Beitrag über Virtual Private Networks mit freifunkbezug

Ernst Ahlers hat auf heise Netze einen Beitrag ueber die Moeglichkeiten sich sicherer in Funknetzen zu bewegen geschrieben: "Hotspot, aber sicher: Funknetze unterwegs benutzen ohne Abhörgefahr"

Über WLAN-Hotspots stolpert man nicht nur in den Zentren größerer Städte, sondern auch auf der Ferieninsel immer häufiger. Da juckt es den Netzsüchtigen, sein Urlaubs-Blog mit neuen Fotos zu bestücken, E-Mail abzuholen und per VoIP-Anruf zu checken, ob der in Pflege gegebene Nymphensittich brav ist. Dafür, dass private Daten trotz des unverschlüsselten Funknetzes auch privat bleiben, sorgt ein VPN-Tunnel. (23.06.2008, Ernst Ahlers, http://www.heise.de/netze/Hotspot-aber-sicher–/artikel/109761)

Erfreulicherweise wird Freifunk ebenfalls erwaehnt:

Teilnehmer eines Hotspot-Netzes auf Gegenseitigkeit wie Fon oder
Freifunk haben sogar Gratis-Zugang, wenn sie mit etwas Glück ein
anderes Mitglied derselben Community finden. (23.06.2008, Ernst Ahlers, http://www.heise.de/netze/Hotspot-aber-sicher–/artikel/109761)

Bei Freifunk handelt es sich zwar nicht um ein reines Hotspot-Netz, da Teilnehmer auch direkt miteinander durch Meshnetze verbunden sind, richtig ist dennoch, dass viele Internet ueber ihre Router zur Verfuegung stellen.

Als ersten Schritt empfiehlt Ehlers zum Selbstschutz den Emailverkehr auf sichere Dienste zu nutzen und fuer den Login stets die sichere Datenuebertragung mittels "https://" zu nutzen. Besser ist jedoch gleich ein Virtual Private Network (VPN)
einzurichten. Dies schützt den kompletten Internetverkehr.


Mit VPN surft man über einen verschlüsselten Kanal zwischen Notebook und VPN-Gateway, der Lauschern keine Chance lässt. (Image: heise.de)

VPNs lassen
sich unter Windows, Mac OS X und Linux leicht einrichten … VPNs wurden ursprünglich entwickelt, um Firmen-LANs an mehreren Standorten über öffentliche Netze (WAN,
Wide Area Networks) wie das Internet zu koppeln. Später kam das
Anbinden von Heimarbeitern ans Firmennetz hinzu. Damit dabei die WAN-
und Internet-Provider keinen Einblick bekommen, verschlüsseln VPNs die
übertragenen Daten. Deshalb drängt sich die Technik geradezu auf, um
mobilen Surfern im Hotspot ihre Privatsphäre zurückzugeben. Wenn man
selbst keinen VPN-Server betreibt, stellen VPN-Anbieter eine passende
Gegenstelle bereit, die statt ins Firmen-LAN ins Internet führt. (23.06.2008, Ernst Ahlers, http://www.heise.de/netze/Hotspot-aber-sicher–/artikel/109761)

In dem Beitrag wird erklaert, wie man ein VPN einrichten kann und welche Anbieter es gibt. Abschliessend gibt es noch Tipps, wofuer die virtuellen privaten Netzwerke noch nuetzlich sein koennen.

Auch abseits von WLAN-Hotspots kann ein VPN-Zugang nützlich sein,
beispielsweise wenn man Geolocation-Dienste umgehen möchte, um
US-Webseiten im Original zu sehen, oder Datenschnüfflern eine lange
Nase drehen will. Doch das leichte Aufsetzen eines VPN sollte nicht zu
Leichtsinn verleiten: Eine Firewall, aktiver Virenschutz und gesundes
Misstrauen gehören nach wie vor zur Sicherheits-Grundausstattung, denn
gegen Trojaner schützt auch ein VPN nicht. (23.06.2008, Ernst Ahlers, http://www.heise.de/netze/Hotspot-aber-sicher–/artikel/109761)

OpenWrt team announces OpenWrt Kamikaze 808 Release with Luci Interface

The OpenWrt team (Cph) has announced a new version of its Linux distribution for embedded wireless devices named "OpenWrt Kamikaze 808 Release". I talked to Felix Fietkau already at the WCW. Unfortunately we did not have the time to do an interview at the end. But Cyrus from freifunk Halle gave a short showcase of his interface (in German). The OpenWrt team was also impressed by it and they now announce the enclosure of the Luci interface officially. Congratulations Cyrus!

It has been quite a while since OpenWrt had a new Kamikaze release. The developer team has decided that it is time to get things straight and focus on a new release. This release have the official name: OpenWrt Kamikaze 808 Release.

The schedule will look like this:
*Last day in July – final release candidate: 808 RC-1 808 RC-1 will be a feature freeze, and all changes after this point will be bug fixes.
*Last day in August – final release: OpenWrt Kamikaze 808 Release.

OpenWrt Kamikaze 808 Release will focus on bringing the following:
– Firewall rewrite
– Broadcom 47xx running reliably with the new Kernel, not including wifi
– IMQ and Traffic shaping tested with newer kernels, especially 2.6.25
– Sysupgrade for more platforms (x86 is tested again)
– The new web interface (LuCI, Lua Configuration Interface)
– Attention towards the integration of security updates
– Package maintaining and updates between releases
– Testing, testing and lots of testing…

The 808 Release will also include support for several new platforms/targets. (http://forum.openwrt.org/viewtopic.php?pid=69873 )

Open Hardware from Squidbee for Wireless Sensor Networks

A couple of weeks ago I was talking with Alex about meshlium. I found out more about the project now. Last week I did an interview with Jose Luis Marina from Peopleware at a workshop of FOSS Bridge in Hanoi. Peopleware develops Osmius a very advanced monitoring tool to monitor all kinds of devices. He told me about their idea of using the open Squidbee hardware for their sensor networks. They want to be able to transfer data from sensor networks in an easy and affordable way. A scenario I see here is to use mesh networks for the transmission.

SquidBee is a project that uses an open hardware design as well as open-source software as a platform for remote control and sensing: "SquidBee is an Open Hardware and Source wireless sensor device. The goal of SquidBee is getting an "open mote" to create Sensor Networks." SquidBee uses the ZigBee self-organizing low power wireless mesh network protocol. ZigBee operates in the unlicensed 2.4 GHz, 915 MHz and 868 MHz ISM bands with data rates from 20-250 kbit/second, per channel. ZigBee is optimized for super low power operation so that the devices can be operated from battery power for long amounts of time. For long-running outdoor applications, powering the devices from photovoltaic panels would be an obvious technology choice. Using the 1mW XBee power level, the XBee maximum device-to-device range is 100 meters. At the 100mW XBee pro power level, the range is extended to 1KM. Each additional node can extend the range of the mesh network, since data passes through the nodes. (Download, June 16, 2008, http://lwn.net/Articles/260223/)

Behind the project is Libelium Comunicaciones Distribuidas, a SpinOff company of the University of Zaragoza (Spain) which has develop the ZigBee communication module. The Libelium team is formed by Marcos Yarza, Alicia Asín and David Gascón. The board has been developed by the Arduino team by David Cuartielles, Massimo Banzi, David A.Mellis and Tom Igoe. They come from different institutions in Spain, Sweden, Italy and New York (compare: http://www.libelium.com/squidbee/index.php?title=Who_is_behind%3F).

 

Some more info from the Squidbee wiki:

The main concepts behind SquidBee are:
* Self-powered
* Wireless Comunications
Repeat with me: "Ubiquity, Ubiquity, Ubiquity…"

How does SquidBee work?  

  1. Acquires  values from environment parameters: temperature, humidity, lightness, presence, pressure or (almost!) whatever you can sense.
  2. Operates with these values, when required.
  3. Transmits these values using a low power comsumption wireless technology (ZigBee).
  4. Sleeps until next timeout and repeats from the first stept.

Second step is not always necessary, depending of the calculations needed it may be better to make them in receiver computer to save nodes energy.

An open mote? What does it really mean? It means every part of the mote is accessible and can be studied, changed, personalized, … From the schematic circuit to the source code of the programs that are running inside the mote.

Who is interested in SquidBee? Anybody who is researching in the environment monitoring field. This is also an educational project so that universities can offer to the students a multi-learning device. With SquidBee people can learn at the same time electronic, programation, communications… and everything in just one device.

Who is supporting SquiBee? The board inside SquidBee has been developed by the Arduino team. The communications module wich lets  the node transmit through a ZigBee module has been developed by Libelium. Both components are open hardware and they have a really strong community support. A specialized wiki related to SquidBee and the Sensor Networks  will be created soon. There, all the Arduino and Libelium tutorials and examples will be shared and other research teams will be able to exchange their knowledge with the community.

What can I do with SquidBee? The main concept is: "sense what you want where you want and transmit it".

Two configurations of SquidBee? What is it exactly? Using the same board and communications module we have created 2 kinds of SquidBee: the sensor mote and the gateway. The first one is the self-powered sensor mote and the second is the computer USB connected receiver.

Can I integrate SquidBee into a wireless 802.11 Mesh network? Yes! We have also developed an outdoor Mesh Router: MeshLium which you can use to collect the information using the ZigBee protocol and transmit it to the mesh network using the Wifi technology (802.11). (Version, May 15, 2008, 15.22, http://www.libelium.com/squidbee/)

Journal for Community Informatics Special on Wireless Networking for Communities, Citizens and the Public Interest

The Journal "Community informatics" has published a special about Wireless Networking for Communities, Citizens and the Public Interest. Authors include Michael Gurstein, Alison Powell, Sascha D. Meinrath, Marco Adria, Hanna Hye-Na Cho, Laura Forlano, Andrea H Tapia, Julio Angel Ortiz, Kim Dara, Seán Ó Siochrú, Vidyut Samanta, Chase Laurelle Alexandria Knowles, Jeff Burke, Fabian Wagmister, Deborah Estrin, Ermanno Pietrosemoli, Andrew Clement, Amelia Potter,  Alisha Bhagat.

http://ci-journal.net

This special issue documents the state of the art in
research on community wireless applications, and presents assessments
of community wireless projects in a variety of local contexts: from
large urban centers in North America to rural locations in Asia and
Latin America. Together, the papers and field notes in this special
issue reflect on a community-centric approach to communications
infrastructure development. These works describe the challenges – both
practical and theoretical – that face community wireless networking, as
well as the implications many of these projects have to support social
and economic justice around the globe.

The papers in this special issue demonstrate that
community-based approaches to Wifi development are part of a broader
integration of technology, organizational capacity, and local culture.
Social goals are part of most community Wifi projects, and integrating
these goals and the technical structures of Wifi networks is part of
what makes many community Wifi projects successful. Both full papers
and field notes explore this integration and focus on various facets of
the community wireless networking movement.

The papers included in this issue explore different
theoretical approaches that help situate community wireless networking
as social and technical phenomena. Adria provides a meta-theoretical
discussion of how Wifi networks reconfigure space and time — using the
medium theory of McLuhan and Virilio to suggest that Wifi networks have
the potential to integrate local geographical and temporal experiences.

The other papers use empirical approaches to assess the
social aspects of community wireless networking. Tapia and Ortiz
explore the claims made by operators of municipal-community networks
that these projects are addressing the digital divide. Using a textual
analysis of claims made in documents including “press releases,
requests for proposals, letters of intent, and other official policy
documents,” as well as interviews with key informants in US
municipal-community projects, they interrogate the extent to which
networks facilitate meaningful digital inclusion.

Both Cho and Forlano explore the social aspects of
community wireless networking in more detail: Cho focusing on the
development of networks and Forlano on their use. Cho reveals how the
development of community wireless networks (CWNs) builds social capital
for the participants. She develops the concept of “place-peer
community” to explain how Wifi projects define “community.” Cho also
describes how contributions to community wireless networks help to
develop ‘civic bandwidth’ among their contributors. Like Tapia and
Oritz, she identifies CWNs as developing a discourse that connects the
development of digital information and communication technologies with
efforts to improve communities.

Forlano explores the new social relationships created
through the everyday use of community-based Wifi networks, examining
the gap between media representations of Wifi as an “anytime, anywhere”
solution and the socio-cultural practices of people using free Wifi
hotspots in New York City. As she discovers, freelance workers use Wifi
hotspots to create temporary working environments that eliminate some
of the isolation of working without a fixed office, while providing a
basic infrastructure including network connectivity and electrical
power. These Wifi hotspots support communities of mobile, flexible
workers who establish relationships with a particular place and its
people. Together with Cho’s insights about the social capital mobilized
through the process of developing community Wifi networks, this
suggests that Wifi hotspots may have a unique role to play in
redefining the experiences of community in urban areas.

The field notes in this issue offer a window into the
realities of local experiments with Wifi technology. The impacts of the
projects they document depend on the local political context (Clement),
the community’s capacity (Dara, Dimanche, and O Siochru; Bhagat), the
potential for community and industry partnerships to create new ways
for community members to gather data and to aggregate it (Samanta), and
how changing our assumptions about the role of wireless infrastructure
can open up new opportunities for affordable broadband (Pietrosemoli).

These notes highlight how local contexts influence what
is considered the “public interest” and how community wireless projects
can best serve the general public. For example, Clement criticizes the
Toronto Hydro Wireless project, considered a technical success, because
its governance structure forces the network to be operated for-profit
rather than as a public service. Samanta provides an outline of some
potential social uses for an experimental wireless network that could
aggregate data from numerous wireless devices. Some suggested uses of
this network include collecting ambient audio data that, when mapped,
could provide quality of life indicators.

In the global South, the public interest is served by the
communication and applications made possible by wireless networks
established in previously un-served areas. In these contexts as well,
important challenges also emerge. Bhagat assesses the results of a mesh
network built in Mahavilachchiya village where a local entrepreneur
developed a wireless network as an extension of a computer school where
local children learned ICT skills. This Wifi connectivity project
extended internet access to homes, and encouraged more local residents
to use the internet. However, Bhagat also notes that connecting the
village to the internet may have negative impacts as well: introducing
new forms of media and new social expectations to the village and
disrupting historical cultural norms.

Dara, Dimanche and O Siochru explore how local political
and social contexts impact the design and deployment phase of one local
wireless network. From the challenging context of Cambodia, they report
on the first phase of the I-REACH project, a distributed mesh network
providing internet connectivity and local media using solar-powered
devices. The project’s challenges in obtaining permission from local
government, sourcing material, and recruiting qualified local staff and
contractors underscores the notion that community-based infrastructure
implementation is a social (and an institutional) as well as a
technical endeavor.

Ermanno Pietrosemoli and his international team of Wifi
researchers have deployed wireless links spanning hundreds of
kilometers. By proofing out a methodology for creating low-cost,
long-distance Wifi, Pietrosemoli forces us to question the notion that
Wifi is just for local networking. As a potential backhaul solution,
Wifi may offer an exceptional value for communities and constituencies
that would not otherwise be able to afford broadband connectivity.

Across these paper and notes, a common thread linking the
articles is the importance of establishing local strategies for
leveraging wireless technologies in the public interest. (Alison Powell, Sascha D. Meinrath, Introduction to the Special Issue: Wireless Networking for Communities, Citizens and the Public Interest, Vol. 4 No. 1, 2008, http://ci-journal.net/index.php/ciej/article/view/490/389)

Global Freifunk Newswire back online

The global freifunk newswire is back online. There were some problems with the newswire server in Switzerland. Alex Antener who is the main admin taking care of the server now switched to another provider. Unfortunately we lost some updates. I put in recently added feeds again. In case I forgot a feed or if you have suggestions for a new feed please drop me a line by using the contact form at http://kontakt.freifunk.net. Thanks for supporting me in keeping the service running to Alex Antener and Sascha Tamim Asfandiar!

Anfrage des Berliner Senats – Auf welchen öffentlichen Gebäuden stehen Freifunk AP’s?

Heute habe ich eine Anfrage des Berliner Senats erhalten. "Er fragt freifunk":

"auf welchen Standorten von Gebäuden in Verantwortung der Senatsverwaltungen, der BIM (Berliner Immobilienmanagenment GmbH), der Bezirke, sowie der landeseigenen Wohnungsbaugesellschaften befinden sich Access Points(o.ä.) die dem Berliner Freifunknetz dienen.

Die Anfrage wurde von der Fraktion Bündnis 90/Die Grünen an den Berliner Senat gestellt und von diesem an die Verantwortlichen der Bezirke weitergeleitet in deren Auftrag wir handeln."

Bisher kommen wir "nur" auf:
1. Dathe-Oberschule in Friedrichshain-Kreuzberg
2. zukünftige Wriezener Park

Kirchen sind in dem Fall keine öffentlichen Gebäude.

Kennt jemand noch weitere Standorte von Freifunk-AP’s auf/in öffentlichen Einrichtungen/Gebäuden? Antworten bitte gegebenenfalls auch per Mail an christian.heise (ät) e-demokratie.org.

Das Ergebnis des Schriftverkehrs werde ich hier noch mal gesondert veröffentlichen.

FFLuCI the Next Generation Lua web interface für OpenWRT von Steven Cyrus Barth

Steven Cyrus Barth im Gespräch mit Bastian Bittorf über das Freifunk-Luci-Interface für OpenWRT.



Luci-Interface für OpenWRT von Steven Cyrus Barth from Mario Behling on Vimeo.

Some more info in English: FFLuCI is a Lua MVC-Framework for Freifunk with templating support. There are
working configuration pages for many system, network, services and wifi settings. Please visit http://luci.freifunk-halle.net for an overview of functions, screenshots, tutorials, SVN URL and snapshot images for Atheros and Broadcom.

Steven Cyrus started to develop Luci because he was not satisfied projects like XWRT implemented things. He had a look at the X-WRT Lua files in their repository first, but what was missing was a clear abstraction layer and templating support so I decided to build everything from scratch. According to Cyrus – X-WRT has a very nice UI written in shell code but there are only limited capabilities of this scripting language and so "it is time
to bring this thing to the next level using OOP and such nifty stuff."

Luci already has a number of working configuration pages. There are more – or in a few cases less – working configuration pages in (for now) German titles and descriptions for the:

  • Ethernet Switch
  • Ethernet Interfaces
  • DHCP-Server
  • PPPoE/PPTP
  • Static Routes
  • Portforwarding
  • Firewall
  • QoS
  • Wifi Devices
  • Wifi Networks
  • OLSR + Plugins
  • FFLuci itself
  • Package Management
  • Root Password and SSH-Public Keys
  • Mount Points for external drives
  • HTTP-Server
  • SSH-Server
  • Dnsmasq

Also there are a few public status pages for basic system information, WLAN-Scan, Contact data and OLSR a bit like those in the Freifunk Firmware. Have a look at the screenshots here: http://firmware.freifunk-halle.net/ffluci/screenshots

Configuration Bind Interface (CBI):
You just describe the data model of the UCI file and Luci does the rest for you: It will create the HTML-form, parse and validate the user input and write the configuration data to UCI. So no need to redo all these things on every configuration page again and again. It also supports basic field dependencies, dynamic validation functions, section creation, deletion and more. See an example here: http://wiki.freifunk-halle.net/Luci:WritingModules#CBI_models

Privilege dropping:
To avoid remote exploits (like those in older versions of the Freifunk Firmware) FFLuCI will set the UID/GID of pages running in the main public non-protected section to nobody/nogroup. There are many things left to do like porting over dhcpsplash, accounting, statistics and more to Kamikaze. Contributors are welcome.

Links:

Interview with Free Wireless Evangelists from the Italian Ninux Community and the Freifunk Community in Germany

Saverio from the Italian Ninux community has now published a video interview Daniel Paufler and I conducted with them at the Wireless Community Weekend in Berlin. Thank you very much for the great montaggio! It is real fun to watch!



Interview to Ninux and Freifunk members at WCW2008 from Saverio Proto on Vimeo.

Direct Link: http://www.vimeo.com/1052320

In Berlin, at C-Base, people from wireless communities all around
Europe meet to share ideas and experiences. See this interview by Mario
Behling with free networks activists from Ninux.org and Freifunk.net

Open Hardware: Interview with Jürgen Neumann and Marek Lindner

Jürgen Neumann, one of the initiators of freifunk.net, and Marek Lindner, openmoko developer and B.A.T.M.A.N. programmer, speak about the Open Hardware Initiative event Open Tech Summit in Taiwan.

Thema Freifunk und WLAN auf Radio Fritz

Trackback auf Radio Fritz berichtet über Freifunk. Hier Ausschnitte aus der Sendung.

… Andreas Bogk vom CCC über die Frage, ob man sein WLAN offen oder zu haben sollte.
… Dr. Reto Manz’ Doktorarbeit zum Thema “Rechtsfragen in offenen Netzen”
Cven Wagner über Freifunken und Sicherheit im offenen Netz.
(26.4.2008, Marcus Richter, http://spreeblick.com/trackback/2008/04/26/trb-074-notpron-robocup-offenes-wlan/)

Komplette Sendung: http://spreeblick.com/trackback/podpress_trac/web/293/0/trb_080426.mp3