dslreports logo
site
spacer

spacer
 
   
spc
story category
Want to Try the EFF's New Open Source Router Firmware?
by Karl Bode 08:29AM Thursday Jul 24 2014
As I noted last month, the Electronic Frontier Foundation (EFF) has been cooking up a new open-source firmware that the group claims will make it easier for users to more securely share their Wi-Fi connection. The EFF's new firmware is now available for download, though the group warns the firmware (based on the CeroWRT fork of OpenWRT) is a "work in progress and is intended only for developers and people willing to deal with the bleeding edge." If any of our numerous bleeding edge readers are willing to experiment with the firmware, we'd love to pay you to share your thoughts with the DSLReports community.

view:
topics flat nest 

HunterZ

join:2003-07-16
Kent, WA

1 recommendation

Only for WNDR3800

I wish the news articles would bother researching enough to be able to mention that only WNDR3800 routers are supported at this time.

Also, this feels like EFF is just trying to get people in trouble with ISPs or the law so that they can make a big PR case out of their resulting misfortune.

I also wouldn't want creepy people parking outside of my house to use my WiFi.

Goliath2k
Premium
join:2013-12-28
united state

Re: Only for WNDR3800

said by HunterZ:

Also, this feels like EFF is just trying to get people in trouble with ISPs or the law so that they can make a big PR case out of their resulting misfortune.

Ooh good point, I hadn't really thought of this.

Plus, our main Internet connection is Sprint 3G, so I'm not really willing to share that with random strangers. The Verizon Fios guys can take this project on

morbo
Complete Your Transaction

join:2002-01-22
00000
Reviews:
·Charter

1 recommendation

said by HunterZ:

I also wouldn't want creepy people parking outside of my house to use my WiFi.

That is Comcast's new wifi business model. Millions of "free" hotspots...if you are a Comcast customer.
smcallah

join:2004-08-05
Home

1 recommendation

Re: Only for WNDR3800

Actually, if you know the technical details of it, it's not using "your" connection if you are a Comcast customer with this turned on.

Basically, the cable modems they use provision a separate "connection" from yours. Exactly like when they configure their VoIP product. It does not use the same "connection" as your data. It's basically as if a separate modem was plugged into your coax. It doesn't use your bandwidth or overlap with your traffic. The same as all of the other modems sharing the upstream and downstream in your neighborhood. They're all on the same coax when they reach the hub.
big_e

join:2011-03-05

1 recommendation

Re: Only for WNDR3800

They do however share the same WIFI bandwidth as Comcast is using a virtual SSID with the same radio as your private wifi connection. If someone else is using Comcast's vlan on your router from afar without trespassing on your property, your wifi performance will be reduced as the router will spend more time communicating with the weak signal at low data speeds. Wifi network performance is often hampered by the slowest device on the network.

Even 40 feet away outdoors, my the connection to my wifi drops down to a single spatial stream, so it is 65 Mbps tops instead of 150.

Connecting to my neighbors open Wifi, the connection drops down to single digits in Mbps. If I were to use their network, I would most certainly be hogging the radio time and impacting their performance.
BiggA

join:2005-11-23
EARTH

Re: Only for WNDR3800

It uses different SSIDs and VLANs and over-provisions and does some other tricks.

Anyone who can effectively utilize a 50/10 or faster connection is going to have their own modem and router anyways, so it's a non-issue. I actually used it the other day, and it wasn't that fast, but it worked OK. I don't think it's going to be very successful, and I think people will figure out how to cheat it (i..e use mom's account to get free wifi in apartment, but maybe I'm wrong.

Selenia
I love Debian
Premium
join:2006-09-22
Fort Smith, AR
kudos:2
Actually, I share WiFi. I use 2 separate VLANs on my main home built router so my local LAN is safe. I only allow port 80 and 443 to kill things like filesharing from my IP and just allow basic web browsing in a pinch. I use keyword filtering on that subnet to make it very frustrating to a passerby looking for illicit content. It passes through a squid server to allow caching and filter other protocols on the ports, such as proxies. People are also forced to use my caching DNS server that blocks ads and trackers on both subnets, redirecting to a 1 pixel gif image by it. Said subnet is set to a very low QoS as to not interfere with my activity or anyone in my house. The WiFi itself is served by a bridged DD-WRT router on the setup subnet, also using QoS so my guests can't choke each other out from using it from 1 person being greedy(provides the access on a different radio and channel from my own). Was a bit to setup, but I already had the necessary gear, some time, and consider it low risk with my filtering. It is not common anyways to have it used for creepy purposes, but I put in some protection against that anyways. Protection against P2P, check! Not interfering with my access as people can only use idle bandwidth and web browsing. Pretty fast for them though with squid. When I checked logs, the most traffic I see on it seems to be Twitter Not into social networking myself, but to each their own. So no, I don't want to try their firmware. My setup is safer and more robust.
bn1221

join:2009-04-29
Cortland, NY

Re: Only for WNDR3800

I could do this, but for $70 a year I just use Sonic Wall on my TZ215W to do it with less hassle.

Selenia
I love Debian
Premium
join:2006-09-22
Fort Smith, AR
kudos:2

Re: Only for WNDR3800

Was not much trouble. I use a very powerful homebrew Linux router out of some very economical parts but low power parts. Not too much hassle to setup. Then just add a few switches and APs I already had. The big part of the config was to put some restrictions on the guests(keywords, ports, QoS) and setup a cache and DNS for everyone for performance.

HunterZ

join:2003-07-16
Kent, WA
Sounds like a lot of effort.

Also, does your router have two sets of 802.11 hardware, or are you having it do some kind of time splitting thing that degrades performance?

Selenia
I love Debian
Premium
join:2006-09-22
Fort Smith, AR
kudos:2

Re: Only for WNDR3800

As I said, I setup an old DD-WRT router without NAT that I was no longer using anyways for the guests on a separate channel from my own 2.4 GHz channel(though most my devices are on 5 GHz now except a couple oldies). That is one reason I like my setup better than this firmware besides the control and features my central router provides me. Most of my APs are consumer routers with OpenWRT and NAT disabled, so they are Linux based too. I just let my custom built router do the routing because it has much more CPU, RAM, and storage(things like local DNS and squid run right on it). Electric usage isn't bad as it uses an ARMv7 based CPU and all SSD storage. No fans needed even. The very minimal Debian install on it has ARM packages available straight from the repositories and runs very light.
amungus
Premium
join:2004-11-26
America

Why not

I'd give it a shot if it worked on an old WRT54G.

OpenWRT is (supposed to be) compatible, but I doubt this fork is. Might have time over the weekend to give it a try.

jap
Premium
join:2003-08-10
038xx

Re: Why not

said by amungus:

OpenWRT is (supposed to be) compatible, but I doubt this fork is.

Your assumption appears correct. CeroWRT & EFF's dev & target hardware for optimization/stability is the Netgear WNDR3800-100NAR N600 Gigabit router with 128MB RAM + 16MB NAND. A few versions of the Broadcom-chipped WRT54G boasted 32MB RAM but most in the field have 4,6,8,or 16.

Info on latest releases CeroWRT & DL links are here:
»www.bufferbloat.net/projects/cer···se_Notes