The Airfy team claims that their new line of wireless devices will make it simpler for individuals or businesses to set up advanced and secure wireless networks. The product looks good, but there are some business challenges and gaps in their product description that leave me with a few big questions such as “what does the app that ties all of these things together actually look like?”
While it looks like Airfy is pitching a new wireless router, closer investigation reveals that they’re trying to start up an internet services based company that will utilize a global network of devices such as those pitched in their campaign. Many of the advertised features require pervasive use of their technologies, and yet some of those features may hinder widespread adoption.
There isn’t a whole lot to talk about with Airfy’s hardware because so few details are given. The phrase “zero config” is thrown around as if you’d find it in Webster’s, but there is no demonstration of how anything works. They also use phrases like “mesh networking”, but again, no details or demonstration of configuration are provided.
The devices are powered by Power over Ethernet (PoE) which means that there should only be a single ethernet cable coming out of the back to provide data and power. If you don’t already have a PoE injector, they provide one with the power plug adapter for your country of choice. This sounds great, but it brings up some questions regarding the Hotspot AC and Hotspot S models which have dual gigabit ethernet ports. They don’t mention anywhere what the second port can be used for.
One of the challenges of marketing a wireless product is providing the audience with something interesting to look at. Airfy solved this problem with a collection of configurable LEDs located on the front of the device under a plastic panel. Flashing these lights is the only real product demonstration they have on their page, so it’s worth digging into it a bit.
They advertise that these LEDs can be configured to light up in different ways to inform users of configurable events such as Facebook messages or phone calls. The implication is that each of the 50 LEDs can be controlled individually, but demonstrations in their video only show the lights illuminated in five groups, and their circuit board looks like it has these groups connected in parallel which would make it impossible to control each LED on its own. They also never show a product with 50 LEDs on it:
Unsure about the discrepancy, I compared these two using some fancy image manipulation, and it looks like one of their LEDs burned out for the live demo:
So there are really 40 LEDs and not 50. But then in their press kit…
Perhaps they forgot how to count.
It might be a small point (heck, I didn’t even notice before counting them), but it does hint at a level of laziness regarding product definition that doesn’t bode well for a young company.
Additionally, for some kickbacks, they will be bundling the Airfy Beacon which as far as I can tell is just a standard Bluetooth Low Energy beacon similar to Lapa. Nothing too fancy hardware-wise.
There are a few missing details about all of their devices, but they are still in the process of developing this product. From a hardware perspective, what they’re pitching is not implausible.
The real special sauce of the Airfy is the ability to convert your internet connection from a personal wifi hotspot to a node in a global network of Airfy routers. This is very reminiscent of the Fon project which started in 2005 and currently has over twelve million hotspots worldwide.
They advertise that an Airfy router can be configured to share internet with guests without having to give them your network’s password. While this might be nice for your home network, the real killer app is for public access points such as those at bars or restaurants. The assumption is that the guests will set up an account with Airfy (perhaps using the mysterious Airfy app) which will manage their credentials and share them over the global network of similarly configured devices. As long as the user is connected to an Airfy router, their credentials are still valid.
I don’t have too much experience with network security, but I believe a task like this can be achieved using WPA2-Enterprise with a RADIUS server located somewhere on the web and controlled by Airfy. Rather than sharing a single key among all users of a particular hotspot (like in WPA2-Personal), the enterprise system will allow them to manage credentials for each user independently regardless of which hotspot they’re currently connected to.
That explanation would fall in line with some of their statements:
Calling it a “password” is an over simplification, but it’s more or less correct.
Curiously, they specify that they’re using WPA2, but they also add this:
I can’t imagine how new their technology can be if it has to be supported by smartphones already in the market. One of their updates includes a video that demonstrates installing a wireless profile on an iPhone which is not a “new” process:
(The same video also includes a button that supposedly offers free browsing on a non-encrypted connection that doesn’t require any kind of registration, but this feature is not mentioned anywhere else in their campaign.)
In addition to managing whatever server hardware is going to be doling out credential information to the network of Airfy devices, the Airfy team will also manage a VPN that handles all of the traffic from public users.
For the owner of the router, internet access will be handled more or less exactly how it is on a conventional router. For public users though, all traffic will be encrypted by the router and decrypted by an Airfy server before being passed to the internet. I’m not entirely certain why such a feature is required, and I get very bad vibes thinking about it.
Firstly, if Airfy is planning on running a series of servers that route all traffic from public users of their (someday) global network of wireless hotspots, they better have some seriously powerful server hardware. Imagine the combined efforts of thousands of club-going college students uploading as many photos to Facebook as their iPhones will let them, and you can start to see why this is not an easy task. If they don’t have a server in your country, things get even worse as your data has to circumnavigate the globe to get anywhere. Airfy has provided zero details on how they’re going to handle this.
Secondly, there are a number of location-based services which run into issues when used through VPNs. Companies like Google will change search results, advertisements, and even language settings based on a user’s geographical location, a piece of information that’s gleaned from an IP address. When using a VPN, the user’s IP address will reflect the location where the data is decrypted and not the user’s actual location. This could mean that Google will prioritize search results based on their proximity to some server out on the cloud instead of the bar you’re visiting. I learned through researching this article that there are solutions that allow location data to be tacked onto packets transmitted through a VPN (such as X-Forward-For), but there’s no mention of anything like this in the Airfy project description.
Finally, anyone using this service is placing a lot of trust both in the scruples of the Airfy company as well as their ability to repel attackers. Even on an unsecured wifi connection, you’re only at the mercy of the people in the coffee shop with you. With Airfy, an attacker from anywhere in the world could compromise a much greater number of systems.
So the public user’s browsing experience is going to be substantially hindered unless Airfy is really on the ball with their back-end. The complexity and cost of these problems make one wonder why this implementation is necessary at all. They explain:
So I guess they want to make sure that if one of your guests is pirating Game of Thrones, you don’t have to worry about being held responsible. An alternate reason that Airfy didn’t provide is that keeping the network traffic encrypted until it reaches their VPN could prevent Airfy owners from tampering with the router and potentially peeping on their users’ traffic. This is reassuring, but it also means that you as the owner of the product do not actually control it. You’re simply paying for the privilege of expanding the wireless network of the Airfy company. At least Fon promises that your personal traffic will always have priority so that guest users won’t hinder your online experience, but I couldn’t find such a promise offered by Airfy. I wonder where their priorities lie.
So the big question is how Airfy is going to afford to pay for this VPN service. Apparently the login process for guests involves watching a 10 second advertisement for every hour of use. These ads can be tailored to the user’s location (information that Airfy servers do have access to), and their revenue is actually split with the owner of the router. While this is great for public areas, those using Airfy at home might upset a few guests who have been turned into a revenue stream by their friend.
And the owner’s ISP might be a little upset to hear that their service has been turned into a revenue stream as well. In fact, many ISP user agreements disallow a product like Airfy.
Here’s Verizon FiOS:
The Beacon is a really strange addition to the Airfy lineup because it has so little to do with the Airfy router. Each Beacon simply transmits a serial number using Bluetooth Low Energy. This ping doesn’t mean much on its own, but a phone running the Airfy app will connect to Airfy servers to determine what kind of event proximity to this particular beacon should trigger. They give a few examples of how it can be used in their press release such as having a beacon for each section of your store so that users will be greeted with displays of special offers that are tailored to where they are.
The important aspect is that many of these interactions are configured by the owner of the Beacon (the business), and not by the user of the app. There’s no indication that the user can select to, say, accept any Beacons that will give them location information if they’re lost in the mall while ignoring Beacons that ping ads to them any time they walk by a Cinnabon. In fact, some of the proposed applications are downright invasive:
I’m fairly certain that no smartphone API is going to allow an app to tamper with the user’s ringer settings, but regardless the implication here is that anyone with $50 can buy a beacon and run around bugging people with popups. Then the next paragraph down, they drop this:
Okay, so the user can decide if he or she wants push notifications, but the ringer popup is mandatory? Can you select this pre-emptively? or do you have to wait until it happens to tap “ignore”? And then this:
Access? So is the user configuring how the app behaves? or is the business? Can I configure the Beacon in your living room to show ads for DropKicker?
And then this:
Okay, so you can do stuff with a Beacon and “no additional devices” and then:
Can you guys please get your story straight? This is why real product demonstrations are so important.
It’s pretty clear that Airfy has tailored their device pitch to businesses and not users, but their device will only be useful for a business if its associated app sees a large amount of adoption by users. If I were purchasing an Airfy beacon for my storefront, I’d want to make sure that the Airfy app treats users fairly and won’t discourage them from using it. Right now there’s scarcely a screenshot of what this experience will be like. As a smartphone user, I can say that I would be a little miffed if an app tried to change my phone’s ringer settings.
In order for a system like this to work fairly, a business will have to in some way register the Beacons that they operate in a global database, and users will need to decide whether or not to accept Beacons from that business. That’s a pretty tall order for a user who has never heard of an Airfy before.
This is probably the biggest problem that will plague any company trying to start up a global service. Unless a particular service shows immediate and pervasive benefit for the user, few are going to adopt it.
For the Airfy router, I think there’s a fairly good chance of it getting used. Unlike similar services, users only need to watch an advertisement. They can get fast internet service in a public place without fishing out their credit card, and we all know that internet access when you need it is worth its bandwidth in Bitcoins.
The payment processing system tacked on is a little dubious. This requires the user to install the application and somehow move funds over to an Airfy account. While this may be great for a user that does a majority of their shopping at locations with an Airfy system, anyone who stops by an Airfy bar on their pub-crawl is not going to want to set all that up when they can just hand over cash or credit.
The Beacon is where I’m most concerned. The benefit to the user is supposed to be passive interaction with particular locations, but there’s little impetus to install the app if you don’t even know what you’re missing out on, and even less if you’re missing out on spam. Unless they can push enough Beacons to make them commonplace, even optimistic early adopters are still unlikely to see any benefit at all.
Just looking at the numbers on the Indiegogo page, it’s pretty likely that a majority of the people in the world will never come within a mile of an Airfy device. They have 14 people who have picked up their “Ad-free wifi for life” perk, and yet they’ve only sold a total of 24 routers so far. 24 routers spread over multiple countries is not exactly good coverage. Heck, there are twelve million Fon hotspots in the world, and I’ve still never seen one here in the ‘States.
I wonder how many businesses are going to line up to advertise on that network…
Can they do it?
I have few doubts that these people can deliver the hardware that they’ve promised. They’ve given themselves a year to deliver, and while $20,000 is abysmally small, it’s pretty clear that they’re just using Indiegogo for building buzz and are funded in some other way (at least I hope so, because $20k is pathetic). Add that to the fact that their hardware is fairly simple, and I’d say that you’re guaranteed to get something that lights up and Wifis its heart out next September should you back them.
The bigger question is how pervasive their system will be. A company that’s trying to roll out a product like this needs to be very up front about what the product can do so they can grease the wheels of adoption. Unclear product definitions and general laziness with their press materials:
Lead me to believe that these folks are not the masters of industry that are going to bring about the global change that they’re advertising. When Fon was starting out, they were giving away free $50 routers to anyone who filled out a form on their website. A friend of mine got one in high school when he was 15, and that was back when Wifi routers were rare and expensive. Those are the kinds of measures you need to take to roll out a global Wifi network. Charging $170 to give people the means to earn money for you using a mysterious app that you haven’t demonstrated isn’t going to cut it.
For a business owner, I’d say that Airfy is a simple way to offer free Wifi to your patrons. For anyone else, Buy a $50 Linksys and make your password something easy to remember.