Thread: Is it theorectically or practically even possible to mooch off if a typical WISP
View Single Post
  #7   Report Post  
Posted to misc.phone.mobile.iphone,alt.internet.wireless,sci.electronics.repair
Jeff Liebermann Jeff Liebermann is offline
external usenet poster
  
Posts: 4,045
Default Is it theorectically or practically even possible to mooch off if a typical WISP
On Mon, 25 Jul 2016 16:31:01 +0000 (UTC), Aardvarks
wrote:

Heh heh. Yeah, if I only had a hot air SMT desoldering station, I could
change my MAC address too.

I bought mine on eBay for about $80. However, it's not quite as easy
as reading all the data from the original chip, editing it, and
putting it back. Many such eeproms have protected areas that can't be
directly read. My luck in dealing with these has been dismal.
Fortunately, such chips are priced a little higher than ordinary
eeproms, making their use in price conscious consumer hardware rather
limited. Some details:
https://www.maximintegrated.com/en/app-notes/index.mvp/id/3771

OK. But that's a lot of work to just get free WiFi from a WISP, and still
more has to be done so as not to get caught (which, I state, would be
virtually impossible and certainly not worth the $100/month WiFi fee).

Suggestions: When looking at costs, I try to annualize the numbers.
To many financially marginal users, $1200/year is well worth the
effort and would subsidize a fairly substantial collection of
electronic burglar and reverse engineering tools.

Yup. That was my point to the guy, nospam, who accused me of stealing my
WISP just because I knew enough about WISP to spout the words reasonably
coherently.

Oddly, I have the opposite problem. Because I know too much about
wireless (and cellular) security, readers automatically assume that I
spend my evenings in front of a computah, merrily hacking my way into
as many systems as possible. This is hardly that case, but it does
improve my otherwise lackluster and boring image.

What I do know is that it wouldn't be easy for me, and even for you,

If it were easy, it would not be fun.

This makes sense that the protocols they are all starting to use (except
Loren, and Herman was *always* using the new protocols) are for
communication reasons, and not for security.

Yep. Because these protocols often do not show up on Wi-Fi sniffer,
finder, and site survey programs, they present a serious interference
potential. I've been told that some have 802.11b compatible beacons,
but I haven't seen any.

Luckily, most of these guys are very nice guys (except Dave over by you who
is only exceeded in crassness by Brett, his Arizona support guy who has an
utterly amazing lack of customer service support skills.

Although we haven't talked in a long time, I don't have any problems
with Brett. No clue on the rest of the company. Several friends and
customers use their mesh wireless service. I don't hear any
complaints, so I presume it mostly works.

I would agree. But I see a few hundred homes on the connection I'm on, and
there are multiple APs they're connected to, even on the same tower (Loma
Prieta is the main tower but others exist in the surrounding hills). They
have fiber-optic backhauls, so, the way "I" understand it (I'm just a
customer though) is that they aren't limited by their backhaul but by the
number of access points they set up and their painting coverage.

The limiting factor is what I call "air time" or how much time it
takes to send something. Since wireless is a shared medium, only one
transmitter can use the bandwidth at a time. If that transmitter
happens to be running extremely slow due or is spewing junk, there
will not be enough "air time" to service the rest of the channel
users. Details if you need them.

Incidentally, mountain tops tend to have fiber backhauls because
that's all the telcos will provide these days. Copper is so 20th
century and so unreliable.

http://802.11junk.com/jeffl/pics/jeffl/

Wow, Jeff. Interesting picture. I've seen the insides of your routers, and
lots of your test equipment over the years, but that 1975 picture sure did
look beatnik hippy to me!

I used a bad title. It was really about 1970. I was scheduled to
renew my drivers license and needed a suitable disguise. I shaved off
the beard but kept the mustache after the license arrived. The common
description was "motorcycle thug", not beatnik.

Is that a park-ranger uniform? Big Basin?

Nope. I was cheap and tended to wear military surplus clothes, much
to the irritation of my father, who owned a factory in the L.A.
garment district. At the time, the industry was pushing "polyester
blend" crap. I wanted cotton and the only way to get it at affordable
prices was military surplus. I think I had about 20 identical shirts.
I still do much the same thing today, but no more military surplus
clothes.

Interesting. Yes, I have seen SSIDs of the sort of a LOS from Loma Prieta
down to Santa Cruz, where I couldn't get better than about -85dBm at the
best but there was never the necessary SNR headroom of a half dozen to a
dozen decibels. I didn't even think about ACKS but the radio does
automatically adjust for distance.

It adjusts, but only to a point. If the timeout is less than the
flight time, it will retry BEFORE the ACK is received. Many outdoor
radios have a "long distance" check box in the settings to increase
the timeout. Few home wireless routers have this feature.

They told me that you can try, but the firmware won't let you, even though
it might *report* that it's over the legal limit.

Ignoring the legal limit, cranking up the power output to unreasonable
levels usually causes the output stage to go non-linear. This is not
a good thing and will produce distortion and errors. Better lower
power and linear, than higher power and distorted. I found some
photos where someone demonstrated this on a WRT54G, but can't locate
the URL right now.

However, both sides use decent hardware, dish
or panel antennas, and a clear line of sight, which is not what you'll
find at Starbucks.

This is correct. The biggest problem though, I thought, was that the
*transmitter* at Starbucks would be the major limitation. Basically I
figured we could transmit a strong signal to the Starbucks AP, but without
a far better antenna, the signal from Starbucks would never get back in
sufficient 6 to 10 decibel strength over the noise to us.

That would probably be the major limitation. However, it won't be
because of insufficient RF from Starbucks. It will be because even
the narrowest beamwidth dish antenna at your end, will pickup hundreds
of other wi-fi devices along the line of sight. Starbucks signal will
be buried under the interference.

Try Fing on your iphone or Android device at the local wi-fi hot spot:
https://play.google.com/store/apps/details?id=com.overlook.android.fing&hl=en
It will give you a list of what is connected to the local wireless
router. If you look through the list, you'll also get a list of
wireless cards and devices, which can usually be helpful in
identifying the hardware. It's quite common to find desktops and
outdoor client bridge radios, which are not what one would expect to
see at Starbucks. I know one local hot spot that routinely has
between one and three Ubiquiti radios connected.

Gone to replace the LNBF on a C band dish for the 4th(?) time. It's
not tower work but still slightly dangerous.

--
Jeff Liebermann
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
Reply With QuoteReply With Quote