Why do these open source foundations (like Mozilla) have direct products anyway? Why not a certification? Who should the users be and why? Who are the collaborators and competitors? These are hard questions.
At least with free software licenses we can separate the copyrights from the trademarks, and exercise the right to fork if a trademark owner is captured and misbehaves.
For IL residents the policy requires collection and retention of your biomarkers. Presumably there is a law enforcement exclusion implicitly or explicitly, eg search via administrative warrant.
I liked that you picked a service that has a relatively low barrier to entry. The real asset are local
operators and referrals. Making them more efficient without being controlled by a big company would be a boon for everyone involved.
Consider being a platform coop with regional operators as members. See https://platform.coop/
Yes, the barrier here is the desire to study and pass the exam. If willing, you are up and running relatively quickly - but only as a technician under someone else's operating license. To get the operator license (eg to be a full on pest control company) requires 2+ year documented experience and another set of exams.
The operating license holder is also on the hook for legal action if (when) things go wrong.
"Control" is interesting and I have found in all trades that people value their freedom. The good companies don't monitor employees too tightly, and are rewarded with loyalty and longer tenures generally. Of course you have to run a good recruitment and referral process to find the good people!
I’ve never heard of platform Co-ops. Cool! Lots of people predicted that a beloved local coffee shop was doomed to fail when the workers got a loan and bought it to run as a completely flat cooperative. It’s been a few years and they are absolutely killing it. I’d love to see the tech version of that.
I agree a lightweight franchise would be attractive, though I don't like most franchising options due to the fees and lack of equity build up for the operator.
Some franchising platforms (window cleaning is a good example) don't offer much beyond sales and marketing support and some nicely designed uniforms. There's not much to window cleaning other than basic equipment, so a person's route can easily be disrupted by a new entrant who doesn't have the franchise rake to contend with.
There's a model between employment, ownership and franchising that will probably emerge as sales, marketing, ops gets easier technically.
The business model is simple: Sell nice hardware at a premium, then sponsor and upstream improvements to OpenWRT.
If the software is an important differentiator (arguably, it is for things like Ubiquiti, but clearly it is not for most consumer routers), then release the patches under the Business Source License with a 3-5 year sunset back to BSD / Apache / GPL.
Open to audits doesn't mean free software, it just means visible source. The business model for selling routers with auditable firmware is selling routers.
And the public doesn't have to audit it. The govt already audits/inspects/validates plenty of sensitive physical products, typically through 3rd party industry associations. You don't get to peek inside, but people signing NDAs do.
Even if this wasn't done, at the very least they must publish their software testing procedures, the way UL, ETL, and CSA require to certify devices for the US power grid. (https://www.komaspec.com/about-us/blog/ul-etl-csa-certificat...) They can also do black box testing.
But ideally they would actually inspect the software to ensure its design is correct. Otherwise vibe-coded apps with swiss cheese code will be running critical infrastructure and nobody will know until it's too late.
There's also Turris from cz.nic [1]. Technically they use a fork of OpenWRT with some convenience features like auto-updates, although it looks like you can run OpenWRT on (some of their routers?) if you wanted to [2].
There's a whole interesting physiology behind learned helplessness (of which this is a minor variation).
In its defense, there's some practicality to it; we wouldn't say that a "get out of debt" plan that involved spending all available money on lottery tickets is worthwhile because "its not gonna happen". But defeatism is just a shortcut to say "I don't want to talk/think about it" in many cases.
And in this one, if the US Gov't required that all routers purchased by any agency they could influence had the ability to run open source code it would certainly shake up the market.
Why? You'd need to get someone electorally useful involved. That, unfortunately, elimiates a lot of the nihilistic, holier-than-thou tech types. But that's pretty doable nowadays. You just need an electorally-relevant group of people on your side.
Open firmware for your own devices is commercially viable. That is why hardware vendors create FOSS drivers. not all do, but it is a viable business model.
I'm no fan of imaginary property, but you're going to have to lay out your reasoning here. Firmware security is such crap precisely because most hardware manufacturers see it as nothing but a cost center they wish they could avoid.
The difficulty of installing OpenWRT or Linux in general on hardware comes from that hardware not being documented, or not having straightforward APIs like BIOS/EFI.
Or for some devices, community distributions that dubiously remix manufacturer-supplied binaries are available. But we generally see that as soon as the manufacturer stops their updates, the community versions start lagging behind as well.
What are you referring to? Would you not say there is a difference between OpenWRT having to make a list of supported whole systems, whereas an amd64 Linux distribution making a list of chipsets? I can go buy an off the shelf laptop, stick a generic "Linux install" USB in it, and be reasonably certain most things are going to work. Whereas OpenWrt I have to look at their list of supported machines, and buy exactly that one, even down to the hardware rev. Some of this is due to embedded constraints, but a good chunk is also due to the lack of hardware discoverability.
>> community distributions that dubiously remix manufacturer-supplied binaries are available
> The reason OpenWrt abandoned most routers was
I didn't mean things like OpenWrt, which I'd say is a general Linux distribution that does contortions to fit on specific devices. Rather I was talking about things like Valetudo which are closer to rooting the stock distribution with some tweaks, or the countless "custom ROMs" you see (saw?) in the phone world which are effectively remixing the manufacturer images. I thought DD-WRT was in that camp, especially for many devices (eg where do these "older kernels" come from?), but I'm hazy on that.
(personally I gave on up OpenWrt some 10 years back, and just use generic Linux (NixOS) on amd64. A VM on my server for the router, and lower-power amd64 boards for the additional APs (most of which double as Kodi terminals))
The referenced policy says "We will unleash the private sector by creating incentives to identify and disrupt adversary networks and scale our national capabilities."
It can. Go to the code tab, choose your repo, and have it write an image file to disk. If you tell it to read it, it should show in the chat. It works on the web version so hopefully it works on ios.
We shouldn’t have to surrender our privacy for simple conveniences. Is there a market here?
Can someone make an open source, privacy-focused doorbell? Perhaps like the Software Conversancy’s OpenWRT One wifi router. With an open specification, addons like a flashing light or entry buzzer could be integrated. A simple iPhone/Android intercom app usable only on my LAN would be lovely. Yes, one can get a ReoLink and muck with VLan settings but that is not consumer accessible, moreover you have to use their central service or forgo remote answering
Bell wire is really thin and you can run a low voltage line around your house that is nearly invisible. That's the old school, physical option and is not to be sniffed at if it does the job.
If you want to get something safe and smart (IoT) then you have to think like an engineer. You also need to decide if you are going to do one thing - a doorbell, or if you want disco lights by the pool and the rest.
For a doorbell, you need a button at the door and a chime or whatever inside the house to indicate the button has been pushed. Already you have to potentially deal with delivering power at a place that might be hard, door frames/walls, wires, batteries, weather, positioning and lots more. Then you need to get the signal to a chime.
My previous doorbell was a chime that I wired into a switched and fused spur (I ran a 5A rated twin and earth out of a light socket into a back box with a switched socket faceplate and it has its own fuse) into the nearest lighting socket and a bell wire that ran out to the button. That was fine and simple but not too smart!
I have PoE switches and my IT gear is mostly in the attic. I put a backbox with an ethernet socket in the attic and ran solid core down through the roof/wall etc to near to where the door bell is on the inside of my house and put another backbox with ethernet face plate on it. I then run a short (3m) patchlead inside some trunking and through the front door frame and into the back of a Reolink PoE powered doorbell. I also have Home Assistant running as a VM on a Proxmox box.
Somewhere between those two setups sounds like where you want to go. I went for PoE because I also have UPS for my switches and other infra but wifi may be fine for you for comms but you still have to do power and I'm not a fan of battery powered door buttons but that might be a design decision for you.
You mention VLANs and I really recommend that you look into them. They are a core building block of networking. However, I also get that becoming a network expert is not on everyone's score card. Then again, you are hanging around on HN and probably tending towards ... nerd!
Even a simple doorbell can become pretty sodding complicated and that is why we have some people wondering what on earth all the fuss is about and others advocating to smash the looms ... sorry, doorbells.
Thank you for your thoughtful reply. I ended up hiring a contractor to run PoE but that was not cheap. Setting up the VLan was time consuming and I failed to do it right the first time. The intercom feature is invaluable but an entry buzzer would be even better. I don’t need the camera and it made some guests uncomfortable … electric tape worked.
Wait, are you saying that American homes did not have the regular camera doorbells before Ring happened? Those things predate LCDs. Earliest implementations date back to at least mid 1980s.
At least with free software licenses we can separate the copyrights from the trademarks, and exercise the right to fork if a trademark owner is captured and misbehaves.
reply