[OpenWireless Tech] The police came to the AP owner first, then sniffed the air to find real culprit​​

[Java Nut]

>> There is no "the VPN". Each client has his own private VPN server
>> somewhere he connects to. The AP operator does not provide a VPN server at
>> all, since he would be responsible for what it did, it would defeat the
>> point.


>You keep speaking like this is decided and that it is the only way. While
>it's a great idea, it's not the only way. Until you can provide a working
>example, stop bludgeoning the list with this way of thinking. It was
>requested that this list be a source of "I need help with X" solutions.
>Your words have merit, but I want to see results.


Both ways of using VPNs, Andy's and mine can have merits and are both worth discussing and the preference which to use will vary among AP owners.


Andy's approach of requiring every guest to go through their own pre-arranged VPN does eliminate all the risks I talked about for my own approach of making the open AP send all its traffic through a nonlogging VPN with clients connecting openly.  But as others have said, Andy's approach comes at the price of not creating fully open wireless.


>AFAIK nobody here has proposed the AP owner gains anything by offering 
>an open AP, but routing the traffic through a single VPN connection.


My interest is what is the safest (for himself) way an AP owner can actually offer fully open wifi where guests can connect directly without a password and without arranging for any proxy or VPN service.


If the AP owner successfully chooses a VPN that actually does NOT log, and the AP owner uses that VPN only for the guest traffic and not his own personally identifiable traffic, it seems to me that the AP owner achieves a significant degree of protection for himself against police mistargetting.


I am figuring the AP owner will NOT make himself an accomplice to any crime by merely routing all traffic or all guest traffic through a nonlogging VPN.  I am also figuring the VPN traffic going through his ISP would itself not elicit police suspicion.  Is there any jurisdiction that has a legal climate so bad that these two issues would become factors?


My setup will require two routers, as I said before, with a router providing private wifi connected directly to internet modem, then the second router with the open wireless would have the VPN configuration.  AP owner then uses private connection on first router for his own internet activity.


>What you are describing is *not* open wireless. It might have its own
>merits, but it isn't open. It would require every client device have
>this stuff set up in advance. That's never going to happen for the
>"everybody" this project hopes to serve (imho).


Perhaps the use of VPN from the AP router may be adequate if the AP owner decides that giving the convenience of fully open connections from the client point of view is a worthwhile gain for the price of subjecting the guests to technical or legal risk from each other's simultaneous activities.


>> I think that there may be some places left in this world where we could have
>> truly open APs, but they are certainly few and far between. Nevertheless, I'm 
>> not willing to give up on that possibility.


>> OTOH, I do think that the majority of people will either refuse to run an OpenWireless
>> site at all, or they will insist that it allow only VPN-secured connections. These
>> people might be in countries like Germany where there is clearly a very real legal
>> threat, or in places where the threat is less well-defined. But the fear of what
>> might happen would still keep the bulk of the potential participants away.


> The US is one of those not-insignificant few-and-far-between places.


While the US laws do not hold the AP operator accountable for what the guests do, the laws do NOT insulate the AP owner from being investigated, being considered a person of interest, or having their computer(s) and equipment taken or looked through during an investigation, nor do the laws always prevent misaction by overzealous cops, as cops can err.  Therefore, even in a relatively free place like USA, I feel some technical protection is merited for AP owners.


>FWIW, from some of my German friends, I understand that some operators
>of open wifi networks there tunnel their traffic to Sweden, where laws
>are less oppressive.


I would be for seeing more discussion about technical details on how to use VPN's (set up in open firmeares (DD-WRT, OpenWRT, etc) of routers, etc), and discussion of the details of which VPN services really protect the privacy and are worth buying.


>Are there existing dates to meetup and grow the project? I could provide 
>a space for 12-20 people in downtown SF.
>From my perspective the openwireless movement needs more ways for 
>volunteers to engage in all the un-sexy drudge work that makes movements 
>succeed.


>In the process I'd like to meet people who are developing OpenWRT, maybe 
>discuss exciting upcoming stuff like 802.11u & 802.21 --


It would be nice for this to happen.  I am nowhere near SF though, and probably not quite savvy enough to do the heavy lifting, even though I have some (less than guru level) knowledge of networking and use DD-WRT in my own routers.
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/tech/attachments/20121128/9bb5c524/attachment.html>