Re: [NNagain] Internet Education for Non-technorati?

[rjmcmahon <rjmcmahon@rjmcmahon.com>]

Sorry, my openwrt information seems to be incorrect and more vendors use 
openwrt then I realized. So, I really don't know the numbers here.

I do agree with the idea that fixes should be pushed to the mainline and 
that incremental upgrades should be standard practice.

Arista's SW VP gave a talk where he said that 80% of their customer 
calls about bugs were already fixed but their customer wasn't following 
an upgrade policy. This approach applies to most any sw based product.

Bob
> Hi David,
> 
> The vendors I know don't roll their own os code either. The make their
> own release still mostly based from Linux and they aren't tied to the
> openwrt release process.
> 
> I think GUIs on CPEs are the wrong direction. Consumer network
> equipment does best when it's plug and play. Consumers don't have all
> the skills needed to manage an in home packet network that includes
> wifi.
> 
> I recently fixed a home network for my inlaws. It's a combo of
> structured wire and WiFi APs. I purchased the latest equipment from
> Amazon vs use the ISP provided equipment. I can do this reasonably
> well because I'm familiar with the chips inside.
> 
> The online tech support started with trepidation as he was concerned
> that the home owner, i.e me, wasn't as skilled as the ISP technicians.
> He suggested we schedule that but I said we were good to go w/o one.
> 
> He asked to speak to my father in law when we were all done. He told
> him, "You're lucky to have a son in law that know what he's doing. My
> techs aren't as good, and I really liked working with him too."
> 
> I say this not to brag, as many on this list could do the equivalent,
> but to show that we really need to train lots of technicians on things
> like RF and structured wiring. Nobody should be "lucky" to get a
> quality in home network.  We're not lucky to have a flush toilet
> anymore. This stuff is too important to rely on luck.
> 
> Bob
> On Oct 11, 2023, at 3:58 PM, David Lang <david@lang.hm> wrote:
> 
>> On Wed, 11 Oct 2023, rjmcmahon wrote:
>> 
>>> I don't know the numbers but a guess is that a majority of SoCs
>>> with WiFi
>>> radios aren't based on openwrt.
>> 
>> From what I've seen, the majority of APs out there are based on
>> OpenWRT or one
>> of the competing open projects, very few roll their own OS from
>> scratch
>> 
>>> I think many on this list use openwrt but
>>> that may not be representative of the actuals. Also, the trend is
>>> less sw in
>>> a CPU forwarding plane and more hw, one day, linux at the CPEs may
>>> not be
>>> needed at all (if we get to remote radio heads - though this is
>>> highly
>>> speculative.)
>> 
>> that is countered by the trend to do more (fancier GUI, media
>> center, etc) The
>> vendors all want to differentiate themselves, that's hard to do if
>> it's baked
>> into the chips
>> 
>>> From my experience, sw is defined by the number & frequency of
>>> commits, and
>>> of timeliness to issues more than a version number or compile
>>> date. So the
>>> size and quality of the software staff can be informative.
>>> 
>>> I'm more interested in mfg node process then the mfg location &
>>> date as the
>>> node process gives an idea if the design is keeping up or not.
>>> Chips designed
>>> in 2012 are woefully behind and consume too much energy and
>>> generate too much
>>> heat. I think Intel provides this information on all its chips as
>>> an example.
>> 
>> I'm far less concerned about the chips than the software. Security
>> holes are far
>> more likely in the software than the chips. The chips may limit the
>> max
>> performance of the devices, but the focus of this is on the
>> security, not the
>> throughput or the power efficiency (I don't mind that extra info,
>> but what makes
>> some device unsafe to use isn't the age of the chips, but the age of
>> the
>> software)
>> 
>> David Lang
>> 
>> Bob
>> On Wed, 11 Oct 2023, David Bray, PhD via Nnagain wrote:
>> 
>> There's also the concern about how do startups roll-out such a
>> label for
>> their tech in the early iteration phase? How do they afford to do
>> the
>> extra
>> work for the label vs. a big company (does this become a regulatory
>> moat?)
>> 
>> And let's say we have these labels. Will only consumers with the
>> money to
>> purchase the more expensive equipment that has more privacy and
>> security
>> features buy that one - leaving those who cannot afford privacy and
>> security bad alternatives?
>> 
>> As far as security goes, I would argue that the easy answer is to
>> ship
>> a current version of openwrt instead of a forked, ancient version,
>> and
>> get their changes submitted upstream (or at least maintained against
>> upstream). It's a different paradigm than they are used to, and
>> right
>> now the suppliers tend to also work with ancient versions of
>> openwrt,
>> but in all the companies that I have worked at, it's proven to be
>> less
>> ongoing work (and far less risk) to keep up with current versions
>> than
>> it is to stick with old versions and then do periodic 'big jump'
>> upgrades.
>> 
>> it's like car maintinance, it seems easier to ignore your tires,
>> brakes, and oil changes, but the minimal cost of maintaining those
>> systems pays off in a big way over time
>> 
>> David Lang
>> 
>> -------------------------
>> 
>> Nnagain mailing list
>> Nnagain@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/nnagain
>> 
>> -------------------------
>> 
>> Nnagain mailing list
>> Nnagain@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/nnagain
> _______________________________________________
> Nnagain mailing list
> Nnagain@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/nnagain