Yesterday we offered word that the open source community was up in arms regarding Netgear’s WNR3500L router. Netgear claimed that the product was open source, but the open source community alleged that the product might be illegal, in addition to being unsafe and unethical. We contacted Netgear to receive their perspective on the issue, and they wrote back to let us know that their Senior Product Line Manager Som Pal Choudhury has written a post which describes Netgear’s stance.

The open source community’s primary point of contention is that the WNR3500L is in violation of the GPL license. While the router’s kernel is open source, Netgear uses proprietary modules in the OEM firmware which hook into the kernel. This represents a GPL violation as anything that hooks into or modifies a GPL-licensed body of code must also have its source published, and this has not yet happened, says the OSS community. Choudhury disagrees, saying that he believes Netgear has complied with applicable GPL stipulations.

“With respect to the default firmware, we have used our best efforts to comply with and believe we have complied with the applicable GPL requirements,” he said. “Nevertheless, we understand that the open source community generally takes exception when factory loaded firmware written in Linux that is placed on routers or other hardware includes binary only kernel.” (more…)

UPDATE: 2:30 AM EDT, 10 October, 2009

Netgear has responded to allegations that their product is not open source. You can read the excerpts from that interview and new insight on the debate here: Netgear responds to open source concern for WNR3500L router

UPDATE: 7:30 PM EDT, 8 October, 2009

A well-known open source advocate has alleged that the WNR3500L router is not as “open source” as Netgear claims it to be. The complete story is available here: Netgear’s “open source” router not so open source after all

Original story follows:

Netgear has unveiled the WNR3500L, an open source 802.11n router which can be customized with any number of third-party firmwares, including DD-WRT, Tomato, and OpenWRT.

The RangeMax Wireless-N Gigabit Router with USB is also designed to serve as a reliable, high-performance open source Linux® platform supporting a wide variety of applications created by multiple development partners and the dedicated open source community. Some of these partners include BigFoot Networks for boosting network speeds for online gaming, Leaf Networks for easy remote access, Paragon Software for high-speed USB file reads and writes, and Sputnik for hotspot solutions.

The most popular free, open source Linux-based firmware — DD-WRT, OpenWRT and Tomato — are also available on the RangeMax Wireless-N Gigabit Router, making it easier for users to develop a wide variety of applications. Customers can download the Linux-based open source firmware from the open source community and development program web site at http://www.myopenrouter.com.

Featuring a 480MHz MIPS 74K chip, 8MB flash space, 64MB RAM and a Broadcom BCM4718 radio, the WNR3500L is quite a bit more powerful than Linksys’ WRT54G or WRT54GL routers, both of which have long been prized for their third-party firmware support.

Netgear has made a shrewd and intelligent move with the WNR3500L. The product will entice a large population of holdouts who have refused 802.11n in favor of the versatility offered by 802.11g Linksys routers flashed with third-party firmware. By offering that same versatility with better hardware and the latest in WiFi standards, the WNR3500L is the upgrade many have been waiting for.

The Netgear WNR3500L is expected to retail for $140 within the month.

Today John Graham-Cumming blogged about his experience logging into his Network Solutions account. Instead of the familiar terms such as “domain” and “web site”, John was presented with new terms designed to make it easier to understand the services Network Solutions offers.

Of course the term “web site” is confusing. Nobody knows what that is! But “nsSpace”, now that is pure genius. E-mail? What is this moonspeak? nsMail makes much more sense!

In order to “help support your business even more effectively,” Network Solutions has clearly done all of their customers a huge favor by clarifying these esoteric terms.  New Name, Same Great Service!

Laughingstock of the registrar business in 3… 2…

Hardware Logic has trouble with the Rosewill RNX-N4 Wireless N router. What a shame.

American Airlines is getting wifi on domestic flights.

A member is considering turning his office of 50 workstations into a domain-based environment. He’s looking for feedback on costs and benefits to develop a proposal; can you think of any we’ve missed?

tbreak reviews the plug-and-play Linksys Powerline home networking kit.

Improve your wifi with the Linksys WRT150N-RM wireless-N router.

The Belkin N1 Vision wireless N router looks amazing.

TweakTown has a how-to guide on using an old router as a DIY wireless access point.

Researchers from the University of Michigan have developed “CloudAV,” a next-generation anti-virus technology. CloudAV seeks to improve PC resource utilization and virus detection rates by shifting the burden of virus analysis into the computing “cloud.”

Jon Oberheide and Evan Cooke, working under the guidance of Professor Farnam Jahanian, tout the cloud’s significant advantages over traditional client-side anti-virus:

• The cloud aggregates the detection results of many anti-virus engines; a feat that would be improbable, if not impossible, on a client system.
• The cloud offers enough resources to provide virtual behavioral analysis.
• The client buys reduced disk and CPU usage at the cost of increased network utilization.
• The burden of application maintenance is completely removed from the client side.

The engine currently consists of detection routines and signatures from Avast, AVG, BitDefender, ClamAV, F-Prot, F-Secure, Kaspersky, McAfee, Symantec, and Trend Micro. Analysis reveals (PDF) that the combined signature databases of these varied anti-virus applications yields a 91% detection rate.

While the technology sounds similar to centralized anti-virus, such as Symantec Corporate, it is quite different. Today’s corporate anti-virus products centrally manage user policies while leaving the burden of scanning and detection on the client end. Under this model, a significant processor and memory footprint is incurred.

Behavioral analysis is one of the more exciting aspects of this technology, according to the developers. Cooke and Oberheide explained that “behavioral analysis allows us to open a file in an emulated environment and trace the execution of a file through a system.” The cloud has enough resources to execute a potentially infected file in a virtual sandbox to determine its impact. This is a significant advance in anti-virus technology that would be impractical to run on a desktop, much less a smartphone.

Other new functionality includes the caching of files in the cloud so that detection isn’t a constant resource drain. Once a file signature is cached, it does not need to be reanalyzed. In effect, a single user that may be running Microsoft PowerPoint would submit the signature data for that version of PowerPoint to all PowerPoint users in the cloud. Because a single computer can contribute all the necessary information, deployments that have a swath of similarly-configured computers would benefit from reduced network overhead.

While the technology is being used in a production environment on the University of Michigan campus, there are no plans to commercialize the product. Agents have been developed for Windows, Linux, BSD, Nokia Maemo, and sendmail. Cooke and Oberheide envision implementations of these clients for ISP, campus and corporate deployments.

We were concerned about privacy in the cloud; specifically, we wondered whether or not we would want our ISP to scan sensitive files for us. They envisioned a hybrid system with a lightweight detection engine on the client side for files somehow tagged as private. Meanwhile the CloudAV technology would remain for system files, executables, and other non-sensitive information.

You can find more information on their website, including links to white papers about the technology.

Yesterday Comcast revealed that it was preparing to engage in select trials of new traffic management techniques to alleviate the burden of high-bandwidth users. Verizon CTO Richard Lynch also expressed a need for network management today at the annual communications summit for The Progress & Freedom Foundation in Aspen, CO. There has “always been a requirement for network management,” he said.

While Verizon has enjoyed the luxury of fiber-to-the-home deployments via its popular FIOS service, the telecom firm still feels the pinch of a congested network. Though Verizon spends more than $17 billion each year in infrastructure, Lynch affirms that it would take considerably more to alleviate congestion network-wide. Saying that “customers would be upset,” Lynch referred to the tremendous monthly bill that customers would foot to achieve the level of service popularly demanded.

In order to manage the stratospheric rise in internet traffic in recent years, Verizon is testing network-wide Quality of Service (QoS) practices that have long been employed on business networks. A QoS-managed network prioritizes latency-sensitive packets from sources such as VoIP. Protocols and applications of lesser importance could be delivered with an artificial delay of up to 22ms. Lynch asserts that few users would notice such a miniscule delay.

While the details of Verizon’s upcoming policies remain scarce, Mr. Lynch assures that it’s not for conspiratorial reasons. “We don’t have all the answers yet,” he said, but promises that full disclosure is “best way to go about it.”