headermask image

header image

My Response to the Whisher Folks

I love the blogosphere. It’s a conversation. Lately, it’s been interesting. Today, I am responding to Mike Puchol at Whisher on my FON vs Whisher posting:

Thanks for sharing your concerns about Whisher, but I believe your analysis is not accurate in some aspects. First, Whisher works on top of FON, that means, you can share your Fonera with others through Whisher. That a few hackers can open the Fonera and reflash it does -not- mean the thousands of non-technical users out there will be able to do the same.

The Linksys routers that FON originally sent out are, in fact, very easy to hack. Just load new firmware. The LaFonera routers are a little more difficult, from what I’ve read.  I have no doubt that the FON hackers will find a way to make that process a little easier. I certainly don’t need to hack a FON router except as a curiousity–I have more than enough WiFi access points already.

My understanding was that the service required WEP/WPA, which at least my Linksys FON router won’t do. I believe the new LaFonera routers support dual SSID and thus would support the possibility of Whisher. I did order a new LaFonera to confirm that for sure.

1. Whisher is a LOT more than a WiFi finder/IM application. It offers controlled WiFi sharing, and more information about the signals present than any other application out there, such as average signal strength (useful for finding the best spot other people connected from) and availability. On top of that, file sharing over WiFi is also available, meaning you can transfer large amounts of data in very short time, and we made it as easy as drag & drop. It offers IM, of course, and this will improve over the next few weeks with some nice extra twists - but the you also get instant presence information about who is connected to the same WiFi as you are. Shall I go on? :) Geolocation of your buddies, local services that can be customized on a per-hostpot basis…

Knowing who is connected to the WiFi and providing some control over that is useful. I believe you get some of that information via the FON portal, but I haven’t had any real users come use my access point since I am kind of in the middle of nowhere. Maybe they provide some control, but I doubt it.

Again, the file transfer, while I have no doubt it is fast and easy, is just not a compelling reason. Geolocation would be potentially interesting once a critical mass of Whisher-enabled hotspots is available, but right now, it’s just a curiousity.

2. If you don’t like to share your AP, then don’t. You can still use all the other features that Whisher offers. If you do decide to share, you can do so in a controlled fashion, either you are OK with everyone having access to your WiFi, or you share in buddies-only mode, whereby only those in your buddy list will get your key. If someone wants to have access, they just need to ask you to add them to your buddy list, it’s as simple as that. Finally, you can share in private mode, giving only your closest contacts VIP status, so not even your non-VIP buddies will be able to get in. Changing modes is basically clicking on a button - that is it, all done from the client.

Granular sharing is good, something FON lacks. However, I tend to either want to share with everyone or nobody. It’s a much easier decision to make, and doesn’t require software.

If you are worried about segregating your network from the public one, then just install a router with DD-WRT, which provides dual SSIDs, one you can share with Whisher in private mode, and the other in public mode. We have implemented a ‘master’ function, which is not yet available in the client, which lets you ‘pool’ access points, so that people connecting to any pooled node will join the same chatroom, have presence information, etc. about anyone connected on any of the other nodes. This way you could control both SSIDs with the client transparently. If you think FON is the only way to securely share WiFi, your analysis is not complete.

Actually, FON isn’t exactly sure either. Dual SSIDs, which supposedly the latest LaFoneras support as well as DD-WRT firmware on Links devices, isn’t the most secure either. In theory, if you somehow compromise the access point, you could potentially hop between networks. Even though the risk is fairly small, I don’t personally take it. I run two physically different access points–one with FON and one without. In fact, I plug nothing into the FON access point except for the occasional test PC. I have them connected to different Internet connections as well. Even if someone does compromise the access point, there’s nothing there for anyone to find.

3. Our business model is based on local & premium services, advertising, and other revenue paths we have identified. We don’t plan to charge for the client, or resell access. The are many incentives for using Whisher, from the philanthropist thought of free WiFi, to wanting to create a closed network with your friends & family, and making it easy to manage.

I do have to agree that making it easy to manage a closed network of WiFis is kind of a neat idea. Whether or not other people will think it’s a good idea remains to be seen.

You may want to work on creating a page or some documentation explaining to people how to more securely share their WiFi, and what place Whisher serves in that. A lot of people don’t understand what WPA is and why using WEP or no encryption at all is an exceedingly bad idea (NEVER suggest WEP, always suggest WPA). I had to educate a neighbor about this recently as I went over to her house to help with with an unrelated issue. She had no idea that people could be using her network without her knowledge!

You can do “Free” WiFi with FON as well. All you have to do is create a local login and password in your FON portal and add that information to your splash page. Then anyone can use it.

In any case, I will be watching Whisher. I will probably load it up on a PC and make one of my routers Whisher-enabled, just because I’m a nice guy. Whether or not I will want to keep the client on at all times remains to be seen.

If you liked my post, feel free to subscribe to my rss feeds

Money Making Options

Post meta

This entry was written by PhoneBoy and posted on 5 February 2007 at 1:08 pm and filed under connectivity, security, wifi. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment(Latest is displayed first) or leave a trackback: Trackback URL.

Share with others

Post My Response to the Whisher Folks to digg. Post My Response to the Whisher Folks to Reddit add to stumbleupon Google Bookmark myweb bookmark on del.cio.us newsvine Tailrank magnolia Furl co.mments shadows simpy blinklist

One Comment

  1. Hi again,

    I will try to go through your points, but not being numbered as before won’t help :)

    1. The Fonera does support dual SSIDs, and you can indeed tag your public, non-encrypted SSID and share your private SSID with Whisher. We are not either or with Fon, but rather ‘on top of’. We require WEP/WPA to register an AP, but you can tag any open one.

    2. Agreed on the geolocation being tied to good adoption, but that is the same with ANY venture. Even eBay must have had the very first seller who wondered what the heck he was doing there trying to sell something to nobody. Regarding the file exchange, this all depends on your usage pattern, on a university campus it could become quite popular. Fon only provides a log of who has been visiting your AP, but not much else.

    3. Regarding granularity - well in your case, you don’t require a Fonera either, if you want to share, just leave any of the APs open. Then, a Whisher user can come along and tag it to let others know you are sharing it :) We just tried to make the sharing experience easier, and if you look on the Fon forums, I believe you will find toying with hardware is -not- easy for the average user.

    4. Regarding dual SSIDs, security - your case is special, and please don’t tell me that the average Joe will follow your setup. I agree it’s the best in terms of security, and we actively promote and encourage that, but our target user is the übergeek -and- the regular user.

    5. We are working on documents to help out users in these topics, such as increasing security and taking precautions, and your suggestions to promote WPA are right and welcome. I have been involved in wardriving since the early stages, promoting exactly this sort of thing (I wrote StumbVerter, and co-authored ‘Wardriving: Drive, Detect, Defend’ –shameless plug!).

    6. I wonder what FON would think to the idea of putting the login details in the landing page, but it sounds neat :)

    7. You don’t need to keep the client running all the time, once it is registered, the backend takes care of the rest. The client is only needed to change settings, view local users, etc. You could go on holidays and however you chose to share would still apply - and if you were in buddies mode you could manage access remotely, no need to be physically present. Switching off and on your AP has no effect on your rights or usage of Whisher. With FON, you either share or you don’t play.

    I’ll welcome your comments and criticism here or via email, regards,

    2. Mike Puchol on February 6th, 2007 at 2:04 pm

One Trackback

  1. By Another Round with the Whisher Folks on 6 February 2007 at 10:46 pm

    […] like me have to say than FON is. This time around, I’m not going to respond to each point they brought up, just a couple that are worth bringing up: 1. The Fonera does support dual SSIDs, and you can […]

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

  • Admin