Three Paths to Better Open Wireless Routers
For the past few years, EFF and a coalition of other organizations has been campaigning for more and better Open Wireless networks. Unlocked, password-free wireless networks are in many respects the most convenient, efficient, and privacy-protective way to access the Internet, and running one is a considerate and neighbourly thing to do. But typical router hardware does not support open wireless very well, making it tricky or impossible for households to share some portion of their bandwidth without potentially slowing down their own connections.
This post explores what the essential features that make for a good open router, and three paths could get us there: out-of-the-box support from router manufacturers; standalone firmware; and features in open source router projects like OpenWRT.
What Makes a Good Open Wireless Router?
Most currently deployed consumer router hardware has no good support or UI for running open and password locked networks in parallel with tunable bandwidth allocation between the two. But it's clear that good open routers should have a number of features:
- Good support for open wireless out of the box—a prominent, one-click configuration option during the setup flow that creates an open network with traffic partitioned from the main password-locked one;
- Good traffic management for simultaneous open and password-locked wireless, so that the a guest watching Netflix or YouTube doesn't slow things to a crawl.
- A well designed, modern management interface that is free of avoidable security vulnerabilities like CSRF and which supports auto-updating to fix more obscure bugs when they are discovered.
- If the management UI is cloud-based, it is essential that it allows trully anonymous usage, for people who would prefer that their router vendor not know their identity and home IP address.Cloud-management UI should always have a local-network fallback alternative, in case the provider goes out of businesses, their network is unreachable for some reason, or other things do not go according to plan.
- Support for modified, free/open source firmware based on OpenWRT or other projects.
- Freedom from binary firmware blobs
So, how do we get there?
Path 1: Support from Hardware Manufacturers
By far the best way to get high-quality versions of the features above is to ensure they are present when you open the box and supported by the router manufacturer. For that reason, we are planning to start evaluating a number next-generation router projects on how well they deliver support for open wireless. Stay tuned for developments on that front!
Path 2: Standalone Open Wireless router firmware
Last year, EFF began some experiments with a variant of OpenWRT that prioritizes good out-of-the-box open wireless support, in combination with simpler and more secure UI than the OpenWRT defaults. Initially we had hoped that that firmware project would be a direct, simple and scalable way to deploy high-quality open routers, by shipping convenient mobile apps or browser extensions that could automate the detection and reflashing process for owners of compatible hardware.
Unfortunately, we've encountered some obstacles on that path. In particular, once we obtained our first field data on router prevalence, we saw that none of the router models we expected to be able to support well have market shares above around 0.1%. Though we anticipated a fragmented market, that extreme degree of router diversity means that we would need to support dozens of different hardware platforms in order to be available to any significant number of users, and that does not seem to be an efficient path to pursue. Without a good path to direct deployment, EFF is deprioritizing our work on the freestanding router firmware project.
Path 3: Open Wireless as a feature in OpenWRT
Fortunately, there are some other valuable uses for our open router code; the most significant aim is to merge its user interface and network configuration components as options in the upstream OpenWRT codebase, so that any OpenWRT user can choose to use them.
The firmware project will continue as an independent open source effort with support from the prpl foundation, ThoughtWorks, and others. That project has some important and exciting milestones to reach— and merging its features and UI as options in OpenWRT is prominent among them.
This weekend, Riscure is hosting a hackathon in their San Francisco offices, in conjuction with ThoughtWorks, a major contributor to the first version of the Open Wireless firmware. We invite developers in the Bay Area to join in and help secure a more vibrant, open future for the planet's wireless networks.