Fun FON hacking


With FON now selling their “social routers” for $5 a piece it seems like a good time to mention Hack-A-Day reader [Steve Anderson]’s previous FON hacking experience. By purchasing one of FON’s subsidized routers you agree to participate in their network for at least one year. Steve had a look at the patched OpenWRT firmware FON uses and found the heartbeat system they use to monitor compliance. He then swapped out the firmware and spoofed the heartbeat with a cron job. This hack is an ethical trade off: remove FON’s firmware and violate their terms of service or keep FON’s firmware which probably violates your ISP’s TOS. In related WRT54G news: you can now flash Linux onto v5 and v6 routers without hardware modification. So if you’re at all worried, just buy one for the regular price off the shelf.

[thanks bird603568 and fucter]

40 thoughts on “Fun FON hacking

  1. love this stuff have u a idea of how to fix a bad firm wear upgrade on a bt 24o voyager wired router rooter will not boot up have had problems with this router from day one but thanks bird love ur hack steve preece

  2. The FON hacking article has been pulled. Too much publicity about it is too likely to draw attention from FON, and it’s not worth it.

    I recommend, if you want to throw out the FON T&Cs, that you get the source from FON’s website and spend a little time figuring out what’s going on. Me, I’ve got a family to think about.

  3. well crap. I had been visiting the website off and on for the past few weeks. It really was the only site that had infomation on the router. Tell me irregular shed, did you finally get a cron job to work?

  4. Very interesting piece of info, but one that helps nobody. Nor FON, nor ISPs, nor us, nor anyone I can think of. It is just like a recipt for a well-done atomic bomb made of sugar, water and salt, it would help no one. My respects for the “irregular shed” but my hacker ethics tell me that I’d not post anything that can bring no advance (but trouble) to the comunity. Greetz from Brazil!

  5. That’s not fair tp fon. Come on you should’nt even post this. Its borderline unethical just to put it out there. Keep doing this and no company is going to trust us to engage in these interesting type offers with the poorest of us users.

  6. I also want to mention that someone(I forget who) determined that the mac address that fon sends via the heartbeat function is the wlan interface’s mac, not the one printed on the bottom of the router (wlan mac should be 2 digits higher e.g. ‘a2′ where the mac addy on the router ends with ‘a0′). And also, someone reported that the fon router ssh’s into fon.com once and a while, even if no one is connecting to the hotspot, and the auto-firmware upgrade is turned off, no one knows why yet.

  7. Wow, with this discussion I’m glad I posted “just buy one for the regular price off the shelf”. When cheap routers from FON came up the first time the possibility of Linux running on future WRTs looked very bleak and FON was one of the few ways you could guarantee running it. Things have changed since then. Now v5 and v6 (I didn’t know those exsisted) can be flashed without issue. I think most people reading this will see it for what it is: If you want to support FON, buy their router and if you want to play with Linux, buy your own router.

    I may post controversial stuff from time to time, but it is with the firm belief that the hacking community at large is good at heart.

  8. Is this possible?
    using your wrt54g wireless router
    as an antenna to pick up hot spots
    in an apt. complex. perhaps bridge
    router with hot spot in the area?
    how is this possible, i have onboard wireless
    antenna, and have 3 hotspots in my area but signal is “low”. can i use my router to pick up better signal?

  9. #12 just curious…. how do you not violate your ISP’s tos while not voilating fon’s tos? I’m not trying to put you down or anything, I’m just curious if you thought of something…

  10. I’m pretty sure that #12 means that you can choose not to play – buy a WRT54G from a store and don’t share out your internet connection publicly if it’s against your ISP’s terms-of-service.

    It’s not like a store bought WRT54G is going to set you back a whole lot of dough either, and you can hack it without fear of civil action.

  11. ahh okay I get it… I wouldn’t call not participating a trade-off per say– but I guess that works :P and I guess not all ISP’s are a part of the internet ‘access of evil’ :P

  12. in many cases isps don’t care who you *share* it with as long as you’re not reselling. Therefore, the only appropriate option is the free wifi sharing, not reselling.

  13. “#12 just curious…. how do you not violate your ISP’s tos while not voilating fon’s tos? I’m not trying to put you down or anything, I’m just curious if you thought of something…”

    uhhh. by not using a fon router? I know, it sounds like a crazy idea, but you have to try and think outside the box.

  14. 22… yeah nice patients in reading the thread ;)

    you need to have/do something if you want to trade it… so not participating isn’t so much a trade off as it is sitting on your butt :P so if not doing anything is thinking out of the box, most of us have been doing so complaining how someone else’s project is not a hack o.0

  15. lool the website author closed down the porojecty adn removed it from his site from getting into trouble does anyone on here has made any backups for the community please uplaod it then thxs.

  16. I am curious to note- how many of us would, without a second thought, decompile software, download music, reverse engineer a piece of hardware, etc, but found it repugnant to violate the tos from fon? I know I was horrified at the idea, but I can’t quite put my finger on why this more than any of those other tos/eula-breakers feels wrong. Maybe I’m wrong, but…thoughts?

  17. this is L
    i cant either, sometime next week i should be getting my fon router, i’ll sniff it for a couple of days and see what i catch. and i plan to, sometime in the near future, make a page(possibly a wiki) all about our fun with these things

  18. #26:

    I would assume it’s because fon is a cool idea from a seemingly cool company. We don’t really have a good reason to skrew them over. While with warez the assumption is you’ll buy what you like and music that you don’t want to support the authors getting raped out of 90% of the money / whatever.

  19. I got my FON router today. Started messing around with it. I was messing with the FON firmware’s firmware upgrade tool, thought I bricked my router. Just had the blinking power LED of death.. I TFTP’d Linksys’ firmware version 4 and got rid of FON.

    Whoever was against hacking the FON router… FON made 20 million dollars already on this. They’re not trying to be nice and create a big wireless community, they’re trying to make money off of YOUR ISP. Lame. So I have no guilt.

  20. Although no one is still following this, Fon is still shipping $13 routers ($8 ship) away and Google removed the cache of that very special page (although all you need to know is already in the comments here). It is surprising that Google didn’t remove the page sooner, since its been funding the Fon operation!

    What will you do with your router? I am currently using one in client mode as a wireless card to borrow a nearby internet connection. Another is set up to feed it back to the source! Imagine what they’ll think when they connect to the new network in question and see their own router lights buzzing!

    Fon is now shipping WRT54GS (speedbooster) V4 models by the way!

    I have one discovery to add: while monitoring airborne packets (redirected from the WAN port) from a fon router in airopeek, I noticed that instead of seeing heartbeats, I was registering strange pairs of CRC errors and notifications.

  21. Screw them over? I was curious about Fon and I decided to install the Firmware in my Linksys router from the Fon website. Like a bad virus, I can’t get rid of it. Fon support hasn’t answered my e-mails, my posts to the Forum on Fon’s website got deleted. Trust me DON’T use your own router and install the firmware. Buy the Fon router for the low price.

  22. Screw them over? I was curious about Fon and I decided to install the Firmware in my Linksys router from the Fon website. Like a bad virus, I can’t get rid of it. Fon support hasn’t answered my e-mails, my posts to the Forum on Fon’s website got deleted. Trust me DON’T use your own router and install the firmware. Buy the Fon router for the low price.

  23. I was thinking of getting my fon router (wrt54gs) and switching it for my older wrt54g
    Do you think they would have a problem with that?

  24. ha, i received a letter in the mail from fon today (how long has it been… a year?) anyway, they say if i dont turn my router on, that i wont be able to access free fon hotspots anymore, oh well.
    in other words, no finantial penalty will be bestowed upon me :)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s