From "Happy Hacking" to "Screw You"

tquid writes "Trying to bridge the digital divide in Canada's poorest postal code, a principled group of hackers adopt "open source"-based technology spun off from an MIT project. Then the terms on the hardware are changed, and changed again, and then firmware to lock out the frustrated group's software is installed, screwing them out of their investment and many hours of development work."

Anyone know the details of the MIT agreement?

[elrous0]

Wasn't this was originally developed as an open source project at MIT? I imagine their original agreement with MIT probably precluded this very thing (locking it down). If not, I would be very disappointed with MIT.

So talk to them?

[Anonymous Conrad]

So why not talk to Meraki and see if you can work something out rather than whining about it on your blog?

You didn't disable the auto-update?

[Anonymous Coward]

I learn that my failure is due to the fact that Meraki has automatically updated the software on all of the units (including legacy, such as ours)

Didn't you say you wrote your own firmware? Why didn't you disable the auto-update? Did your original agreement allow them to change the software without your confirmation, or worse, did it force you to give them access to your hardware for this purpose? Why don't you use a bunch of WRT54gs with OpenWRT or the Freifunk firmware [freifunk.net]?

Re:Anyone know the details of the MIT agreement?

[tonyreadsnews]

That is exactly what I'm thinking. Meraki's stuff is all based on the MIT open source stuff. So why can't this group just go back to the original source and build the part that someone else made proprietary.

EULA doesn't apply

[Anonymous Coward]

How does a EULA apply to hardware? Unless they're leasing the hardware there's no license involved.

I was considering Meraki...

[Thelasko]

until I read this article. My building is going condo and I am considering bringing up the concept of a building wide wireless network at our first board meeting. I am even toying with the idea of sharing with the neighboring buildings. The only commercial product I have been able to find is Meraki. Does anybody have any other suggestions?
Please forgive my English, it's Monday.

Re:Anyone know the details of the MIT agreement?

[Wodin]

Can they not use jtag to fix them?

Re:I used to work a couple blocks from there

[elrous0]

Dan Rather did a recent profile of this neighborhood on his "Dan Rather Reports" show on HDNET. I never know such places existed in Canada, but there are bad neighborhoods everywhere I guess. Still, I've seen a lot worse in the U.S. I used to live near East St. Louis, and that place was more like a shelled-out DMZ than a town.

Re:I don't think they are viable

[the_humeister]

Couldn't just get a bunch of Linksys WRT 54GLs, load OpenWRT, and setup that way?

Re:Illegal?

[pavera]

It depends on the original EULA that they obtained the hardware/software under. Under the original license under which they obtained the hardware there was no "you cannot hack this" clause, now if the original EULA has a clause about "we can update this EULA at any time and the changes will be applied retroactively", and a court buys that that is a legally binding term (I can't believe it would, because what is to stop any proprietary company from getting a huge installed base by giving something away, and then changing the EULA and saying "oh, to continue using this software, you now owe us $1000"). If those 2 things are true (the original EULA has that clause, and a court allows them to retroactively apply additional restrictions), then it is not illegal. If either of those is false, then it is. They purchased the hardware under the original EULA which permitted changing firmware. The company cannot retroactively apply a new EULA with more restrictive terms to hardware that has already been purchased I don't think, unless a court can be convinced that you can change a contract mid stream. Again if they can, it would allow all sorts of shenanigans by proprietary vendors, heck even open source developers could apply this to GPL'd software and retroactively "revoke" the license.

Re:Anyone know the details of the MIT agreement?

[Muad'Dave]

Isn't that illegal? Updating firmware to enforce a new EULA that otherwise would not have applied? Sounds Microsoftian to me.

Re:Vendor lockin is a myth

[wertarbyte]

Fon has also tried to lock out hackers from their hardware - although the moment they sell it, it's not their hardware anymore. There are still some hacks that work and give you SSH access, check my website [datenbruch.de] about it. Although my latest hack ("kolofonium") does not work with the latest firmware, there are still many systems using it: http://stefans.datenbruch.de/lafonera/kolofonium-chart.png [datenbruch.de] So you can guess how many of the sold FON spots may still be active; FON managed to alienate many advanced users that wished to participate but were locked out of their routers.

Re:I was considering Meraki...

[qw0ntum]

Nope! Their nodes are from Accton, independently produced. And unbranded, too. They actually run on the same Atheros chipset that the Meraki nodes and the Fonera nodes use, so performance is very similar. Also, ROBIN will run on several other hardware platforms. Take a look at the ROBIN forums [forumup.it] to see what other platforms people have gotten it to run on.

Re:Vendor lockin is a myth

[mellon]

Your claim that they are taking a loss at $50/unit doesn't make a lot of sense. First of all, if that's true, then why is it that the open-mesh guys are able to sell an identical unit for $50? The problem isn't that they were taking a loss - it's that they weren't making enough profit. Secondly, consider Linksys routers. You can routinely buy these for $50 a pop, and they contain a lot more hardware than the Meraki. If Linksys is making a decent living in this business, why can't Meraki?

The bottom line is that Meraki has a losing business plan, and that's why we're seeing all this thrashing. There's no way they can make money fast enough to satisfy their investors at $50/pop, they need to monetize their dashboard system, they need ads, and that's just not what most end-users want. All of this stupid price model tweaking stuff they're doing is almost certainly motivated by promises they made to investors that they subsequently couldn't keep.

If they are in fact poisoning the firmware (I have two Meraki minis, but haven't had a chance to confirm that their firmware is poisoned), I'm pretty sure this is a felony, but I'm not sure it's worth the trouble to prove it and fix it. Given that the open mesh boxes are $50 each, I can just buy two and replace the two Merakis I bought as a test project, and I'll come out ahead. It's too bad for the people who bought hundreds or thousands of these devices, though. For them, it might be worth consulting a lawyer.

Re:OT: Corollary to Tiller's Rule

[Fred_A]

I have the opposite problem to this "Tiller's Law": I read way more than I converse, so quite often pronounce words incorrectly!

Happens to me an awful lot, especially with English as a second language. And of course because spelling only ever has a very remote connection to pronunciation (not to mention the fact that people in the US have their own pronunciation *and* spelling, and sometimes even words). Although that's a problem in many languages unfortunately.

Re:Vendor lockin is a myth

[Watts Martin]

I hope you'll forgive me for gently tweaking you on the Markets Are Always Your Friend! speech, but your assertion that "If it were a one way street, SCO would still be in business" is highly amusing. You should know, of course, that SCO is in fact still in business, and has recently been tendered a buyout offer by a private equity firm that claims to be willing to pump up to $100M into the company.

Markets with rational actors may function perfectly, but markets rarely provide everyone with sufficient information to act rationally -- and something that tends to be ignored by much "textbook economy talk" is how often it can be in one actor's best interest to try to prevent other actors from obtaining sufficient information to make informed choices. Consumers benefit from a wide choice of producers, but producers benefit from consumers only being able to choose their product.

It's easy to talk about "two way streets," but very often our business transactions aren't that at all: the companies we buy from set all the terms of our sales, and as consumers, our only option is to accept their terms or walk away. (For many workers, this is true of employment contracts, too.) In the case of this article's subject, Meraki essentially changed the terms after the sale, making actual changes to the router which changed the viability of the "micro-ISP" business model they were explicitly selling their product for. If it was truly a "two way street," it wouldn't have been in Meraki's self-interest to screw a percentage of their customers -- the conditions that allowed them to make that business decision include the difficulty in their customers switching to another competing service. And despite what the Big Golden Book of Economics might suggest, this is not some kind of strange and wild condition like nothing we've ever seen before in the business world.

Re:EULA doesn't apply

[Anonymous Coward]

It doesn't. At least in the US, according to my understanding of the Doctrine of First Sale - you own the hardware, so you can do what you want with it. They can use technical means to try to keep you from doing that, but they're hampered by a combination of factors: (1) their solution has to work on hardware they've sold already, (2) they don't have all that much control over the platform (it's a common wireless access point chip, with non-Meraki drivers available), and (3) some of their code is GPL.

As someone has pointed out, GPL v2 doesn't have any non-Tivo-ization clauses, but the combination of points (1) and (2) make it hard for them to lock things down. (of course, they could always do what a cell phone company does, and sign you up for a service contract rather than selling a product. I wasn't willing to put my credit card details in on their website to see which it would be...)

I'm rather bummed about these developments personally, as some of my colleagues have done some cool mesh networking research at UMass with these devices, and it sounds like it won't be possible anymore.