Hey! Looks like I’m the first one here! I just have a simple question. If I set time limits for my children, will I be locked out at the blocked times also?
No. You can set time limits for your children only, while enjoy unlimited Internet access for yourself. Time slots (we call calendars) are assigned to profiles, which are themselves containers for devices and users. You and your children can belong to different profiles.
How many different profiles can we have? Can we have user or device (mac or static IP) dependent whitelists and blacklists? If independent blacklist / whitelists, will it be user-based (enter a password to connect to the internet each time), or mac / static IP dependent? Can the static IP (if done that way) be administered from the router so that the client can’t clear that for themselves? Can we have a profile (specific whitelist / blacklist) dedicated to guests? How about QOS … can that also be assigned to a profile? Lastly, can we make sure the whitelist / blacklist works so that whitelists can punch a hole through a blacklist? My current provider (buctools) has a hard time with that, for like certain blogs, while screening out all other blogspot.com blogs.
I am actually okay with an annual service fee if reasonable, to maintain categories and a community to address concerns, new threats and workarounds as they happen, and I think you’ll find most people are. In fact I prefer that if it insures I’ll get great customer service.
Might I suggest that you do some market analysis to make sure your “no service fee” is as big of a selling point, and that perhaps a different selling feature will be your best bet. Remember skydog was enormously successful despite a service fee. Perhaps your marketing angle would be more successful if pitched the way phones are pitched … free, but you pay for 5 years service upfront. After that you are free to continue using the device with or without the live updates. That’s similar to SkyDog but a longer pay-off time so you can sell the units basically as free. Or maybe 3 years, with a setup fee … anyway you get the gist.
12+ years of self employment in the high-tech arena myself, half in design, half in manufacturing … I’ve made the mistake of giving away the cow with the milk. It is very hard to provide the level of service customers want in the long run when you do that, and to facilitate a lifestyle where you can get someone to do the administrative as you grow the business in other ways, or just reap the rewards of your efforts down the road. You won’t be wanting to resolving customer issues yourself forever, and there is something very satisfying knowing that you’ve created something valuable that will outlive yourself. Hard to do when the internet and it’s challenges changes so rapidly.
Something to investigate … I work with leasing companies that based on the assumed credit of the customer, based on who they are (and I think your target customer will generally have a high credit rating) they will give you upfront the money you need for each router and bill the customer directly themselves for each unit sold. Usually this is done for much higher priced items, and corporate customers, but they might do this as well. They end up charging a whopping 10% interest, but it really makes things easy for everyone. The customer, instead of forking out $120 upfront, starts paying $5/month over a period of a few years. After the lease company get’s their piece they continue acting as a billing service for you and the interest for them becomes a billing fee. Just an idea.
@davea0511 Thanks for the great suggestions! First let me answer the questions.
How many different profiles can we have?
There’s no limit to the number of profiles you can have. Theoretically, it is limited by the amount of ROM/RAM available on the router. Our entry level model will have 8MB ROM and 64MB RAM.
Can we have user or device (mac or static IP) dependent whitelists and blacklists?
If independent blacklist / whitelists, will it be user-based (enter a password to connect to the internet each time), or mac / static IP dependent?
Both. If you don’t configure a proxy at the browser, the user identity will be based on the MAC address. If you use the authenticating proxy at the browser, you have to enter user name and password to authenticate.
Can the static IP (if done that way) be administered from the router so that the client can’t clear that for themselves?
Static IP can be administered from the router. But if a user configure static IP on the client machine, the router cannot override that. However, user identity is based on the MAC address, not IP address.
Can we have a profile (specific whitelist / blacklist) dedicated to guests?
Yes. The default profile applies to all connected devices. To apply a different profile to a device/user, you have to specifically assign that device/user to the target profile.
How about QOS … can that also be assigned to a profile?
Currently there’s no QOS feature. We are still testing different QOS mechanisms in order to decide the best way to do it.
Lastly, can we make sure the whitelist / blacklist works so that whitelists can punch a hole through a blacklist?
Apparently, if you blacklist blogspot.com then whitelist it, the router will be confused. In our implementation, the more specific domain/URL wins. For example, if you blacklist .edu but whitelist utexas.edu (yay!), then you cannot visit any .edu site except utexas.edu. Remember that if a site runs HTTPS, then no information is available about the request path, we can only block or pass the whole domain.
We are targeting this router for families that need to manage their kid’s online experience. Based on our initial market research, annual subscription fee is a turn off for a lot of families. Compared to Skydog, which had to manage their own DNS and filtering categories, we can leverage services such as OpenDNS, which is already trusted by millions of users. Since we don’t have to actively manage DNS servers and website categorizations, we figure we can pass the savings to our customers and make the device affordable for more families. You are absolutely right, with an annual subscription fee we’ll have more financial resources to offer better customer service. If the need arises, we can consider offering the basic router free of subscription fee but premium services with a fee.
Thanks for the input. Please help us spread the word. Let’s work together to make the Internet a safer place for our children!
Thanks for the reply. Note that Using MAC addresses I did have a problem with my son’s desktop computer (not laptop) in that he used a wifi dongle (renting and can’t route an ethernet to him). Due to the way the usb dongles work, his MAC address changed when he unplugged and plugged the dongle back in. It would be nice if the router could be designed so that they were identified in some other way, if not by Static IP.
About whitelist/blacklist, you are saying that in an HTTPS, you cannot whitelist a subdomain (eg. myblog.blogger.com) if the domain is blacklisted (eg. blogger.com)?
Thanks for the responses!
@davea0511 I’m not sure that the MAC address will change just by unplugging and plugging back in. I think the MAC address is hard coded by the manufacturer. That’s why you can look up the manufacturer by MAC address. However, MAC address can be spoofed by software. For MAC address based filtering to work, the anonymous group should have the lowest privilege. You elevate privileges by adding specific MAC addresses to more privileged groups (or profiles in our vocabulary). So if someone spoofs a MAC address, more likely they’ll fall back to a less privileged group.
For HTTPS, we can whitelist/blacklist domains and subdomains, e.g., blogger.com can be blacklisted but myblog.blogger.com can be whitelisted. But we can not tell the path, i.e., distinguish between https://blogger.com/ and https://blogger.com/good-article.
I’m just telling you what I experienced, and not just a couple times (at first I thought I was going crazy). According to this (http://forums.androidcentral.com/verizon-galaxy-nexus/147857-wifi-mac-address-changes-every-reboot.html) it can happen when there is faulty MAC-addressing hardware on the device side so the OS spoofs a MAC address so you can still use the device, which spoof changes each time you reboot (come to think of it, it was after reboots, not plugging and unplugging).
So likely the dongle was faulty … and the low-privilege anonymous looks like a good option.
Am understanding better how it handles HTTPS, which I understand is a problem with HTTPS, not the router. Thanks!
Hi there! In addition to a router with parental control, I recommend to use keylogger software, such as Refog (http://www.refog.com). As a result, you will be able to know what sites your kids visit and the time to recognize and prevent the threat to them. I will be happy if my advice would be helpful.
You must be logged in to reply to this topic.