FON Improves WiFi Log On
What would you think if each time you turn on your GSM/CDMA mobile you had to choose and setup the antenna you are loging in? Well that ease of use that allows our grandmothers to use the mobile is what FON is bringing to ALL wireless devices, Game Consoles, MP3 players, Wireless Phones, you name it…
Most of us internet users love WiFi (WLAN) but we are tired of going thru the whole list of Open, WPE, WPA, WPA-PSK, Semi-Open, networks with our PDAs or notebooks every time we want to log on. When we were not at home, we wanted to open our device and start surfing much as we do with our mobile phones. Fon is now deploying the largest wifi network in the world and now we have started addressing exactly this issue.
What is our solution?
We have developed a Smart Client that runs on wifi devices. This client uses previously stored Fon credentials (username and password) for auto-login to any fonera (fon hotspot). This Smart Client is being ported now to several Operating Systems and more and more Wireless gandgets will be now shipped with this Fon Ready Smart Client.
The operation is simple, once you get any of those Fon Ready devices you just need to input the FON key once and then you autologon for as long as your key is valid on that device. After that the Smart Client takes care of the search and selection of Foneras in range to log you in.
What is behind this feature?
We try to work always with open protocols that are free and available for the open source community to improve them. In this case we based our Smart Client and the UAM interface development on a WiFi Alliance proposed protocol, the WISPr, and we modified the protocol a bit for best fit Foneros needs.
The Smart Client running on the WiFi gadget searches first for a Fon AP at range and if it finds one then uses HTTPS with embedded XML code to initiate the Authentication process against the UAM Interface located in la Fonera. After an exchange of packets between Smart Client and Fon AP, the Smart Client directly sends its encrypted credentials to the Authentication Server. Authorization Server verifies that the credentials belong to a Fonero and then grants full access to the WiFi Gadget thru the FON AP.
This process, takes just a few seconds and allows the Fonero WiFi gadget owner to get connected seamlessly to any Fon AP at range.
We are actively working together with WiFi gadgets designers R&D teams around the world to implement this feature in a large range of devices so Foneros have more and more choices for their preferred Broadband needs.
We at Fon very much hope that within a year Nintendo DS, PSP, Motorolas, Nokias, Samsung, will adopt the standard. We have recently launch our first prodcut that functions with this open source standard, the Skype WiFi phone that we sell with the fonera.
At Fon we are determined to improve the two bad things about wifi, lack of ubiquity and log on difficulties.
Thanks Jordi Vallejo for your help in this post.
Posted on FON | 12:42 pm
| 
Comments(25)
| 
Trackbacks(0)
Share This
| 
E-Mail This
| 
Other blog comments | 
Digg | 
Reddit
Posted by Dan Berte - November 30, 2006 8:49 pm - #
Trackback on c*free blog - http://www.cfree.cyanad.ro/blog/
(The Return of the Holy Grail of WiFi)
Posted by johnes - November 30, 2006 9:25 pm - #
nice, waiting for client for nokia phones
Posted by Alan - November 30, 2006 10:03 pm - #
Martin,
This would be great. Speaking of being always open, you have released the open source code, but have not provided the key to allow us developers and hackers to add features to the firmware or change the firmware. Right now the Fonera is a completely closed and locked device, which is driving people very upset. Will you release the key or not?
The WRT54G has great software because it is open and not locked like the Fonera. Thanks!
Posted by Nkieto - November 30, 2006 11:18 pm - #
That’s would be great on Windows Mobile bases devices, like Pocket PCs.
Great idea Martin!
Posted by PanMan - December 1, 2006 3:43 am - #
That sounds like a good plan. But unfortunately, it will still require a client, which means some exotic hardware (SIP phones, music players, etc), especially those without a browser, will be left in the cold. Why not give Fonero’s the possibility to register the MAC addresses of their devices in their profile? This would enable Fon usage on any wifi device, from phones to gameconsoles and mediaplayers. I know MAC addresses can be spoofed, but you have to know one first, to spoof it…
Posted by euronerd - December 1, 2006 11:01 am - #
Well, great, what keeps you from releasing the sourcecode and/or technical specifications immediately so people can make (freeware) modules for any device (pocket pc, palmtop, smartphone ..).
It’s “open”, right ?
Posted by Christian von der Ropp - December 1, 2006 12:36 pm - #
Hi Martin,
Have you already considered multi-device-usage by a single Fonero?
As I expect people to carry along several Wifi-devices, which one may desire to use simultaneously (e.g. laptop and a VoIP-phone), I would like to propose the implementation of device classes. A laptop or a (streaming-capable) mp3-player, which may use more bandwidth, would be a class-A-device, a more bandwidth-economical Wifi-phone would be a class-B-device. A Fonero would then be allowed to use a class-A and a class-B-device simultaneously.
regards,
Christian
Posted by Iurgi - FON - December 1, 2006 3:00 pm - #
Hi PanMan,
We’ve certainly considered that option, and it’s actually something our authentication system could currently do. But when you give it a deep look, some problems pop up and many are too risky or inconvenient for the benefit it brings us:
As you said, MAC Spoofing is easy, but yes, where do you get a valid MAC from? Someone would think “That’s difficult enough to consider it safe”.
Well, think of someone that eventually discovers a valid MAC address from his neighbor’s device (if you have a fonero neighbor, which you can see by the signal name, then he might also have a device with a valid MAC address): he can publish it in a blog. It’s a matter of time that a list of valid MAC addresses would appear, as there are lists of valid serials for many proprietary programs.
From a user experience side, there’s also lots of inconveniences: for example, an authentication based on the MAC would mean that every time a device associates to a fonera, the fonera should check against our servers if that’s a valid MAC address; if so, open the access for it and if not, block the traffic until there’s a web authentication. This would mean that each and every device (including laptops) that would try to associate to the fonera would have to wait an extra time until its MAC address is checked against our servers. Not to mention the huge number of queries our servers would receive in such an environment, because 90% of the authentications would fail.
As you can see, even though it would be very interesting, there’s no valid approach for us. Yet, we think that using a “best practice”
document like the WISPr which is a de facto standard is versatile enough. We will have the client installed by quite a few manufacturers that will be announced when possible and will help any other ones to integrate it. In the end, it’s not a almost an ’standard’ so every wifi manufacturer is happy to implement it.
Posted by Martin Varsavsky - December 1, 2006 3:02 pm - #
Christian,
We are working on that, indeed it is very important. We will announce a way by which a fonero can roam with different devices and have more than one connected at the same time.
Posted by Martin Varsavsky - December 1, 2006 3:11 pm - #
Alan,
There are hacks to open the Fonera, but we are sorry we can´t make it easy because many many Linksys we gave away for free ended up reflashed for other uses and not to build a global WiFi community. We are going to release another version at a very good price that can be reflashed.
Posted by kung-foo - December 1, 2006 11:32 pm - #
a roaming fon, holy moly!
my 2 cents for the mac adress validation: to reduce traffic, u could make some sort of a, lets call it “poly phase nibble check”. the mac string would not be checked at once but in 12 phases, nibble for nibble. to make sure, ur servers wont get mac flooded and valid users locked out due to invalid checks, u wont check 12 nibbles one after another from one and only users, but nibble after nibble from different users. so if the nibble check fails for nibble 5 for one users, cuz its not in the mac db, any traffic from that users mac ip gets dropped for a certain time, like 30 mins or something.
this is just an idea. nonetheless it means more traffic, as we mention it before and theres still a security issue and this doesnt solve the problem valid macs might get blogged for public.
take care folks
Posted by Paul Jardine - December 2, 2006 1:39 am - #
This will be a big improvement, though I wonder how the certificate will be entered in some of the more non-standard WiFi devices without browsers.
If you combined this with some minimal short term MAC address caching (Fonera’s sending registered MAC addresses to nearby APs), then potentially the person might not have to go through the authentication process each time they switch APs.
Posted by Tero Lehto - December 3, 2006 11:29 am - #
Having tested SMC’s WiFi Skype phone, I haven’t been able to log on to my FON base station. There’s just no way.
Usually I log on to FON using web browser, but obviously this Skype phone doesn’t have one.
Posted by Jordi - FON - December 4, 2006 2:57 pm - #
Hi Tero,
Only SMC phones with the FON-enabled logo on it have build in the auto-login feature. On your SMC standard model you can login manually to your AP using the WPA “MyPlace” connection. We are also working with SMC to release an update app that will allow users to add the auto-login feature to their SMC standard product thru an USB firmware update.
Jordi
Posted by gio - December 4, 2006 3:43 pm - #
same at me with linksys and fon dont run, damn…
i hope you relase fast the patch
Posted by John - December 12, 2006 5:50 am - #
Just wanted to let you know about Devicescape’s new hotspot login software that is currently in beta test. FON is one of our launch-time networks; in fact it is the one we use for our in-house testing and demonstrations.
You will be able to login to your favourite FON hotspots using our software on your Windows Mobile device, Nokia 770 web tablet, Linksys WIP300 VoIP phone or even your Windows XP laptop.
The software and service is free; please check it out at http://www.devicescape.com/, and let us know about your experiences as well as any other devices you’d like us to support.
Posted by David Froehlich - December 15, 2006 10:30 pm - #
Hi all,
I think it should be possible to cooperate with SMC so they could provide you the sourcecode or whatever you need to port it to the phone.
I think it should be possible to cooperate with SMC so they could provide you the sourcecode or whatever you need to port it to the phone.
regards,
I have also bought the SMC Skype Phone espacially for my Rome-holidays after Christmas. But the dream of making free skype calls via fon hotspots in Rome seems not to be realistic. They say that there will be a new firmware in the future. But I bought this phone not for the future but for my holidays (December 27).
So, if fon is not able to provide a working firmware for the phone they offer, it would be very nice if the devicescape-software could be ported to the SMC Skype Phone. Many users would be very glad.
If anybody has new information or even a working work-around, please let me know [dfroe(at>gmxHi all,
I have also bought the SMC Skype Phone espacially for my Rome-holidays after Christmas. But the dream of making free skype calls via fon hotspots in Rome seems not to be realistic. They say that there will be a new firmware in the future. But I bought this phone not for the future but for my holidays (December 27).
So, if fon is not able to provide a working firmware for the phone they offer, it would be very nice if the devicescape-software could be ported to the SMC Skype Phone. Many users would be very glad.
If anybody has new information or even a working work-around, please let me know [dfroe(at>gmx
David
Posted by David Froehlich - December 20, 2006 9:33 pm - #
Hello,
I just received the recent beta firmware for the SMC Skype Phone from Jordi Vallejo which makes it possible to connect with all public FON hotspots. And it actually works! I really have not thought that I would be able to skype home during my holidays for free, but now it is possible.
Big thanks to Martin for his great idea to build up such a worldwide wifi network and to Jordi who helped me personally, friendly and very fast in solving my problems.
Thank you all very much,
David
Posted by gio - December 21, 2006 10:50 am - #
and the others?
Posted by ernie - December 21, 2006 5:02 pm - #
Hi all, Martin, Jordi Vallejo, David Froehlich,
I also have bought SMC Skype Phone for my Xtmas holidays in Spain, could you be so kind to share the recent beta firmware for the SMC Skype Phone from Jordi Vallejo which makes it possible to connect with all public FON hotspots?
Thanks and best regards
Posted by Martin Varsavsky - December 22, 2006 11:37 pm - #
Hi Ernie,
We are uploading the firmware upgrade on our website in a few days so all you guys can get your phones upgraded. Thanks for the people that have been helping to test the evaluation beta version!
Posted by Ton - December 28, 2006 11:21 am - #
Now this is good news!! Where and when can i get the .17??
Thanks,
Ton.
Posted by Doug Robbins - January 2, 2007 2:44 pm - #
How long is a few days? Less than a few weeks?
Seriously though, when is the firmware upgrade for the SMC Phone going to be made available?
Regards,
Doug Robbins
Posted by gio - January 15, 2007 8:59 am - #
tempus fugit, but the upgrade still unavailable…
Posted by Francesco - September 21, 2007 7:58 pm - #
Hi all, I bought today an SMC wi-fi phone, but it doesn’t work exactly like belkin. I try to connect to my fon-ap , it ask me the account, so I insert the same account as I use to login fon website. It try to connect and after a while it turns off and start again. It continue like this ad libitum exactly like belkin phone, the phone is an SMC WSKP100. I thank you for ur help and hope u can give me some suggestions, Francesco