veloslave
Geek For God
Premium
join:2003-07-11
Pleasant Hill, CA | reply to DaneJasper
Re: Hosting a WiFi hotspot?
VERY SWEET!
--
Mom was right.... I NEED fiber! |
|
DaneJasper
Sonic.Net
Premium,VIP
join:2001-08-20
Santa Rosa, CA
clubs:
| reply to JohnInSJ
And we know that the IP that it does use is Wi-Fi users, so we investigate there (block MAC addresses, etc) rather than bother you. Cool, egh?
-Dane |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
 ·Comcast
| reply to veloslave
said by veloslave  : I have a SBS server running Exchange and if my IP got blacklisted I would be royally skaaaarude  The hotspot does NOT use your IP address. Scratch that worry 
--
My place : »www.schettino.us |
|
veloslave
Geek For God
Premium
join:2003-07-11
Pleasant Hill, CA
 ·PHONE POWER
 ·SONIC.NET
| reply to DaneJasper
The only thing that makes we a little worried about hosting a hotspot is if someone started using it for illegitimate reasons like sending out spam. I have a SBS server running Exchange and if my IP got blacklisted I would be royally skaaaarude
I think the chances of this are extremely minimal and thus I am on-board but every now and then the what if factor, considering it is my business email in question can give me a "hmmmmm....., nahhhhhhhh!" 
--
Mom was right.... I NEED fiber! |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
·Comcast
| reply to DaneJasper
quote:
Myers knows of no actual router viruses
Unlike PCs, routers use such a variety of OSes (and many of them are *nix based) that a general attack is difficult - plus being firmware based, all you need to do is powercycle it to remove the virus.
That, plus the very obvious fact that as a user of an open wifi you have no, 0, nada expectation of privacy, kinda makes this a "oh hey they got published for stating the obvious, great job!" kind of "discovery"
--
My place : »www.schettino.us |
|
ankh
join:2001-09-08
Albany, CA
| reply to ankh
Viruses? Proof of concept demonstration, apparently, done.
»technology.newscientist.com/arti···ses.html
(behind a paywall, but the teaser is free and usually gives enough info to Google for the news elsewhere)
---excerpt
Wi-Fi routers are vulnerable to viruses
* 22 December 2007
* Zeeya Merali
* Magazine issue 2635
The viral infection that began in Cambridge, Massachusetts, somewhere between MIT and Harvard University, failed to cross the Charles River into Boston; in California, the San Francisco Bay stymied a similar attack.
... Steven Myers of Indiana University in Bloomington.... knows of no actual router viruses, but says such a virus could steal credit-card numbers, make the router send out spam and block incoming security patches.
Routers close enough together to communicate - less than 100 metres apart - could act as a vast network for viruses. ...
----end excerpt |
|
ankh
join:2001-09-08
Albany, CA
| reply to ankh
Followup caution on lightning protection
(found at arrl.org,
»www.arrl.org/tis/info/lightning.html
discussion is for ham radios, but applicable)
------brief_excerpt------
"Ethernet network cable connections linking the amateur station to the outside world or the computer in another room must also be protected as apart of the protection plan. For 10 and 100 Mbit UTP (unshielded twisted pair) networks, the use of an ITW LINX protector for Cat5-LAN (four pair) cable is recommended. This protector is wired in series with the network using 110-type punch-down blocks and grounded similarly to other protectors.
For those radio rooms that have broadcast or cable TV, protection is similar to the coaxial protectors described above with the exception that the impedance of the unit is 75 Ω and Ftype connectors are used.
For single and dual-LNB DBS dishes the protector is required to have a very broad band-pass and pass dc through the coax center conductor.
GPS feed lines also are commonly required to carry a dc voltage.
A high quality protector will separate the RF from the dc and protect each to its own voltage and power specification.
I/O Wrap-up
Every line that penetrates the circle and goes to the edge of the page should now have an identified protector ....
"A word of caution -- many of the protectors on the market use modular connectors (RJ-11, -12, -45). While this is a great convenience for the installer, electrically this is a very fragile connector and common amounts of surge energy are very likely to destroy the connector by welding it or fusing it open. In addition, there are also issues of flammable plastic housings, ground wire characteristics, and printed circuit boards that allow arcs to the equipment side. |
|
ankh
join:2001-09-08
Albany, CA
1 edit | reply to ankh
Dane, can you go a bit more into what you as the ISP can see?
FON claims two separate channels, one secured to the user, the other secured only to other people who have FON accounts, and that FON can tell who's using each one -- and that lets them put a name to any legal risk caused by someone using the wireless.
I'm wondering what you actually see, from the ISP end, when someone has a FON device in place. Can you give examples?
Note I'm not questioning your business model concerns, I am just puzzling over how so many very big gorillas can be funding FON -- do they not care about squashing little independent ISPs? (Should I say 'shocked, shocked' here?)
Another way of putting it -- do FON, Google et al. think they have a different business model they're capable of simply imposing by encouraging customers to attach FON devices to DSL lines served by Sonic?
Or do they have any agreement with Sonic on the side?
If all you can say is "mmmff, mffff" I'll understand that.
On liability, you said all Sonic can see is the IP number of the home user, I guess that's the DSL line identification. So if the Feds come to you because someone's XXXing from a FON at my house, you send them to me.
Assuming someoned shows up saying you gave them my number, in theory, I point them to FON's claim of two secured lines, one for the owner, one for the WiFi traveler, and tell them to go talk to FON and get a warrant to search, what, FON's records first? But it'd be too late, they'd have a warrant to search my house because the ISP pointed to me, right?
(We're still hypothetical here, nothing personal (grin) and I'm still hoping to get a poletop unit, check yr email)
In the fantasy world, legally FON's claim sounds no more risky than what Sonic's offering, though I don't pretend to understand either the weasel, er, legal language or the tech. I'd welcome more comparison.
When some free ride user has been committing XXXity over Sonic's WiFi -- and the guv'mint wants to round them up -- is anything more known about them than their hardware's Ethernet identification and which Meraki they were near?
Sounds like the safer way to do bad things over free WiFi would be to buy cheap laptops and junk them after each use, I guess, the "disposable cell phone" trick writ large. |
|
ankh
join:2001-09-08
Albany, CA
1 edit | reply to ankh
Holy freaking *, have you looked at FON's clickwrap contract terms? I didn't find a thread about FON, it's tangential to this one but, egad!
This is worse than a tarpit, it's a black hole.
Don't go there, just looking at it is dangerous.
This Snark is definitely a Boojum.
»www.fon.com/images/media/en/en_p···ions.pdf
------excerpt-------
"11. Applicable Law and Jurisdiction
Both parties expressly agree that Spanish law will govern this Contract. Any dispute arising between the Parties relating to the interpretation, execution or elimination of these TCSG will be submitted to the competent Courts and
Tribunals to consider such matters as they apply to consumers, in the place where such obligation is to be carried out or the purchasing party's place of domicile. If the purchasing party is domiciled outside Spain, both parties agree without exception to submit to the Jurisdiction of the Courts and Tribunals of the City of Madrid (Spain).
12. Miscellaneous
12.1. The Customer can find all information relating to the provision of the FON Service, details of product Offers and information at: www.fon.com.
12.2. FON advises its Customers that accessing the file containing the electronic form of the contract constitutes proof that they have entered into the contract.....
-------end excerpt------- |
|
ankh
join:2001-09-08
Albany, CA
| reply to DaneJasper
In today's email:
____________________________________
"Your €/$10* FON router here!
GET YOUR FREE FON WiFi ROUTER
Happy holidays and best wishes for a WiFi New Year from FON!
*Shipping costs and sales tax included. This Promotion is limited to the intended recipient of this email and is valid until December 31, 2007. Any use of this Promotion by anyone other than the intended recipient will be immediately cancelled and declared void."
--------------------------------------
---So, repeating earlier question, this system is widespread now, all over my area. Across the Bay in San Francisco they've been giving them away lately.
One of the websites I quoted earlier mentioned Sonic in connection with FON, not very clear what they meant.
I asked if FON is doing something like setting up Sonic (or other?) DSL points on poles around the area -- have they got a business model that will get local ISP cooperation?
I understand why most ISPs won't like FON, and may go to rules against sharing, but -- what the heck _is_ going on out there? And how do you really feel about it?
Is the real end point here to be able to charge by the bit instead of a flat monthly fee, or are they going to charge nothing and make money on volume by advertising? |
|
DaneJasper
Sonic.Net
Premium,VIP
join:2001-08-20
Santa Rosa, CA
clubs:
| reply to ankh
Yup, it'll work, just hopping off the unit that's indoors. Another option would be to use one of these - cheaper than the solar add-on, and provides protection:
»www.hyperlinktech.com/web/data_l···tors.php
Just need to make sure they pass all eight wires, so the DC power gets there as well as the data.
-Dane |
|
ankh
join:2001-09-08
Albany, CA
| reply to DaneJasper
Okay, assuming I get a poletop unit -- I'm on enough of a hill it's likely worth the higher power for coverage.
Does it make a difference putting it up with only power, so it's picking up the signal from the little internal unit already in place, vs. giving it its own ethernet link? (the switch you provide has my router and the indoor Meraki unit and two empty ports now).
I ask because eventually, it'd be nice to have it with a solar panel/battery and no wires at all -- to avoid any path capable of leading a hypothetical lightning bolt into the home electronics and power system.
I know, low risk.
But a friend just lost his whole home solar system to a nearby lightning strike, fried it all, and I'd feel better with no wire (or a very professionally protected wire) going to a poletop unit, if it doesn't degrade performance for it to be getting its signal via the smaller indoor unit.
Or, advice on proper protection. |
|
DaneJasper
Sonic.Net
Premium,VIP
join:2001-08-20
Santa Rosa, CA
clubs:
| reply to ankh
said by ankh :Ah, but you've added a Sonic sticker covering it up! Is it one of the numbers that's also printed on the labels on the outside of the box it came in? Ya, we did that because Meraki made a design boo-boo - the unit has suction cups and could go in an outside window for best coverage, but then someone outside the window could view the serial number! Doh!
-Dane |
|
DaneJasper
Sonic.Net
Premium,VIP
join:2001-08-20
Santa Rosa, CA
clubs:
| reply to rsempell
said by rsempell :dane, i have been reading these posts, and this is a great idea. I live in the downtown area of Eureka ca. i dont know how many customers you have up here, but anyways i think i could maybe host one. ![]() View Larger Map We'd love to see EVERY DSL customer with one of these gateways, that would provide some amazing coverage. 
If you have Sonic.net DSL, you can sign up for a 1/2 price Wi-Fi access point kit at »www.sonic.net/wifi/
-Dane |
|
ankh
join:2001-09-08
Albany, CA | reply to DaneJasper
Ah, but you've added a Sonic sticker covering it up!
Is it one of the numbers that's also printed on the labels on the outside of the box it came in? |
|
rsempell
join:2004-12-28
Eureka, CA
| reply to DaneJasper
dane,
i have been reading these posts, and this is a great idea. I live in the downtown area of Eureka ca. i dont know how many customers you have up here, but anyways i think i could maybe host one.
![]() View Larger Map |
|
DaneJasper
Sonic.Net
Premium,VIP
join:2001-08-20
Santa Rosa, CA
clubs: | reply to JohnInSJ
Yup, you can SSH into the device - the serial number (printed on the bottom) is the password. Don't break anything.
-Dane |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
·Comcast
| reply to ankh
said by ankh :and, um, any worry related to this? "... LinuxDevices gleaned a few intriguing details with help from a reader who purchased a Meraki Mini. An undocumented back door enabled him to ssh in, using the device's serial number as the password, he said. ..." » www.linuxdevices.com/news/NS4963484100.html Haven't tried sshing in, but not only would you need to know this info in general, you'd need to be able to physically get to the mini, so you could flip it over and read the serial number.
Seems like a fairly low risk, even if sonic didn't change this (or it hasn't changed in Meraki's base image.)
But now I will have to try it on mine |
|
ankh
join:2001-09-08
Albany, CA
| reply to ankh
and, um, any worry related to this?
"... LinuxDevices gleaned a few intriguing details with help from a reader who purchased a Meraki Mini. An undocumented back door enabled him to ssh in, using the device's serial number as the password, he said. ..."
»www.linuxdevices.com/news/NS4963484100.html |
|
ankh
join:2001-09-08
Albany, CA
| reply to DaneJasper
Ok, email sent. But I made the mistake of reading on elsewhere, and now I"m really confused. This happens ...
Meraki's giving away gear in SF
»sf.meraki.com/
and
Sonic is rolling out a Meraki-based system in SF, according to this page, or was last month
»www.dailywireless.org/2007/10/07···he-cost/
I'm not sure if this is one and the same, or two competing systems, and wonder if Sonic's hardware is different, or flashed differently, or ... what?
There's a mesh standard coming, with which Meraki hardware won't conform? and
Meraki's open source? or was, isn't any more?
»www.ctcvista.org/node/649 |
|
