From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-lb0-x235.google.com (mail-lb0-x235.google.com [IPv6:2a00:1450:4010:c04::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id D7CA53B2F9; Fri, 11 Mar 2016 14:08:25 -0500 (EST) Received: by mail-lb0-x235.google.com with SMTP id x1so168204182lbj.3; Fri, 11 Mar 2016 11:08:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=bAAoJXmnS070QAJA9bPnNxjZRaiNCBpMwjHJrlmZVBE=; b=XhVlToo/fQhDrd0BMLAWar9NBuqlAzMjgET85JnsnEcjjnIMrWOZLf2Ao6KDovLuSq 46MLXwYlAo9fkf4gJaHiMAnHkuj0GGcsc/H9rcSwU/0tzBW163EpDENvjf0WQNU9U+nA i+5qg+Lo0oxEXCh3BMYlFS8077HngcgnON3FO04BzQhkwrMdpRPI2ZBxA7ZwO2iouI1p jB5qBRKyUtFlee7HCyJQXq6OEXeBMqot4vlSsd/4CsBGlOBqXtXJb0Mj4T/aa4Wbxmik 4xWiIn39QdPy3WE3SBcWpM276vjpGr+UliGk7pa8ETNHWEGJ89HLlf8OQsagtnkf/o9r smJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=bAAoJXmnS070QAJA9bPnNxjZRaiNCBpMwjHJrlmZVBE=; b=B68SLZv0Audr2oUBkBdeP/ShjBd65xtssomaKkDq9+ZybsDdma8nJANKUJIi7j9+89 8qyj+Xk7CdcBuQZxL1b0Qxawh+2nqUuzFDYp0pa7p7evkaxQGpvnKE7x4gExhKRmMeXv 9jwIenvkJf7isbmAYU2HYw59uy6jLUFi0nYSQP9Tyyk79orrq7vaRFW0eoeodW4geBcR HPsrUEkLEtChxIgaqu+58z6XHKjehX8nq+8g7A9juwgcph3wRZK/bG24F7JydbmgH5OD SuG2uH0FgDFcBO4QbkPvem51CsxmylsVTZ1doruC495JN7K8LQReqIBwltDtr190meL4 epKA== X-Gm-Message-State: AD7BkJIxbNPAZ7uwNsGjSb3OsnizRIVUgoviIZX4yb5Jq3WzwCl0zvn7TRsg06EidCaRcQ== X-Received: by 10.112.26.145 with SMTP id l17mr3926197lbg.106.1457723303275; Fri, 11 Mar 2016 11:08:23 -0800 (PST) Received: from bass.home.chromatix.fi (37-33-67-252.bb.dnainternet.fi. [37.33.67.252]) by smtp.gmail.com with ESMTPSA id j75sm1545785lfb.9.2016.03.11.11.08.09 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 11 Mar 2016 11:08:22 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\)) From: Jonathan Morton In-Reply-To: Date: Fri, 11 Mar 2016 21:07:44 +0200 Cc: Dave Taht , make-wifi-fast@lists.bufferbloat.net, bufferbloat-fcc-discuss , "cerowrt-devel@lists.bufferbloat.net" Content-Transfer-Encoding: quoted-printable Message-Id: References: To: "Luis E. Garcia" X-Mailer: Apple Mail (2.3112) Subject: Re: [Cerowrt-devel] arstechnica confirms tp-link router lockdown X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2016 19:08:26 -0000 > On 11 Mar, 2016, at 20:22, Luis E. Garcia wrote: >=20 > Time to start building our own. A big project in itself - but perhaps a worthwhile one. We wouldn=E2=80=99= t be able to compete on price against the Taiwanese horde, but price is = not the only market force on the table. Firmware quality is a bit = abstract and nebulous to sell to ordinary consumers, but there is one = thing that might just get their attention. Making the damned thing easier to configure. Almost every router now on the market is a blank box with some ports on = the back, some antennas on top and some lights on the front. If = you=E2=80=99re lucky, there=E2=80=99ll be a button for WPS (which most = consumers would still need to read the manual to figure out how to use, = and most tinkerers would turn right off) and maybe one or two =E2=80=9Cfea= ture switches=E2=80=9D; my Buffalo device has one which does = =E2=80=9Csomething=E2=80=9D to the QoS setup in the stock firmware, and = nothing at all in OpenWRT. The lights only tell you that =E2=80=9Csomething is happening=E2=80=9D = and occasionally =E2=80=9Csomething is wrong=E2=80=9D, and are = invariably cryptic. For example, a green flashing light can mean = =E2=80=9Cit=E2=80=99s setting up but not working yet=E2=80=9D or = =E2=80=9Cit=E2=80=99s working and passing traffic right now=E2=80=9D, = often on the same light! A critical error, such as a cable not plugged = in, is often signified only by the *absence* of one of the several = normal lights, which is invisible to the untrained eye. To actually configure it, you must first connect a computer to it and = point a Web browser at the right (usually numeric) URL. This URL varies = between vendors and models, and sometimes even between firmware = revisions; the only infallible way to determine it is to delve into the = configuration that DHCP handed out. You and I can cope with that, but we want something better, and = less-technical people *need* something better if they are to trust their = equipment enough to start actually learning about it. As a starting point, suppose we build a small display into the case, and = invite the user to temporarily plug a keyboard, console controller or = even a mouse directly into the USB port (which most routers now have) to = do the setup? No Web browser required, and no potentially-vulnerable = web server on the device either. When not in config mode, the input device can be disconnected and = returned to its primary role, and the display can offer status = information in a human-readable format; an RGB-controlled backlight = would be sufficient for at-a-glance is-everything-okay checks (which is = all Apple gives you without firing up their proprietary config software = on a connected computer). Some high-end router models provide just = this, without leveraging the possibility of easier setup. - Jonathan Morton