If this were a live FonBar, you would log in to the hotspot through the form above.

Signs of Smarter Marketing at FON

November 19, 2006

A new FON package deal announced today by Martin Varsavsky echoes a similar one made 3 days ago. Martin is the President of FON and blogs in several languages. Check out his Spanish and English blogs regularly, as he does not translate every entry into each language:


“For a year now I have been using OpenBC, my favorite business network. I just found out that OpenBC is now officially Xing.

In order to show our appreciation and join Xing’s launch, we decided to give the Foneras … for free to new premium members of Xing…” -Martin Varsavsky

Xing is sort of a “Friendster” for businesspeople who are looking for others with services or other resources which they need, and who wish to make their services and resources available to others. This kind of profiling may one day replace Yellow Pages and endless phone calls for quotes and clarifications. Martin hopes that these established businesspeople will carry their routers with them on business trips and show them off while they share them.


Just three days ago we were thrilled to recieve news of FON’s package deal of an SMC WiFi handset (made by Accton) with a La Fonera router (shipped separately) for less than the cost of nearly identical handsets under a different brand!


These offers are not as suprising as FON’s past offers of half-price and even free routers, but they do suggest an encouraging sea change is taking place in FON’s efforts to target a profitable demographic. The past offers required essentially no verifiable qualifications in order to recieve a router, beyond a mailing address and PayPal account. With these new offers, we see a new effort to see that routers are being sent to people who may be more likely to use them for serious purposes, and operate them in range of others who can benefeit from the hotspot.

An Xing Premium registrant is likely committed to building and using new tools for business “networking”. In their hands, a La Fonera is more than a toy. Imagine finding a FON hotspot in your hotel, with a welcome message which says it’s owner is in room# __ nearby and is seeking/offering ___ business opportunities. A quick peek at Xing, and a short walk down the hall, and a new business partnership may be forged!

While questions about the SMC handset’s limitations have not yet been answered in fon’s blog, it promises to be flexible in that it works at FON hotspots worldwide. This adds value to it, and by introducing people to the FON Network, benefeits Skype and FON who will have more opportunities to provide their services.

In conclusion, blanketing the world with randomly-placed routers may not have paid off in building a live network. By making value-added package deals with products favored by a complimentary demographic, FON may see more routers in the hands of those who will use and endorse them.

New Wifi phone makes Skype calls from any FON hotspot! [2 EDITS]

November 16, 2006


With this wifi phone, FON tells us, Foneros can connect for free at any FON hotspot worldwide to make Skype calls!

Few details are given at this time, but the above picture shows the WSKP100 package which SMC is allready selling in the U.S.A. for $159.99. The handset appears to be identical with the NETGEAR WiFi Phone for Skype, which sells for $249.99 alone! The good ole El Cheapo (La Fonera) router is shipped separately, presumably direct from FON.

The Skype client appears to be embedded in the SMC handset, and comes with 500 SkypeOut minutes, and 12 months of voicemail. Calls to other Skype phones are always free; buy one for yourself and another for each of your loved ones. It could pay itself off in less than 3 months!

We’re curious about what mechanism this phone uses to authenticate with the FON hotspots, and are awaiting reply from Steve Ross, who moderates FON’s English-language blog. Similar phones by Netgear and SMC (probably the same Accton phone rebadged) make no mention of a built in web-browser, so we wonder if 1La Foneras are allowing Skype connections without FON login, or is 2Skype providing some kind of authentication service to the FON network for registered Skype-Foneros? 3Are free hotspot connections only for Linus Foneros, 4or is it for any Fonero? 5Any Skype customer? 6Are the free hotspot connections permanent, or only for a limited time?

One further worry is whether the handset can 7make it’s Skype calls when another, non-FON hotspot is available? Our fear is that this handset has been limited in some way. Stay tuned for further details.

11/23 EDIT: Per “new_palace_centre” in Fon’s English-language board, we have news of how the browserless handset logs onto hotspots which have login pages, including Fon hotspots. Per SMC, the handset itself has a built-in list of hotspot networks that it detects and logs into automatically. This suggests that either a Fonero needs to store their username and password on the phone, or that there is a generic Fon account that everyone logs with. More to come when we hear of it!

Great job, fon!

EDIT: Fon has announced that the SMC handset does not actually have the ability to log into Fon hotspots yet. SMC and Skype have updated their advertising to reflect this retraction. Handset owners may still connect via their private SSID, or through any open hotspot. Once Fon gets their “smart client” working, handset owners must still agree to join Fon’s movement, register that “free” La Fonera and maintain the router for a year as a Linus for “free” connections worldwide.

EDIT: Fontastic.org blog has posted two videos of the SMC handset being demonstrated: http://www.fontastic.org/fon/smc-skype-phone-arrived-first-impression-video/

ATTN Martin Versavsky and Steve Ross: I’m being refused Trackbacks to your URLs. My hit counter suggests that I have had at least 575 hits since Oct 15, so you might wish to permit my links in the future.





Austin, TX Capitol Metro busses now providing free wifi!

November 14, 2006

Capital Metro Introduces Wi-Fi To Express Routes
Nov 14, 2006 11:48 AM CST

Beginning Tuesday, Capital Metro is going high-tech with wireless Internet service on some of its buses.


Some riders may have noticed it over the last three weeks or so as Capital Metro officials tested it out. For now, the Wi-Fi service will only be available on the Express routes. Those are the red and white buses. That’s because this is just a pilot program they’re testing it out.


Just like the Wi-Fi service in Austin, when you turn on your computer, you’ll need to log onto the access page first. Of course, that’s free. And then you’re able to browse the Internet on your way into work or on your way home. If it goes well, you may see Wi-Fi on other bus routes.


“We want to see how the customers use the technology. We want to see what the interest and the demand is,” said Capital Metro Chief Public Information Officer Denise DuCharme. “And if the interest is high and the demand is good, then we plan to expand, and we’ll be looking at that in January.”


Here are the Express routes where Wi-Fi service will be available:
935 Tech Ridge Express
982 Pavilion Express
983 US 183 Express
987 Leander/Northwest Express


The reason why they choose just the Express routes to test the program is because those are the longer routes coming in from Leander and Cedar Park. Capital Metro figures you would have more time to log on, since you have a longer ride into Austin.


Of course, the other hope is to bring a new crowd onto the bus. Plus, it’s a way to test Wi-Fi for when the light rail is up and running. But even if you don’t take the Express routes, you can still access the Internet while you wait for the bus at Tech Ridge Park and Ride in North Austin or the Pavilion Park and Ride off 183.

Heads up if you use Broadcom wifi drivers! Critical exploit discovered!

November 13, 2006

“Critical Broadcom Windows driver exploit released!

Posted by George Ou @ 2:42 pm

The MoKB (Month of Kernel Bugs) project has released a Metasploit 3.0 kernel-level driver exploit for Broadcom based Wireless LAN devices for Windows 2000 and XP. The flaw was discovered by researcher “Johnny Cache” and had been privately disclosed to Broadcom so that they could prepare a fix before the details of the research and proof-of-concept was released in to the public.

According to Johnny Cache, this particular exploit is extremely reliable and results in “100% ownage” which means your computer belongs to the hacker if it’s attacked using this exploit.”

read the full article at:


The Missing Week – Unexplained downtime for Boards.fon.com 11/7-11/14

November 9, 2006

(This post is being published post-event and summarizes several original posts which may still be viewed at the original blog site).

Without advance warning, Fon’s English-language discussion board “boards.fon.com” was taken down from 11/7 through 11/14. In it’s place was a banner stating that it is undergoing maintenance. This began just after the Nov 6 announcement of Fon buying Gspace in Fon’s own English blog. At least 250 visits ocurr to my blog that week alone; perhaps as people searched for explanations. Fon’s French and Spanish boards are up and running, though they appear to all be hosted on the same server. A brief search in these remaining boards on 11/9 does not reveal any obvious signs of discussion about the English board’s demise.

When the boards come back up, there was no announcement or apology from fon regarding this signifgant event. I wait through most of the day, then post a new thread titled “Why was boards.fon.com down from 11/7 to 11/14?”. Other people join me in expressing their interest in an explanation. All we got from the moderator was two separate, terse statements: “down for maintenance” and “thank you for your comments”.

Minutes after making my last post to that thread on 11/15, which was in reply to the moderator’s resistance in providing answers, my IP address appears to become banned. I confirmed that ANY connection from my IP address to the boards server is redirected. This includes foneros using my hotspot!

Being unable to find the moderator’s email address in Google (it is visible now), I make a combination attempt to contact help/make a protest by replacing my avatar and other graphics with a thumbnail containing a text message, and post about the events in my (original) blog.

By way of comments in the blog, I learn that the board moderator, “moderfon”, maintains that I was not actually banned, but that I must have somehow been put in the board’s new automated spam filter.

“If you send your IP, I’ll tray to find it in the banned ip” … “by the way, he change his avatar, I dont link words “banned”, because isnt true. and NOW his account is blocked. when AUSTINTX send me email telling that “he was wrong about it” I’ll enable his account in the FON BOARDS.” -moderfon

OK, so here’s the situation: the moderator say’s he’ll unblock and UNBAN me if I send him an email saying that “I admit to being wrong” about being banned. But he just *said* that I really was blocked now! Anyway, i’m just echoing the term used by the actual banner i’m reading!

The moderator and I have also had wildly different interpretations of reality in the past. I’m less interested in winning an argument with him than I am in rejoining the community, so I make the following, apparently favorable statement in my (original) blog:

Moderfon, I have no proof that I was manually added to the “spam filter”. Therefore, I was premature in declaring that I was banned.


1) I acknowlege that I was wrong about it.

2) I clicked on the link you gave me so you may locate my current IP address. -AustinTX

ADDITION: I am now able to login to the boards again, so i’m restoring my diagrams and photos. Thank you all for watching. Tune in next week when we run on hot coals, bang our heads into walls and tug on Superman’s cape while he pisses into the wind.

ADDITION: The thread I created had several more posts added, and then could no longer be found in the board. It has reappeared after being moved to: https://web.archive.org/web/20080515210639/http://boards.fon.com//viewtopic.php?t=2370

I continue to maintain my own HTML-save of the thread which I made just after my own final post to it:

I’d like to give my particular thanks to those Foneros who, ultimately successfully, argued against inappropriate banning and censorship in the board during my brief absence.

Fon buys Gspace internet storage provider and announces new “Liberator” router.

November 6, 2006

Gspace is the creator of a Firefox plugin that allows you to use the unused portion of your 2 Gigabyte Gmail account’s storage space as a folder for holding personal files, and  additionally, you can access these files anywhere you have an internet connection. This is similar in concept to an FTP service or Yahoo’s Briefcase.

Also on Nov 6, Engadget writes that fon has announced the Liberator version of El Cheapo (La Fonera), which adds a USB connector which allows the use of a flash drive. FON announces Liberator, adds NAS

I’m a little confused about the implication that Liberator will benefeit from the Gspace acquisition. If I have a flash drive, why do I need Gspace? If I have access to Gspace storage on the internet, why do I need a flash drive? [EDIT: If I have DD-WRT with Samba support (and I do), why do I need Gspace or a flash drive?] Is the best place to attach a removable mass-storage device going to be on the tiny Fonera router which I will likely want to have mounted high up or outside?

It is unfortunate that the English-language boards has suffered this sudden, extended blackout just when fon is making such important announcements. This may serve to have a dampening effect on open discussion of Liberator’s practicality and Gspace’s usefulness. That would not benefeit fon, would it?

ADDITION: Visit fontastic.org for their contribution to the Liberator/Gspace story:


SLASHDOTTED! Hacking the Free “La Fonera” Wireless Router

November 5, 2006

Oh no! Could this be the counter-revolution we have feared?

Despite efforts to keep La Fonera (which we affectionately call “El Cheapo”) secured against firmware reflashing, it appears that it can be done without opening it up or building special hardware!

Visit these links to evaluate the grim evidence:


ADDITION: Nov 6: Martin Varsavsky, in his Spanish version of his blog only, acknowledges the script weakness and states that it has been patched:


ADDITION: Nov 8: Dema writes that there are reports that script weakness appears to have stopped working:


Martin V on evolution of fon router and future router designs

October 24, 2006

In his english-language blog, Martin Versavsky takes us on a walk down memory lane and shows us pictures of the (R)evolution of fon routers: http://english.martinvarsavsky.net/fon/fon-router-design.html

“router final.JPG” ……………Uh, WTF is this? It scares me!

FINAL-final production model here.

This last model will be distributed for free to homeless Germans and Austrians who lurk about in dark subways so they can make an honest income providing wifi and reading light.

Ross: [Wed Oct 25, 2006 11:43]: I actually own a leg lamp (really) and now that you mention it it would be funny to shove a router in it!

inquisitor: [Wed Oct 25, 2006 12:10]: Shame on you, Ross! This trumpery attracts the devil! Burn it immediately! These are my proposals for a new router housing:

AustinTX: [Wed Oct 25, 2006 15:00]: But inquisitor, your submissions are not ORANGE! :lol:

Ross: [Wed Oct 25, 2006 20:43]: I’m going to call my leg lamp router “Ooo la la fonera”

No good deed goes unpunished

October 12, 2006

This is a long, but fun post about how the wicked get away with anything, and no good deed goes unpunished. This contains a series of saved bulletin board posts as well as emails laid out in chronological order to tell the story that went on behind the scenes.

Chapter One:

Mike Puchol blogs about his experience using the POI (hotspot coordinates in offline .csv) export feature on the relaunched maps.fon.com resource to confirm fon’s official statistics:


Chapter Two:

The creature known on boards.fon.com as “mosbach” starts a whole new thread complaining about how Mike Puchol posted as “mother” on boards.fon.com without revealing his real-life identity. The thread started by “mosbach” was eventually deleted by “moderfon” of boards.fon.com. It was allowed to remain up longer than *anything* else!

http://fon.fondoo.net/~fone/h/motherouted.htm (this page looks like a link to boards.fon.com, but is actually just an html-save.)

Chapter Three:

This “mosbach” uses his own fon-themed fonblog.de to suggest death threats to Mike Puchol. Here are two blogger’s responses to that:


Chapter Four:

I run with this information, and create a new thread in boards.fon.com entitled “mosbach is outed” as a parody. I don’t narrate the post, or slander “mosbach” in any way. I just mirror Mike’s information, provide links to some text files that archive earlier expamples of mosbach’s threatening and slanderous temper-tantrums… as well as the remarkable reluctance of boards.fon.com moderators to do anything about him, and whatever I could google up about mosbach in 5 mins or so. I didn’t html-save my own thread, but it essentially looked like the section below:

Subject: “Dr. Gerhard Mosbach” has been outed now!!



Gerhard Mosbach
Frankenwaldstrasse 27
D-95138 Bad Steben
privat : http://www.gerhardmosbach.de/

email : public@gerhardmosbach.de

fon/mobile/sms: 0163.692.9580
fax : 09288.925.9083
skype : gerhardmosbach
sipgate : 8708240





Domain: foneros.de
Domain-Ace: foneros.de
Descr: Gerhard Mosbach
Descr: Frankenwald 27
Descr: 95138 Bad Steben
Descr: DE
Nserver: ns1.kundencontroller.de
Nserver: ns2.kundencontroller.de
Status: connect
Changed: 2006-01-27T17:54:33+01:00



Within minutes, my thread had dissapeared from boards.fon.com. I left the page open and occasionally pressed “Refresh” to monitor the situation. I had copied the text from the message posting window, so I reposted it again… gone again in under a minute! I reposted it once more with the following preface:

“Listen up, people. fon deleted my original thread by this name without any warning and didn’t even see fit to delete the mosbach thread it’s name was inspired by. All of this information is public and is easily found with google. There is nothing slanderous said here (unlike mosbach’s post) or untrue. Just a simple posting of public facts. let us ask ourselves what schiszm causes fon to encourage and support his behaviour, and to continue to succor him when the entire fon boards community screams for his banishment?”

Deleted moments later.

Chapter Five:

Moderfon private-messages this ambigous question to me about my new thread. I don’t see it until after he’s allready deleted it, but I take the opportunity to bring mosbach’s infinitely more offensive material, which survives his critique, directly to his attention:

From: moderfon
To: AustinTX
Posted: Wed Oct 11, 2006 16:49
Subject: what is this ?

what is this ?
could you explain it ?

From: AustinTX
To: moderfon
Posted: Thu Oct 12, 2006 14:39
Subject: Re: what is this ?

I don’t know what you’re referring to. There is nothing at that URL.

[Edit: moderfon feels that I am “lying” about this PM unless I include the following line which I had not quoted in my reply to him]Perhaps you have been drinking too much?

From: AustinTX
To: moderfon
Posted: Thu Oct 12, 2006 14:53
Subject: Re: what is this ?

what is this ?

could you explain it ?

SO suprising to see it is still there!

[Edit: moderfon feels that I am “lying” about this PM unless I include the following line which I had not quoted in my reply to him]Is he your boyfriend?

In the meantime, the controversy is exploding in other blogs, and Martin Varsavsky himself, is backpedaling and posting excuses about the statistical anomalies. The boards moderators apparently decide to pursue an information blackout, and so they delete mosbach’s thread. The POI export tab is removed from maps.fon.com. Moderfon needs to tie off my loose string, so he sends me the following warning:

From: moderfon
To: AustinTX
Posted: Thu Oct 12, 2006 14:58
Subject: Re: what is this ?
I dont know this persond, and I dont know you too.

This is the your last chance. We dont like post like this.

[Edit: moderfon insists that I am “lying” about this PM unless I include the following line which I had not quoted from him earlier]I send you a PM asking about this post, you didnt say anything.

One post more and you will be banned.

Its clear ?

You or anybody, ok ?

Mosbach removes his threatening blog post, and later posts a nonapology in his blog, which appears to now be deleted, too. Everything swept out of sight and forgotten, right? Well, *almost* everything…

Chapter Six:

I move my “mosbach is outed!” post to my private blog. I suppose it probably belonged there to begin with. You might think this is the end of the story, but NO.

A week after mosbach’s thread was finally purged from boards.fon.com, my fon.cjb.net address and email stopped working. After some personal investigation, I email cjb.net:

It appears my cjb url redirect has been disabled. using the address “fon.cjb.net” goes to your main page now, and I cannot fetch email. I cannot access the account settings page – “incorrect password” – but I have no doubt about what the password is. I tried re-applying for it and the message I got was that the address “can not be used”, which is different from the message “allready in use” for other url redirects. I initiated a “forgotten password” request, but am not 100% sure of what email address I used when I applied. I have not recieved any complaints or other comments about this url redirect whatsoever. Can you please bring me up to date and help me re-establish my redirect? This redirect is important to me because it is very short and handy, and also relates to an hotspot-sharing outfit which I participate in as a hobby. Thanks.

Their terse reply:

That account was removed and banned due to its use for harassment which is a violation of the agreed to Terms of Service.

So “someone” apparently convinced a cjb.net representative that my simple and unnarrated mirroring of public information constituted “harassment”, and so my url-redirect was disabled, and locked. My follow-up:

I have to say I am extremely shocked to hear this. I have never recieved complaint ONE about my website. Isn’t there, at a minimum, some kind of remediation process? I recieved no warning whatsoever. There is nothing even remotely harassing about my website, which describes my experiences with fon.com and lists related resources and contacts. I deserve to know the identitiy of my accuser. I have been an enthusiastic user of cjb.net for more than two years and have reccomended it many times. Please help me to remedy this to everyone’s satisfaction.

Their icy response:

Complainning about a bad experience is one thing, just having a page devoted to handing out someone’s personal info which was resulting in harassment is another. I’m sure you can figure out whom was complainning about the page.

*Devoted* to harassing poor, heartbroken and water-soaked mosbach? Hardly! My extensive and sincere plea goes unanswered:

This is the This is the kind of email i’m sure you hate to recieve. People who work in IT generally like to see matters closed and have better things to do than get involved in personal squabbles. I myself work as a NOC technician and have also been a call-center tech for a number of years. I have been responsible for similar admin email. Please believe me when I say I am sincere about my cause to be reinstated. As you can see, I am not ranting, threatening you with lawyers, or employing the usual histrionics. I am taking the time to write you at length to make my case clear and to demonstrate my respect for you in these regards. I hope to demonstrate to you how you have been manipulated and I hope your response will be to restore matters to their rightful places.

To begin with, I would have to agree with your last email. A page which is designed and devoted to handing out someone’s personal information and which others are directed to visit mainly in order to distress another person might be construed as harassment. However, this is not an accurate description of my webpage which you have disabled.

My web page is firstly, an demo of what I would like to see appear when someone first opens their web browser when connected to my fon.com hotspot before logging on to recieve full internet access. This demo was set up as part of a contest which took place in fon’s boards. Secondly, it contains a blog as an example of content provided by the host of this hotspot. Sixteen entries in that blog were copies of emails that chronicle my experience in joining fon.com and ordering their equipment. Thirdly, there are at entries which are provided so that I can provide a url to helpful technical instructions so that I don’t have to retype them each time. Having the instructions in one place and referring to them by url allows me to improve and update them in a single place instead of tracking down every place I have posted, and editing individually. These urls are still posted throughout https://web.archive.org/web/20080515210639/http://boards.fon.com/ and are to be credited for driving traffic to your ad-supported website.

Fourthly, and lastly, the blog was, presumably, a safe and personal place for me to place unofficial opinions and other material which would be innapropriate for fon’s official boards, for fear they may result in deletion or banishment from the official forum. This is clearly acceptable to the fon.com moderators, as my http://fon.cjb.net url is prominently placed in each of my posts, and I have NEVER been spoken to about it. If you had looked at my website before banning it, you would see that I had listed many private, unofficial blogs relating to fon, and these authors all post in the official fon board and list personal urls there. By utilizing my http://fon.cjb.net url, I am earnestly attempting to “do the right thing” by keeping official -vs- unofficial matters separate. I also use my subdomain email to recieve communications about board activity, private messages and blog comments into separate inboxes. There is a great deal of organization in place which is dependant on cjb.net’s services. I am grateful for cjb’s services, and I emphasize again that I create legitemate traffic to your advertisers.

Addressing the “personal info” contained in the final blog entry at the top; every iota of this is public information! Most of the material displayed is simply copied from another blogger’s post at http://tech.am/2006/10/11/my-first-death-threat-by-mosbach-the-chief-fon-forum-troll/ . The rest of the information was found within minutes by simply typing this person’s name into Google, with no tricks or hacks involved. The subject is highly visible to the public, and has made his full identity and contact information available dozens of times over a signifigant period of time. I am doing nothing but summarizing what he himself has made available to his audience.

He posts as “mosbach” on https://web.archive.org/web/20080515210639/http://boards.fon.com/, and does, or has, advertised the url to his german-language fon.com blog “fonblog.de”, where he posts as “gerhard”. WHOIS on that domain shows it is operated by a “Gerhard Mosbach” and lists the rest of his contact information. Googling that name in that locale shows dozens of verifyably authentic instances where he has posted to boards or advertised his other websites. http://maps.fon.com shows an active fon-branded hotspot at that exact address. Again, nothing found here is nonpublic, nor has any of it even been retracted from the Internic record or Google as of this date. I have never even recieved comments about the information on my website, which has simply served as a minor mirror of information others are still displaying. How can one take the position that I myself am creating a problem, and that it is fair to censor me without any notification or recourse?

It is a painful irony that I am described as “harassing” anyone since this is what that individual is chiefly infamous for himself. Please briefly examine the content of his posts at https://web.archive.org/web/20080515210639/http://boards.fon.com//search.php?search_author=mosbach . He has been a serious matter of contention with all of the board participants familiar with him. Read some of the disturbing things he has said to me in private email here: http://fon.fondoo.net/t/mosbach.txt. If this individual feels less secure about shooting off his mouth in public, now that it is demonstrated how easy he is to identify, then this is a good thing. My website makes no threats to him in any way. You will observe that I do not make any comments or characterizations about him in the post. It’s simply a list of public information. I argue that it fails the Turing Test to define it as “harassment”.

In closing, I assure you that I have nothing to prove to that individual, and my only goal is to restore the services I supply to the fon.com community. I would be *extremely* grateful if you would restore control to me of my fon.cjb.net account settings with the password of “**********” so that I can continue to supply them. As of this date, I have made 1,696(!) posts to boards.fon.com, and the task of manually updating what I have written with new urls and email addresses would be overwhelming. If you insist, I will remove refrences to the presumed complaintant, and only ask that you notify me in the future if I have recieved further complaints.

Way to go, fon and cjb! Cross your arms while a bully runs around the playground like a mad bull, and give a good slap on the face to anyone who pushes the bully back. Protect that insensible twat but bring down the Hammer of Thor on anyone who annoys you by asking you to do your job and bring peace to the community.

And thus, was born http://fon.fondoo.net/ and this post is awkwardly hosted separately. Stay tuned for further developments.

Chapter Seven:

Moderfon comments in my blog that I am *lying* about what I have said. Then, in PM at boards.fon.com, (in the capacity as board moderator, you understand), cites three trivial omissions which I made from this blog entry. I put them back. You tell me if it blows my case.

How El Cheapo’s firmware is locked

October 10, 2006

On Oct 10, Freddy says he has plans to port DD-WRT to La Fonera and provides a link to his site where he provides the script which checks the Fonera firmware’s encryption key: http://fon.freddy.eu.org/fonera/fon-0.7.0-rev4/bin/fonverify


One of fon’s firmware developers joins the discussion and provides us with further technical facts about the encryption:

https://web.archive.org/web/20080515210639/http://boards.fon.com//viewtopic.php?p=14226#14226. I mirror the text here in case it gets deleted:

Pablo [Sun Oct 22, 2006 07:16]:

Those .FON file bundles are packages signed by Fon (using a private RSA key and an RMD160 message digest), and verified during the upgrade process at the router.

.FON files are not “coded” or “crypted”. They are just signed. Thus, after the first four bytes, the signature length, and the signature itself, there is a tar.gz package containing the files to upgrade the router.

Everyone can see the contents of the file, since it is not crypted. The signature is used to ensure the upgrade file came from Fon, regardless of the way it got into your router. It is the same idea as for the .deb files used to upgrade your Debian/Ubuntu system. You can always check they come from the right source, and see their contents.

The foncheckrsa executable does the same verification that can be issued with OpenSSL:

openssl dgst -rmd160 -verify public_fon_rsa_key -signature


On Oct 25th, As Nerokak is unable to compile code that runs on La Fonera, he Launches this thread asking for help:
La Fonera: ipkg installation issue https://web.archive.org/web/20080515210639/http://boards.fon.com//viewtopic.php?t=2328

Here is the advice he recieved:

dicks [Thu Oct 26, 2006 05:02]: https://web.archive.org/web/20080515210639/http://boards.fon.com//viewtopic.php?p=14337#14337
La Fonera uses an Atheros Mips CPU running in big endian mode. OpenWrt is built for Broadcom MIPS CPUs running in little endian mode. So you will need to build your applications yourself, using a big-endian tool set.

Nerokak [Thu Oct 26, 2006 12:24]: https://web.archive.org/web/20080515210639/http://boards.fon.com//viewtopic.php?p=14347#14347
Can i build package in big endian mode from FONbasic 0.6.6 source?

Freddy [Thu Oct 26, 2006 14:51]: https://web.archive.org/web/20080515210639/http://boards.fon.com//viewtopic.php?p=14354#14354
you can, you just need a big endian toolchain (use mips instead of mipsel in TARGET)


On Oct 31, President of fon, Martin Varsavsky, announces the official release of the open source firmware for La Fonera in his English-language blog: http://english.martinvarsavsky.net/fon/fon-publishes-source-code-.html

The code was located at this address at that time: http://download.fon.com/firmware/fonera/latest/fonera.tar.bz2

He asks that people who have examined the code and wish to submit improvements email them to:

mailto:iurgi@fon.com or mailto:iurgi@fon.es

He’s apparently recruiting OpenWRT developers for unspecified projects, to be paid for by grants from fon.


Stay tuned for more developments!