blacklist porn sites and other criminal sites.

First choose a vendor that you can install open source software. Then do not block rates above 100kbps, just buy something that you can program it to give you an 70-80% when you are in (20-30% to others) and a 90% to others when you are not. 100kbps its the down limit for all connection you give. Then have a username like "Pass: free", so they understand the password.


In my previous comment I use a wrong word: backbone. I mean that a simple laser can fire from the village in the boarders of one country to the village in the borders of another, like 200km.

Why will I want to share MY internet connection, which I am paying out of my own pocket, with strangers and passersby? Are they paying me for it? No? Then they can bugger off. My subscription, my exclusive use. Period.

I think that's what they're aiming for. They'll market hardware with the aforementioned firmware. The flamefest in this thread is misguided. The network/internet sharing is aimed for businesses such as hotels, convention centres, etc. If you do not desire to share your bandwidth, you don't have to. I do not understand how much different would this be from OpenWRT? Can't they just use OpenWRT or modify it to suit their needs? "I think it's wasted effort."

1. Someone mentioned DDWRT as an alternative, that is not true. DDWRT is a restrictive binary blob on top of the Linux kernel. It might feel liberating if you switch from the crappy standard interface most routers come with to it, but its far from a true open router experience like that offered by OpenWRT, Gargoyle, CeroWRT or the just announced EFF firmware.

I am a far left (anticapitalist) activist in the US, and have been since the El Salvador War in the 1980's when we stopped Reagan's 1988 ground invasion of Honduras and deterred the 1980-1984 attempts to bring back the draft. This is who I am, so as you can see my security needs are a lot higher than those of someone only doing filesharing.

The 2008 raid on my house wasn't after porn or liberated music/movies. They were after raw media files from a protest they didn't like. They got nothing because I did not commit to camera anything they could use, and encrypted everything else. Under these circumstances, open wifi is good for plausable deniablity, so long as multiple potential users exist within wifi range. With copythug stuff, it's good for at least one free bite at the apple, with heavy stuff it could prevent a conviction if the cops can't crack your encrypted drives.

To us, the most likely hazard is when cops don't like reporting on militant protests(my work!) or especially when they dislike the communications hub. When I was in Pittsburgh during the 2009 G20 summit, we had a crew putting all police comms out on a Twitter feed. Evidently they did not create and service the account exclusively through Tor, as their room was raided before they could clear out after the battle. Ideally they would have run open wifi as a Tor exit node, while doing everything through Tor on accounts serviced only through Tor. This would have killed the evidence against them if they claimed to only be running a Tor node. Even kiddie porn would have been a lower priority target. OK, here's the back story:

Our target was the 2009 G20 Convention in Pittsburgh. Military police closed off downtown to the cost of about $50M in lost shopping business, trying to keep our 1,000+ fighters off the convention itself. We had the entire Pittsburgh PD outnumbered 1,000-750 or so, they brought in outside help but all they were able to do was statically defend the Convention, with little ability to project power against us in the streets. We held out against 4+ hours of rubber bullets and an LRAD sound cannon, as repeated assaults failed to disperse us. Through all of that a special action team managed to bypass all the security and get downtown. We gave as good as we got. The next day 10,000 mainstream protesters marched. Generally in one of these "Summit protests" we can control the streets for one day before the cops recover and catch their breath. A rare exception is when the cops either don't care or royally screw up: then the convention itself ends up under siege, like that Koch funded "Defending the American Dream" convention that was beseiged and nearly raided by Occupy DC in Nov 2011, or the WTO in Seattle in 1999.

Under conditions like this, you are far less worried about kiddie porn, etc over your Tor node than about being directly targeted. The kiddie porn will go out anyway over another Tor node, so you can't stop it by shutting down. The guys who investigate that sort of thing move a lot slower than a police chief with angry ideas about "later" after his troops got their badges handed to them in the streets. A delay of two days past the end of the event is all you need for this when working from a temporary location. Tor delays or prevents the cops from finding you, open wifi plus encrypted disks keeps them from convicting you if that first line of defense (Tor) is breached. In my community our pro bono lawyers also give as good as they get, deterring casual harassment and winning millions in judgements for things like illegal mass arrests. What do you think paid for my 8-core video editor's parts and my 1080P camera?

Even in your case, the prosecution would love to be able to say that you folks are enabling, or even directly acquiring, CP. It's just the sort of thing cops/prosecutors do by piling on charges.
Having the WiFi open you can certainly make the plausible deniability case (I think the eff even says this exact thing on their site), but PERSONALLY I'd be concerned about the effectiveness of such a defense until its been well tested.
Good luck with your work!

Even in your case, the prosecution would love to be able to say that you folks are enabling, or even directly acquiring, CP. It's just the sort of thing cops/prosecutors do by piling on charges.
Having the WiFi open you can certainly make the plausible deniability case (I think the eff even says this exact thing on their site), but PERSONALLY I'd be concerned about the effectiveness of such a defense until its been well tested.
Good luck with your work!

I am a far left (anticapitalist) activist in the US

Porn is a crime now?

Mine won't do static IP assignment within the local network, making a home server impossible (dynamic DNS only solves the external IP being dynamic).