Wednesday, January 4, 2012

Wi-Fi Article Round-Up: 2012-Jan-04

A recap of interesting Wi-Fi and IT industry articles from around the interwebs.

Wi-Fi Articles:
Check out the brand new No Strings Attached Show (NSAShow) podcast for Wi-Fi professionals! It's an independent podcast created to focus on Wi-Fi industry topics. We  hope you enjoy it!
E01 – How to Become an RF Whisperer: "Welcome to episode 1 of the NSA Show Podcast! In this episode we take a look at some of the software tools used by some of the top Wireless engineers on a day to day basis."
WPS (Wi-Fi Protected Setup) is severely compromised due to weaknesses in protocol design.
Researchers publish open-source tool for hacking WiFi Protected Setup: "On December 27, the Department of Homeland Security's Computer Emergency Readiness Team issued a warning about a vulnerability in wireless routers that use WiFi Protected Setup (WPS) to allow new devices to be connected to them. Within a day of the discovery, researchers at a Maryland-based computer security firm developed a tool that exploits that vulnerability, and has made a version available as open source."
This impacts SOHO and consumer use and should not be of concern for most enterprises. I'm baffled why WPS would be used instead of a standard WPA Pre-Shared Key (PSK); the only reason I can conjure is that WPS doesn't require router setup of any kind by the user, which is probably simpler for some technically illiterate users. There is some raw data on the scope of potential impact (26.3% estimated) based on public wardriving data collected by Dan Kaminsky and WIGLE. An exploit tool is in the wild, having been quietly worked on by Tactical Network Solutions for over a year. WPS PINs can be cracked in 4-10 hours folks!
Also read the detailed paper submitted to CERTHome users should disable WPS if possible. A demo is available by Dan over at NCI.
White-space Wi-Fi, now approved (in one city, at least)!
Wireless CCIE, here I come!: White Spaces - new wireless space launched: "KTS Wireless is the first manufacturer of a wireless device to take advantage of the white spaces spectrum re-allocation for wireless communications. They have participated in city wide trials of white space usage in Claudeville, VA and Wilmington, NC."
More info is available over at Ars Technica and Engadget.
There are so many Wi-Fi predictions for 2012, but I like this one the best!
Ruckus Wireless Wi-Fi predictions for 2012: "Wi-Fi capacity will become just as important an issue as Wi-Fi coverage in 2012 and service providers will have to deploy Wi-Fi networks with the bandwidth to cope with highly populated and dense environments"
Also check out these Wi-Fi predictions by PC Magazine (consumer focused), and inversely a list of things in tech that won't change in 2012 by GigaOm (I personally like #10 - The MacBook Air is what you get, and you'll like it!).
Wi-Fi offload will be most successful with user-controlled Wi-Fi offload preferences (not carrier controlled)!
Kineto looks to broaden potential of Wi-Fi off-load: "The potentially more compelling new feature is Smart Offload,which allows carriers and end users to choose and prioritize traffic to be off-loaded to Wi-Fi according to the whether the hotspot they are off-loading to is public or private. That feature could help carriers and users avoid the off-loading of especially sensitive traffic to public hotspots where inconsistent performance may be encountered,while letting them automatically off-load all of their traffic when logged on to a reliable private hotspot."
Most of the discussion about carrier offload focuses on data traffic and so-called "seamless" offload which implies automatic connection control by the carrier. I think that is the wrong approach, as most Wi-Fi networks are private and connections should be visible and controlled by the end-user while maintaining ease of use through persistent preference settings in the device. Offload of voice, messaging, and RCS services could also provide a more compelling offload proposition for users, especially where cellular coverage is spotty even for voice calls.
DHCP has bigger implications on the performance and security of wireless LANs than you might expect. Find out why by reading this great blog post by Marcus Burton over at CWNP.
DHCP for Wireless LAN Clients: "poor DHCP planning for your network could have a significant impact on WLAN service availability. For that reason, and for troubleshooting problems that will inevitably arise, any WLAN engineer should know the three primary ways to manage DHCP in a WLAN: bridging, relay, and proxy. We spend a lot of time and energy improving our RF environments; it would be a real shame to let DHCP ruin client connectivity."
This has to be a first of some sort! Kuala-Lumpur is mandating Wi-Fi access in some city food courts. Operators must comply by April!
Eateries to offer Wi-Fi service in April: "THE requirement for restaurants and eateries in the city centre to be Wi-Fi ready will be enforced by City Hall as early as April."
Also in the "weird news" category, Japanese vending machines now offer free Wi-Fi hotspots. Japan always takes gadget-craze to a whole new level!
Japanese vending machine doubles as WiFi hotspot -- no purchase required: "Japanese company Asahi has just unveiled an advanced dispenser that's capable of doubling as a WiFi hotspot, so good luck getting through the mobs of leechers just to buy a soda. The machine sends out the internet waves free of charge and covers about 164 feet around it"
IT Industry Articles:
What should a healthy partnership between a vendor and a VAR look like? Here's one VAR perspective on the challenges and some potential solutions by Matthew Norwood.
You Never Mentioned Me To The Client: "How bad do you want people to sell your product? If you put all of the load on the partner or distributor, with minimal contribution from the vendor side, don’t expect to get mentioned to clients. That’s not a partnership. It’s a pyramid scheme."
A true look at spectrum holdings by the major U.S. cellular carriers is eye-opening! Verizon has a definitive advantage over AT&T. Clearwire is also in a good position if it can bring a solid solution to market.
Meet the spectrum bosses: "While AT&T was distracted trying to buy T-Mobile, Verizon Wireless quietly negotiated deals with the cable providers to buy up their unused SpectrumCo 4G licenses. The Yankee Group has prepared a nifty graphic that details the current spectrum holdings of the big boys in the top 10 markets as well as what Verizon could gain by buying up the cable operators licenses"
Michael Mace at Mobile Opportunity explains the real reason why WebOS failed: lack of a killer feature. Sure there were performance problems and some bugs, but that's normal for new operating system. It needed more time and patience to work out those bugs. But HP jumped ship too soon, and Palm never gave consumers enough reason to pick up the platform in the first place.
Mobile Opportunity: Why Web OS Really Failed, and What it Means for the Rest of Us: "Palm was not rich enough and HP was not patient enough to keep investing after the first versions showed a lot of flaws.  And more importantly, there was nothing compelling enough about either product to make people buy it despite those flaws."
Other Articles:
On the personal improvement, self-actualization front, read this list of 30 things you should STOP doing. There are so many good points in this article, that I won't call out any in particular. Just go read it!
30 Things to Stop Doing to Yourself: "As Maria Robinson once said, “Nobody can go back and start a new beginning, but anyone can start today and make a new ending.”  Nothing could be closer to the truth.  But before you can begin this process of transformation you have to stop doing the things that have been holding you back."
On the lighter side, I absolutely LOVE this!
John Lennon’s Imagine – WiFi Version
"Imagine there’s no interference
Clients with neg 60 RSSI
No wireless baby cameras
No end users with MiFi
Imagine all the mobile devices, supporting 11a"
Comic for the Week:
Siri strikes again!

Cheers (and happy reading)!


  1. Andrew, really appreciated your point [seamless Wifi roaming = carrier controlled]. All the messaging about bringing the reliability/security/seamlessness of cellular to WiFi is getting tiresome. It reminds me very much of Lucent's claims about bringing the reliability of their legacy PBX environments to IP networks when they and Cisco faced off over the converged corporate network back in the late 90s. We know how that worked out.
    This is one reason I prefer the SOWN proposal to the HS2.0 for authentication. SOWN mirrors HTTPS, while HS2.0 mirrors the legacy MNO authentication schemes.

  2. Also, offload (data, voice, messaging) should result in cost savings for the customers, not just the operators. I see the MNOs trying to build a walled-garden around billable hotspots (theirs or roaming partners), while the users cut right around them and start using more over the top services on wifi and cell data.

  3. Hi Dave,
    I don't think Hotspot 2.0 is tied directly to seamless offload and carrier control. It really depends on the handset implementation, which is largely controlled by mobile OS platform manufacturers (Apple, Google, Microsoft, etc.). I expect to see carriers lose even more control over the handsets, as evidenced by Apple's business model already.

    In addition, there are other use-cases for Hotspot 2.0 that don't involve carriers (that is simply the one most-often touted in press releases). It's really more of a framework for external authentication with any entity outside the network operator's control, and could leverage any number of public or private credential sources (think OAuth type services).

    The key lies in implementation to ensure user-controlled connections and preferences and roaming agreements on the backend. The next year will be interesting to see pilots of these types of services!


  4. Andrew, I think we're in agreement on the big picture. I believe .11u and HS2 will make the user experience much better. I also agree that the connection mgr implementation on the handsets will be key and hope they will focus on the user and not the carriers (ala Apple).

    My concern is with the AAA structure in HS2.0. I'd contend that it's much less about the first A (authen) than the third A (accting). Why do we need to authenticate a client to a home provider from a public hotspot other than for billing purposes? There are other ways to secure the airlink (SOWN being an example), and the other security enhancements (DGAF blocking, L2 inspect/filter) would still apply. There should be an auth-lite option within HS 2.0 IMHO.

  5. Hi Dave,
    To answer why we would want to authenticate and account (monitor) usage on public hotspots, it's all for the analytics that will help hotspot operators better understand their customer demographics and improve product assortment and marketing promotions.

    The benefit of an identifiable customer versus an anonymous customer is the benefit to the business. As with everything, the businesses involved must derive business value. Unfortunately, SOWN only provides value for the user not the WLAN operator. Therefore, it's less attractive and there is no incentive to build a solution on that business model.