Hacker News new | past | comments | ask | show | jobs | submit login

"Switch your router into open mode (no password or encryption)": I feel like the lack of encryption really needs to be addressed here. I'm not going to use a network where anyone on it can see my information as they pass it along, and I think many other users would feel the same way.



Phantom protocol and Freedombox projects want to use encryption. So far, I think the Phantom protocol is the best designed and most bulletproof, at least in theory.

http://code.google.com/p/phantom/

But I haven't seen the creator say much about making it work on Wi-Fi mesh networks, though he did say it's pretty flexible and could be easily upgraded to work with new technologies.

Freedombox is pretty interesting, too:

http://www.youtube.com/watch?v=O7IpqrtC2lk

I also like the ideas behind http://mondonet.org/ , but so far I haven't seen anything technical about it. They're supposed to launch it next month, last I heard. There are actually a lot of related projects:

http://www.quora.com/What-projects-and-initiatives-are-under...


This could be a real problem, because for example in Germany it is illegal to have a WiFi connection, which is not password protected. The idea is that if they catch you downloading pirated songs, you cannot say - it wasn't me. Stupid but...


This is simply not true. If you make your connection available, all you have to do is register yourself as an ISP with RegTP, the federal regulation agency, and you instantly get all the protections that are awarded to other carriers. But of course, you might also get some duties...


You still have encryption at the application layer.


Yes, and that is likely the best solution for those who know enough to enable it. Unfortunately, not many casual users are aware of the need for this, and could stand to benefit from protection from the "casual eavesdropper" (http://revolutionwifi.blogspot.com/2010/11/firesheep-fallaci...).


A lot of casual users aren't aware of HTTPS, either, and don't ever need to 'enable' it. It just works. The infrastructure for it is rather centralized now, of course, but it doesn't have to be that way.


For the most part, I agree. I was thinking about services like facebook where the user has to take the initiative. But it would seem these are becoming the exception.

You're right; exploring a web of trust rolled into this would be interesting.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: