ThoughtWorks
  • Contact
  • Español
  • Português
  • Deutsch
  • 中文
Go to overview
  • Engineering Culture, Delivery Mindset

    Embrace a modern approach to software development and deliver value faster

    Intelligence-Driven Decision Making

    Leverage your data assets to unlock new sources of value

  • Frictionless Operating Model

    Improve your organization's ability to respond to change

    Platform Strategy

    Create adaptable technology platforms that move with your business strategy

  • Experience Design and Product Capability

    Rapidly design, deliver and evolve exceptional products and experiences

    Partnerships

    Leveraging our network of trusted partners to amplify the outcomes we deliver for our clients

Go to overview
  • Automotive
  • Cleantech, Energy and Utilities
  • Financial Services and Insurance
  • Healthcare
  • Media and Publishing
  • Not-for-profit
  • Public Sector
  • Retail and E-commerce
  • Travel and Transport
Go to overview

Featured

  • Technology

    An in-depth exploration of enterprise technology and engineering excellence

  • Business

    Keep up to date with the latest business and industry insights for digital leaders

  • Culture

    The place for career-building content and tips, and our view on social justice and inclusivity

Digital Publications and Tools

  • Technology Radar

    An opinionated guide to technology frontiers

  • Perspectives

    A publication for digital leaders

  • Digital Fluency Model

    A model for prioritizing the digital capabilities needed to navigate uncertainty

  • Decoder

    The business execs' A-Z guide to technology

All Insights

  • Articles

    Expert insights to help your business grow

  • Blogs

    Personal perspectives from ThoughtWorkers around the globe

  • Books

    Explore our extensive library

  • Podcasts

    Captivating conversations on the latest in business and tech

Go to overview
  • Application process

    What to expect as you interview with us

  • Grads and career changers

    Start your tech career on the right foot

  • Search jobs

    Find open positions in your region

  • Stay connected

    Sign up for our monthly newsletter

Go to overview
  • Conferences and Events
  • Diversity and Inclusion
  • News
  • Open Source
  • Our Leaders
  • Social Change
  • Español
  • Português
  • Deutsch
  • 中文
ThoughtWorksMenu
  • Close   ✕
  • What we do
  • Who we work with
  • Insights
  • Careers
  • About
  • Contact
  • Back
  • Close   ✕
  • Go to overview
  • Engineering Culture, Delivery Mindset

    Embrace a modern approach to software development and deliver value faster

  • Experience Design and Product Capability

    Rapidly design, deliver and evolve exceptional products and experiences

  • Frictionless Operating Model

    Improve your organization's ability to respond to change

  • Intelligence-Driven Decision Making

    Leverage your data assets to unlock new sources of value

  • Partnerships

    Leveraging our network of trusted partners to amplify the outcomes we deliver for our clients

  • Platform Strategy

    Create adaptable technology platforms that move with your business strategy

  • Back
  • Close   ✕
  • Go to overview
  • Automotive
  • Cleantech, Energy and Utilities
  • Financial Services and Insurance
  • Healthcare
  • Media and Publishing
  • Not-for-profit
  • Public Sector
  • Retail and E-commerce
  • Travel and Transport
  • Back
  • Close   ✕
  • Go to overview
  • Featured

  • Technology

    An in-depth exploration of enterprise technology and engineering excellence

  • Business

    Keep up to date with the latest business and industry insights for digital leaders

  • Culture

    The place for career-building content and tips, and our view on social justice and inclusivity

  • Digital Publications and Tools

  • Technology Radar

    An opinionated guide to technology frontiers

  • Perspectives

    A publication for digital leaders

  • Digital Fluency Model

    A model for prioritizing the digital capabilities needed to navigate uncertainty

  • Decoder

    The business execs' A-Z guide to technology

  • All Insights

  • Articles

    Expert insights to help your business grow

  • Blogs

    Personal perspectives from ThoughtWorkers around the globe

  • Books

    Explore our extensive library

  • Podcasts

    Captivating conversations on the latest in business and tech

  • Back
  • Close   ✕
  • Go to overview
  • Application process

    What to expect as you interview with us

  • Grads and career changers

    Start your tech career on the right foot

  • Search jobs

    Find open positions in your region

  • Stay connected

    Sign up for our monthly newsletter

  • Back
  • Close   ✕
  • Go to overview
  • Conferences and Events
  • Diversity and Inclusion
  • News
  • Open Source
  • Our Leaders
  • Social Change
Blogs
Select a topic
View all topicsClose
Technology 
Agile Project Management Cloud Continuous Delivery  Data Science & Engineering Defending the Free Internet Evolutionary Architecture Experience Design IoT Languages, Tools & Frameworks Legacy Modernization Machine Learning & Artificial Intelligence Microservices Platforms Security Software Testing Technology Strategy 
Business 
Financial Services Global Health Innovation Retail  Transformation 
Careers 
Career Hacks Diversity & Inclusion Social Change 
Blogs

Topics

Choose a topic
  • Technology
    Technology
  • Technology Overview
  • Agile Project Management
  • Cloud
  • Continuous Delivery
  • Data Science & Engineering
  • Defending the Free Internet
  • Evolutionary Architecture
  • Experience Design
  • IoT
  • Languages, Tools & Frameworks
  • Legacy Modernization
  • Machine Learning & Artificial Intelligence
  • Microservices
  • Platforms
  • Security
  • Software Testing
  • Technology Strategy
  • Business
    Business
  • Business Overview
  • Financial Services
  • Global Health
  • Innovation
  • Retail
  • Transformation
  • Careers
    Careers
  • Careers Overview
  • Career Hacks
  • Diversity & Inclusion
  • Social Change
SecuritySocial ChangeDiversity & InclusionTechnologyCareers

Simple and Secure, Not Your Average Router Software

Justin Ramos Justin Ramos

Published: Aug 25, 2014

In July, the Electronic Frontier Foundation (EFF) and a team of ThoughtWorkers joined forces to build an encrypted router software as part of efforts to defend the Internet from surveillance overreach.

Our main objective is to make it simple and secure to open a guest WiFi network on home and office routers. This is a small step towards one of ThoughtWorks’ long-term goals of ensuring that the Internet becomes a “public and democratic space for online collaboration, a forum for information dissemination, and a tool for organizing.”

Users of the software can allot a specified amount of monthly bandwidth to friends, family, and passersby on a separate guest network without requiring a password. They can also configure many settings on their router through the user interface. In addition to all this functionality, the router is also very secure. If you would like to download the software on your router, be sure to check the OpenWireless Project website.

From the beginning EFF asked that the application be designed for “mobile first” which aims to simplify the user experience. The people who are most likely to install this open-source software on their routers would probably prefer to configure their setup via computer, but if the free Internet movement is to expand beyond technologists, then we must plan with other groups in mind.

Keep It Simple, Stupid

Balancing simplicity with security is a key step in bridging the gap between technologists and non-technologists. From the outset our designers, in conjunction with EFF, created a user interface that looked sleek and conveyed implicit meaning. The blue and yellow fields are all clickable; however, their color implies different types of interactions. The blue elements are editable fields that users can manipulate whereas the yellow fields are links that perform actions. This approach helped compartmentalize features and implicitly conveyed meaning to users.

In order to make our application more secure, we had to rethink the administration framework, LuCI, which was built into OpenWrt. LuCI is designed to expose all OpenWrt’s available configuration so that users can easily customize and change their routers. When development on the project began, we started by using LuCI’s JSON-RPC API and wrote additional back-end logic in Lua. As we reviewed the security of the router we realized that this API exposed too large an attack-surface for the use-case we were addressing. LuCI’s approach makes perfect sense where the goal is complete configurability. Our needs were different so we were happy to constrain what was available through the web interface and move more advanced configuration to a more secure SSH connection.

For these reasons EFF decided to switch to a dedicated Python back-end to create a much more constrained API. However, in the process we lost Lua's light footprint so we had to figure out a way to make Python fit on a 16MB router. In order to achieve this Ranga and the EFF team removed many of Python’s standard modules so that only the necessary ones remained. Thanks to the help of CeroWRT’s Dave Täht, we were also able to create a CeroWRT build that included our minimized Python libraries. This allowed us to be on the “bleeding edge” of router firmware and also helped us improve traffic management by reducing “buffer bloat.” The development team then rewrote the back-end code in Python.

While this was a great start to making our application more secure, we also wanted to prevent the router and its networks from becoming compromised. In addition, we implemented CSP protocols to defend against XSS and CSRF attacks. Much of this initiative was led by Jacob Hoffman-Andrews (@j4cob) from EFF who also helped implement the SSH key upload functionality.

One of the biggest challenges we had towards the end of the project was cumulatively tallying monthly bandwidth usage. We needed a way for router owners to track the amount of bandwidth used on their guest networks. We could easily check how much bandwidth had been used at a given time using an IP Accounting utility called ipaccount; however, continuously running iptaccount would hurt router performance. In addition to that, iptaccount does not handle router resets. It took some algorithmic acrobatics, but essentially we ran a Cron Job once every hour to record iptaccount's output and compared that to the router's uptime. If the router was reset then the uptime time would be lower than expect. When we detected a router reset we would then add the byte count before reset to the cumulative byte count. We also added a feature on the settings page so that users could manually reset their accumulated data and restart the count.

Just the Beginning

Looking back on this whole experience, I find it encouraging that a few people from EFF and small team of ThoughtWorkers composed of Stephen Winter, Louis Knapp, Alberto Saavedra, and myself, could develop so much in one month. In the past, router software security has lagged behind the most secure websites, but I believe this project has helped raise the bar for router security standards. EFF has continued to tackle router security issues and recently hosted a router hacking competition at DEF CON 22. The competition helped expose some vulnerabilities in current router models and will help raise the standard of router security. While both of these initiatives are great assets to the Free Internet movement, I think our partnership with EFF was a victory because we united technologists and non-technologists by delivering something both parties will enjoy. Defending the Internet is a long and arduous process, but this project is a step in the right direction.

If you would like more information on the OpenWireless Project or wish to install the software on your router, visit https://openwireless.org/router/download. For those interested in contributing to the project make sure to visit the github repo.

Events

Learn more about and participate in our thought-leadership events across the world.

Find out more
  • What we do
  • Who we work with
  • Insights
  • Careers
  • About
  • Contact

WeChat

×
QR code to ThoughtWorks China WeChat subscription account

Media and analyst relations | Privacy policy | Modern Slavery statement ThoughtWorks| Accessibility | © 2021 ThoughtWorks, Inc.