If this were a live FonBar, you would log in to the hotspot through the form above.
 

A Whisher Come True!

Mike Puchol, aka “Mother” on boards.fon.com, writes the tech.am blog and is at the DEMO 2007 software convention this week. He’s there to kick-off his new startup company which offers an ingenious new approach for sharing wifi. He probably also wants to kick me for the corny blog title. ;)

I’ve sat on this news for a day while I tried Whisher out, and chatted with Mike about some of the geeky details. Blogs I have read mostly play Whisher as a challenge to Fon, which provides an alternative wifi-sharing solution. Prominent partners in Whisher have previous ties to Fon President Martin Varsavsky, and I fear the digital Press is looking for rivalry and warfare where not much really exists.

It works with any wifi router/AP with WEP or WPA encryption. Sharers have detailed control over who may use their wifi, as well as tools to build social communities while online, and find hotspots that are part of the network.

Whisher was rolled out Jan 30, after being under development for almost a year. Their website provides extensive pictoral and animated tutorials, their hotspot search map, blog, discussion board and software downloads. Disclosure: I am not affiliated with Whisher (yet); I am simply a beaming new admirer. :)

 

Fon requires the use of their proprietary La Fonera AP, or the use of their own firmware only, on certain Linksys and Buffalo wifi routers. Non-contributing users of The Fon Network must pay a fixed fee for 24 hours of access. Contributors have the option of sometimes recieving a small portion of the income. Payment and authentication is negotiated entirely through web browsers.

Whisher requires no special router firmware, configuration or host software, but does require installing the Whisher client application in order to sign up, use Whisher hotspots, and to designate and manage hotspots being shared. Sharers may still shut down their computers and leave their hotspots up for others to use. Versions of the client may be downloaded for Windows XP, Macintoshes, and Linux. Whisher does not provide a payment system, as all Whisher hotspots are free. Advanced features, which are yet to be defined or implimented, may require payment.

The Windows client is intended for XP, but can still access social features under Windows 2000 (as I use). I had issues with finding Microsoft Visual Studio files that it needed on launch. Upon launching, the client presents a display of available hotspots to connect to. This closely resembles Microsoft’s own Zero Config control, and apparently requires it’s services behind the scenes.

One may use Whisher to connect to any hotspot found in range, and even use it to save connection profiles for them. Hotspots which are designated as Whisher hotspots will display extended information, as well as use the Whisher logo (following a quick database update of hotspots from their server). To make your hotspot available for other Whishers, first use the client to connect to it, and enter the WEP/WPA key (all Whisher hotspots must offer encryption). Then, you have the option of adding it to the Whisher Network with a couple of clicks, and typing a welcome message. It will show up on Whisher’s hotspot map and Whishers that subscribe to location updates for that area will be able to identify it and connect to it using the client application.

While connected, one may IM buddies using Whisher’s own chat system, which is planned to have compatability with MSN, AIM, ICQ and Yahoo. Folks using different IM clients may be able to join together into combined chatrooms, as with Trillian (Pro?). One may also join a chat room containing everyone connected to the same AP, and other user-definable categories. Each participant may share files from their laptop hard-drives and make them visible to everyone, or just certain groups or particular people. Additional tabs allow control over filesharing, personal options, geolocation and map searching. Whisher also intends to add remote router management, which will work by interfacing the router’s web management server directly.

See more information about Whisher at their Homepage, their Discussion Forums, and their Blog.

EDIT: Dema has created an exellent pictoral tour of Whisher in his blog entry 2/9.

Pros: Unlike Foneros, Whishers enjoy the maximum encryption available by the hardware in the wifi router/AP being used. Whisher will likely work with any wifi-router/AP that now exists, and for the forseeable future. It will be a great advantage for folks who can’t or won’t reflash their router firmwares. It allows folks to admit access to friends, family, and others without revealing, or having to remember, their WEP or WPA keys. Social activity is built into the client itself. These venues are expandable, and actually available even when you are at non-Whisher hotspots, you only need internet access. Abusers of a hotspot can have their privledges selectively revoked, without changing the encryption key.

Cons: Some people may be unable, or unwilling, to install an application on their computers. The client needs to be allready downloaded, and perhaps updated, before one may connect to the hotspots. This presents a chicken-and-the-egg problem for somone who can’t get on at such a hotspot in order to download it. There exists some chance that the downloaded, encrypted database of APs and their keys might be cracked and exposed. Currently, if a sharer changes her SSID or encryption key, people previously connected there may have to get online another way in order to update their locations file and get back on there again. Laptop-based software will lack the intrinsic power of firmware physically loaded on the router. Routers which lack certain features, like MAC blocking and AP isolation may present security problems which Whisher cannot overcome.

Ideas: Members of buddy groups might be empowered to join in a Hamachi-like virtual network, creating connections beyond a single AP and providing powerful abilities for gamers and businesspeople (fax modems, remote desktops). The client might be given a host mode, which would be run on a dedicated computer to provide VPN or web proxy service, or permanent shared storage space. Wifi routers with “WPA-RADIUS” ability could allow access to Whishers without even needing to download a shared key in advance; it could be based on their Whisher login.

Whisher -vs- Fon

Anyone who really understands the system Fon uses can see that they aren’t perfect rivals. Fon is a for-pay system requiring proprietary firmware, Whisher is a for-free system requring a client download. They dwell in the same ecosystem, but occupy different niches. They can even work together.

As of this afternoon, I have made the private SSID of my proprietary La Fonera router, from Fon, serve double-duty as a Whisher hotspot as well! As my router’s firmware and configuration are entirely untouched, and I intend to continue offering the Fon hotspot, this almost certainly does not break my dreaded “Fonero Promise”.

0 Responses to A Whisher Come True!

  1. Dan says:

    I completely agree with you that Fon and Whisher are not incompatible and roughly rivals. Actually Whisher is just what Fon misses: its social component. And this explains the rivalry.

    I for one run a free WiFi/sharing show but don’t feel offended by W. I’m even trying to find out where we could better fit this new ecosystem. I’ll let you know.

    For starters the only con I see for Whisher is being ahead of its time. There’s many implications I have a hard time grasping now. Just like the iPhone, when the hype will have gone quiet the Whisher guys will have to deal with the number one problem: monetizing. It’s when we feel overwhelmed by features and inplications that we are loured by things. This is one of those cases.

  2. PJMDS says:

    At least with FON we don’t install strange programs that do this:

    03-02-2007 13:42:25 DoS.Generic.ICMP.Smurf! Attacker’s IP address: 192.168.1.50. Protocol/service: ICMP . Time: 03-02-2007 13:42:25
    03-02-2007 13:43:55 DoS.Generic.ICMP.Smurf! Attacker’s IP address: 192.168.1.50. Protocol/service: ICMP . Time: 03-02-2007 13:43:55
    03-02-2007 13:44:32 DoS.Generic.ICMP.Smurf! Attacker’s IP address: 192.168.1.50. Protocol/service: ICMP . Time: 03-02-2007 13:44:32

    Seems like bad-ware to me but lets see what happens in the next weeks, personally I have no faith in whisher and fail to see why AustinTX is so in to the idea, what scares me the most is that their program can control our wireless card thus being able to gather easy information about us and the people that connect to our wireless.

    Where’s the source code of the program ? will they release it ?

  3. Dan says:

    “what scares me the most is that their program can control our wireless card”
    that was my first thought too. when whisher crashed for the first time, so did my network layer. burp!

  4. austintx says:

    PJ: It doesn’t seem likely that they would want to overwhelm your network with malformed packets – perhaps these alerts are misidentifying the client’s probe for other Whisher clients to share files with? Similar to MS Networking? Whisher could prevent this by taking on the Network Neighborhood work at their central server. Or it could certainly be a bug in the current Java software release.

    I’m into the idea because it dives right in and solves some of the biggest problems that Fon hasn’t solved: encryption of over-air packets, compatability with existing wifi equipment, leech control, social activity, and so forth. I’m consious of the danger that the Whisher client could be trojaned, or could be hacked to neuter it’s security. For now, I only have it running on my old laptop with only La Fonera as it’s internet connection.

  5. austintx says:

    Dan: that’s good, really. I have wanted to find out what happens when I use Whisher to connect to a hotspot, then terminate it’s task. If it doesn’t break the association, then some ill-doer could remain connected but beyond control.

  6. PJMDS says:

    Austintx, just installed the program and when it tried to connect my wireless card (Wistron CM9 Atheros miniPC) to the FONERA FON_SSID and to my private SSID, in both cases the Kapersky internet security identified the activity has one DoS.Generic.ICMP.Smurf attack, uninstalled the program right away, it’s just to dangerous having such software without any info about the code.

  7. Mike Puchol says:

    PJMDS:

    You are spreading FUD – we do not do any sort of malicious activity you claim we do, an there is no need to release the source code in order to prove so. In essence, a ping can be flagged as a smurf attack. We do not take control over your wireless card any more than Windows’ own zero configuration service, and we certainly do NOT sniff traffic in order to do any evil deeds – it would be pretty stupid of us to do so right when trying to launch the venture, and with the backing of a major VC such as Benchmark, don’t you think?

    Antivirus and firewall software flag normal activity as suspicious many times, specially on newly installed applications, we will certainly look into why Kaspersky is doing this. To clarify this point, we received this report from Softpedia:

    “Your product “Wisher 1.0″ has been tested by the Softpedia labs and found to be
    completely clean of adware/spyware components.”

    We’ll be posting the full report soon. If you don’t like Whisher for some reason, you are free to -not- use it. I would however appreciate it if you took the time to work through your issues with us. My contact email is provided in this reply.

    AustinTX & Dan:

    As for the possibility of killing the client and the connection remaining alive, we have it sorted in the Mac version, and should be solved in the Windows version soon. This is not a normal behavior except by a malicious user.

    Thanks for all your comments!

    Regards,

  8. PJMDS says:

    Mike Puchol sorry about the FUD thing, it wasn’t my intention, I’m glad that the Softpedia labs tested your program and didn’t find any adware/spyware, surely I will try the program again, good luck to your project.

    Just a question, does the program work on Windows Vista ?

    best regards

  9. Dan says:

    Mike, Softpedia ranked one of our applications that phones back location and connection data “completely clean of adware/spyware components” as well. People might not know at this point how this all works and it’s the uncool trust loop that you need to overcome while not releasing all the “how to’s” to the competition. Thanks for the Mac update! Will keep supporting you guys, but expect criticism too 😛

  10. Mike Puchol says:

    PJMDS:

    We just got a few versions of Vista while we were in the US, as in Spain it hasn’t been released yet, so our developers haven’t had access to it. This week we will perform tests – we have received some reports that it doesn’t always work, due to some library incompatibilities. Microsoft hasn’t made life easier for developers, as we now have to deal with 8 different versions of Windows 🙂

    Dan:

    It is all welcome, good or bad – we want to improve, and it’s impossible to improve without listening to the bad part.

    Regards,

  11. steven says:

    If i’m correct … you need to have a PC running 24/24h in the vincinity of your accesspoint…and that pc needs to have a WIFI card (usb/pci) attached?
    so people are going from a “low power” consuming (fonera…Linksys) to a more powerfull (full blown pc) of +- 400watt ?

    Those meraki’s are nice… when will they give them for free? 🙂

  12. Mike Puchol says:

    Steven:

    No, you do not need to have a PC on all the time, once your AP/router has been registered, the backend takes care of the rest. If you share in public mode, all other Whisher users will be given access, if in buddies-only, then just the people in your buddy list. The only functions for which you need to be on the same WiFi are local chat, presence information and file exchange.

    I think we need to make a big FAQ sign on this point, as many people think you need to have a PC running as the access controller, when this is not the case.

    Regarding the Merakis…I doubt for free, but you can pick them up for $49, and an external rugged version for $99.

  13. Victor R says:

    I don’t have wisher, but my network connection cannot be established because i am being attacked with dos.generic.ICMP.smurf every second. Can this be a wisher user trying to send me packets or something like that? and if yes how do i stop it?

  14. austintx says:

    “dos.generic.ICMP.smurf” is a generic error message issued by some firewall programs, which has nothing to do with Whisher. If you are looking for an explanation for this error message, you have not found it yet here.