Friday, July 30, 2010

Apple Booted Skyhook, Google Location Services in iOS 4

TechCrunch read Apple's letter to a congressman about the kind of data it collects more carefully than most: The letter says Apple dropped Google (which was, I believe, supplying cellular tower triangulation information) and Skyhook Wireless from iOS 4, which powers the iPhone 4 and 2008 and 2009 models of iPhone and iPod touch.

Long-time readers of this site know that Skyhook Wireless has spent many years driving the streets of major cities and aggregating information provided in the form of queries from mobile devices to build a comprehensive and constantly updated Wi-Fi positioning system. While Wi-Fi isn't precise, it's not far off from GPS in urban areas.

As more mobile devices gain full-featured GPS chips and functions, Wi-Fi positioning remains important as a component in Assisted GPS (which allows a GPS to get a fix faster) and in providing an initial rapid location assessment, sometimes in a few seconds.

But location data is incredibly valuable, and owning the data is perhaps worth the price. Apple has apparently, quietly generated its own Wi-Fi and cell tower databases. It has enough mobile devices in the field with GPS receivers that it can use that information to build a comprehensive picture of most cities, I'd imagine. Every time a device queries location and sends a Wi-Fi and cell environmental scan with or without GPS coordinates, that's more data to crunch.

I thought Skyhook Wireless would have a leg up here because of Google's agreement to not scan for Wi-Fi in several countries (or perhaps worldwide) after it's data-collection debacle with Street View. And Apple's not the only fish in the pond. Skyhook has deals with many, many other platforms and providers.



LCD Soundsystem & Hot Chip announce autumn co-headline showsClearwire Adds Integrated Mobile Hotspots, New 3G/4G Modem for Macs

More Detail on Wi-Fi Exploit "Hole196"

More Detail on Wi-Fi Exploit Hole196

At Ars Technica, you can read my long explanation of the group key weakness in WPA/WPA2 Enterprise-protected networks: The information I was given was originally under embargo, but the firm and unrelated researchers released essentially all the data except a video of an exploit in action and some of the mitigation information. Hence, the long Ars Technica piece.

Boiled down, I don't think anyone need worry about Hole196, which describes how an insider with an account on a WPA/WPA2 Enterprise network can send group broadcast packets spoofed to appear as if they originate from the access point for clients attached to that access point.

It's a hole, all right, but it requires so many particular circumstances to be met, that a spy or thief working for a company (or an outsider having gained credentialed access) would most likely have easier methods to get in--or would be detected by other means.

The best lesson I can take away from this hole? Make sure you're running virtual SSIDs if you have that option to separate guests, contractors, and others from employees; or to isolate different kinds of operations within your company.

Because each virtual SSID on an access point is treated nearly as a virtual AP, the group key isn't shared across the access point among different virtual SSID. The BSSID, or AP identifer, is unique for each virtual network on each AP.



Don’t Blame It on the MiFi, After AllThe Cars hint at reunion on Facebook

NetJets Picks Aircell for In-Flight Internet

NetJets Picks Aircell for In-Flight Internet

Internet in the air isn't all about commercial aviation: NetJets, a fractional plane ownership business owned by Warren Buffett's Berkshire Hathaway, will put Aircell's general aviation Internet product (Aircell High Speed Internet) in 250 of its mid-to-large aircraft.

NetJets has a fleet of 800 jets, which are used in increments by "owners," who opt for this rather than the expense of maintaining their own planes. It's hardly a crowd that pinches pennies; dollars, maybe. It's thus a perfect audience for heavy Internet use.



SFO Goes Free

Monday, July 26, 2010

AT&T Expands Hotzone Test to Charlotte, NC

AT&T Expands Hotzone Test to Charlotte, NC

AT&T has added a second location in its outdoor hotzone pilot program: Charlotte, NC's downtown is the second area to get an AT&T hotzone designed to offload network traffic from the company's 3G network and boost performance for customers. The first such hotzone was lit up in Times Square in Manhattan; a third zone is coming to Chicago soon.

The idea of a hotzone makes perfect sense for a firm that's getting criticism for being unable to meet the data needs of subscribers in some cities and neighborhoods. Wi-Fi cells can be quite small, and have much higher capacity than cell channels, while being enormously cheaper to run, partly because there's no opportunity cost related to expensive cellular spectrum licenses.

These AT&T hotzones differ from municipal Wi-Fi efforts started in 2005 and mostly abandoned by 2007. Municipal networks were typically designed to require private investment by firms to provide indoor and outdoor network coverage to 90–95 percent of a city.

AT&T hotzones will cover outdoor areas of high traffic, and work only for customers. There's no specific municipal benefit involved, and AT&T will control its deployments entirely.

It's a smart move. AT&T could likely spend less a tenth as much in high-traffic areas to add Wi-Fi as to beef up cellular. And there's only so much spectrum available, meaning that in many areas there may be no real way to enhance the 3G data side.

This is Wi-Fi as a 3G network heat sink.



Merc Mix It Up with In store live Summer SessionsT-Mobile Expands HSPA+ Markets

AT&T Continues Massive Increases in Wi-Fi Sessions

The telecom behemoth is also gigantic in giving away Wi-Fi to customers: AT&T's quarterly report on Wi-Fi usage finds the firm serving 121m sessions in the first six months of 2010; that compares to 86m sessions in all of 2009. Second quarter 2010 saw 68m sessions used, compared with 15m in the year-ago second quarter. Second quarter was also a 30-percent increase over first quarter.

That's great, but you'll note that the names McDonald's and Starbucks aren't mentioned anywhere in the press release. McDonald's and Starbucks represent about 19,000 of AT&T's "more than 20,000" locations.

In January, McDonald's opened its Wi-Fi network to everyone at no cost; previously, AT&T customers (wired, DSL, fiber, remote business, and laptop 3G) got access at no cost, and so did roaming network partners. One expects that McDonald's drove part (but not all) of the increase.

Likewise, on 1 July 2010, Starbucks shifted from its modestly complicated free two hours' offer, where you needed a Starbucks stored-value card, to unlimited free service for everyone. I expect we'll see a big jolt as a response, because it removes friction for short, casual use, as opposed to longer use in which anyone who figured it out would already have been using Starbucks' Wi-Fi at no cost.

You can't disregard other factors, however. AT&T continues to add wireless, laptop 3G, and fiber customers (although I believe DSL and landline markets are static or shrinking). Those users gain free service on subscribing. And existing users rely more on using free service as available.

The couple of million iPads that AT&T sold as part of the 3m+ worldwide totally likely are part of that jump in usage. A single iPad user could consume dozens of sessions a day, either on the AT&T free locations (with a Wi-Fi only unit or a 3G iPad without an active 3G subscription), or across AT&T's network with a 3G iPad and an active 3G data plan. (The active data plan gives you access to hotels, airports, and other otherwise for-fee locations, and some roaming locations on reciprocal networks.)

Finally, AT&T switch a few weeks ago from unlimited service plans to cheaper, limited plans for new customers or those that opt to switch away from unlimited will likely mean bargain hunters like yours truly will work harder to find free Wi-Fi instead of consuming expensive 3G juice.



Merc Mix It Up with In store live Summer SessionsStarbucks Goes All-In: Free, Unlimited Wi-Fi Starting July 1st

Saturday, July 24, 2010

Researcher Hints 802.1X WPA2 Flaw

Researcher Hints 802.1X WPA2 Flaw

AirTight Networks' researcher Md Sohail Ahmad will present a WPA2/802.1X weakness at DEFCON18 next week: The press release from AirTight doesn't give away too many details, but I believe this an 802.1X problem because it requires an authenticated user on a network that has unique master key material for multiple users. Hence, 802.1X, where WPA2 is used to secure the connection, and a user login causes a master key to be generated.

My suspicion is that there's a weakness in broadcast key implementation, since that's a natural place. That's confirmed by the name the researcher has given the weakness: "Hole 196," which the press release says refers to page 196 of the revised IEEE 802.11-2007 specification.

The note at the bottom, in a section on Robust Security Network Association (RSNA) used for the 4-way handshake for authentication dealing with the group temporal key (used to protect broadcast and multicast data), reads:

"NOTE—Pairwise key support with TKIP or CCMP allows a receiving STA to detect MAC address spoofing and data forgery. The RSNA architecture binds the transmit and receive addresses to the pairwise key. If an attacker creates an MPDU with the spoofed TA, then the decapsulation procedure at the receiver will generate an error. GTKs do not have this property."

This could be a serious exploit for corporations, government, and academic institutions that use 802.1X, and rely on the intra-network security of having one user unable to sniff the traffic of any other user. This is not a generic WPA2 or AES-CCMP key extraction exploit; I'm not sure any key recovery is involved at all.



Class-Action Suit against Google Has Gaping Hole

Monday, July 12, 2010

Alaska Airlines Has Internet Service in Half Its Fleet

Alaska Airlines Has Internet Service in Half Its Fleet

Alaska Airlines has ramped up rapidly since its agreement with Aircell to use Gogo Inflight Internet: The airline has half its fleet--all 55 737-800s and 10 737-900s--equipped with in-flight Wi-Fi. The remaining 737-900s (2 of them) will be unwired in July, and the 737-400 and 737-700 fleets will gain service by the end of the year.

Aircell agreed to put substantial service in the state of Alaska as part of its arrangement with the airline, with a commitment to have it ready by early 2011. Aircell will eventually have a Canadian network, too, run by a Canadian partner that will aid in Alaska coverage.



Justin Bieber doesn’t know what German meansAlaska Airlines Launches In-Flight Service

Friday, July 9, 2010

Google Restarts Street View without Wi-Fi Scanning

As I predicted, Google won't be sucking down Wi-Fi signals in its future Street View efforts in some countries: After the debacle of Google first saying it wasn't collecting data from Wi-Fi networks, only scanning for readily available public information, and then discovering and admitting it had stored information, the company is taking a different tack.

It's restarting Street View photography in Ireland, Norway, South Africa, and Sweden, but vehicles won't have Wi-Fi hardware on board, and the software has been vetted by a third-party to ensure there's no component that might have collected Wi-Fi data still installed (even though removing the hardware might be seen as enough).

I thought that the likely outcome for Google for its missteps was likely a very tiny amount of money in the forms of fines or voluntary settlement figures, but no criminal charges nor more than a technical slap on the rest--so long as Google agreed to stop scanning Wi-Fi signals, even if it promised to stop collecting data.

By being seemingly forced to exit the Wi-Fi positioning business, Skyhook Wireless reaps the biggest rewards, in that it will be the only worldwide provider of such information.

However, Google also uses the Android platform to collect Wi-Fi positioning information--something also employed by Skyhook Wireless, as News.com reported a few weeks ago. Every time a mobile devices sends a snapshot of the Wi-Fi environment to a Google or Skyhook server for lookup, that information further refines location data for subsequent users.

But mobile-submitted data isn't enough. For one thing, most of this data isn't tagged with reliable GPS coordinates when sent to the server--the intent of sending to the server is to obtain latitude and longitude in the first place. Skyhook and, formerly Google, drives with precision GPS receives and high-gain antennas to seed and re-seed their databases.

Meanwhile, in Australia, the country's privacy commissioner has found Google broke the law in sucking down data, even though such data was being publicly disseminated. The Sydney Morning Herald quotes commissioner Karen Curtis saying, "Any collection of personal information would have breached the Australian Privacy Act."

But I fear this sends the wrong message. Curtis says, "Australians should reasonably expect that private communications remain private." Not quite. If you're sending information unencrypted when the facility to protect that information is readily (and freely) available in the hardware you purchased, then you are sending private information in a public fashion, and shouldn't enjoy any expectation of privacy. Setting the bar that publicly broadcast information ensures privacy protections seems a bit rich.

Nevertheless, Google has apologized to Australians. Expect more apologies to be forthcoming.



Google Has Been Collecting Wi-Fi Data, AccidentallyHanson and Drake gig ends in riot

Wednesday, July 7, 2010

Free Philly (PHL, That Is)

Free Philly (PHL, That Is)

The Philadelphia International Airport (PHL) stops charging for Wi-Fi: The facility offered free Wi-Fi on the weekends and to students at any time since 2007, but now won't charge a lick for service. Is this PHL's way of competing with Baltimore, National, JFK/EWR/LGA?



Seth Lakeman free download*$->0

Sunday, July 4, 2010

*$->0

Starbucks launches its free North American in-store Internet today: It was quasi-free before (two hours with a single purchase ever since December's changes), and now you pay nothing to use as much Wi-Fi as you want.

Will *$, as we affectionately call the company here in Seattle, be filled with snoring loafers and couch squatters? Likely not. The company found an average of an hour's daily use by those who took advantage of the two-free-hours offer previously.



SFO Goes FreeKurt Cobain exhibit opens in Seattle

Thursday, July 1, 2010

Canadian Starbucks Stores Also Offer Free Wi-Fi

Starbucks will give away Wi-Fi at nearly 800 outlets in Canada: Starbucks announced today that it would provide free Wi-Fi service at its company-owned stores in Canada, in addition to the nearly 7,000 US locations gaining no-fee Internet access. The service becomes completely free in both countries starting tomorrow, 1 July 2010.



Seth Lakeman free downloadStarbucks Goes All-In: Free, Unlimited Wi-Fi Starting July 1st

Report Predicts $100m in In-Flight Internet Revenue in 2010

Report Predicts $100m in In-Flight Internet Revenue in 2010

In-Stat says $95m in revenue will be taken in, almost entirely by Aircell, in 2010: That's a fair amount of money for the first year in which a substantial number of planes across multiple airlines are in operation, but still doesn't represent a lot of usage overall. Delta still represents the lion's share of equipped planes, even as other airlines have signed up, typically in a more limited fashion for the large operators. (Virgin America and AirTran have equipped their entire fleets, but those fleets are quite small.)

Let's run the numbers. Aircell charges from $5 for a red-eye session to $35 for a monthly unlimited usage pass across the network. Let's assume the average transaction fee is $11.

Aircell is nearing 1,000 planes equipped with Gogo Inflight Internet, and one assumes as that number has gotten higher, revenue has increased at a higher pace. So let's average the year's use across 800 planes (assuming several hundred more planes by year's end).

Take $95m and divide it by 365 days. That's $260K per day. Divide that by $11, and that gets you 24,000 sessions per day. Divide that by 800 planes and you get 30 sessions per day on average per plane. Some planes are flying short hops (Virgin America's West Coast routes), and others are heading cross-country on 5-6 hour missions. Planes are being turned somewhere between two and five times per day, so divvy up those 30 sessions per day per plane into flights.

That would means somewhere between 5 and 15 sessions per equipped plan per flight. I'm making a very rough calculation, but it makes sense.

As usage goes up, average revenue per user will increase, but eventually taper off: frequent travelers will opt for the $35/mo rate (probably negotiated lower through corporate bulk purchase deals).

By the number In-Stat is estimating and my logic above, it seems that achieving $500m/yr in revenue could be achieved by 2014 both by doubling the current size of the fleet, and increasing casual and business usage.

Aircell and its partner airlines have rarely disclosed much in the way of exact usage, session numbers, users per flight, or other financial or session data.



Alaska Airlines Launches In-Flight ServiceAC/DC forced to cut Oslo gig

Femtocells In Depth

At Ars Technica, I explain femtocells: In a long article at Ars Technica, I explain what makes femtocells tick, and whether they wind up as a good deal or not for consumers. I've been skeptical for years about femtocells because they are a tricky value proposition for carriers to explain.

"Our network is great, but because it's not, pay us extra money for this thing that we've advertised we can already do."

Not a great sale. Verizon, with the best network for voice in the US, sells its femto for $250, and it's just intended for improving reception. I don't hear complaints about it. People who live in places with poor coverage know that they get great coverage elsewhere, I suppose, and suck it up.

Sprint splits the difference, selling it ($100) for both unlimited calling (with a monthly fee of $10-$20/mo) and pure coverage ($5/mo). Its deal is best.

AT&T charges a relatively low price ($150), but because of complaints about its network coverage and quality in some urban areas, gets the most criticism as it's not precisely what people want. If AT&T coupled the femto with a decent calling plan, it would be more of a sell. AT&T wants $20/mo for unlimited North American family plan calling, which is only slightly cheaper than unlimited calling without being tethered to a femto.



Justin Bieber doesn’t know what German meansStarbucks Goes All-In: Free, Unlimited Wi-Fi Starting July 1st