Rubénerd!

I can confirm it works brilliantly, and better than the stock internal wireless card on my ThinkPad X61s!

You won't let me connect?

The Intel PRO/Wireless 4965 card is an odd beast. It can connect to any wireless network I throw at it, enterprise or otherwise. That is, until I take my ThinkPad X61s to UTS (my university) and attempt to connect to their PEAP WPA2 network. Occasionally enough to be weird, it'll troll me and connect, otherwise I'll be prompted for my password four times, then it'll fail. It's like interfacing with a customer support hitline.

I mistyped "hotline" as "hitline". I think I'll leave it.

I'd all but given up and decided to start researching replacing the internal wireless card. As much as I'm a fan of Apple's minimalism, I'm also a fan of ThinkPads modular design with easily accessible bays for all the major components, and replacing the wireless card would be trivial.

And then I remember I had an alternative. It came to me in a vision. Or a drawer, or something.

You'll let me connect?

I bought this Belkin F5D7010 G wireless CardBus card originally when I ran FreeBSD on my Armada M300. The same card you see in the photo above can be seen in this post from 2008.

As people who run FreeBSD and Linux can relate to, typically we have to be a bit more careful about what hardware we use to ensure compatibility with our more limited set of drivers. It had worked flawlessly on FreeBSD, so I thought I'd give it a whirl on Fedora.

I took it to UTS, and it's connected almost every single time, without trouble. Well, without any more trouble than we all face connecting to UTS wireless. Mmm-hiven-maven.

The Belkin F5D7010 is based off the Broadcom bcm43xx chipset, which thanks to the tireless efforts of reverse engineers (sounds like people building a backwards bridge) and later Broadcom releasing more limited drivers, this card works flawlessly on Fedora (and FreeBSD). If you have an older laptop, buy this card with creamy, chocolate filled confidence.

In 2011 I discussed how I was giving Google the benefit of the doubt regarding their harvesting of open WiFi data, and that it was consumer network hardware manufacturers that should be working to protect consumers. I was... at least partly wrong!

Uh-oh

From my Google's non-existent whitelists... exist post I wrote on the 11th of March 2011:

Take the street view controversy. While I think Google engineers were short sighted by not closely studying the source code of the software they put on their trucks and drove around the world, I don't believe they did it maliciously.

Unfortunately, we now know that isn't true. From Stilgherrian:

So, you know when Google’s Street View cars, the ones taking photos down every street, were also accidentally scooping up people’s unencrypted Wi-Fi traffic? Turns out the engineer who wrote the software did it deliberately, and his boss knew he did.

The European Union isn't impressed, and may reopen their case against Google. To quote John Gruber:

Uh-oh.

But the networks were open!

Back when this controversy started and people were blaming Google for stealing people's data, I read an equal number of posts from other bloggers blaming people for having open wireless networks in the first place. I acknowledged this:

These signals were being broadcast in the open, and while the scale of Google's downloading may warrant further scrutiny, it skips the real issue that people are still broadcasting unencrypted data out of their homes for anyone to gain access to.

Still, I didn't go as far as to blame consumers.

Rather than blaming consumers (which is always an easy thing to do) however, I place the blame on network hardware manufacturers for selling devices that didn't make this clearer.

Unfortunately, we now know in hardware manufacturers attempted to make security easier for consumers by implementing WPA2 standards, and in the process introduced a security vulnerability so severe it bypasses the otherwise strong encryption used by them. All of course except Apple, and I remember people chewing me out for having a Airport Extreme base station... heh ;D.

Regardless, there are a lot of issues at play here, not least the ethics of some Google engineers. Any company can/does have rogue players, but the key is transparency. Only disclosing this now rubs me the wrong way, a little.

If you've attempted to get your broadcom-wl device working on 32bit Fedora 15 and NetworkManager subsequently hides wireless connections completely, you may be running a PAE kernel. In which case, you need something else :)

Whoops

First, check your uname to confirm you're running a PAE kernel. If PAE doesn't appear in the string, you aren't. If it does, you are. Cheese Steak Jimmys.

% uname -a

I'm not a full time Fedora user so I can't confirm whether all 32 bit builds of Fedora 15 (or previous) had physical address extensions, but installing it on an older Athlon machine this afternoon with less than 4GB of memory still installed a PAE kernel. Interesting.

Installing

Make sure you've enabled the rpmfusion free and non-free repositories as per their FAQ. If you've installed kmod-wl already, remove it first:

% su -
# yum remove kmod-wl

Then install the PAE enabled version.

# yum install kmod-wl-PAE

This will pull across the broadcom-wl dependency. Restart, and you should have working wireless, assuming you have a BCM(4311, 4312, 4321 or 4322) based wireless card and that broadcom-wl is what you need.

There was a discussion on Slashdot this morning about WiFi access at Starbucks in the States, so I added my own SG$0.02 about the free access here.

Probably not all that relevant to this discussion, but my SG$0.02.

All the Starbucks branches here in Singapore have free WiFi provided you register first, it's part of the government's Wireless@SG initiative, which I can forgive the corny 1990s name for because it Just Works. The irony is this free internet is faster and more reliable than the ADSL I was paying a small fortune for back in Australia!

There's a huge coffee shop culture here. It's really fascinating to see Starbucks (and Coffee Bean, and Killiney etc), even at 11pm they're absolutely packed with students studying on their MacBooks and business folk frantically typing away. I asked a few local friends why, and mostly it's because apartments here are so small an overpriced cup of coffee is a small price to pay for a comfy chair, relaxing music and a place to do some work on the Internets without your siblings making noise in your ear.

Having only just sat at Starbucks to do some programming and cleaning out my desktop (I let far too many files accumulate) I accessed the free WiFi and launched Firefox only to see the above dialog presenting me with a NoScript update. Problem is, I'm connected to the WiFi hotspot but not to the open internet! Spooked out stuff.

In this circumstance I was presented with the above NoScript update notification when I connected to Wireless@SG but before I had entered my login credentials, so it couldn't have requested and received information from Mozilla yet. At least I hope not, for security sake!

The only thing I can think of is Firefox pings for updates while running but doesn't download them, then if the application is relaunched it checks if any extensions have been flagged as outdated and proceeds to download them. I love the word ping.

I suppose in this way it doesn't download updates in the background which may slow a client's machine down... which is already slow from running Firefox, but instead just checks for the existence of updates. I think that's right, is it? Time to dust off my Mozillazine forum account?

Attack vector?

Picture this: say you were a malicious hacker in a public WiFi hotspot and you wanted to allow some remote code execution on some machines for your own mischievous purposes.

When a person connects to a [typical] hotspot they would connect to the WiFi network, then open their browser and use the web based login screen for the hotspot provider to authenticate. The way this works is the remote server or router equipment would automatically redirect all traffic from any specified domain to the login screen.

If you could somehow get access to the router (still too easy to do due to a combination of weak passwords and being in the open) and modify it's DNS settings to point all requests to the login screen except for the URL Firefox (or Chrome, or Opera...) uses to check for updates, could you perform a man-in-the-middle attack and provide a false update flag, followed by a false update executable that could contain your code? People would launch their browsers and not realise they don't have access to Mozilla.org yet, so when they're told there's an update they'd go ahead and download it.

I don't know too much about Firefox's internals, probably updates are digitally signed in some way to prevent MITM attacks, at least I hope they are. If they just rely on the URL being well formed and expected, a DNS attack like this could get around it.

Hey wait a minute, its even easier!

*viscously bangs head on table!*

Stuff all this "accessed the WiFi before they log in" trickery, if you could break into the router and modify DNS you could do that even if they are logged in, and presumably you could do plenty of other more sinister things too.

I find talking about things like this out loud is a really fun and useful thing to do because in explaining my idea I better understand it myself. In this case, how silly my example really was!

I'm typing this post from a small café next to our hotel in Dublin and boy it's freezing! There's snow lightly falling outside and the footpaths are slick with ice which has caused more than a few bruises in the last few days, but we've still been thoroughly enjoying ourselves! Anyway I was going to save blogging until I got back to Singapore, but I couldn't resist when I saw the above ad.

Yes, having just logged into the free WiFi at said coffee establishment, I was presented with the above advertisement which, if you care, looks almost like a square but is in fact a stumpy rectangle. A pointless and utterly stupid observation about size is not the humerous part of this yarn though, I found it to be pretty ironic this free WiFi hotspot is sponsored by Dublin Airport with the slogan "flying has never been easier" given its closed due to the freak Arctic weather conditions! Then again I can't seem to access Twitter tweets on it anyway, so perhaps saying the two are alike was intentional. Makes sense.

We'll be back in Singapore in a few days, can't believe we've been in Europe now for over two weeks. WiFi has been very hard to find so I gave up the prospect for live blogging, so instead I'll be uploading photos and blogging about places upon our returny substances. Return-y substances?

Update

I've been informed the above graphic, had I cared to click on it, is for an airport in the UK and is in fact not Dublin. Must be all the Guinness :). Given many of the airports in the UK are closed too the point of the post still seems to stand though!

Can't see the image?

Neither can I now that I'm using Firefox again. Perhaps Adblock Plus attacked it!

Little tip for those who use Qmax for their Wireless@SG provider, because you're not using SingTel or StarHub it means you can log into the free WiFi services at both Starbucks and the Coffee Bean (to use the places I frequent as examples) regardless of the carrier and use the "local roaming customers" option, very cool!

One thing you have to keep in mind though is how you enter your username. On SingTel when you select Qmax the username field will be populated with @qmax.com.sg so you just have to enter your username at the beginning. On StarHub when you select Qmax they fill in the email address part but only after you've hit the [SUBMIT] button! In this case don't worry that you've only partially entered your details, when you enter your username and submit the form it'll still work.

Now if I could get the Singapore Information and Development Authority to pay me for help posts like this we'd be in business.

Great news for us who use Singapore's Wireless@SG WiFi hotspot programme, the free service has been extended to 2013! From Channel News Asia:

SINGAPORE: Singaporeans who have become used to surfing the internet on the go will be able to do so for another four years. [...] The government says it will be enhancing and extending the Wireless@SG programme till March 2013.

Acting Minister for Information, Communications and the Arts, Lui Tuck Yew [...] said since the launch of the Wireless@SG programme in 2006, the programme now boasts 7,500 hot spots across the country and 1.3 million subscribers.

The new enhanced programme will include improvements to access speeds of up to one megabit per second, double the current bandwidth, and using a new seamless login process.

I first talked about Wireless@SG on Rubenerd Show 191 back in 2006, ironically when I was living in Malaysia.

UPDATE, 20:16: Jim talked about this issue on his latest audio magazine and posted a comment below. As Jean Luc Picard would say: "stand down red alert!"

One of the great things about Whole Wheat Radio, the internet radio station and collaborative wiki for independent artists and just damn nice music, is that you can listen to it anywhere where you have a stable internet connection! Unfortunately, recently it seems to have issues with Wireless@SG, Singapore's free island-wide WiFi service. When I was at Starbucks yesterday evening at 23:30 having a well deserved Chai Latte (I figure it's not good drinking coffee at that time of day!) I got the following error message:

I was very used to seeing this message both at home and in public WiFi hotspots when I lived in Kuala Lumpur in Malaysia in 2006, but this was the first time I'd seen it here. I assume it was because in Malaysia the broadband provider TMnet shoehorns many customers onto the one IP address in places and uses some form of NAT system, and perhaps Wireless@SG in Singapore is doing a similar thing.

One thing I have noticed about Wireless@SG is the number of IP addresses you're served at any given time. Sometimes I can be sitting at a Starbucks, Coffee Bean and Tea Leaf, San Francisco Coffee or Dome for several hours at a time (coffee shops are so much nicer to study and work in than a study hall, and they're a nice change from sitting at home all day) and I've noticed my MacBook Pro will be served 20 or so new addresses in that time period. In that case, I certainly can't blame WWR for blocking me, I'm sure from their end such activity looks pretty sus.

I guess just like my detailed documentation on Whole Wheat Radio audio players for Linux and FreeBSD, this information would probably not be useful to most people, but just letting potential Singaporean listeners know that it's not their fault, or WWR's fault, it's the WiFi system. Perhaps WWR here is best listened to at home.

If there's any better way to start a day, I sure as hell don't know about it.