Linuxcare Founders Go Wireless

LinuxCare founders Dave Sifry, Art Tyde and Dave LaDuke have started their second company: Sputnik. Basically, they have an ISO you can download that will turn a laptop with an 802.11b card into a wireless gateway. They also wrote a user-authentication scheme that reroutes all traffic to the gateway until the user logs in via a web form. This should sound familiar to people who stay in broadband capable hotels a lot. Using this authentication technique, the software allows you to choose who can and cannot use your gateway, and in you'll be able to charge strangers for access (with Sputnik handling the billing). This will likely get some isps a wee bit upset. NewsForge has an article detailing what they are doing. Update: Turns out the authentication wasn't written by Sputnik, my bad. They use NoCatAuth

Disclaimer: I've known these guys for a long time and am pals with them, so I waited until someone else (in this case Grant at NewsForge and the NYT) put something up independently about them before linking to them.

business model?

[nbvb]

OK, while I think this is some cool technology and is Linksys Done Right (tm), I have to ask...

In this post-dot-com era, where's the business model?

How do they expect to make money? LOTS of open-source software companies are making PLENTY of money these days, right?

Kudos to them for putting together what seems to be a really nice product -- I just wouldn't expect to get rich at this one.

Linuxcare -- the Clemens fastball down the middle...
Sputnik -- The breaking ball down and out that the Babe himself couldn't hit.

So where's strike 3 coming from?

--NBVB

Yeah

[jred]

I don't know if the ISPs will be pissed off or not. This seems like a fairly straight business deal. Running it from CD makes me wonder how customizable it'll be. They're planning to make money by charging roamers to connect, while letting their partners (w/ fat pipes) connect for free.

If anything, it should make the consumer broadband ISPs happy, since it restricts unauthorized use.

I don't know aobut this.

[citroidSD]

From the article I get the impression it seems like one could mistake this for one of those affiliate "scams." Let me get this straight, I set up a wireless node, and then I get paid for my bandwidth, or I can connect to other wireless sputnik nodes? Only problem with that is that my (and your) broadband providers aren't going to be to keen on the idea of me being a reseller of bandwidth, when I originally signed up as an end home consumer for DSL. I'm not harping on the hardware and code, that seems all nice and nifty, but the idea of reselling your bandwidth probably will not go over too well.

Re:Yeah

[bourne]

I don't know if the ISPs will be pissed off or not....If anything, it should make the consumer broadband ISPs happy, since it restricts unauthorized use.

That depends on who is running the gateway. If the ISP is running the gateway, great, happy ISP. If Joe Blow with a cable modem sets this up and allows anyone in the Sputnik network to use his connectivity, the ISP will be less happy.

Look at the Sputnik Sign Up [sputnik.com] page. Doesn't look like they're only planning on working with the ISPs...

(Arguably, this use would conflict with the "not-for-profit" clause of most high-speed internet access agreements. So the ISPs probably do have a leg to stand on. God knows they can't build a decent mail server, but they do know how to litigate...)

What a breath of fresh air.

[Exmet Paff Daxx]

Personally, I'm sick of the fact that I have two choices for getting broadband into my house: the Cable Monopoly and the Telephone Monopoly. What incentive do I have to follow their "User Agreements" when both of them are in violation of numerous antitrust laws? None. Look at Verizon: they beat every last CLEC to death, and now they've introduced legislation to "deregulate" the broadband market, which means "exercise monopoly power over".

So, now we have a tool. A way for one person to subscribe for DSL or Cable Modem service and share their connection with the entire neighborhood, who can provide kickbacks in the form of cash. With a properly configured distribution of this package, it's entirely possible to make your routing/NAT'ing of your neighbors traffic completely undetectable.

How's that for sticking it to the man? Illegal monopolies: This Is Your Wakeup Call!

Reselling bandwidth

[Anonymous Coward]

Reselling bandwidth this way is going to get a lot of people bumped off their Internet Provider. It's almost always one of the Terms of Service that customers can't do so. I would estimate that ISPs will just firewall people away from the Sputnik server that 'handles the billing.'

Or automatically close accounts of customers who access said server.

And what happens when..

[thesupraman]

..somone sniffing the network either captures your 'login' session, or simple takes over your 802.11 session?

don't get me wrong, this is a good thing in many ways, but 802.11 is suck a leaky system that ANYTHING based on it has an inherent problem, short of limiting all connections to authenticated ssh or ipsec connections.

802.11a/b/x is simple broken, and NO 'standard' ip connection routed over it can improve this, hwich is unfortunate, it's ONLY safe if you use a suitable encryption/authentication layer on top of it.

of course, the number of people who realise just how public all internet data is seems to be a very small number, let alone the number of people who realise that email is in effect a public forum, and should NOT be used to forward their credit card numbers.

the part about a simple setup for an 802.11 gateway is a good thing, it can be a pain to set up under linux, but hardly a revolutionary step.

Re:authentication...

[cgori]

that's a bridge-based way to look at it. imagine if all the routers were configured to route all the packets to the registration machine? Non-trivial with a typical hardware-based router
feature set (except for very high-end Cisco), but for a software-based device like this, pretty easy to categorize web traffic and forward/rewrite all internal http packets (or even just all IP traffic, pretty much stonewalling you in with little CPU effort expended). Then when you register on the page it sends some lovely token enabling routing from your IP and briding from your MAC.

Re:Hopes it takes off

[Forrestina]

i hope it fails.

here's why:
i am part of a free wireless community already, i founded one in my town. we, unlike sputnik are working with ISP's to work out what would be acceptable with them. so that we save money, and they make just as much, but most likely on less tech support costs.

sputnik isn't making any such attempts. they say at the bottom, please observe your isp's rules. bullshit, they're encouraging you to share your @home cable connection, which isn't allowed.

in doing this, they are going to make isp's lock down against connection sharing, and when any honest community wireless group aproaches them, they will already have a bad taste in their mouth.

another thing is, they are trying fairly hard to hide the fact that all their software is, is an installer for linux and NoCatAuth. (http://nocat.org), which is a GPL application for authentication.

so, here's to sputnik crashing and burning as fast as possible before they make all of us geeks out here trying to use our laptops in the park look like a bunch of swindling criminals like sputnik are.

Massive traffic requires a backbone.

[Christopher Thomas]

Wake up dude. Your missing the boat. We don't need ISPs anymore.

That's true if your traffic is local to your neighbourhood.

If you want to route traffic through more than your neighbourhood, though, you're going to run into problems. If the area you're routing traffic in is more than a few hops wide, you'll either be spending most of your bandwidth routing other peoples' messages, or you'll have to set up dedicated high-bandwidth links to let long routes bypass most users' nodes. Now if you have a network of these links... you have something that looks a lot like the existing backbone.

If you have a backbone to maintain, you have to charge for use of the backbone to amortize building and maintenance costs. This gives you a multi-level system where the people running the backbone sell bandwidth to people who locally redistribute the bandwidth.

Which looks a lot like the current system of multiple levels of ISPs.

ISPs exist for a reason. If you try to do away with them, you'll just end up having to reinvent them.

Detecting connection sharing.

[Christopher Thomas]

Not really a big deal when you consider that there is *no* way for them to know this is occuring... [...] None. Zip. Zilch. ZeRo.

Unless they just sniff packet headers and notice that you're web surfing while you're playing Quake. Kind of difficult to do that with only two hands and one pair of eyes.

Or unless they notice that you're viewing dozens of web pages per second.

Either way, they'd have a hard time *proving* you're up to something, but they can jerk your connection around under any number of pretenses on their end. If this becomes a big problem, believe me, they'll start squashing people who try this.

Re:Sputnik uses NoCat captive portal

[Dave Sifry]

That's right - we started with the great code that the NoCatAuth [nocat.net] guys wrote, and made some patches to do things like tunneling and use a more secure SSL-based username/password token method, and re-released the code back to the community. Go check out the NoCatAuth project - they're doing some great stuff.

Re:Apple Access Points

[Dave Sifry]

Thanks! We're looking for folks to help us in this effort as well - and we have a serious offer to any developer who helps out:

If you contribute code (a patch, a new feature, etc.) that goes into the standard release of the Sputnik Gateway, you get free roaming for life. (Whichever is shorter, yours or ours)

Join up on the developer list [sputnik.com], which is what we've got until the full-blown developer site is finished.

Local Tech Support?

[Rewtie]

OK, so, *when* it gets hacked, *when* it breaks, *when* it's down, *when* your laptop craps out, *when* Murphy comes to town...

Who's stuck with the tech support?

For that matter, who's stuck with the 'level 1' support issues?

I owned/ran an ISP for 4 years (sold out, blah blah)... the myriad of non-related tech calls are amazing... UFie Greg's life isn't that too far off the the real thing...

So, who gets that call? I've got a family and a day job, and a night job already... seems to me someone is missing a large factor here.

Good news / bad news

[Anonymous Coward]

As a former Linuxcare employee, I like this new venture because it's not likely to employ a lot of community people, promise them the planet and then go scrabbling for loose change under Sun's seatcovers. Good work boys, stay out of trouble.

However, I can't help but suspect that this is more likely to have a negative impact on community wireless networks than a positive impact. Charging for wireless, sort of the "anti-community" approach. On the other hand, if they're only targetting business users, maybe it won't have such a negative impact after all. They do say they've talked to ISP's about AUP. On the other, other hand, isn't this likely to encourage local ISP's to be aggressive about competing with community wireless to make a little money in a new market? Don't they have the option of altering their AUP's to leave community wireless out in the cold?

It's the usual slippery slope, boys. But at least you're not a major community road hazard this time around....