[OpenWireless Tech] A small question about tracking
Natanael
natanael.l at gmail.com
Tue Nov 6 08:52:23 PST 2012
What do you consider unanswered? If you have read all my mails here, you
would know what I kind of system I propose.
Nothing is contradicting in fully automatic and preconfiguration BEING
AVAILABLE. Either you reconfigure or run with defaults.
Ok, so again, here it goes:
The user has a client that looks for WiFi Direct UPNP announcements for
compatible routers. The client either has a VPN preconfigured or not. When
it find a router, it checks what the terms for that router is. A
WPA2-Enterprise network has a customized authentication server linked to
the WiFi Direct service, and when the client has connected through WiFi
Direct, it's given it's own WPA2-Enterprise username+password.
If the router provides free access, the client use it's own preconfigured
VPN or a free VPN from a list of trusted VPN:s found in a trusted database
(maintained by EFF or similiar).
If the router only offers paid access, the user has to have a VPN provider
that has roaming/federation deals with whoever the router is tied to. If
the router owner has a deal with provider X, the client could use his paid
provider Y, who pays X who in turns pay the router owner. If there's no
direct deal, the VPN providers could both have a deal with an
interimmediate company.
When there only are routers with paid access and the user has no such
provider, the client can ask the routers for tunneling to a service that is
dedicated to allow the user to set up an account.
If you want to go online from a specific IP, then whoever controls that IP
range or has that specific IP assigned (please read my mails more
carefully) needs to be the proxy/VPN or somehow pass on the IP. A business
with a certain IP range that it wants to assign to users who connect to
their VPN, simply let the VPN access that IP range through it's network
routers.
What exactly are you looking for when it comes to IP:s? Because again,
whatever you suggest that this local organization would do can be done by a
VPN provider (depending on who that provider is, of course, so just find
one that fits).
---
Secure fully automatic devices? I think Yubikey would be relevant. Maybe
not what you are looking for, though. Why do you think it could not be made
secure?
On Tue, Nov 6, 2012 at 4:04 PM, Todd <Todd at chiwifi.net> wrote:
> I am ignoring the fact that you answer only half of my questions at best
> while ignoring the others,
>
> And you are constantly contradicting yourself, You just listed
> preconfiguring and fully automatic in the same email.
> They cannot be fully automatic and require configuration at the same time.
>
> You have not given a single technical detail as to how anything is
> supposed to work, all I keep hearing is "VPN,VPN,VPN,VPN" although you do
> seem to like the word "federation" as well. With no concept of how current
> authentication systems that are more complex then wpa2-personal work.
>
> Internet peering is not competition.
>
> Name one example of a secure fully automatic device.
>
> I am not even going to touch your paragraph on incentives, it *COMPLETELY
> IGNORES *everything I have said.
>
> and are you fucking kidding me ? A VPN can assign any IP address ? Let me
> just go ahead and bind the IP for google to my VPN so all internet traffic
> for google goes to my VPN.
>
> Nothing in your email has contributed anything to this conversation.
>
>
>
> Who runs this mailing list ?
>
>
>
>
>
> On 11/06/2012 08:52 AM, Natanael wrote:
>
> WiFi Direct? Have you read my suggestions on how that would work? You'd
> preconfigure the device to use a certain VPN or similiar. It then
> autoconnects to all WiFi networks that support the protocol and provides
> free access. Whenever paid access is the only option, the user can
> configure an account on the device with one of these providers that handle
> federation (the same way cell phone roaming works).
>
> Politics about which regions to prioritize for capacity, if anything
> should be blocked or not, etc...
>
> "Why would any last-mile ISP get onboard with their direct competition"
>
> They already are. Look into how internet routing works, such as peering.
> They already do these things, just not for WiFi.
>
> "No config needed devices" can be way more secure than configuration
> needed devices. It's all about secure protocols and smart defaults. If we
> make WiFi Direct enabled devices that can do this and set them to only use
> VPN:s, then how would one hack them?
>
> "This incentive system is pretty vague, first why does it need to be 100%
> automatic ? Even normal open wifi requires you to click on it. More to the
> point, it would be trivial to create fake hotspots in a fully automatic
> system and negate all security. Without the end user even having a clue,
> and even technically savvy users wouldn't be aware, because everything is
> automatic."
>
> I don't see your incentive system providing any advantages over mine.
> Sure, you'd have a local organization that builds infrastructure for an
> entire area. There's nothing different from my system there! My system even
> allows much easier cooperation between several local organizations
> providing infrastructure. Using WiFi Direct and custom secure protocols,
> the clients would automatically DENY connections to wireless networks that
> don't let them connect to a trusted VPN, and just try another network. No
> security loss!
> All you'll need to know is that if you configured your client to only
> permit secure connections, all connections WILL be secure!
>
> How does your system provide IP address management? A VPN can let an
> authenticated user use any IP for internet access that the VPN service has
> in their IP range. Using federation and all this, I don't see what the
> downside would be. Anything your system can do, mine can too.
>
> --- If everybody is thinking alike, then somebody isn't thinking //
> Stupidity is a renewable resource
>
>
> On Tue, Nov 6, 2012 at 3:16 PM, Todd <Todd at chiwifi.net> wrote:
>
>> On 11/06/2012 08:03 AM, Natanael wrote:
>>
>> I am saying that there will probably be too many of these portal thingies
>> and that tourists wants none of it (I'd like them to see everything in
>> their own language). Also, these portals are often incompatible with a wide
>> array of devices. And just consider anything without a screen.
>>
>> I am not aware of any common user devices that do not support getting
>> online via the captive portal method, yes, it requires you have the ability
>> to type words in, I don't know how you are going to browse the internet
>> without the ability o do that.
>>
>> For any devices without a screen, you obviously would need to configure
>> it before hand, which means you can create the account for it before hand
>> as well.
>>
>> So what about local politics? Don't think that would make it harder for
>> local cooperation in many places? Again, "simple" federating protocols
>> could be used, where it isn't the local organization that have to care
>> about that. For home users, it could even be a part of their ISP service.
>> Their new(ly flashed) router just tells the ISP it's a OpenWireless router,
>> and then the home user don't have to do *anything at all whatsoever* about
>> it. Other customers at that ISP are automatically given access, and the
>> rest would be given access through federation (they identify through their
>> own ISP like with OpenID), and the rest could be given limited free access.
>>
>>
>> What about the local politics ? This is a pretty vague question in of
>> itself, but I am going to assume you mean liability for the IP space ? If
>> so, easy, just explain the structure of the network and end with "so we
>> don't have that info" when replying to DMCAs, or are there different local
>> politics you are talking about ?
>> lastly, how would any of that be any different when using VPNs ?
>>
>>
>> Same for businesses like shops (I didn't actually mean that tech shops
>> could reflash routers - but hey, why not?). If we get the ISP:s on board,
>> then NO configuration would be needed. Just plug it in! Otherwise, the
>> router owner only have to pick a local organization that is managing
>> federation like this (maybe a different ISP? the local community?) and
>> register the router with it. Router upgrades? The router owner could allow
>> the ISP or other federating VPN provider manage the router automatically.
>>
>> Why would any last-mile ISP get onboard with their direct competition ?
>> Once again, "no config needed" devices are prone to getting hacked like
>> noones business. Lets not do that.
>> Other then the fact its an incredibly complicated and mostly unnecessary
>> process. Some configuration is inevitable for anything more complicated
>> then an standard client device (laptop) its foolhardy to assume that can be
>> relied on end users for. Or expect them to take their internet offline
>> untill they take it to the tech shop to get it upgraded. Org running the
>> WISP will need to come to them. Or do advance replacement.
>>
>>
>> My proposed system is set up so that the user sees nothing but already
>> automatically connected internet access or a notification that there's a
>> WiFi nearby that offer internet with certain terms (which is when the user
>> would register with one of these VPN:s or local communities).
>>
>> Again - whenever there is poor connectivity in an area, my system would
>> also provide incentives to build infrastructure there. Just enable paid
>> access on the routers there and very limited free access (but don't scare
>> the users away with the prices), and the router owners would get the
>> investments back. Then when the investments are paid back, free access
>> could be expanded (higher bandwidth and caps?).
>>
>> This incentive system is pretty vague, first why does it need to be
>> 100% automatic ? Even normal open wifi requires you to click on it. More to
>> the point, it would be trivial to create fake hotspots in a fully automatic
>> system and negate all security. Without the end user even having a clue,
>> and even technically savvy users wouldn't be aware, because everything is
>> automatic.
>>
>>
>> "Also IP addressing is a huge issue when working with anything larger
>> then home user. It is a bad idea to ignore the business market."
>>
>> And VPN:s could easily solve that. I don't see how your proposed solution
>> provides additional advantage regarding that.
>>
>> How do VPNs solve IP addressing ? All it does is move IP addressing.
>>
>> --- If everybody is thinking alike, then somebody isn't thinking //
>> Stupidity is a renewable resource
>>
>>
>> On Tue, Nov 6, 2012 at 2:16 PM, Todd <Todd at chiwifi.net> wrote:
>>
>>> On 11/06/2012 07:05 AM, Natanael wrote:
>>>
>>> 1: What about the free and open WiFi part? What about the "instant free
>>> connectivity" part? Seriously, there are people who can't figure out how to
>>> turn a computer on. The intent here is to enable simplified internet access
>>> for everybody.
>>>
>>>
>>> Are you saying that getting on the internet at starbucks, is just too
>>> hard ?
>>> I think teaching people how to use a simple webpage to get access the
>>> the internet should be the bottom rung, if you can't figure that out, the
>>> internet is better off without you. Think of it as a way to curb the
>>> extreme stupidity on the internet, BONUS!
>>>
>>>
>>>
>>> 2: So how WOULD one switch easily between these WISP:s? Wouldn't we
>>> replicate the issue with many carrier networks where we have 10 crappy
>>> networks with poor coverage on the same spot? Let ALL the routers always
>>> act together as one network, and that issue goes away.
>>>
>>> The WISPs would not be a block size thing, you would literally have to
>>> leave the city to run into that issue, also by setting it up so that large
>>> sections of the wireless bandwidth are used by individual orgs, you can
>>> have people actually work together and communicate, and not all use the
>>> same wireless band. So using this system there is no reason to duplicate
>>> efforts, if someone has setup this system already in the area, then join
>>> it. If not, the only other networks to compete with are closed home wifi's.
>>> Mine is also designed so that while the end user always sees wireless
>>> a,b,g,n the backbone can by any wireless band, thus sidestepping the
>>> bandwidth issue.
>>>
>>> If you want the system to be widely adopted, you will have to design it
>>> in a way that makes it ok for anything larger then a home users to run it.
>>> It is impossible to run a large network where every admin, is a home user.
>>> What happens when you need to upgrade a router but no way to contact the
>>> router owners ?
>>>
>>> Also IP addressing is a huge issue when working with anything larger
>>> then home user. It is a bad idea to ignore the business market.
>>>
>>>
>>> 3: Reflashing some routers and buying just a few new ones is easily done
>>> by shops and other companies. If all they have to do is set the routers to
>>> allow VPN only, then anybody can provide these VPN:s. If there's no
>>> coverage in certain areas, you could in fact persuade these VPN companies
>>> to put routers there. Or the local community. And with proper federation,
>>> we'd still be able to get it all to act as one network. Wherever there are
>>> WiFi networks already, we won't need to build anything new. Where there
>>> aren't, we can get other companies to build it.
>>>
>>> It is funny you should mention flashing routers by taking them to tech
>>> shops, I have never actually heard of that happening which is why I started
>>> a shop to do exactly that, but aside from my own, I have never heard of
>>> shops offering that service, can you provide any examples ? I am very
>>> interested in how others are doing it.
>>>
>>>
>>>
>>>
>>> I've already described before how I imagine this to work. Some will
>>> enable 100% free access, even if bandwidth limited and capped (max X MB per
>>> month). Some will enable 100% free access. Some will require payment, and
>>> then these VPN providers (maybe your phone company? They're used to this
>>> setup already for roaming) would pay the router owner and you pay the VPN
>>> provider. The VPN providers could offer some limited free access as well,
>>> and offer more bandwidth and higher quotas if you pay.
>>>
>>> --- If everybody is thinking alike, then somebody isn't thinking //
>>> Stupidity is a renewable resource
>>>
>>>
>>> On Tue, Nov 6, 2012 at 1:51 PM, Todd <Todd at chiwifi.net> wrote:
>>>
>>>> On 11/06/2012 06:37 AM, Natanael wrote:
>>>>
>>>> So you'd replace ISP:s with local WISP:s? And they wouldn't throttle
>>>> because...? And what happens to tourists and other tempporary bypassers
>>>> with no account? Also, how would one get anybody to pay for the
>>>> infrastructure in the first place?
>>>>
>>>>
>>>> There are a few free wifi's currently, If you were part of a
>>>> democratically run wisp, would you vote for throttling ?
>>>> If that local wisp decides to throttle, you think the users won't
>>>> switch to a new local wisp, or start there own using the same open source
>>>> software project ?
>>>>
>>>> as for who pays for it, I CURRENTLY have 1gbit uplink that is empty,
>>>> that's the equiv of 200+ comcast users.
>>>> I ALONE already have enough for 200 people, and one major metropolitan
>>>> area in IL has already approached me about my plan. Not to mention the fact
>>>> that something on this scale, once proven, is easy to get grants for.
>>>> Conversely I would ask, who is going to pay for the bandwidth of all
>>>> the VPN end points in your global system ?
>>>>
>>>>
>>>>
>>>> There are three main options:
>>>>
>>>> Global mesh.
>>>>
>>>> We already talked about how global mesh is impossible, mesh can only
>>>> ever work as a last mile solution.
>>>> aka *mesh does not scale.*
>>>>
>>>>
>>>> Using existing infrastructure plus VPN:s.
>>>>
>>>> Creating new infrastructure in parallell.
>>>>
>>>> Yes, create a new infrastructure in parallel or even replace the
>>>> current infrastructure directly. Both are possible.
>>>>
>>>>
>>>>
>>>> What if we do not want to create any new organizations that need to be
>>>> maintained? Do you think every local community will have the expertise and
>>>> skill to manage it? How do you think the local politicians will handle it?
>>>> Etc...
>>>>
>>>> We do not need to worry about creating any organizations. We only
>>>> need to create the software framework, other existing organizations will
>>>> adopt it. That is the point of turn-key open source.
>>>>
>>>> What do you have against increasing the number of sys/network admin
>>>> jobs ? The same argument was used for when people thought linux would never
>>>> become popular, its a non-arguemnt, if there is demand for more sys/network
>>>> admins, then more people will learn to be sys/network admins
>>>> Because its turn key opensauce software, there will be lots of
>>>> community support.
>>>>
>>>>
>>>> Actually, your plan could be replaced by our plan but where that
>>>> organization you propose instead is the one providing VPN:s.
>>>> Combined with my idea for "federation" of these, we could make this
>>>> work globally. Got an account with your community VPN provider? It will
>>>> work globally.
>>>>
>>>> The account sign up process is a wifi captive portal, you don't need
>>>> anything special to use the local wifi service (in this instance) so you do
>>>> not need a pre-exsisting account, just goto your country of choice and use
>>>> the wifi the same way you would as if it was a starbucks.
>>>>
>>>>
>>>>
>>>> --- If everybody is thinking alike, then somebody isn't thinking //
>>>> Stupidity is a renewable resource
>>>>
>>>>
>>>> On Tue, Nov 6, 2012 at 1:25 PM, Todd <Todd at chiwifi.net> wrote:
>>>>
>>>>> What do you think is more sustainable in the long run for world-wide
>>>>> free wifi:
>>>>>
>>>>> A) everyone is beholden to current ISP monopolies and politicians
>>>>> whim, as well as throttling, lets we forget comcast and sandvines, and
>>>>> assume they wont apply that to VPNs for some reason, and just use
>>>>> technology in innovative ways to dodge the grey areas of the law.
>>>>>
>>>>> B) create an open source, turn-key WISP that can be deployed for any
>>>>> size organization, and because its based on standards, if there are
>>>>> multiple networks in an area, they can merge users easily. Which also means
>>>>> that each org must be democratic or the users would just leave for one that
>>>>> is.
>>>>>
>>>>> Which in-turn makes last mile ISPs like comcat and att and verison and
>>>>> everyone else, obsolete.
>>>>>
>>>>>
>>>>> A) is the status quo, and already has tons of commercial competition
>>>>> B) does not exist yet.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> side note, unless you are planning to have the router owners pay for
>>>>> VPN end points, or are expecting the open wireless project to pay for all
>>>>> the VPN end points, then the only option that actually exists is VPNs to
>>>>> home.
>>>>>
>>>>> VPNs are not free, someone has to pay, the only question is, are you
>>>>> paying once or twice for that bandwidth.
>>>>>
>>>>> My incentivization scheeme does not have VPNs in it, so I do not need
>>>>> to worry about getting people to use them.
>>>>> It also does not expose the people who host the wifi antennas to any
>>>>> risk. In-fact it makes all users, including the tower owners, anonymous by
>>>>> default. Did I mention the free wifi part ?
>>>>>
>>>>> My plan has many incentives built in.
>>>>>
>>>>>
>>>>> On 11/06/2012 06:14 AM, Natanael wrote:
>>>>>
>>>>> What do you suggest then? Can you start going constructive here?
>>>>>
>>>>> VPN:s will NOT increase the total traffic on the routers as such. Moot
>>>>> point. VPN:s to the home will only at most double the user's traffic use,
>>>>> and that is just one of the options.
>>>>>
>>>>> Fon already use VPN:s too, and how on earth do you suggest we
>>>>> incentivize router owners to open their WiFi if they are liable for what
>>>>> the users does?
>>>>>
>>>>> We NEED these:
>>>>>
>>>>> Freedom from liability for router owners
>>>>> Easy access
>>>>> Widespread access
>>>>> Zero setup for usera, minimal for router owners
>>>>> Den 6 nov 2012 13:06 skrev "Todd" <Todd at chiwifi.net>:
>>>>>
>>>>>> What name did I call you ?
>>>>>>
>>>>>> Monster aggregate bandwith is meaningless if by design you double the
>>>>>> traffic required because of a series of criss-crossing VPN tunnels.
>>>>>>
>>>>>> Also it completely ignores the useability of the network in the face
>>>>>> of
>>>>>> not only very small upstream caps but also monthly bandwidth limits
>>>>>> imposed by ISPs.
>>>>>>
>>>>>> Also I would prefer if you answer my questions instead of deflecting
>>>>>> them by claiming I am name-calling.
>>>>>>
>>>>>> So I ask again, why should anyone give a damn if all you are doing is
>>>>>> trying to copy already existing and mature commercial offerings, and
>>>>>> making it more complicated and slow with throwing on some VPN ?
>>>>>>
>>>>>>
>>>>>> Also my mistake about the scale issue, I was thinking of the mesh
>>>>>> networking discussion. These conversations seem to constantly get
>>>>>> diverted in random directions.
>>>>>>
>>>>>> On 11/06/2012 05:59 AM, "Andy Green (林安廸)" wrote:
>>>>>> > On 11/06/12 19:55, the mail apparently from Todd included:
>>>>>> >> How is what you mentioned any different then already existing
>>>>>> projects,
>>>>>> >> like fon, which btw also does not use VPNs.
>>>>>> >>
>>>>>> >> So far you have suggested that this become massive enough to
>>>>>> include
>>>>>> >> hardware manufactures and for it to be world-wide but at the same
>>>>>> time
>>>>>> >> said these systems would not scale to city sizes.
>>>>>> >
>>>>>> > Hm? I never said anything about scale problems, this will scale how
>>>>>> > you like. There's millions of APs out there with monstrous
>>>>>> aggregate
>>>>>> > bandwidth.
>>>>>> >
>>>>>> >> Most importantly however is the fact that it makes no effort what
>>>>>> so
>>>>>> >
>>>>>> > It's easier if you say the most important thing first ^^
>>>>>> >
>>>>>> >> ever to change any portion of the existing internet, only the way
>>>>>> in
>>>>>> >> which people connect to it. It also does not it in any way impact
>>>>>> >> internet freedoms, instead it just shuffles around responsibility.
>>>>>> >>
>>>>>> >> So I ask again, why should anyone give a crap if all you are doing
>>>>>> is
>>>>>> >> trying to copy already existing and mature commercial offerings,
>>>>>> and
>>>>>> >> making it more complicated and slow with throwing on some VPN crap
>>>>>> ?
>>>>>> >
>>>>>> > Todd, calling something names isn't an argument.
>>>>>> >
>>>>>> > -Andy
>>>>>> >
>>>>>> >> On 11/06/2012 05:46 AM, "Andy Green (林安廸)" wrote:
>>>>>> >>> On 11/06/12 19:37, the mail apparently from Todd included:
>>>>>> >>>
>>>>>> >>>> Why should anyone feel responsible for giving anyone else
>>>>>> internet,
>>>>>> >>>> when
>>>>>> >>>> they are paying for out of their own pocket for it?
>>>>>> >>>> What do they get in return ?
>>>>>> >>>
>>>>>> >>> Well, the VPN thing is to try to reduce the "responsibility" to
>>>>>> zero
>>>>>> >>> and eliminate that downside.
>>>>>> >>>
>>>>>> >>> They can throttle the leechers how they like as well, and / or QoS
>>>>>> >>> them down so the real user never even notices them.
>>>>>> >>>
>>>>>> >>> I guess it boils down to if they contribute, and there's a useful
>>>>>> >>> critical mass, then they are free to "be the leecher" when they
>>>>>> need
>>>>>> >>> it. For example, if you visit other countries, roaming rates
>>>>>> make it
>>>>>> >>> insane to casually use Internet on your SIM.
>>>>>> >>>
>>>>>> >>> This way, you might get a reasonable facsimile of continuous
>>>>>> internet
>>>>>> >>> connection for receiving email etc as you walk around a city. Or
>>>>>> if
>>>>>> >>> you are stuck in a hotel with expensive Internet, if there are
>>>>>> other
>>>>>> >>> APs nearby you will be able to get by.
>>>>>> >>>
>>>>>> >>> Actually those are quite nice benefits that could appear
>>>>>> worldwide if
>>>>>> >>> this scheme took off. For that, it would be ideal if AP
>>>>>> manufacturers
>>>>>> >>> included the support and enabled it by default alongside the
>>>>>> regular
>>>>>> >>> WPA network so the AP owner's own traffic remains safe.
>>>>>> >>>
>>>>>> >>> And again the other part is that APs should be ready to be the VPN
>>>>>> >>> server for the owner when he is roaming.
>>>>>> >>>
>>>>>> >>> -Andy
>>>>>> >>>
>>>>>> >>>>> On 11/06/12 19:29, the mail apparently from Todd included:
>>>>>> >>>>>> On 11/06/2012 05:20 AM, "Andy Green (林安廸)" wrote:
>>>>>> >>>>>>> On 11/06/12 18:53, the mail apparently from Christian Huldt
>>>>>> >>>>>>> included:
>>>>>> >>>>>>>>
>>>>>> >>>>>>>> 2012-11-06 kl. 11:10 skrev Todd:
>>>>>> >>>>>>>>
>>>>>> >>>>>>>>> One thing note here is, most of the responses have been
>>>>>> solely
>>>>>> >>>>>>>>> about
>>>>>> >>>>>>>>> "protecting the router owner" via throwing on varying
>>>>>> levels of
>>>>>> >>>>>>>>> VPN. As
>>>>>> >>>>>>>>> far as I can tell, the average member of this list is more
>>>>>> >>>>>>>>> worried
>>>>>> >>>>>>>>> about their continued ability to pirate then providing
>>>>>> ubiquitous
>>>>>> >>>>>>>>> wifi
>>>>>> >>>>>>>>> which is very disheartening.
>>>>>> >>>>>>>>
>>>>>> >>>>>>>> I beg to disagree, IMHO this is about being able to convince
>>>>>> your
>>>>>> >>>>>>>> neighbor that
>>>>>> >>>>>>>> he/she can also share wifi without any immediate risks -
>>>>>> which
>>>>>> >>>>>>>> there
>>>>>> >>>>>>>> are, at least in Germany.
>>>>>> >>>>>>>
>>>>>> >>>>>>> Exactly, same in UK.
>>>>>> >>>>>>>
>>>>>> >>>>>>> Since the VPN story includes trying to get the client's home
>>>>>> AP as
>>>>>> >>>>>>> the
>>>>>> >>>>>>> server, going out on the internet with the IP in the client's
>>>>>> name,
>>>>>> >>>>>>> this has nothing whatsoever to do with 'piracy'.
>>>>>> >>>>>>>
>>>>>> >>>>>>> You can see for yourself that the very few open personal APs
>>>>>> left
>>>>>> >>>>>>> seem
>>>>>> >>>>>>> to mainly be so by accident (SSID of "Netgear", etc), at least
>>>>>> >>>>>>> where I
>>>>>> >>>>>>> live and travel your average router owner "knows" that
>>>>>> >>>>>>> unencrypted is
>>>>>> >>>>>>> dangerous even if he couldn't explain it in terms of his
>>>>>> traffic
>>>>>> >>>>>>> being
>>>>>> >>>>>>> sniffable, he could tell you it's dangerous due to
>>>>>> possibility of
>>>>>> >>>>>>> other people exploiting it to his detriment.
>>>>>> >>>>>>>
>>>>>> >>>>>>> To get people to make the other decision, to offer anonymous
>>>>>> >>>>>>> access on
>>>>>> >>>>>>> their IP again, there has to be a story that definitively
>>>>>> counters
>>>>>> >>>>>>> this perception, a reason why something changed and it is now
>>>>>> >>>>>>> safe to
>>>>>> >>>>>>> do so, and we might see (VPN-only) open APs become normal
>>>>>> again.
>>>>>> >>>>>>>
>>>>>> >>>>>>> The only story I know that would convince me is VPN-only,
>>>>>> since it
>>>>>> >>>>>>> directly counters the "but the bad guy might use my IP"
>>>>>> concern.
>>>>>> >>>>>>>
>>>>>> >>>>>>> -Andy
>>>>>> >>>>>>>
>>>>>> >>>>>>
>>>>>> >>>>>>
>>>>>> >>>>>> The "bad guy might use my IP" argument is completely irrelevant
>>>>>> >>>>>> if the
>>>>>> >>>>>> IPs are not being assigned by the large ISP (IE.. comcast, att,
>>>>>> >>>>>> verizon,
>>>>>> >>>>>> etc..)
>>>>>> >>>>>
>>>>>> >>>>> I am not sure what scenario you are imagining, but the guys on
>>>>>> the
>>>>>> >>>>> ground with compatible APs all around are exactly customers of
>>>>>> these
>>>>>> >>>>> kind of ISPs. If you look at your scan list you will likely see
>>>>>> >>>>> loads
>>>>>> >>>>> of WPA-protected private APs right now.
>>>>>> >>>>>
>>>>>> >>>>> If most of those normal people opened their APs for VPN-only,
>>>>>> because
>>>>>> >>>>> it was built-in to their APs, you could pretty much bank on
>>>>>> getting
>>>>>> >>>>> service whereever there was habitation, without any special
>>>>>> >>>>> provisioning activity.
>>>>>> >>>>>
>>>>>> >>>>> They already power their AP, have a live internet connection,
>>>>>> are
>>>>>> >>>>> close by, etc...
>>>>>> >>>>>
>>>>>> >>>>> -Andy
>>>>>> >>>>>
>>>>>> >>>>
>>>>>> >>>> _______________________________________________
>>>>>> >>>> Tech mailing list
>>>>>> >>>> Tech at srv1.openwireless.org
>>>>>> >>>> https://srv1.openwireless.org/mailman/listinfo/tech
>>>>>> >>>>
>>>>>> >>>
>>>>>> >>
>>>>>> >> _______________________________________________
>>>>>> >> Tech mailing list
>>>>>> >> Tech at srv1.openwireless.org
>>>>>> >> https://srv1.openwireless.org/mailman/listinfo/tech
>>>>>> >>
>>>>>> >
>>>>>>
>>>>>> _______________________________________________
>>>>>> Tech mailing list
>>>>>> Tech at srv1.openwireless.org
>>>>>> https://srv1.openwireless.org/mailman/listinfo/tech
>>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Tech mailing list
>>>>> Tech at srv1.openwireless.org
>>>>> https://srv1.openwireless.org/mailman/listinfo/tech
>>>>>
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Tech mailing list
>>>> Tech at srv1.openwireless.org
>>>> https://srv1.openwireless.org/mailman/listinfo/tech
>>>>
>>>>
>>>
>>>
>>> _______________________________________________
>>> Tech mailing list
>>> Tech at srv1.openwireless.org
>>> https://srv1.openwireless.org/mailman/listinfo/tech
>>>
>>>
>>
>>
>> _______________________________________________
>> Tech mailing list
>> Tech at srv1.openwireless.org
>> https://srv1.openwireless.org/mailman/listinfo/tech
>>
>>
>
>
> _______________________________________________
> Tech mailing list
> Tech at srv1.openwireless.org
> https://srv1.openwireless.org/mailman/listinfo/tech
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/tech/attachments/20121106/1415528f/attachment.html>
More information about the Tech
mailing list