Technik News

Not much point to .mobi domains in the realms of Verizon, it seems – the New York Times reports that starting 2007, ads will be placed on sites that are accessed using their mobile phones. The Verizon Wireless release claims that certain types of ads and video clips will not be allowed, as they may not be compatible with the limited browsers found in the phones, but this is not very encouraging – meaning that they will allow video clips. Will this not hugely increase the amount of data used during browsing? I believe Verizon offers all-you-can-eat data plans, but if you are not using one of those, you could feel the pain. In any case, having to wade through a mobile website rendered on a tiny screen is hard enough as it is, with some devices not being able to cope with the amount of processing required, resulting in a very slow and frustrating experience. Add videos, which require much higher resources to be played back, and you have a recipe for disaster.

Leaving aside regulatory issues that may turn this particular setup into an illegal operation, I will better not describe the quality of the installation to be polite. Check out this picture:

Spotted the problem yet? Radio antennas are affected by any element that is present around them, even non-metallic elements, such as the ground. In this particular case, kanijo, a Fonero, has attempted to provide more “range” to his FON hotspot, which is in itself commendable, however, the means may not result in the desired end – original FON forum thread here.

You can see that the vertical omni antenna, a carefully tuned radiating element, has been strapped to a metallic pole, which also runs a coaxial cable into a TV antenna right on top. The router is inside a sealed plastic box, with power and Ethernet going into it from below. There is no way that this antenna is radiating correctly, as the pole that supports it is probably grounded (if it has been installed according to regulations), and even if it is not, it is inducing an imbalance into the tuned element, causing a large amount of RF to be attenuated. The user reports good results with it, which are most likely due to good luck.

The second problem with this type of setup is that vertical antennas don’t emit downwards, and thus will provide very limited coverage to users below the antenna. There is some downwards bleed of course, but it will only reach lower users that are some distance away from the antenna.

Recommendations for these sort of setups: install the antenna right at the top of its own pole, and ground the pole. If you have no choice but to use an existing pole, get a T arm fitting and mount the antenna at least 1 meter (3 feet) away from the pole. A perfect example of such as setup, in this case with two supports as the antenna is rather large and care for wind load is needed, is this (credit to Roger Halstead):

Check out Roger’s page, it is a very good read if you are interested in radio installations.

Reading an article in The Register by Bill Ray, he thinks the Apple iPhone will fail, actually, fail badly. I somewhat doubt his conclusions.

The main argument to support his analysis is that since network operators have to like the phone, then Apple has to do a good job convincing them. Remember the ROKR? It was rather a failure due to the fact it could only be loaded with iTunes music over cable, and thus mobile operators were left out of attractive data chargers levied when buying music directly from the phone. There was even speculation that Apple allowed it to launch on purpose, to protect their audio player market.
Where Bill goes wrong in my opinion is that the handset market is heavily controlled in the US, but not in Europe – go to any shop in the latter and you will have a very large variety of handsets to buy unsubsidized. Why? Because a lot of people value the ability to switch operators as they see fit, without having to enter into contracts involving their soul. In the US, there isn’t a culture of operator hopping, but rather of staying with one just to get a phone $50 or $100 cheaper.

One thing I have never understood is why people get themselves tied into a two year contract for a $50 saving. If they worked out how much they could save by moving operators taking advantage of special offers, they may think twice.

There is a very large number of paths Apple could follow, first, they have a nice distribution network with excellent shops placed in key areas, second, they have a large and loyal crowd of followers, who would probably not mind paying an unsubsidized device, and third, there are already a number of MVNOs and fixed-line operators that are willing to take a bite from the large networks. As for the subsidy, I wonder…are iPods subsidized by anyone? Apple costumers are used to pay for quality, and in my view, the iPhone will be no different.

The guys at Pobletewireless have been busy with the Fonera lately, and have now posted a step-by-step hack to add a DB9 connector that allows easy access to the built-in serial port, without having to make IDC cable headers and so on. [Link]

The hack gives access to the console, with which you can do all sorts of nice and interesting things.

Went to my local Vodafone store to pick up the new Huawei E220 HSDPA USB modem, which with a 49 Euro monthly contract gives you 1GB of transfer at 1Mbps maximum, and free mobile to fixed landline calls – pretty good deal if you ask me. For 59 Euro you get 5GB of transfer, at the full 3.8Mbps that HSDPA offers. These are theoretical rates, as they will depend on a number of factors, such as how many people are also using the same cell, your coverage and the quality of the link.
We can argue all we want about how convenient WiFi is, being omnipresent et al, but in reality, it’s rather hard to get connected while on the road. Let’s examine the following scenarios, and you tell me the chances of getting connected over WiFi:

• Riding the train or bus home.
• Getting a lift from a friend in his/her car.
• Opening your laptop at a random location (cafeteria, bar, etc. that you haven’t before scouted for open WiFi).
• On a plane, waiting for the next free takeoff slot that you hope the pilot won’t miss because he was checking the fatness of his wallet.

Let’s be honest – free open WiFi is great once you have identified the locations where you can get connected, such as a friend’s house or the local coffee shop. Other solid commercial alternatives make it easier to find WiFi, as they tend to be present at well-known locations. Walk into any Starbucks or hotel, and you’re bound to find at least for-pay wireless.
For me, on the 30 minutes to 1 hour it takes to get home on the train or bus, being able to get connected is great. The convenience of simply opening the Mac and getting online beats the guesswork of WiFi. I tried getting the Mac working with my Nokia N93 over Bluetooth, but it was just too unstable – one day it worked, the next simply refused to even connect. A more in-depth review of the device is coming, once I get a chance to roam about with it for a while.

So far, installation on the Mac was pretty straightforward, download the setup package from Vodafone’s site (they don’t tell you this in the manual), which then enables the modem as a networking device. If you don’t follow this step, it can get recognized as a storage device, which is not particularly useful for a modem. The one thing I don’t understand is why it comes with a miniUSB cable that ends in two USB connectors, my guess is it’s power-related (some USB ports don’t provide the full 500mA they are supposed to provide).

You probably remember the post I made regarding FON’s figures, and how much I thought they differed from reality. It got quite a lot of attention, particularly from detractors, and from Martin Varsavsky himself. Many comments were posted on my blog and some others, which pointed towards the fact that I am involved in a startup which supposedly is a clone of FON, and thus I was biased and in no position to comment on FON. To cut a long story short, Martin posted a rather vicious personal attack on his blog, which I answered, he counter-commented, to which I again answered, but he never conceded a bit.

During my investigations that led to the statistics post, I also discovered a serious flaw in the maps management system, which would allow anyone to re-position any FON hotspot and change its address without first logging into the user area.

All that was required was the node’s ID and the hotspot owner’s user ID, both easily obtainable from the public queries that maps.fon.com launches against the database where hotspot data is held, and which I used to gather the statistics. For a determined attacker, it would have been very easy to place every single FON hotspot right in the middle of 1600 Pennsylvania Avenue, Washington DC.

I could have very easily posted about this, but I refrained from doing so for a reason – while I do not work full-time in the IT security industry, I have done quite a bit of consultancy work in the past, related to IT security, particularly in the wireless field. This means that I am fully aware of the industry-approved vulnerability disclosure procedure, which can be explained simply as:

• Document the vulnerability, and inform the company about the fact that you have found it.
• Wait for an initial response, establish contact points, and work a schedule for fixing the issue.
• Work with the company to help them solve the issue.
• Once the issue has been fixed, make a public disclosure on both sides about the vulnerability, giving credit to the person or company that discovered it.

You can find more references to this policy at Microsoft’s Security Response Center, here and here. A PDF from oisafety.org also describes this process in detail. A perfect example on how not to do things is the recent disclosure of a code injection vulnerability, which allowed manipulation of FON’s routers without even having to open them – even though their points are valid, they should have given FON the chance to fix the problem before going public.

In this case, I contacted FON’s support email first September 27th, and received a response on the 29th. This was really generic, only wanting to know about the details, and not acknowledging the normal procedure as I have explained above. On October 2nd, I emailed them again, asking to confirm that they understood the procedure, and on the 3rd they replied that they agreed on following the procedure.

I started compiling the information I had into a working document, but after becoming so frustrated at the attacks received as a result on my post about the statistics, the decision was to simply let the issue go, forget about FON, and concentrate on my own project. A couple of days ago, browsing around for stuff to clean up on the laptop, I came across the half-written report, and decided to finish it and send it to FON support, with CC to Martin, just to close the case. I received a reply today that they have in fact fixed the vulnerability, with a short ‘thanks’ (actually, quoting his email in full: “thanks Mike, i understand its been fixed”) from Martin.

The public acknowledgement of the discovery posted by FON is found in this forum post. Only in the English forums, by a user created apparently for this particular purpose, as this is his first post ever, where it is not likely to draw much attention. This would be fine by me, had not there been the precedent of Martin’s fierce replies to my statistics post, followed by countless attacks by FON’s followers, including an unfortunate incident better left forgotten. What I really cannot understand is that, when I criticize FON, I get such a huge public lashing, whereas when I help them out, I get a three-line remark in a forum where it will go mostly unnoticed. The end result may well be that other vulnerabilities, and it is likely they exist, go unreported.

Whatever the case, this should show those who accused me of unfair, biased attacks on FON that I really just call the shots as I see them, when I smell bullshit, I will point to it, when I see a hole, I will help them fix it – again, IMHO, blogging is not about being or not biased, it is about being ethical and maintaining a set of standards. In my view, it should also prompt Martin to write an apology, but I am not holding my breath. Not that I care much either, what is most important is my work; this is my blog, where I spend part of my spare time, which is not actually that much.

Robert Scoble writes about whether having a decent WiFi connection at a conference is something that important, and concludes that if you can afford the $3500 price tag to get in, you can also afford a $80 a month Verizon mobile data plan. Ethan Kaplan thinks it is important, and I agree, but for different motives.
What Robert fails to appreciate is, that while Web 2.0 may be more US-centered in terms of visitor origin, there are many conferences where the bulk of atendees come from abroad. In this case, it makes little sense to get into a Verizon plan just for the few days when you are visiting. Roaming data charges (when roaming data connections such as GPRS even work, which I found impossible around California) are astronomical.

I am in favor of event organizers providing a good quality, solid and stable WiFi connection, even though it can be very expensive. An example was the WOMMA conference at the San Francisco Hilton, which didn’t provide WiFi, as the hotel wanted $20.000 to put a router in the hall. However, a compromise between the two postulates would be for Verizon to offer a rent-a-card service. Just like I pick up my car at Hertz for a week at SFO, I could also pick up a Verizon card, use it while moving about, and return it at the airport before leaving the country. I can already hear critics saying “but people would just keep the cards” – maybe, but what good would they be to them? Additionally, just like you have a retainer placed on your credit card when you rent a car, the same could apply to the card, if you don’t return it, Verizon actually could make more money!