Wireless APs in Homebrew Coffee Shops? 523
An anonymous reader writes "Having seen lots of complaints about the overpriced T-Mobile Wireless APs in Starbucks ($10/hr) got me thinking about setting up a wireless AP for the small, family-owned coffeeshop in my town under the tip jar model. I'm assuming ~$100 for the router, ~$500 for a PC to use to control quotas (to prevent over-zealous Kazaa users, block spammers and script kiddies and other would-be abusers) - but what software should I be using? Do enough people have 802.11a/g cards that it would be worth it to invest in that rather than an 802.11b router?" Has anyone considered making a Linux distribution for use by cybercafes, to handle wireless access and anything else such an outfit might need?
"Since this is a medium (50,000-ish) size town, and pretty much everyone in the coffee shop is a regular, would a tip jar model work? I'm figuring suggest a donation - what should I set that at?
Finally, keep in mind that the owner is not a geek - I'd be doing this when not studying (I'm a college student), so this would be set up over the summer, and most of the maintenance would be done on the weekends and/or via SSH.
Any other thoughts would be appreciated."
cafe software (Score:3, Interesting)
http://www.baspe.com/baspecafe.html
Re:wep key on receipt! (Score:5, Interesting)
Semi-honor system.... (Score:3, Interesting)
I would suggest changing the password daily, and giving it away free to people who spend $5+ (?) when they come in. Anyone else can pay 50 cents extra for it. It would be sort of an honor thing for people to not pick up a slip laying around and surf free.
I think anything that requires you to give out individual passwords would require you to raise your price on access by $1 just to cover the administration. If you don't change passwords regularly, people in neighboring businesses are likely to start using your connection.
Keep in mind that you will be providing a connection that could be popular with people trading kiddie porn if you are not careful. I would recommend putting a bandwidth cap of 128/16kbps or 256/16kbps to keep the roaches off you net.
Hopefully you already realize that you will be violating the TOS for any household internet account. Buying a business account will likely double the ISP cost.
Re:I think your estimates are way too high (Score:5, Interesting)
Re:cafe software (Score:2, Interesting)
Re:NoCatAuth is all you need (Score:5, Interesting)
The first time you connect to any website you are redirected to a local webserver that prompts you for your name/pass. you key it in, and now your mac or ip is "authorized," and the rest of your connection is completely unrestricted. You cant do anything else until you login to their web server, and once you log in your ID is "used up."
pretty slick, since it requires zero geekness for whoever is at the register, they just sell cards like any other product. I'm pretty sure their backend is based on nocatauth
You're forgetting why Starbucks charges 10/hour... (Score:2, Interesting)
Re:wep key on receipt! (Score:3, Interesting)
College Students (Score:4, Interesting)
Re:I think your estimates are way too high (Score:2, Interesting)
cheaper, 802.11b accesspoints are $20.00 at best buy. pci cards that are linux compatable, are much harder to find, and are usually more expensive.
never EVER use a wireless pci card for anything except long range link points.
Re:I think your estimates are way too high (Score:1, Interesting)
So, sniff someone's POP session, replay it, then use that command to send some spam. It's far fetched, but it could work.
Re:No PC (Score:5, Interesting)
It should be pretty easy to spot this kind of thing...keep an eye out for out-of-hours connections to the wireless access point and block their MAC address.
dirt cheap and easy... just like i like my girls (Score:3, Interesting)
PC (FOR CONTROL) - the owner probably already has one. spreadsheets for payroll etc. Many ap's can be controlled with just a browser.
TECH SUPPORT (FOR CUSTOMERS) - don't do it. free internet access, but customers must set themselves up. Besides, if someone is lost, they could always ask someone else with a laptop to give a hand.
SECURITY - two options. As many have pointed out, WEP Key on receipt. Or, just have open access (sounds crazy, but so is anybody who submits sensitive information to a non SSL page). Either way, have a disclaimer posted.
QUOTAS (referencing the Kazaa statemnt) - port blocking would be easier. Still, I would wait and see if this is really an issue.
MONTHLY COST OF INTERNET ACCESS - That's the real cost that matters to the owner. That and whatever you charge him to support the thing.
-t
Re:wep key on receipt! (Score:5, Interesting)
Users are much more familiar with this approach and it is no more complex (less actually) than the revolving WEP.
Re:Best ones are free (Score:3, Interesting)
Heck, I would just provide the access via a solid wireless router. I would make it free and open to all. Block ports of known things you don't want running (KaZaa etc). That is all I would do. I would also do the tip jar just to get some extra cash to help pay for the access (but don't expect too much). And finally I would put up a clearly visible, but not obtrusive, sign that says "Free internet access provided. Security not provided." Or something to that effect that would basically let people know, if you use my access, I am not responsible what you do or what happens to your computer.
I would not worry too much about quotas or stuff like that.
One more thing - I would spend some solid money on the router - the coffee house I go to (JPs) sometimes will choke up and need to be restarted. They just have a simple Linksys one.
Provide 802.11 but no AC outlets (Score:5, Interesting)
Check out Mountain View Coffee shop (Score:2, Interesting)
College Perk in College Park (Score:3, Interesting)
Another place in the area told me "we don't have wireless because I don't want people coming in and just using the Net and not buying anything."
OK, well, guess where I buy my coffee now?
Also at College Perk, I organized a Chat [thesync.com] with the Baghdad Internet Cafe [iraqbaghdad.net] that brought in many customers.
Somewhat false info (Score:1, Interesting)
Re:Thoughts (Score:1, Interesting)
I work for a small ISP and this is something we've looked into.
Your mom. (Score:3, Interesting)
At least, mine does. So does anyone else who has a recent Mac. She might well wind up in such a place, if she was travelling with her laptop, which of course she does -- and in that case, she would surely be able to handle a simple web proxy form, but not a WEP password.
Re:wep key on receipt! (Score:2, Interesting)
Blocking ports (Score:1, Interesting)
Also, I'm probably in a fairly small minority here, but I'd want to be able to ssh to my home computer, especially if I'm on the road. I have gotten so reliant on ssh and especially sftp - I constantly forget needed files, because I know I can just sftp home and grab anything I forget to bring with me.
Friendliness vs. Paranoia - the More Coffee Model (Score:5, Interesting)
WEP isn't necessary for your customers - the main reason coffee-shops use it is to restrict access to paying customers, and you're not doing that - you're selling them friendliness and coffee and chair space and pastries that aren't too sticky to eat next to a computer. If you've got an issue with one of your neighbors sucking down bandwidth, that's different, of course, but setting WEP is an obstacle for users, especially if they've got their own WEP settings for their home or office.
Security and quotas are less necessary than you'd expect, as long as your DSL ISP is good. Start open, and maybe monitor usage and see what problems you get, rather than starting locked down tight, i.e. use your router's security features rather than buying a PC to start with, unless you also want to have the PC for customers who don't bring laptops. (And if your ISP is the uptight, policy-heavy types, running free or especially paid wireless in your store probably violates their policies, plus they're probably already restricting SMTP.) For consumer DSL ISPs, I'm quite happy with sonic.net, Speakeasy's also good and has nationwide coverage, and ever Earthlink's not too bad. Business DSL providers will charge a bit more, and tend to have flexible policies. Cable Modems are a much better match technically, but are run by terminally clueless paranoids who don't understand their business models, so you can't use them except maybe with a higher-priced business-class service.
You're unlikely to have much problem with spammers - geeks hate them, and have fun imagining scenarios like drive-by spammers, but in a small town, it's more of a know-your-customer thing. If you're in a college town, or get lots of high-school kids, you may need to worry more about crackers using your system. On the other hand, you need to leave things open for gamers, and the problem there is making sure the high-school kids keep buying enough drinks to make up for chair space. KaZaa's not really much of a problem, as long as your ISP doesn't ban it, because users are transient enough that they won't be doing much uploading, just leeching.
Re:wep key on receipt! (Score:3, Interesting)
Assuming you have your router/firewall nicely blocking abusable ports, you could just write the WEP key on a card by the tip jar. Smaller than the "Support Community Internet" sign of course
A lot of routers support ASCII keys, so the staff can think up funny ones to use and the customers won't have to sit by the tip jar while entering the key.
As for "no access without purchase" or somesuch, think of it like reading the magazines. If someone plops down to surf and is too cheap to buy a coffee, it's at the staff's discretion to tolerate them or not. Same for excessive downloading - just like if someone's hogging all the magazines, it's usually enough to just point it out to them.
I would also put a nice silent little mini-itx system somewhere so the staff can easliy change the WEP key a couple times a day and can check e-mail when bored. And I'd have that little station free for customers too, just don't hog it.
A good way to prevent hogging of a free terminal in a cafe is to make it a little conspicuous. You have to stand up to use it, and there's no way to really hide what you're doing from others. Have a place to put down your coffee but no workspace. I've seen this done and it works great - people check their email or look something up on the net and don't stand there forever preventing others from using it.
As for the technology, 802.11b is probably enough for any normal sized community cafe, but you'd want g for bigger college-town setups.
I think it's a Good Thing for the customers who don't already know about WEP to at least learn enough to change the key. Print up a little flyer with simple explanations and a bit of propaganda about open-source and community networking, etiquette, etc.
And of course the little stand-up terminal should run a sweet desktop Linux (or *BSD), which would likely be a first impression of free software for a lot of people.
You're ready to go for under $500 plus the broadband fees.
Man, now I just need to open a cafe!
Re:I think your estimates are way too high (Score:3, Interesting)
I agree completely! Remember the ComputerWorld article about wireless access at Panera Bread restaurants [computerworld.com]?
Perhaps just amend the note on the tip jar: "For excellent service AND wireless access!"
watch for lawsuits! (Score:3, Interesting)
I laughed, but they were completely serious. Apparently libraries have been sued before [crosswalk.com] because of the content of the internet! But if the library installs filters, they violate first admendment rights. [findarticles.com]
I know this doesn't help with your decision, but you might want to have some sort of disclaimer up stating the cafe is not responsible for the content of the internet.
Re: Why block IRC (Score:3, Interesting)
We thought about this one. In my experience, IRC is used as a conduit for zombies, viruses, and the like far more than it is used for people chatting. To be specific, I have noted blocked IRC traffic (ingress and egress) in the firewall logs, yet never once had anyone complain that something was not working. This includes several office environments where I have set up the network, including the firewall. I figured the one or two people who need (or even want) it would shout about it and I would let their machine through. But to date, not one such request.
In the situations where I could examine the internal computers that were attempting to connect via IRC ports, I always found them loaded with spyware and/or viruses. Always. A round with an up to date anti-virus tool, as well as Ad-aware or Spybot, and the IRC traffic ceased.
I have nothing against IRC, but my experience has been that not many people use it. If you come down to Lake Anne, let me know and we'll see what we can do. I opened up the VPN ports and protocols after someone requested it, and it made sense.