Technik News

Das Blog zu IT, Mobilfunk & Internet

Wireless

The real FON statistics – lies, manipulation or fantasy

von

On September 14th, FON launched the new version of their online mapping service, after several months of complaints from users that the service wasn’t up to scratch, and announcements stating the development team was working on the problem.

On a first look, the maps look really nice – they use Google Maps, by default in the mixed view, where you see a satellite image and an overlay of roads and placemarks. I will not bore you with the details, as it is better that you check them out yourself and make up your mind.

This post is not intended as a review of the service itself, but rather, a revelation of the real figures behind FON’s network – peeking under the layer of PR and flamboyance. Martin Varsavsky is always boasting about FON being the largest WiFi community of the world – in my view, this is not accurate.
During months, FON has been claiming to be a “movement”, with a marked communist image behind (the marching workers, the spray-painted logos, etc.). This movement was supposed to kill mobile operators, who currently oppress people with their sky-high tariffs. We could go into a long debate just on this topic, but lets move on. During all this time, FON has suffered untold problems with staffing, PR mini-scandals, shipping broken routers or taking weeks and months to even send them out, not replying to repeated requests to support@fon.com, and blatantly ignoring the public forums, where the community behind the movement was expressing its increasing anger and frustration.

The blinding truth – less than 3.700 routers online worldwide

Digging a bit deeper into the workings behind the maps, I have found that there is a method to run a query to retrieve all the hotspots in FON’s database, not just two hundred, or those in a particular region. If you want to see an example, click here. This is a query that will return all hotspots on the planet that have been FONing home during the last hour. It can take a little while to load, so be patient. Until a couple of days ago, results were returned in XML format, which has been dropped in favor of the new plain, comma-delimited format.

I predict that FON will not like the above link, and thus will try to either change the format of the php call, or add artificial records to confuse the application I have written to process the data. First, I wrote a simple application using RealBasic (having been a long-time Visual Basic acolyte, it is a welcome change, allowing me to code under Mac and Windows transparently) – source code here. A screenshot of a full run is shown below.

Application screenshot

Just from the details shown after the run, a few enlightening facts surface:

  • The highest user ID found is 92.192, but the total amount of processed records is only 55.384. I have to investigate a bit further, but it appears that in some cases, a record is stored twice, once holding the user type (Linus, Alien or Bill), and again holding the router mode (online or unknown). This is the reason why some people see both the orange dot and the green halo on their locations at maps.fon.com, and also the reason why at this time I cannot confirm that the real number of Foneros is 43.896.
  • There are only 3.674 routers online on the entire planet. So much for the largest WiFi community in the world. The other 7.814 are registered routers, from which nothing has been heard during the last hour. These figures have been checked a few times during the last few days, and they stay more or less constant.
  • Out of the entire user base, only 1.317 have become Bills. So much for milking one’s WiFi.
  • The highest router ID found in the results was 19.889, so if we add offline and online routers (best case scenario), then around 8.401 routers have never been registered, representing 42.2% of sold routers. Extrapolating this to the 1 million routers Martin wants to sell would results in a loss of $10.55 million!.

Looking at the per-country statistics (per-city could be made, given some extra time and coding), some curious details also stand out:

  • There are two registered routers in Afghanistan – but neither is online. Not surprising, considering the amount of explosives that have been dropped on the place.
  • China and Taiwan have 9 routers registered, but none online. Martin was blogging about his expansion into Asia, which looks rather bleak right now. 165 Foneros are registered however.
  • Germany and Spain have around the same number of registered routers, although Germany almost doubles Spain in the number of online routers.
  • The United States ranks third in number of registered and online routers, however, it holds the highest number of Bills (408). The next is Germany, with 237.

Finally, we can derive a few figures from these numbers. These are highly interpreted, and must be taken as theoretical extremes.

  • If FON sold one $3 one-day pass every day of the year on each of the online routers, it would make a gross income of $4 million. This is before tax and the Bill’s share where applicable. You at the back, stop giggling!
  • Making a wild assumption that each router’s signal reaches 100 people, FON would only cover 0.11% of Germany’s population of 82 million.
  • Boingo gives you access to 45.000 hotspots. FON has about 8% of that figure, and with location quality debatable – it is a fact most FON hotspots will not be optimized for even street-level coverage.

I believe it is time for FON to stop boasting about having the largest WiFi community in the world, and start concentrating on its real problems. And if they still don’t know what these are, they have a nice summary at the online forums. Besides, for spending 500.000 Euros per month, this is a pretty poor show, in my humble opinion.

Digi – an example of excellent costumer support

von

What do you do when you need to embed WiFi into a project really quick? You look for OEM modules – one of the best manufacturers being Digi. They make, amongst other variations, the Wi-ME, a small box that has a RTOS chip (it can be made to run Linux apparently) and the WiFi adapter, with a serial interface and GPIOs that go to your application. In essence, you can bridge a serial port to a TCP or UDP port and stream data to the internet, all without messy wires!

After looking at the ordering page, I duly contacted the spanish distributor Matrix. I needed two modules by this last Monday, and so I requested to have the devices shipped by Friday last week. It all turned out into one big mess, with vague excuses about not being able to ship due to warehouse problems, or that the proforma could not be generated – and so I could not pay, and they could not ship…to cut a long story short, I got the units on Tuesday.

It usually is not a problem to have a shipping delay, but in this case, I arranged a meeting with the mechanical engineers working on the project, in order for them to see the device and fit it into the 3D plastics project. They actually measure the parts, as they say working from datasheets can usually spell trouble, so ideally they would take them away after the meeting. Had Matrix simply said “we cannot send it until Monday”, I would have arranged the meeting on Wednesday – no worries. But, as it frequently happens, they wanted to look good, without having the solid ground under their feet to do so.

When a company makes a commitment, whatever it may be, it has to stick to it. And when the costumer calls, obviously pissed off at the poor performance and the mount of problems he has landed on, you have to be hellbent on fixing the situation. If the person answering the phone cannot handle the situation, he/she must be trained to transfer the call to someone who can.

What did I do? I emailed the CEO, Joseph Dunsmore. His email address is not published on Digi’s site, but if you look on the Management Team page, and scroll down a bit, Jan McBride’s email is displayed. It was a case of formatting Joseph’s name in the same manner as Jan’s email, send the diatribe, and wait. The next day, I got a reply from Joseph, telling me he would follow up the case with Digi’s Managing Director in Europe. Not three hours had passed, and I got a call from Digi’s top man in Spain, who was very supportive and understanding. By this time, I had been so smoothed over, that I really didn’t want to complain anymore! The conversation ended up very well, with Digi offering their full support on our development, and a visit arranged sometime next week.

Would I recommend Digi to anyone deciding about whether to use their products? Absolutely!


Downloading music over the SGAE’s WiFi

von

The SGAE (Sociedad General de Autores y Editores, or General Ass. of Authors & Editors), is Spain’s equivalent of the RIAA. I was rather amused by this video, where a couple of members of a TV show attempt and succeed at connecting to the SGAE’s WiFi network (it had no encryption enabled!), and download music – alledgedly pirated. They then add an extra twist by actually walking into the SGAE’s offices and asking to see someone, laptop in hand, saying they have just had an attack of good will and want to turn themselves in…

The audio is in spanish, but you will get the general idea even if you don’t understand the talk. My oppinion is that they shouldn’t have done this, as connecting to WiFi networks without the owner’s permission is illegal in most countries, Spain included – so they have actually provided potential prosecutors a perfect piece of evidence.

The Chumby – alarm clock? GPS navigator? no – WiFi device for $150!

von

Yesterday I read some news about Chumby, a new WiFi device being released soon, costing $150, and which looks like an alarm clock on steroids. It features a color screen, the ability to run widgets, hackable hardware, and a squishterface (just made that up, to try to describe the squeeze sensor that the soft case uses to provide user input).

The company behind the Chumby actively promotes hacking the product in any way you want, so this could become another Roomba, albeit cooler (yes, I know, the Roomba moves, so what!). I have signed up to try and get an early sample, let’s see if they consider my arguments.

A few words of constructive criticism – when creating an account, the country drop-down list is not in alphabetical order, so you spend quite a bit of time trying to find yours (US users will have it easy, as it is the default). Additionally, once the steps are completed, you are asked to enter the device ID and give it a name, after which you end up staring at a white page with the big black words: “Application error (Rails”. Whatever that means.

Microsoft Un-Wired – making WiFi easier to use?

von

I read a couple of days ago about an initiative by a small team of Microsoft coders to create a tool that will make managing WiFi connectivity easier, with features such as bookmarks, network management, a hotspot locator, and interestingly, a VPN solution.

On the surface, it looks like hotspot directories JiWire or WiFi411, but the VPN is what interests me. Currently, this is an expensive add-on service offered mostly to business users to secure their traffic while on public hotspots. If Microsoft can make VPN connectivity to secure traffic for any user, it would solve many problems, and give the Wall of Sheep at DEFCON a very hard time. My only doubt about this service is if and how much it will cost.

The blog entry talks about being in beta, and thus more features being in the pipeline, so this is one I’ll be watching with interest.

DEFCON 14 – A hacker’s paradise

von

I have just returned from a vacation, interluded by a couple of trips – one of them to DEFCON, the world’s largest hacker conference. This year, it ran at the Riviera hotel and casino in Las Vegas at the beginning of august.

There was plenty to see and do, from conferences as interesting as war-rocketing to an insight into the US-VISIT program, and it’s plans to implement RFID tags into the green visa waivers, or the 2D barcode receipts given out at airports.

I participated in the wardriving events, organised by Thorn, and which consisted of the Running Man and Fox Hunt competitions. Our team was led by Renderman, and we had some backup that put up some noise (fake APs, floods, etc.) to make the contest more interesting.

The Running Man started well, but unfortunately the other team tripped casino security by walking past their booth with a magmount omni antenna on each shoulder, a laptop, several WiFi cards dangling from their belts, a YellowJacket, and other gear – apparently, the IT guys freaked out, and they wanted the contest shut down. After the intervention of Ross and Priest, we were allowed to carry on, but limiting the search area to the venue, and not the whole casino. After the contest resumed, we found the Running Man in around 15 minutes, and won!

The second contest, Fox Hunt, consisted of a hidden WRT54G that was only on for 15 seconds every minute. One was supposed to locate the fox, connect to it, and change the SSID after brute-forcing admin account. 15 seconds to do all that is not a lot! So, our plan was to locate the fox….and make a run with it to a safe place, so we could kill the 15 second timer circuit, reduce the amount of RF leaking out and have a go at changing the SSID. The first part of the plan went well, but then the other team got slightly miffed, called Thorn, who in turn called us to go back to the contest table with the WRT so the other team could also have a go at it.

Interestingly, Thorn had taped the admin password to the bottom of the router, but neither team noticed it! In fact, the other team ended up brute-forcing the AP and changing the SSID. We contested that since when we removed and reapplied power to the AP, the SSID went back to its default, we had in fact won, but Thorn wasn’t having any of it. The contest was a tie, which was decided by the question “Who owns the OID 00:00:00?”, the answer to which is Xerox. We got it wrong, and so we lost. Next year we will be better prepared for sure.

Here are a few pictures from the event:

215968623_41bb4d0a52

Thorn and Renderman giving their presentation on the Church of Wifi, with CoWPatty, the WPA rainbow table generator, and the WRT54G mods, which included my WaRThog.

215972088_93d246f6a7

The war-rocketing guys, and their awsome rocket. I wonder how they got that thing past airport security.

219943777_5f1822fcfd

The WaRThog on the left, with two more of CoWF’s modified WRT54Gs.

219943269_35eee99859

If you used DEFCON’s wireless network to check your email, access your corporate network, etc., but didn’t use any form of security (VPN, SSH…), you are bound to be in the Wall of Sheep. It displays captured user names, passwords, domains and access methods – I actually had the two colleagues travelling with me show up here, even though I told them to not even open their laptops while at the con.

See you next year!