EFF is releasing an experimental hacker alpha release of wireless router software specifically designed to support secure, shareable Open Wireless networks. We will be officially launching the Open Wireless Router today at the HOPE X (Hackers on Planet Earth) conference in New York City, aiming to bring aboard members of the hacker community. This release is a work in progress and is intended only for developers and people willing to deal with the bleeding edge.
The software aims to do several things that existing routers don’t do well—or don’t do at all. We are beginning a journey that we hope will attract supporters and fellow travelers to help reach the following goals:1
- Allow small business and home users to easily enable an open network, so guests and passersby can get an Internet connection if they need one, while keeping a password-locked WPA2 network for themselves and their friends or coworkers.
- Let you share a bounded portion of your bandwidth on the open network, so guest users cannot slow down your Internet connection or use a large portion of your monthly quota.2
- Provide state-of-the-art network queuing, so most users can expect an improved Internet experience—especially with latency-sensitive applications—compared to what commonly available consumer grade routers are delivering today.
- Offer a minimalist, secure, and elegant Web user interface to set up and configure the router. Advanced, non-minimalist administrative options are accessible by SSH.
- Advance the state of the art in consumer Wi-Fi router security and begin turning back the growing tide of attacks against them. Most or all existing router software is full of XSS and CSRF vulnerabilities, and we want to change that.
- Include a secure software auto-update mechanism. In addition to using HTTPS, firmware signatures and metadata are fetched via Tor to make targeted update attacks very difficult.
We are offering this hacker alpha release to engage enthusiastic technical users who would like to help us test, develop, improve, and harden the Open Wireless Router. Currently the software runs on one specific model of hardware (the Netgear WNDR3800) and is based on the CeroWRT project. If you have a WNDR3800 router, you can get the developer preview image here and learn how to flash it here. If you’d like to hack on the code base, you can find code and instructions on building it at Github.
This Open Wireless Router prototype is made possible by the generous contribution of project resources and developers from ThoughtWorks, which came about through their exemplary social impact program. We are also very grateful for assistance from Dave Täht of CeroWRT and the Wi-Fi router hackers at Independent Security Evaluators (ISE).
2.The prototype implementation includes a defined ceiling for instantaneous guest throughput as well as a long-term quota. In the future, we will implement a dynamic ceiling so that while you aren’t using your network, guests can temporarily borrow it at full speed if enough quota remains available.
Peter Eckersley, Jacob Hoffman-Andrews and Ranga Krishnan