Anyfi Networks makes home Wi-Fi network available anywhere

Shawn Knight

Posts: 15,256   +192
Staff member

A Swedish company called Anyfi Networks has released a Wi-Fi solution for Internet service providers to make your home wireless connection available from any access point. Company CTO Johan Almbladh describes the service as having your Wi-Fi network follow you around wherever you go.

Anyfi.net Simple, according to executives, is aptly named as the solution works seamlessly on the user’s end. If you have ever connected your device to Wi-Fi at home, it will connect automatically to any participating network. There is no software to install and no manual network registration or login to fool with – it works because the device finds exactly the network it is looking for.

solution isps home network accessible wi-fi

The primary function of an access point is of course to provide access to the Local Area Network (LAN). Our software comes into play when the user is not authorized for such access. Instead of just refusing service our patent pending software dynamically allocates a virtual access point and connects it to a remote end-point through a Wi-Fi over IP tunnel. The result is simple and secure Internet access on any Wi-Fi device anywhere.

GigaOm points out that consumers might not like the thought of “sharing” their home Wi-Fi network with strangers, but Anyfi co-founder and CEO Björn Smedman says that never happens. The technology uses the physical radio inside the residential gateway but foreign devices aren’t actually accessing the gateway’s home network. Anyfi sends Wi-Fi authentication protocols to the device owner’s home gateway instead. This tricks the device into believing it is still on its home network. And from the viewpoint of the access point, it’s essentially running two separate networks.

Anyfi has reportedly been testing the software with some Internet providers for over a year but now they are ready to go mainstream. They are currently testing with an unnamed service provider in Europe and North America although it’s unclear when we could see the service offered publically nationwide.

Permalink to story.

 
This is such a massive security risk.... So anyone can just plug the device in and attach to their neighbors WiFi and access it from somewhere else. Also the "feature" of having Adapter only allow devices that have been on the network can easily be defeated. All you need is to change your MAC Address and then boom your in.
 
Not to mention that it will also consume your internet speed. I cannot see this being applied at homes , too much risk as already mentioned and no gain. Though it might find good use in public networks, such as using an airport network to connect to your home network but even then there is risk such as packet sniffers etc.
 
It wouldn't be too much of a security risk if done correctly. If it works as an encryption device, creates a specfic tunnel in your router to your device it would essentially work as a vlan. Along with the encryption, you can use mac-address security so that it can only be used with the devices you specify... Would mean whoever tries to use it would need to know your devices specific mac-addresses and would just happen to have to be able to break the encryption key, which can be VERY complex... It's not a new concept at all... Just rarely used. It's surprisingly secure.
 
Disclosure: I'm a co-founder of Anyfi Networks.

Holyscrap, Yaron, et al, let me try to explain how the security works. It really is very secure:

We tunnel the raw encrypted Wi-Fi traffic all the way from the mobile device to the mobile users own home gateway. This means that the WPA security mechanism protects the connection end-to-end, all the way from the mobile device to the mobile users own home (which is hopefully secure). Even if an attacker is in control of the visited access point they can only access the encrypted Wi-Fi traffic, not the plain text data. This mean that a mobile user is just as secure as at home.

This tunnel also protects the visited fixed-line subscriber. There is no way a visitor can access the LAN of the visited gateway, or use the IP address of the visited gateway to do something bad on the Internet. With an architecture like Jason Davis describes there is still a risk that a defect in the software could let a visitor access the local network. With our architecture that is much more improbable, because the encryption key needed to encrypt and decrypt data for the mobile device is not available in the visited gateway, and that encryption key is needed to make such a mistake.

You can read more about the architecture here: http://anyfi.net/documentation#architecture. It really is a big step up from existing systems, and it is very secure.
 
Originally Posted by jatech
I work for Anyfi Networks.

The VPN tunnel carries raw Wi-Fi frames from the visited Wi-Fi router to the home Wi-Fi router. The visited router only acts as an antenna - no traffic is ever terminated there. You can think of the VPN tunnel as a very long antenna cable connecting new antennas to the home router on demand. The visiting user can never access your LAN, your encrypted Wi-Fi or use your IP address on the web.

As a visiting user you will get a public IP address from your home so no one else will get the blame for anything you do on the Internet. The WPA encryption goes all the way from your client device to your home so the owner of the visited router cannot eavesdrop on your data. From the client device point of view, you are at home.

The PR is primarily geared towards ISPs, but the technology as such is available to anyone. If you are comfortable with OpenWrt you can download firmware from http://anyfi.net/getit/firmware for popular consumer Wi-Fi routers and try it out yourself. There is also an FAQ http://anyfi.net/faq.

BTW, "residential gateway" is ISP lingo for the modem/router installed in the subscriber's home.

Source: Anyfi employee comments made at Techpowerup
 
This really sounds like an amazing piece of technology, I live in Sweden, do you have any job openings? ;)

As I see it this has the potential to create truly operator independent networks for mobile devices.
I.e. when you are in range of a WiFi network your phone could prioritize to use the Anyfi Networks instead of GSM or 3G
This is today already possible to do with chat software like "WhatsApp" but it has exactly the issue that this software solves:
You need to configure to each and every WiFi network that you want to utilize and you depend on the security of the network you are connecting to.
Really a beautiful solution!

Can we expect a inclusion of this in the mainline OpenWRT firmware?

The caveat as I see it is that if you are on marginal links the radio in the WiFi device might be overwhelmed to prioritize the traffic.
For example a WiFi device with 2x clients, one strong and one weak will reduce it's speed to accomodate for the weak client, be that if the weak client only supports 802.11B vs 802.11G
Or simply a reduction in speed, as in the router throttling the speed from 54Mbps to 13Mbps to accomodate the weaker client.

And also of course if you pay for bandwidth or have bandwidth caps your "guest" will count towards these caps...
 
@Per Hansson:

Thanks! :) And yes(!) we're hiring. :) Just send us a quick email at jobs@anyfinetworks.com with phone number and we'll be in touch.

About the traffic prioritization problem, we have a pretty nifty solution for that too: Since we interface with the Wi-Fi radio in the visited gateway on such a low level (sending/receiving raw encrypted Wi-Fi frames on a so-called monitor interface) we also get information about how much radio time / spectrum each radio frame uses. With that information we can prioritize based on radio spectrum. Some Wi-Fi vendors call this "airtime fairness", but we don't want to call it that because we don't divide the time "fairly", we prioritize the home user (I.e. fixed line subscriber that pays for the broadband connection). But it lets us avoid the case you describe, if you have a visitor with a slow 802.11b device they will be throttled so low in bandwidth that your Wi-Fi network doesn't get bogged down (if you are at home and actually using it).

You can read more about it here: http://anyfi.net/documentation#a_traffic_prioritization.

We're looking into how we could get the software included in OpenWrt mainline and similar, but can't promise anything yet.
 
Sounds like an interesting concept especially when you think about it being combined with 'google glass' however relying on just anyone's access point is quite a risk, just as like what happened a few years ago with the tor network could happen again especially if the end-user has a weak wifi encryption. Just because encrypted data cannot be cracked on the spot doesn't mean it can't be recorded, analysed and broken later, which has been the cause of much distress for many an online shopper.

Also why UDP? TCP is much more secure by far with inbuilt error checking and recovery methods and what about the access points bandwidth, how does other peoples bandwidth get measured when using a remote connection point without affecting the host of that access points bandwidth limit?

Well if you can pull it off Augmented Reality will become quite viable in the near future in metro area's and in this way grant superior business opportunities to those willing to make the transition. I look forward to seeing how this develops
 
Back