[OpenWireless Tech] A small question about tracking

"Andy Green (林安廸)" andy at warmcat.com
Sun Nov 4 22:50:10 PST 2012 

On 11/05/12 10:14, the mail apparently from Christian Huitema included:

Hi -

> That might work for laptops, but that feels rather hard to implement on
> a smartphone. And it seems a bit far from the model of “open wireless.”

No VPN-only is perfectly consonant with "open wireless".  The wireless 
part can then be literally open in a way it daren't be without it.

If you look at captive portals in WLANs, where you are not given service 
until you click through in a browser, your phone now signals to you that 
you can get a connection by doing that even before association.

This can be handled the same way

  - one-time, put pre-shared key in your home router
  - one-time, setup VPN to your home dynamic DNS with pre-shared key

then when roaming

  - phone says there's a VPN-only AP available
  - click notification, associates, select VPN to use if more than one, 
if only one set up immediately use it

> Can’t we think of a solution that does not require the visitor to do
> anything special? A true “open wireless” should mean just that, click
> connect and be there.

See above, when connecting this is less hassle than a captive portal 
clickthrough.

-Andy

> *From:*Natanael [mailto:natanael.l at gmail.com]
> *Sent:* Sunday, November 04, 2012 6:09 PM
> *To:* Christian Huitema
> *Cc:* tech at srv1.openwireless.org
> *Subject:* RE: [OpenWireless Tech] A small question about tracking
>
> I did suggest a possible solution before - allow access to only one IP,
> specified vy the client. Maybe some kind of VPN detection too.
>
> In other words, we ask the client to specify what VPN it will use and
> limits it to that one.
>
> If he has none, we can provide tunneling to a 3rd party service that
> lets the user set up a VPN (listing paid ones along free low bandwidth
> ones and free-for-a-day VPN:s, etc). Then the connection resets and this
> time the user has a VPN to specify.
>
> Den 5 nov 2012 03:02 skrev "Christian Huitema" <huitema at huitema.net
> <mailto:huitema at huitema.net>>:
>
> Germany definitely puts the onus on the router owner, and it is not hard
> to imagine other European countries following Germany’s example in the
> future. It is also not hard to imagine “the police”  conducting a smear
> campaign against open wireless with that argument. At a minimum, that’s
> a point that should be discussed in the FAQ.
>
> I did actually study the scenario in details when I was in charge of
> Wi-Fi development for Microsoft Windows. We looked at the various
> objections to connection sharing, which we wanted to make easy. Most
> could be solved convincingly, security of the local provider network,
> bandwidth utilization, security of the visitor using the open access.
> But the accountability issue was really what prevented the vision of
> “free, open network.” The best we could do was “almost free,” i.e.
> requiring some kind of explicit registration.
>
> The VPN is an interesting mitigation, as it shifts the burden away from
> the local provider. But how would we implement that exactly? With a
> filter on packet type? With a “white list” of accepted VPN provider
> addresses?
>
> *From:*Natanael [mailto:natanael.l at gmail.com <mailto:natanael.l at gmail.com>]
> *Sent:* Sunday, November 04, 2012 5:48 PM
> *To:* Christian Huitema
> *Cc:* tech at srv1.openwireless.org <mailto:tech at srv1.openwireless.org>
> *Subject:* Re: [OpenWireless Tech] A small question about tracking
>
> This has been dealt with before.
>
> Only very few countries put the responsibility on the router owner. And
> you can route everything through Tor anyway. We might also let router
> owners require VPN:s.
>
> Den 5 nov 2012 02:40 skrev "Christian Huitema" <huitema at huitema.net
> <mailto:huitema at huitema.net>>:
>
> I love the idea of open wireless access, but I have a what if question.
> What happens if someone uses my open access point to connect to the
> Internet and commit some sort of crime? Isn’t the police going to trace
> that back to my home, and accuse me of doing it?
>
> -- Christian Huitema
>
>
> _______________________________________________
> Tech mailing list
> Tech at srv1.openwireless.org <mailto:Tech at srv1.openwireless.org>
> https://srv1.openwireless.org/mailman/listinfo/tech
>
>
>
> _______________________________________________
> Tech mailing list
> Tech at srv1.openwireless.org
> https://srv1.openwireless.org/mailman/listinfo/tech
>

More information about the Tech mailing list