB hard driving sharing, Vista support problems, and occasionally basic functionality loss. I've only seen Vista problems, myself. Andy Inhatko, a legendary tech writer, notes in the Chicago Times that "given its ability to deliver a network that's not just faster but also far more useful, it sounds like a good investment in your network's future."

Nintendo announes Wii Wi-Fi title: Not a misprint. The first Wi-Fi enabled title for the Wii will be Pokemon Battle Revolution, due out this summer. DS users with Pokemon Diamond or Pearl can participate.

Sony offers first Wi-Fi camera: The Cybershot DSC-G1 has 2 GB of internal memory and 802.11g. Not much information about how the Wi-FI works yet, although it works with the Digital Living Network Alliance standard for transferring data among compliant devices, including PCs. Ships in April $600 with 3x zoom, 6 megapixel sensor.

Tropos upgrades MetroMesh software: Version 6 can better lock out ne'er-do-wells on the network edge, while throttling bandwidth and preventing or enabling behavior like peer-to-peer networking. Tiered service could be assigned specific bandwidth limits and data types with this update. The package also detects threats, like evil twins (networks alleging to be a valid network to snarf data from unsuspecting users).

Posted by Glenn Fleishman at 9:31 AM | Permanent Link | Categories: Wee-Fi

March 7, 2007

Secure a Wi-Fi Network with a Fingerprint

By Glenn Fleishman

Shimon Systems extends biometric access to Wi-Fi networks: The firm, named after the Japanese word for fingerprint, started shipping its Bio-NetGuard a few months ago, and started talking more broadly about it recently. The device, starting at $500 for 10 users, allows a user's fingerprint to work as an authentication mechanism for a Wi-Fi network.

Shimon has built an 802.1X supplicant for Windows that connects a fingerprint scanner with the Bio-NetGuard, which acts as an authentication server using standard RADIUS and EAP (Encapsulated Authentication Protocol).

802.1X is port-based authentication in which a Wi-Fi access point or Ethernet switch prevents a device from accessing the rest of the network, but can pass authentication messages from a client-based connection program, called a supplicant, to an internal or external server that confirms credentials. In this case, the Bio-NetGuard acts as that server. With Wi-Fi networks, each attached client is assigned a unique network encryption key, preventing eavesdropping among connected devices.

Baldev Krishan, one of the company's four founders, said that using a fingerprint bypasses the weakness of user/password-based authentication. "Once the password is compromised, the whole network security goes by the wayside," he said. "Wouldn't it be nice to authenticate the user by who they are?" Krishan noted the advantage is that "you don't have to remember passwords. It can never be stolen, never be compromised," and it provides a log of access, too, in case of network troubles.

The Bio-NetGuard acts as a bit of a black box and a Roach Motel: "The fingerprint never leaves our box," Krishan said. The fingerprint templates can't be reverse engineered, either, as the supplicant sends just the reduced information, not the full scanned image or feature extraction; nor is that information stored in the server.

Bio-NetGuard is designed to be set up in a few minutes without information technology personnel. "You don't need any IT guy to install the RADIUS server. It's all out of the box. There are three or four settings needed," Krishan said.

One of the supported access points--a list of which is at Shimon's Web site, and is increasing all the time--needs to be configured with the RADIUS server information for the Bio-NetGuard, which is an IP address, a shared secret (passed between the access point and the authentication server), and a TCP port. I've configured these setups many times, and it's not completely trivial, but neither is it very difficult.

The administrative tool allows enrollment, or adding a fingerprint, as well as removal of users and other tasks. The product can handle up to 250 users. The company is considering the market for larger use rbases, but has not yet announced a product for enterprises.

This first device clearly targets the small-to-medium-sized business market that uses IT consultants or limited in-house IT staff, but has a strong requirement for secure network access and logs of use. Medical, government, and legal industries are full of smaller shops with high regulatory burdens, such as the HIPAA rules governing medical patient privacy.

Krishan said that the three-year-old firm licensed its biometric technology for fingerprint characterization from NEC, the world's leading firm in that space. Krishan said that fingerprint scanners are becoming a common option in high-end laptops, with tens of millions of laptops expected to be sold with that biometric feature in the near future. External readers can be plugged in, as well.

Shimon's system uses a built-in or external fingerprint scanner to obtain an image, from which features--called minutiae points--are extracted, and then that data is compressed into a template. The template is transmitted by the built-in software to the server using 802.1X.

Shimon does an interesting end-run around the secure tranmission of that data over EAP, which, by default, has no encryption. Most supplicants found in operating system or releaesed by firms like Meetinghouse (now owned by Cisco) or Funk (purchased by Juniper) use PEAP (Protected EAP) or EAP-TTLS (Tunneled Transport Layer Security). Both methods wrap EAP messages in a secure layer using certificate exchange similar to that used on the Web for a secure SSL/TLS site.

Instead, Shimon uses the oldest secured EAP method: EAP-TLS. With EAP-TLS, you typically need to install a unique digital certificate on each computer. The certificate defines the uniqueness of the user for tracking purposes and to revoke former employees' access. However, because Shimon relies on the fingerprint for authentication, they can install a common certificate across all the computers on a network, providing verification in both directions (from client to server and server to client) of the validity of the public-key transaction before transmitting the fingerprint data.

For businesses that need this form of security coupled with the kind of simplicity that a fingerprint scanner offers, Shimon might have the right price and right product.

Posted by Glenn Fleishman at 11:50 AM | Permanent Link | Categories: Security | 1 Comment

Wee-Fi: Short Items for Wednesday, March 7

By Glenn Fleishman

Corpus Christi signs EarthLink: The city has been building out and using a municipal network for its own purposes (like meter reading) for years. It has handed the network off to EarthLink to operate and offer public access for personal and business use. The network will have 30 days of free service when EarthLink has relaunched it.

Concourse extends service at Baltimore airport: The Boingo-owned airport-unwiring subsidiary now blankets all "secure areas" of the airport. They'll add baggage claim and ticket counter service by the end of this month.

Fon to get €10m infusion? GigaOm reports that a new round of funding could include existing investors like Skype and Google, and a new investor: British Telecom. Earlier reports said that BT and Fon might build a partnership that would allow BT Fusion customers to enable Fon hotspot service on their routers quite easily. And confirmed: Fon confirms that it received the €10 from existing investors, including founder Martin Varsavsky, and "4 non US new strategic investors" who aren't yet disclosed.

iBahn associates speed, cost with hotspots: The mostly hotel-based hotspot and wired-room service provider is tiering its offering. Free service will allow "light email and web browsing." The paid service supports VPNs, gaming, video, and music downloads. Pricing of services wasn't disclosed, but it's always varied by property and location served by iBahn.

AT&T expands business hotspot network: They're up to 48,000 hotspots. Not sure which aggregated roaming network they are reselling, but it's not iPass based on the locations and numbers. The AT&T Remote Access network is distinct from their consumer-oriented AT&T FreedomLink, which includes McDonald's locations, Barnes and Noble, and The UPS Store.

Oulu, Finland, plans expansion of Wi-Fi network: The network in Oulu was part of a Nokia trial a few months for dual-mode phones (unlicensed mobile access). The panOulu project will revamp its current network with Strix gear and extend it.  It currently comprises 675 access points, 60 of them for outdoor use, and 13 in mobile or nomadic locations, like buses. The new network will add 400 access points through 2007.

Wee-Fi: Short Items for Wednesday, March 7

Posted by Glenn Fleishman at 9:52 AM | Permanent Link | Categories: Wee-Fi

March 6, 2007

Wee-Fi: Short Items for Tuesday, March 6

By Glenn Fleishman

Impressive usage numbers from St. Cloud: Florida network shows high utilization by citizens of the free, municipally built networks. 4.6m hours logged, 25 petabytes of information transferred, 77 percent of households registered, 20,000 users on 14,000 devices.

Least likely places to find Wi-Fi: Washington Post's Rob Pegoraro finds Wi-Fi in a remote cabin he and his wife rented during a ski vacation. Readers chime in with their own connectivity stories, including a couple that carries out research in Antarctica.

Grain of rice antenna for 2.4 GHz: Fractus offers Micro Reach Xtend, a 3.7mm by 2mm antenna for the 2.4 GHz band--Bluetooth, Wi-Fi, and Zigbee.

Colorado buses to add Wi-Fi: Roaring Fork Transportation Authority would include Internet access on a new bus system. The system would be used for public access and operational purposes, such as dispatch and location. 4m passengers (that's passengers times trips, actually) rode the current system last year. Wi-Fi would be rolled out over five years. The full bus system won't be in place until 2017. Aspen and its county are considering an unrelated large-scale wireless network.

Boston Wireless Initiative ties in student laptops: Dorchester middle school will give every student a Wi-Fi enabled laptop, and actually train teachers--sometimes not included in these programs--in how to integrate connectivity into what they're teaching. There appear to be pre-thought-out benchmarks for success. Oh, and the Boston network hasn't been built yet, but the kids will be ready when it is.

iPass aggregates user data in Wi-Fi Hotspot Index: The index looks at usage patterns of 1m users per quarter across a network of 76,000 hotspots in 68 countries. O'Hare saw the most use worldwide, which reflects iPass's audience of large corporations; iPass users probably spend a lot of time changing planes in Chicago.

Johannesburg, S.A., asks for broadband bids: The city proposes to have a firm build a network as the city prepares for the 2010 Fifa Soccer World Cup. The city covers 1,644 sq km with 3.2m people and 1m households. Only 85 percent have electricity. They'll first ask for ideas and then issue a tender.

Archos adds 7-inch Wi-Fi media player: 800 by 400 pixels and 5-by-7-inch form factor, with an 80 GB drive; $550 when released in mid-March. The content can be retrieved from a $100 settop box.

Posted by Glenn Fleishman at 12:33 PM | Permanent Link | Categories: Wee-Fi

Commentary on Black Hat Wi-FI Exploit from Others

By Glenn Fleishman

Daring Fireball, Brian Krebs Watch examine Black Hat Wi-Fi exploit statements: A rundown on questions not answered, and analysis from two fellows who have studied the issue of the Wi-Fi exploit developed by David Maynor and Jon Ellch that Apple denied existed in the form that the researchers stated. Krebs Watch goes through all the various statements made in the past and compares them against Maynor's recent comments. Daring Fireball looks through the video shown at the presentation last August and whether Maynor and Ellch really had an exploit that could take root--Maynor says they did--or a crasher. (I know this is another post about the matter, but I didn't write the content in question.)

Posted by Glenn Fleishman at 11:57 AM | Permanent Link | Categories: Security

March 5, 2007

Texas Train Gets Broadband

By Glenn Fleishman

4G Metro will put 10 Mbps per train on the Trinity Railway Express (TRE): The 4G Metro system will use ground-based broadband to achieve those results using gear from Colubris and Nortel. The group confirmed that service would be on every car in every train. TRE carries 5,000 passengers daily across a 36-mile route from Ft. Worth to the DFW (Dallas-Ft. Worth) International Airport. Pricing is yet to be determined.

The deal goes beyond this one line: Nortel and Colubris are using this as an opportunity to work more closely together on marketing, sales, and interoperability testing. Nortel's various wide-area network technologies will be used--mesh, WiMax, and optical--and Colubris's bridges, access points, and controllers. 4G Metro is pulling it all together for TRE.

4G Metro wants bragging rights: The press release says the system, which will debut in "early summer" 2007, is expected to the first broadband-enabled service offered by a "major US public railway." The ACE (Altamount Commuter Express) had an Internet link running at low speeds for years. They were scheduled to boost bandwidth last summer, but it apparently still hasn't happened, and the system is currently offline.

Posted by Glenn Fleishman at 1:13 PM | Permanent Link | Categories: Rails

Wee-Fi: Short Items for Monday, March 5

By Glenn Fleishman

Fair Wi-Fi promoters have hard time finding London venue for event that doesn't charge excessive Wi-Fi rates: Tony Hallett writes about how several hotels have been struck from a list of potential venues for a CIO Forum run by in London because of the cost of Wi-Fi. One hotel bragged to organizers that they'd figured out a way to identify and charge piggybacked laptop users on a shared connected.

Tropos contest looks for cool photos of citywide Wi-Fi: Winner gets a 17-inch MacBook Pro. Contest ends April 12. Public votes. Grand price announced May 1. Semi-finalists get the booby prize: a Sony mylo.

Siemens offers one-stop shop for managed Wi-Fi: Siemens Communications can monitor Wi-Fi networks--metro-scale or enterprise--and provide customer technical support, even with many vendors' equipment deployed. This kind of separate service could split the market between infrastructure builders and operational firms, or promote more partnerships between them.

Aurora, Ill., Wi-Fi stalls: MetroFi has hard time finding backbone for this network in the City of Light, an early electrical pioneer. Pole ownership has been another problem. The fiber-optic project, however, is one track.

The latest local news story on Wi-Fi squatters: This time, the Twin Cities in Minnesota. Baristas note, people with laptops spend a lot of time, not necessarily money, in coffeeshops.

Posted by Glenn Fleishman at 10:58 AM | Permanent Link | Categories: Wee-Fi

The Last Post on Black Hat Apple Wi-Fi Exploit

By Glenn Fleishman

I swear to the heavens above, this is probably, maybe, almost certainly the last post on this subject: David Maynor is a rather polite individual via email; I've never had the pleasure of meeting him. Likewise, his colleague Jon Ellch ("Johnny Cache"), his partner in the exploit last August that led to such gnashing of teeth. I've been corresponding with Maynor since last week when, at another Black Hat conference, he said that he and Ellch did, in fact, develop a way of gaining root control of a Macintosh running OS X 10.4.6, an system version superceded in June 2006. (Mac OS X 10.4.7 apparently had a slightly different problem; everything was fixed with patches by the 10.4.8 release.)

I have hours of conversation with colleagues since last week about this issue, with many of them stating that Maynor was still being too vague in describing what, precisely, he and Ellch had up their sleeves last August.

Via email this morning, I asked Maynor point blank: "At Black Hat last August, you had a working rootkit for Mac OS X 10.4.6 stock out of the box using Broadcom chipsets? No special software, no special configuration, just on and checking for a Wi-Fi signal, and you could gain root access and perform arbitrary actions as root?"

His very clear answer: "Yes."

Update: I later followed up with him as I was too specific. He confirmed that both PowerPC plus Broadcom (pre-Intel architecture) and a MacBook (with Intel) coupled with Atheros were targeted through two separately engineered exploits.

He also clarified that Brian Krebs did see a native exploit and a third-party exploit of Mac OS X. A Black Hat staffer also saw the exploit at that time before the talk was given.

I have spoken to multiple people who saw a demonstration of this last year before Apple released their patches, saw the email that Apple and Maynor exchanged, and/or had access to the actual code involved. (Correction: After more back and forth, I find I have not spoken to anyone who has seen the native exploit, only the third-party one.) I posted an editor's note on a previous post that Maynor should release these folks from any pledges of secrecy. He did:

"At this point anyone I have told anything to about this has been released from any obligation to me from discussing it. As far as I am concerned it is open season, no more secrets."

Anyone who has information is now welcome to confirm this with Maynor--an out-of-band confirmation is always best in security fields, you don't have to trust me that he said this--and then post in the comments below what you saw and what you know.

A colleague I spoke with nailed down the two issues at stake here, and why we keep writing about it. This was echoed in comments on the post about last week's Black Hat presentation, too.

First, did Maynor and Ellch have a root exploit, not just a way to crash 10.4.6? Maynor has now said unequivocally yes. I know, many of you are still saying, "Show me the code." Last week, Maynor wrote in comments on my site that he had released his code and it "should be showing up on websites at any time." He said he has withheld the "weaponized shellcode" that allows root access because of a presentation he's giving in a few months.

Second, did Apple lie about what Maynor and Ellch provided? Clearly, Maynor's email shows more communication than Apple stated. I have not heard back from Apple since speaking with them about this issue last week. I still believe that there were many cooks in the broth at Apple, and that statements made by, say, Lynn Fox, seem to reflect a lack of accurate information provided rather than an attempt to discredit Maynor and Ellch. There's no profit in that and a lot of potential exposure as a publicly held company. We'll see if we hear more about this.

Ladies and gentlemen, I give you the comments. Post what you know.

Posted by Glenn Fleishman at 10:44 AM | Permanent Link | Categories: Security | 4 Comments

March 4, 2007

Meraki Builds a Square Mile in San Francisco

By Glenn Fleishman

Meraki will build square mile in San Francisco fast, for $50K: The mesh network will cover a few neighborhoods and demonstrate their low-cost, fast-to-deploy gear that sells for $50 or $100, and can double as a bridge or a mesh node. 15,000 people will be covered in "Mission Dolores Park through the Castro and Duboce Park Neighborhoods and up to Alamo Square Park." Backhaul will be via 30 business-class DSL lines using Speakeasy Networks, known for its open approval of sharing its broadband service without special arrangements.

Posted by Glenn Fleishman at 10:44 PM | Permanent Link | Categories: Metro-Scale Networks

Wee-Fi: Short Items for Sunday, March 4

By Glenn Fleishman

SF Bay Buses test Wi-Fi: WestCat runs buses run from way up in Rodeo, in the northeast part of the Bay, to San Francisco. They're curious about performance on the Bay Bridge, among other locations.

Posted by Glenn Fleishman at 4:54 PM | Permanent Link | Categories: Wee-Fi

March 3, 2007

Wee-Fi: Short Items for Saturday, March 3

By Glenn Fleishman

Why doesn't Anchorage man have his laptop back? The library doesn't care that Brian Tanner was using his laptop in their parking lot to use their Wi-Fi network after hours unless he ran them into bandwidth overages, which sounds unlikely. Cops still have his laptop, and no charges filed?

Hurley, Mich., adds hospital-Fi: Hurley Medical Center adds public area Wi-Fi.

Incomprehensible Wi-Fi story in New York Times: Is the columnist trying to say Wi-Fi is like air conditioning? Was this column written in 2004 and just published now? It's a bit of a train wreck. Summary: Wi-Fi might bring in more patrons to retail establishments like coffeeshops, but nobody knows. Right?

Posted by Glenn Fleishman at 10:22 AM | Permanent Link | Categories: Wee-Fi

March 2, 2007

Wee-Fi: Short Items for Friday, March 2

By Glenn Fleishman

AirTight offers free Web-based hacking seminar: Overview of attacks and defenses on Wi-Fi. How do you get certified as an ethical hacker?

Sanford, Flor., adds free Wi-Fi in downtown: Service up and running by end of March. Cost? About $40K to deploy.

Exeter, N.H., has Wi-Fi at libraries, coffeeshops: Local color: "It's nice just to get out of the home office environment for awhile," said one home office worker at a coffeeshop.

More rabbity goodness: Next talking, Wi-Fi-connected monstrosity launched in Europe. The second Nabaztag features a mike and speakers. It can play podcasts and Internet radio. It smells RFID tags. $189 for this insanity. I'm scared.

Round-up of California muni/metro projects: GigaOm runs the tally of projects across the state that will bring vast areas of Wi-Fi.

Cleveland rocks! And wants Wi-Fi: The mayor of Cleveland would like Wi-Fi across the city's 77 square miles. An RFP will follow. Strangely, the mayor's spokesperson said a $60m to $100m price tag is expected, which probably means a significant fiber component. An existing non-profit offers free access near Case Western.

Bowling Green BPL plus Wi-Fi: Broadband over powerline is being tested in Bowling Green, with Wi-Fi being fed off BPL lines. An earlier BPL test was plagued by problems with older powerlines.

EarthLink launches shelter-Fi in Chicago: Homeless to gain access to computers and Wi-Fi at a shelter in Chicago; 16 more to be unwired through Chicago. Training will be provided.

Paris to deploy citywide Wi-Fi: Alcatel-Lucent to build network, which launches in third quarter 2007. Gratuit, naturellement (free of charge).

Posted by Glenn Fleishman at 3:30 PM | Permanent Link | Categories: Wee-Fi | 2 Comments

Seeping Data? Try Ferret

By Glenn Fleishman

Errata Security releases code for program that reveals what your Wi-Fi connection is "leaking": David Maynor and Robert Graham say that your Wi-Fi-enabled computer "seeps" all kinds of data relevant to crackers regardless. They have a great definition of this term: "Information that is broadcast or available via simple inquiry or spoofing that may not by itself seem critical but become more important as pieces of a larger puzzle."

Wi-Fi networks are particularly troublesome, because some operating systems and drivers look for known networks that they have connected to previously; spoofing one of those networks grabs you lots of this seeped data without compromising the computer in any fashion. Given that a list of network names might include airports and hotels, or the BSSIDs associated with them (which could be gathered from wardriving information already out there), you might know where someone has been.

You can download their presentation on the matter and the 1.0 release of their buggy--their term!--code.

Posted by Glenn Fleishman at 3:29 PM | Permanent Link | Categories: Security

March 1, 2007

Free Wi-Fi on New York Thruway

By Glenn Fleishman

The New York Thruway has free Wi-Fi at 27 travel plazas: The growth of Wi-Fi (free and paid) at highway stopover locations has run in fits and starts, with some states announcing and then canceling plans, and others just tootling along and suddenly announcing a major deployment. The service is intended for indoor use, it sounds like, but I expect enterprising truckers may use high-gain adapters.

Posted by Glenn Fleishman at 12:46 PM | Permanent Link | Categories: Road Warrior | 1 Comment

Wi-Fi Bus from Estonia to Latvia

By Glenn Fleishman

A $20 bus ride from Talinn to Riga gives you Wi-Fi en route: Cyrus Farivar takes reports on a five-hour bus ride in the Baltics on what is probably the only cross-border Wi-Fi bus option in this audio piece for PRI's The World. (There's a train line in Sweden that has Wi-Fi and stops over the border in Copenhagen, Denmark.) The bus is a pretty high-end model, with a number of other amenities. "Stewardesses" are in the future.

Now in interesting circular relationships, Veljo Haamer, Estonia's Johnny Wi-Fi-seed, took a ride on the Capitol Corridor train line partly because of reading about my coverage of it here at Wi-Fi Networking News. He took the idea back and advocated for adding Wi-Fi to the line.

Posted by Glenn Fleishman at 10:20 AM | Permanent Link | Categories: Transportation and Lodging | 1 Comment

« February 2007 | Main Index | Archives | April 2007 »