The Blog


12 Dec 2002

A bit of research. If anyone's used one of the commercial hotspot systems, could they tell me what systems and ports were available? Maybe the question should be, did you try to use anything other than just web and if you did was it available? I'm thinking of IRC, FTP, SSH, NNTP, IMAP, Netmeeting, IM, and so on. ie anything not through a web browser. [from: JB Wifi]

[ G ] [ # ]

Reiter has got a detailed analysis of pricing and costs of WiFi hotspots with comment from Andy Syebold and Sky Dayton (of Boingo). Like him (and them, and the whole industry) I'm still trying to work out exactly where the added value is in running a hotspot or network of hotspots and so where the settling point is for price. One problem wiith this is the tension I've mentioned before between the Mom and Pop operation where WiFi inernet access is given away fro free as a loss leader and the commercial organization that needs all the infrastructure and hence has to charge "business" rates to cover their costs. One other issue is the lack of any obvious added value that can be used to justify "business" rates. So far I've only been able to find two both of which are threatened by other sources. The first is an email system that makes it possible to send and receive emails without exposing your passwords. The second is a VPN from the consumer's laptop to some secure point on the net. This is not to provide complete security because onwards from there would be insecure but it does at least make WiFi access no more dangerous than a fixed line into the internet. The threat to these as a business model justification is that they are both easily replicated using first or third party services from someone else.

Right now the WiFi hotspot market feels like the early days of cellphones. There's no market leader. There's no roaming agreements. There's wild variations in pricing. The BigCos are throwing capital investment at it in the hopes of grabbing all the land and mindshare. And the early consumer adopters are finding it very difficult to get through this and are making it up as they go along. What makes this interesting and which will make it play out rather differently from cellphones is the low barrier to entry at the bottom end and the lack of enforced regulation from government or national level bodies.

Given all this, it would be easy for me to recommend to the big players that a traditional approach of "business pricing", lock in and corporate deals is a dead end and a better approach would be to swamp the market with a dirt cheap, franchised model. And I have done this. But I also know that this is probably never going to generate the return measuring tens or hundreds of million dollars that they're looking for and so it's not an option. So they'll go down the easy well trodden path and in the process most of them will probably never get the return they're looking for and will have spent untold millions on capital costs in the process that they'll never recuperate.

There's also some marketing comment in the article. He points out that typical WiFi deals involve two parties. So we have T-Mobile linking with Starbucks or BT linking with Costa. The industry is young enough that there is a major element of education needed here. This means that the venue needs to be well stocked with information, signs and notices, knowledgeable staff and so on. Reality is that all too often there's one sign on the wall or a bunch of leaflets near the chocolate sprinkler station and that's it. So the marketing from the venue organiser is essentially failing. Now look at the web sites from the network organisers. The information is thin and often misleading. So that I'm not accused of bias (we have links with OpenZone) take a look at T-Mobile, Megabeam, and Openzone. I'm in the business and even I have trouble working out what their respective offerings are, what the risks are and what I have to do to connect up. Now imagine yourself into the shoes of their prospective customer. Say a moderately tech savvy businessman who spends a lot of time on the road. Are they going to be able to work it out, or deliberately seek out one coffee shop or hotel over another so they can use it?

This all reminds me of many many sponsorship and marketing deals I've been involved in over the years. All too often the deal is all that matters to both parties and little work is done afterwards by either side to make the most of it. It's as though both sides are expecting the other to do all the work. And where some work is done, it's passed down the chain of command to someone who is more interested in keeping their job than maximising return. A horribly cynical view, I know, but that's my experience.  [from: JB Wifi]

[ G ] [ # ]

We all should know by now that WEP is fundamentally insecure. But now it appears that Windows XP Wi-Fi access  makes it even less secure due to a complex set of interactions between XP and base stations.  [thanks, the INQUIRER] [from: JB Wifi]

[ G ] [ # ]

With all the talk at the moment of the next enlargement of the EU and whether Turkey should join, maybe it's time to ask what the natural boundaries of Europe are and just how big it should grow?

What if the EU mirrored the old Roman Empire? Let's set the borders as the Arctic to the north, Sahara to the south, Urals to the North east and the Persian gulf to the south east. That would mean admitting Morocco, Tunisia, Algeria, Libya, Egypt, Israel, Jordan, Saudi Arabia, Syria, Iraq, Kuwait, Lebanon, Turkey, Yugoslavia, Romania, Bulgaria, a bunch of Russian republics and possibly even Iran.

Well why not? I usually ask 1-2-5-10 years for these questions, but I think this time it better be 10-20-50-100 years. My feeling is that this is inevitable, so would you care to put a date on it? [from: JB Ecademy]

[ G ] [ # ]

Some examples of where Software Patents in Action are inhibiting software development. This is particularly relevant now as the EU is debating their approach to software patents and proposing an enlargement of what would be covered. [from: JB Ecademy]

[ G ] [ # ]


11 Dec 2002

Way back in the early days when the web was still a sparkle in TBL's eye, there were a merry band of people who called themselves Cypherpunks. Lots of good thinking and code was done on the basis that in the near future we'd all routinely encrypt everything and then send it through a maze of dead drop anonymizer servers so that our tracks could never be followed. And even if they were our communications were protected with military grade encryption. You can almost pinpoint the moment when the Scientologists brought down anon.penet.fi as the time when this stopped being relevant.

We got over all that paranoia because nobody could be bothered, and sniffing packets from physical ethernet was just too damn hard. So we arrived at a fairly happy medium where for most people SSL websites were enough to protect their credit cards. And only people like the NSA, Chinese government and BigCo fascist firewall administrators were all that interested in what you did.

But WiFi has blown this wide open again because suddenly sniffing packets is easy. The industry's response is to try and secure levels 1 and 2 with encryption to make the wireless packets as secure as a piece of cat5 or coax. IMHO this is doomed. WEP (wired equivalent privacy! Hah!) was broken quickly and I don't expect WPA to last long once people seriously start attacking it. The problem is that it's trivially easy to collect very large quantities of encrypted data. Which makes the code cracking an exercise in computing power and clever algorithms. And don't forget that some of the parties involved in WPA may have a vested interest in making sure it's not *too* good.

So without realizing we were doing it, we've now arrived back at the Cypherpunk Manifesto, where we're recommending end-to-end encryption. Initially we're talking about Wireless node to Trusted server and then plain from there on. This is the model of Email reader to Email server via SSL. Maybe this is the new settling point for "good enough" encryption. But isn't it just a short step from here to Email Reader to Email Reader with S/MIME or PGP? And private SSL web Proxy servers? What price Total Information Awareness when all Information is routinely encrypted and anonymized?

At which point I go off into a rant about the Verisign Pigopoly over Signed Certificates and the whole identity authentication thing of Passport vs Liberty vs PingID vs xxx. And probably another rant about perfect privacy vs perfect transparency. [from: JB Wifi]

[ G ] [ # ]

The magicians in the Google labs have cooked up two new services. Google search viewer which cycles through the websites that result from a search and Google webquotes which collects up to 3 quotations about each result in a Google search. [from: JB Ecademy]

[ G ] [ # ]

So now that Supernova is over, it's a good time to read the huge amount of output from the attendees. Imagine you put the A-List bloggers in a room, gave them all a power strip and WiFi and let them have at it and you get a little of the feel of what went down. Check out the official Blog and the trackback list of entries on individual blogs.

(Impression one: You wouldn't believe the typing noise. About half of the audience is taking notes, sending email, IMing or blogging...) [from: JB Ecademy]

[ G ] [ # ]

Joho the Blog: Supernova: Weblogs :
What percentage of people online will have a weblog?
Dave: Everyone.
Nick: Ten times as many people writing in public than in the world of print. And that's a big deal.
Dave: In 10 years, every member of Congress will have a weblog.
Mitch Ratcliffe: There's no point in arguing in what is or is not called a weblog. What matters is that more and more people are communicating in their own voice.


So what have you written today? And how long before every MP has a weblog? 1-2-5-10 years?

More Metablogging. The Online Journalism Review on the effect of cellphone cameras and weblog tech. And the meek shall inherit our bylines [from: JB Ecademy]

[ G ] [ # ]


10 Dec 2002

Scam alert: do "out-of-office" e-mail autoreplies help burglars? A report issued by UK-based Infrastructure Forum ("TIF") says spam-savvy thieves are using info from 'out of office' email autoresponders and cross-referencing it with publicly available personal data to target empty homes.  [thanks, Boing Boing Blog]

Amazing. Personally I really hate 'out of office' autoresponders and try and discourage people from sending them whenever I can. I also find it quite surprising that you could correlate business names and emails with home addresses but I guess that given enough work, it may be possible. [from: JB Ecademy]

[ G ] [ # ]


09 Dec 2002

So cool. Take a Mini PDA that sends emails and has a camera attachment. Create a web site that can receive these emails and embedde images and turn them into a group weblog and you get Hiptop Nation. One person took their hiptop on a Marathon and blogged while running.

Could we do this with the latest MMS phones with cameras in them? [from: JB Ecademy]

[ G ] [ # ]

Dec 24 2002 is World Sousveillance Day So remember to take lots of photos, MMS pictures, Webcam pictures and video of CCTV cameras. You won't have to wait long before live models appear for you to photograph. We'll be watching the detectives watch us, watching them, watching us, watching them. [from: JB Ecademy]

[ G ] [ # ]

SUPERNOVA Group Blog is up and already there's lots of good talk around the subject of de-centralization. This is a subject dear to my heart as I keep asking the same questions. For instance, what if every Ecademy member had their own website with it's own blog? What would Ecademy look like then? You can ask similar questions about PDAs and Cellphones. What if there were 100 times as many cellphones in the world, each with 100 times the power, a camera and all linked to instant update web pages? What if on the end of every broadband connection was a server shipping as much content out as the owner was sucking in? What if every broadband connection had a WiFi access point slung off it sharing the bandwidth? What if every SME and LE had a web service link to it's accounting package and stock control so that orders were placed, products shipped and general ledger reconciliations done without ever involving banks, distributors and other intermediaries? What if every CCTV was webcam? And if the powers of Awe and Boredom won;t let us do that, what if every CCTV had a webcam next to it? What if every phone was a webcam?

While all this is happening we'll still need aggregators and concentrators to help us make sense of it all. So Websites are de-centralized and democratized but that leaves space for Google both with the main search and with Google News. The challenge for us is to come up with end user tools to facilitate all this and interesting centralized tools that feed back into it and help us understand what's happening. And the best tools will feed back on all this and enable new forms of emergent behaviour. [from: JB Ecademy]

[ G ] [ # ]

The view from the dark side 802.11ninja.net has powerpoint slides from BlackHat 2002 on cracking WiFi. [from: JB Wifi]

[ G ] [ # ]


[ G ] [ # ]

Excellent article Wi-Fi Internet Access Is Hot, But Its Profit Potential Is Tepid :

One tidbit. With prices of Wi-Fi chips and networking equipment plummeting even as unit sales are soaring, the industry's revenues are not expected to top $3 billion - 1 percent of the worldwide market for telecommunications equipment - before 2006, according to Synergy Research.

I've been trying to understand hotspot pricing by looking at it from first principles. Iit's quite hard given the different bsuiness models and usage patterns. Even for hotspots aimed at causal users, there's quite a lot of tension there between loss leader services provided for free to attract more custom and paid for roaming services with a large billing and provision infrastructure. Meanwhile the only people making money are selling spades not mining for gold; the hardware manufacturers not the service providers. But as mentioned above, they are in a market with high competition and a rapidly falling price curve. And the product we ought to buy (triple standard 802.11b, a and g) isn't even available yet.

More on this later. [from: JB Wifi]

[ G ] [ # ]


08 Dec 2002

Indian Govt To Throw Open 802.11b For Rural Connectivity with help from the Media Lab and Negroponte. [from: JB Wifi]

[ G ] [ # ]

More on Cometa that suggests there may be nothing there at all, at all.Joho the Blog: Cometa Semiotics [from: JB Wifi]

[ G ] [ # ]


[ G ] [ # ]


07 Dec 2002

If you're even vaguely interested in WiFi (and if you're not why are you reading this? ) you need to look at Glenn's reports from the recent 802.11 Planet conference in Santa Clara. here, here and here. [from: JB Wifi]

[ G ] [ # ]

1 to 20 of 3530