Community Municipal Networks: One Size Does Not Fit All

Equal access to the Internet and technical literacy is recognized by many to be a key to success in the Twenty-first century. We use these resources to obtain a good education, find a job, conduct business, be creative, obtain news, socialize, be civically involved, communicate globally, and more. This isn't to say that traditional methods of doing these things are useless or that the Internet is a magic elixir. It's just that technology can really help us.

There are many ways to provide equal access to the Internet. Each holds its advantages. The trouble is each method, by itself, can not serve everyone equally. We all have unique needs and use the Internet differently.

Here are some use examples:

  • Business owners use Internet access for ordering, paying bills, doing inventory, serving customers, etc.
  • Citizens in our neighborhoods use Internet access for emailing family, surfing the web, telecommuting, sharing photos of grandchildren, etc.
  • Schools use the Internet to make education more powerful.
  • Churches, Synagogues, Temples, and other places of worship can use the Internet to further their missions and serve their congregations.
  • Local citizens and elected representatives can discuss and learn about local issues.

These examples explain why any public wireless networked in Chapel Hill needs to be constructed in a diverse way. By diverse I mean many different mini-networks that are built separately to serve lots of different groups. Every mini-network could obtain unique support from the Town of Chapel Hill. This way the Town can work towards equal access to the Internet for all.

This doesn't mean that each mini-network is a walled off fiefdom. They can all be publicly accessible, overlapping each other like ripples in a pond. Your location, how you use the Internet, and why you use the Internet would determine what network you use.

It does mean that the methods of construction, funding, maintenance, and administration could be different for each mini-network. This method would take advantage of the strength of many projects instead of one monolithic one.

The bottom line is one sized municipal network does not fit all Chapel Hillians.




I do not think we should even be talking about free wireless until the technology has advanced enough so that using the wireless network is easily and deeply secure.

Right now people are hopping on, checking their email, and sending pop and html passwords out in clear text. They do not realize how easy it is to see this information.
[ See ]

That's the easy way. With a little more knowledge even WEP protected networks can be hacked in 15 minutes.
[See ]

Technology is only as secure as the services you use. Sure, any password you send out unencrypted is dangerous, but it's not realisticly that much more dangerous over wireless than it is anywhere else. It's up to the user to knowledgably use encryption, but it's even more important for service providers to provide the educational material and means for users to do this. If the Town of Chapel Hill ends up as a service provider of any sort, they also have a responsibility to educate folks about security. Sure, if you send passwords through http, ftp, pop, etc., you're putting yourself at risk, but that's in no way unique to wireless.

If I had a dime for every person I've seen sit leave a computer in a UNC computer lab without even logging off, or letting Mozilla store their passwords on a public computer, I wouldn't be worrying about how to pay off my student loans in the years to come. I've worked on projects implementing technology solutions at businesses, political campaigns, and nonprofits, and I've never seen the biggest missing chunk be a lack of existing technology - it's always, ALWAYS education.

HotspotVPN, and services like it, can create an encrypted tunnel between users wifi enabled laptops and their data's end destination. Basically it's a proxy that delivers data on behalf of the user. A local non-profit or municipality could run such a service.

In the end it's about trust. Whom do you trust to protect your data? Users can run their own proxy servers. On their laptops even. Trust yourself. Many proxy servers anonymize traffic and don't know who is sending data thru or where they are. Often they do not keep traffic logs.

Also services like Freenet can take it to the next level with self organizing P2P networks that can help prevent data theft.

Sorry for all the geek talk but fear about the security of wifi networks is real but can be overcome. Jason is right. It's about education. Safe computing habits really help.

We must not slow down the creation of open access to the Internet until it becomes perfect. It'll never be perfect. Driving a car is far from perfect. But we speed along all the time.

ChristianB, not a whole lot folks understand their cellphone conversations are insecure, even though the tech for securing them is easily available. Should we wait on further cellphone deployment?

Jason, It is one million times easier to sniff an open wireless network then a wired one.

WillR, Can you show me how to intercept someone's cell phone conversation? Oh, I thought not.

Brain, I am not talking perfect. I was a network engineer for Cisco systems. The technology is there for Chapel Hill to use but it costs more money and is slightly more troublesome for the end user.

Jason, It is one million times easier to sniff an open wireless network then a wired one.

One million? You wouldn't be using hyperbole here, now would you? :)

Seriously though, the fact that the current defacto standards for wireless networks are weak on security is no reason to target them in particular as a threat. As I said, the defacto standards for security in just about every realm of computing are pretty weak. Does that mean we should simply not use technology? Should we take away all of the Town's email accounts because it would be possible for them to send information over an easily intercepted pop3 protocol? Should we stop allowing the public to access computers in our libraries because of how easy it is to pop a hardware keylogger onto one of them? Should our town's budget keepers stop storing its data on hard drives because of how easy it would be for me to walk in with a big magnet in my backpack and ruin their day?

Or should we instead be training and encouraging our town's employees and citizens on the best computing practices and proceed into the 21st century making the best use of what technology can bring us?

Man of Darkness,

I do know how to sniff cell calls, but that would be illegal. Let's just say that it's simple and that artists like Negativland and campaign operatives, like in a statewide election, not so long ago have done it and neither are that sophistocated.

Passwd sniffing on wireless is more difficult since, when properly done, encryption happens where it should happen at the application level (thanks to Mark Shuttleworth for his part on the Web side).

Additionally, server to client encryption is common (if not required) on VPNs and the like.

Encrypting on a section of a public network with weak encryption is merely an inconvenience and results in the worst security -- believing that you can trust such a network instead of trusting the relationships between sender and receiver.

Cisco need not be in the encryption business -- but server folks should be.


From all the experts I've spoken to, there is no technical, security, or financial reason not to pursue a single multiple-layered network where ongoing management can be centralized along with upgrades, etc. Through a single network, a competent non-profit, utility-like organization can provide service for town operations, local businesses, and residents at a reasonable cost and expect to generate enough revenue to support ongoing upgrades. To me, the multiple network model you are proposing is simply not financially sustainable.

I suspect this is a preview of what we will see tonight as part of the TechComm presentation to Council. While I don't agree with this approach, I do hope Council will authorize the committee to work with staff to hire a knowledgable consultant so that we can get this thing rolling. Good luck with the presentation.

ChristianB, as Paul said, it's fairly trivial to intercept cell communications. For some folks, it's as easy as putting on their tinfoil beany ;-)

More seriously, again as Paul has pointed out, network "security" shouldn't be trusted - sender-receiver encryption is the whole ballgame. I'm not a huge expert, like Bruce Schneier though I do sit on the OASIS' Web Service Security TC, but I'd go as far as to claim that the network will never be trustworthy.

Terri, I agree that the multi-network approach is problematic.

A planned, coherent, cohesive approach from the beginning would be best. That said, the organic approach Brian is outlining has been used elsewhere somewhat successfully.

Tonight's presentation is more about starting the process than presenting a complete, detailed architecture of the eventual system. As you know, cost, topology, usage, etc. is heavily affected by the business model the town adopts - a decision that will be made during the development process.

BTW, we've already spent enough on the lot #2/#5 development to have deployed a municipal network covering the core of Chapel Hill.

The post I wrote, Community Municipal Networks: One Size Does Not Fit All, is not part of the TechComm presentation. It represents my personal opinion only and does not represent the Town of Chapel Hill or the Tech Committee.

Also it is but one idea to generate thought. Just as we have many servers, switches, DNS servers, client computers, hubs, wifi access points, meshes, cell phones, etc., etc. we need multiple access networks. All of these peices of hardware are owned by different people and groups. Each of them connect to a wide array of networks. This is the robust style of diverse network creation that has led to the Internets success.

What if the world wide web was created only by one international government? What if we paid one international organization for the right to be included in this system? If that had happened at the beginning of the Internet it would never have become as big and important as it is today.

Multiple wireless networks supported by the town is part of network neutrality. A homogenous network is not the answer.

To follow on Brian's response, a centrally managed homogenous network is not the way I see us going either...but a completely ad hoc approach, especially at the policy-level, will not serve us well either.

I'd like to see the various stakeholders get together and work out a general approach that incorporates Brian's vision of a diverse, robust, grassroots-developed networks with heavy-lifting, centralized "tent poles" like the town, UNC, possibly a muni-network NPO ;-), etc.

Here is a copy of the Chapel Hill Tech Committee's powerpoint presentation. It is being given on Monday, March 27, 2006 by Greg Gerdau. This presentation covers many options and is an effort to advise the Chapel Hill Town Council.

Brian and Will--what did the committee expect to come out of tonight's presentation?

One of the issues the soon to be disbanded Tech Board was looking into was the proposal to put digital signs at each of the major bus stops in town to alert riders ETA for the buses.

Turns out there's a number of "dual" use systems that use and deploy Wifi at the stops. This way, you can have your cake (notifications) and eat it too (public access hotspots).

Well, we're getting
the signs

or Kim Manturuk, who rides from Franklin Street to a nearby park-and-ride lot, not knowing when the bus will come often has her whiling away the time when she could just walk the short distance to her car.

But soon, Chapel Hill Transit riders at some stops around the community will get real-time information on how far away their next bus is.

Kurt Neufang, interim director of Chapel Hill Transit, which serves Chapel Hill, Carrboro and the UNC campus, said the digital information signs will help make the system more convenient for riders. Neufang said he hopes the signs will be installed and working by August.

"We're trying to get it done before the beginning of the [fall] semester," Neufang said.

Federal money helped fund the bulk of the $949,025 project, he said.

but, predictably, we're getting them from a company, NextBus Inc., that doesn't provide this dual use capability.

There's plenty of models we could follow, like Portsmouth UKs or Cedar Rapids that get multiple bangs (security,public access, ETA, MOBILE INTERNET ACCESS!!!,etc.) for each $1 spent.

This is a good example of where a dedicated citizen's board can make sure the Town doesn't make expensive technology mistakes.

Finally, we can pop out $950K in federal funds for 14 signs (which are locked into a particular vendors proprietary technology) but we're still scratching our heads on town-wide muni-networking?

It's nuts.

I'll be putting my two cents in on this decision next chance I get and ask the Council to re-evaluate the system in favor of one that might cost the same amount but give riders mobile/fixed access to the Internet, signs, etc.

Little bit more info here.

Now dialup isn't safe

The US Court of Appeals in Boston ruled April 11 that Verizon Communications Inc. can charge per-minute fees for calls to local numbers that dial-up users need to connect to the Internet -- in much the same way that they charge for long-distance or other calls.

Burlington Vermont's Wifi Initiative:

"Although its services encompass telephone, cable and Internet, BT is no ordinary telecommunications network. There are three ways in which its network is fundamentally different from those operated by its chief competitors, Comcast and Verizon, says Nulty.

First, BT is a “fiber-to-the-home” network, making its bandwidth capacity far greater than copper wire and coaxial cable networks. “Think about the difference between a rowboat with an outboard motor on the back of it and a 25,000-ton container ship,” says Nulty. He insists he's not exaggerating. “We have the ability to transmit 100,000 cable TV channels,” he says, describing the capacity of a fiber optic network as “effectively infinite.”

Along with that extra channel capacity comes a lot of speed. BT offers Internet upload and download speeds that far outpace its competitors — up to five megabits at the top end. “What we've provisioned at this minute is a fraction of what the network is actually capable of doing,” says Nulty. “Nobody has bothered to calculate the absolute maximum capacity of a fiber-to-the-home network. It's literally infinite.”

The second significant difference is that the BT network is “open access,” meaning anyone who wishes to lease bandwidth from the city is welcome to — even the competition.

Nulty describes fiber-to-the-home networks as a “natural monopoly,” and strongly advocates government ownership and/or regulation of them. He likens his fiber-optic superhighway to a more commonly understood network. “Nobody thinks twice about the roads being in the hands of the public,” says Nulty. “The thought that a private company could own the roads and charge whatever they pleased to anybody who goes on them is ludicrous anywhere in the world. That's what this is: the public roads.”

The final thing that sets BT apart, he says, is its cost-effectiveness. Nulty believes that the municipally owned network they have built in Burlington can be replicated anywhere in the state. He says this runs counter to conventional wisdom, which holds that fiber-to-the-home networks are not economically viable in rural areas."

"At first, Nulty was brought in merely as a consultant to give the city some fresh ideas and opinions. “They were going to build the world's most grandiose thing,” he says. “They were going to spend 40 million bucks and do it all at once, and be everything to all people. There were a lot of profound flaws.”

Nulty pitched them what he thought was the right approach to take. “You know — the small Vermont farmer kind of way,” he says. “You build a barn, you put in 50 cows; it works OK, and you add an extension, and that works OK; gradually, you get to where you want to go.”

Where Nulty wanted to go was a rare place, indeed, and having been sold on his ideas and expertise, in January 2002, the city decided to move forward on the plan with Nulty at the helm. Burlington Telecom was born.

Private financiers are funding the building of the network, which they own, says Nulty, “and which we then lease back from them. The lease payment is identical financially to what a mortgage would be. This is a lien on this network, it's not a lien on the city.

“If we should default, this is a capital lease subject to appropriations, which means the financier has no legal right to demand payment from the city in the case of a default.”

New news is out on the free WiFi of SFO in SFGate in detail and highly commented on at SlashDot.

This article in Time Magazine might be of interest.


Community Guidelines

By using this site, you agree to our community guidelines. Inappropriate or disruptive behavior will result in moderation or eviction.


Content license

By contributing to OrangePolitics, you agree to license your contributions under a Creative Commons Attribution-NoDerivs 3.0 United States License.

Creative Commons License

Zircon - This is a contributing Drupal Theme
Design by WeebPal.