From "Happy Hacking" to "Screw You"

tquid writes "Trying to bridge the digital divide in Canada's poorest postal code, a principled group of hackers adopt "open source"-based technology spun off from an MIT project. Then the terms on the hardware are changed, and changed again, and then firmware to lock out the frustrated group's software is installed, screwing them out of their investment and many hours of development work."

Illegal?

[Anonymous Coward]

FTFA:

This is expecially bad form (and probably illegal) given that their stuff was all orginally developed under an open source licence.

How can this possibly be illegal? AFAICS it's MIT-licenced code plus some GPL v2 and there's no Tivoization clause in v2.

Article text

[Anonymous Coward]

(Article loaded very slowly for me, so it will likely be slashdotted soon.)

I've been following the development of mesh wifi technology for several years now. From the moment I first grokked what was going on with it, it struck me as a great disruptive technology. One of the most successful early projects, and one that I followed with a great deal of interest was MIT's Roofnet project [mit.edu] - an implementation of commodity hardware and open source software, built on Linux, which provides wifi coverage for MIT's campus.

In 2006 a spin-off company named Meraki [wikipedia.org] was formed to develop and commercialize the MIT Roofnet technology. At the time I was on the board of the Vancouver Community Network [vcn.bc.ca] and had been championing more development of wireless technology. We immediately ordered 9 of the first beta units to try out. The technology was cheap ($50/unit) and it worked but what prevented us from going any further with it was the pricing model that they decided to adopt - $5/node/month for access to the "dashboard" - the real-time monitoring software that they were developing for managing the networks. We decided that this cost was prohibitive for our purposes and the Merakis were shelved.

In September of 2007 I heard about a group of Vancouver community wifi enthusiasts who were getting together with the goal of setting up community wifi in Canada's poorest neighbourhood. I came out to a meeting and invited along some people whom I know are interested in any project that is about bridging the digital divide. The technology that was trumpeted at that meeting was Meraki. Since my previous brush with them they had changed their pricing structure and now they would let you run a free network (with free access to their dashboard) or a subscription (paid) network for 10% of your charges. We (the group, which came to call itself " FreeTheNet [freethenet.ca]") were unanimous that the free option was what we wanted to do and we quickly began building out a public network.

In October Meraki announced that they were changing their pricing model (yet again) and that they would be vastly raising the costs of their hardware (tripling, in fact). I remember going to their website to learn more about what they were doing and their new marketing slogan was something like "Build your business using exciting new technology where the rules of the game keep changing " How ironic; I wish I'd kept a screenshot of that! Under their new system there was no way that we could build out the network we envisioned. At roughly that point, one of our most experienced hackers said "forget Meraki", we're going to write our own firmware and dashboard and promptly started researching that. By late Novermber he was able to demostrate an open routing firmware called B.A.T.M.A.N. [wikipedia.org] running with a mesh helper inside called Robin [blogin.it], that provided the same functionality as the Meraki firmware. This could be installed in the commodity Meraki hardware which greeted you with a friendly and encouraging "happy hacking" when you logged into it via the console.

Over December and January he worked on adding features that we wanted to our network to have (and that we had previously been encouraging Meraki to build to improve their system - things like per node custom splash screen, enhancements to the dashboard to improve scalability, etc.) All of this was being tested on Meraki hardware because this is what we had spent our money on back when they supported and encouraged the kind of work we were doing.

Then in February Meraki announced a change to their EULA (End User Licence Agreement) which precluded anyone from changing any of the software that they install on t

Re:Slashdotted

[calebt3]

The post above yours [slashdot.org].

Re:Vendor lockin is a myth

[lordofthechia]

So Meraki then does all it can do at that point, force the HW to only run the special software and try to get back into the market.

Well besides tripling the prices of units (which the company is free to do all day), the pushed firmware upgrades that crippled existing units preventing them from being hacked (which is one of the main gripes in the blog).

I used to work a couple blocks from there

[MichaelCrawford]

Canada's poorest neighborhood is known as the Downtown Eastside. I used to work in nearby Gastown.

I found the contrast between most of Vancouver, which is otherwise one of Canada's most prosperous cities, and the Downtown Eastside so stark as to be completely overwhelming. There was a time when I had been one of the urban unfortunates myself, as I have a mental illness that was at one time quite severe.

I became determined to help those that I could, often buying meals for those who asked me for spare change. But it got to be more than I could bear; the stress of it put me back in the mental hospital - I was brought to St. Paul's hospital on Burrard by an ambulance, where I stayed for three weeks in their Two-South Mental Health ward.

I discuss Vancouver, and many of those who I met there, in my weblog The Vancouver Diaries [vancouverdiaries.com]. That is, the entries before June 30th, 2007, when I moved back to the US. I kept blogging at the site, as I intend to go back someday, but for now I live in Silicon Valley.

I have to say, that the company that remotely installed this firmware, breaking their project, why they have to be worse than The Grinch Who Stole Christmas. I don't think I have in my entire life met so many people who are so unfortunate as the residents of the Downtown Eastside. I hope they have a change of heart.

Re:Vendor lockin is a myth

[Anonymous Coward]

Fon is backed by some very big investors, including eBay, Google and two big venture capital companies, so they have money to burn. The FON hype has dried up almost completely since they stopped giving away the routers (necessary action because the free hardware became too popular with the hackers.) It is not apparent whether FON is currently making a profit, what their business plan is and if it can work.

Re:So talk to them?

[eokyere]

because biswas and his ilk are a bunch of cunts. if you lack background on this, well here goes:

Meraki initially offered robustly featured indoor and outdoor nodes (which act as routers or repeaters) for $50 and $100. The plan was to allow people to become "micro" service providers in regions where cost is an issue or where broadband connections are scarce. The gear appealed to everyone from low-income housing to ISPs looking to add Wi-Fi as an added value service. Meraki quickly became a tech media and blog darling. Then last October the company suddenly unveiled a new three-tier pricing system that jacked up the price of hardware as much as three times for some users. The move bumped some of the functionality users were getting on the cheap (user authentication, billing) into higher tiers. The move annoyed users with deployed networks in the Meraki forums -- who say they were blindsided by the changes.

http://www.dslreports.com/shownews/Open-Mesh-Picks-Up-Where-Meraki-Left-Off-92532/ [dslreports.com] i bought 12 of those 50 buck units to setup a small test project in Ghana, only to have meraki turn around and say "fuck you" to me ... so meraki, fuck you too

Open-Mesh: The Open Source Meraki Alternative

[qw0ntum]

This decline was something people have foreseen for a while. There is a rapidly maturing collection of open source projects to create a real open source Meraki replacement (disclaimer: I am helping develop one of these).

ROBIN [blogin.it] is an open source mesh firmware that can run on reflashed Meraki nodes (well, I don't think it's "allowed" by Meraki anymore, since they've changed their license agreement to forbid 3rd party firmware and have made it really difficult to access the bootloader).

Open-Mesh [open-mesh.com] is the dashboard management service that ROBIN nodes are configured to use. The guy who develops this actually started working on this dashboard when Meraki was still Roofnet - compare the Open-Mesh dashboard to the Meraki dashboard, the similarity is obvious. Also, you can buy pre-flashed, fully featured ROBIN nodes from Open-Mesh.com for $50 each, the same price that Meraki sells their crippled "standard version" of their nodes.

OrangeMesh, is an open-source version of the dashboard being developed that will allow you to host your own dashboard server, completely freeing you from reliance on any third party. You can check out it's progress here. [googlecode.com]

Re:Illegal?

[TheLinuxSRC]

Software licensing isn't the issue; updating his legacy hardware which he purchased under a specific license with specific rights without his knowledge or consent is the issue. Especially when this new firmware update (which he did not authorize but was automatically applied by Meraki despite having been sold with a different EULA) effectively bricks his hardware. This raises the question - Whose hardware is it?

Re:Community WiFi markets bad everywhere.

[CompMD]

"Community and city-wide wifi projects everywhere are failing." I'm sorry, but those of us who have succeeded [lawrencefreenet.org] don't like being lumped in with the rest.

Re:I was considering Meraki...

[qw0ntum]

Check Open Mesh [open-mesh.com]. Just like Meraki, but open.

I call shenanigans!

[radagenais]

Did anyone read TFA?

Meraki patched a not-for-profit group's hardware from remote without permission so that it would no longer run the firmware same not-for-profit developed in-house. They did this to hardware that was BSD licensed when purchased. They either employed a backdoor or abused known customer access credentials (likely the former) to do it.

This is probably illegal and certainly wrong.

(TFA doesn't say if a contract was in play between Meraki and the client that would have authorized them to apply the patches, but its clear that the customer had put an end to the agreement so a complaint against Meraki would be legit.)

At the very least, this is a malicious hack against a customer. But I think its more than that.

If the peeps in Vancouver were left to continue their work, they certainly would have had a "competitive" solution which they would likely have offered up online for all to use. This would effectively make them a competitor, and a dangerous one because unhappy Meraki customers would be the most likely to check it out. I would go so far to say that this was a pre-emptive sabotage (with poor Vancouverites in the crossfire).


I have no problem with Meraki adapting their business model to find something that works. But their actions way overstepped the boundaries of the law. They would have been wiser to handle the whole affair in a more benevolent fashion in the first place. They could have, for example, cut a partnership deal with the non-profit to allow them to participate in feature development under NDA and enjoy a subsidized service. Both parties would have come out winners.

Whenever financiers get involved, they always want to lock up the tech because it is the only tangible asset they can claim ownership of. Meanwhile, they miss the essence of business value, which is in the people and the partnerships and the innovation.

I think that the only way community wifi is going to work is if it is community-run, not-for-profit, and vendor independent. There is no question that we will have this soon enough and it will be running on top of WRTs and other similar APs which are abundant and cheap and have loads of after-market conversion options for outdoor use. I'm disappointed to read all these comments bashing the Vancouver hackers, who deserve kudos for their inventiveness, determination, and good will.

Reflashing Merakis

[sbrsb]

The article suggests that a Meraki software upgrade has made it impossible to reflash them.

Actually, you can still easily make them revert to an earlier version which can be reflashed.

As described here:
http://robin.forumup.it/about99-15-robin.html [forumup.it]

"you can ssh into the Meraki and create edit the /storage/config.local file with whatever you want; in my case:
Code:
echo "firmware.mips.version 6-9163" > /storage/config.local"

And they'll update themselves to an earlier version.

The founders of Meraki have made huge contributions to open source software and it is good to see that others are taking advantage of their great work and making further improvements.

Re:Anyone know the details of the MIT agreement?

[Ed Avis]

They have their code but they can no longer install it on the devices because the manufacturer has retrospectively revoked their access. As has often been pointed out, just having the source code doesn't mean you have control over the computer you bought. This is exactly the issue GPLv3 is designed to deal with.

Re:Vendor lockin is a myth

[jc42]

It is a vendor lock in attempt. Try to sell the original part cheaply to win a customer, then milk the customer when he got the item and needs "fuel" to keep it running.

Except that this isn't what TFA describes. The company sold a product, and then quietly sabotaged their customers' purchased products. This is something very different from trying to "milk" customers for some consumable "fuel". They intentionally damaged the equipment so it couldn't be used in the way it was advertised and the customer was using it.

To use the wornout auto analogy, it's more like your auto dealer sent people around to your house in the middle of the night to sabotage your car, in an attempt to increase your repair bills or persuade you to do a trade-in. Except that in this case, the saboteurs were all too clearly in the pay of the company that sold you the goods.

I do wonder if this is legal in Canada or BC. You'd think that there'd be some laws that would cover such sabotage. With all the laws on the books, was this sort of crime somehow missed?

Re:OT: Corollary to Tiller's Rule

[turbidostato]

"Somehow, Spanish has managed to solve the problem."

I claim bullshit on this. That was Juan Ramón Jimenez's dream (1956 literature Nobel Prize), but we are not quite there.

While it's true you know for certain how to pronounce a word as soon as you see it written down, the reverse it's not: you can't always know how to write a word you heared (as it was the point from the previous poster): 'baca' and 'vaca' sound exactly the same as would do 'hueso' and 'ueso' (if the latter existed, which is not). You would write (relevant word remarked) "*tu* madre" but "*tú* eres", again same sound, different graphs.

Even then, there is an exception on the "phonetic rule": letter "x" changed its sound somewhere in between XVI and XVII centuries (I don't know when), so you have some "oldish" proper nouns written down with "x" (like México, Texas or Xavier) that are to be pronounced as "Méjico", "Tejas" or "Javier" instead (well, I don't know but these three exceptions).

"I'd really like to know how that came about."

Not too difficult: Spanish is a latin-based language, and the cute symbols you use to write down ideas are not called "latin alphabet" for nothing.

The phonetic problems come from the fact that there are "too many letters". Letter "b" and "v" became the same sound about the XVII century; letter "h" lost its sound (it's mute) about a century before. There are letters that have different sounds depending on context ("c" on "casa" sounds like "k"ilo, while on "cerilla" it sounds like in "c"entennial). To make things worse, two letters may overlap sounds ("z" always sounds like "c" on "cerilla", while "c" may sound different. Again, "j" has always a hard sound, non-existant in English -more or less like "aghhh" -listen to a mexican saying his country's name; remember that "x" became "j" afterwards), while "g" may sound like previous "j" i.e.: "gemido" or softer like in "guapo", more or less like "gas"). Then you have so-called diacritic rules about accents ('tu' is possesive while "tú" is a pronoun, but they both just sound the same).

And then, some syntactic sugar regarding irregular verbs (while past participle from "comer" -"to eat" is regular and comes as "comido", "poner" -"to put" is irregular and its participle forms as "puesto" instead of "ponido").

Of course every English-spoken people would find verbal forms quite cumbersome (six diferent persons -three singular and three plural, five modes and about four tenses per each mode, with simple and complex ways all of them... oh! and three regular conjugations depending on the verb ending on -ar, -er or -ir, and a plethora of irregular and defective verbs); not as bad as German, but quite there.

Yes, I'm Spanish.