I previously worked at a mid-sized ISP for 7 years. When I started, our most popular product was 33.6k and 56k dialup for $20/month. We offered Linux and OpenVMS shells to all customers, Usenet service, e-mail, spam/virus filtering, and free 24-hour technical support staffed by local people. We had lots of dialup capacity from the phone company (Ameritech) and connected our three POPs together with T3s.
ADSL started to make headway as a faster alternative to dialup and we lost customers. As part of Ameritech’s merger with SBC, the government required them to offer ISPs like ours access to resell their ADSL service at wholesale prices. Just like dialup, the telco provided the wiring, but the customer connected to our equipment and we routed them out to the Internet. As time went on, SBC started marketing ADSL much more aggressively, offering it to end users for cheaper than they were selling it to us. It was hard to compete with $15/month ADSL from a big company like SBC.
As Comcast got bigger in our area and upgraded their infrastructure, they started pushing cable Internet service harder and offered higher speeds than ADSL could do. Since we had no access to cable infrastructure and the telco was pushing us out, we invested in our own 10mbit wireless service. We ran leased lines to water and cell phone towers in each nearby suburb and put big wireless antennas on each customer’s roof. The equipment was new and expensive, it required hiring new employees trained in tower climbing, and cost a lot to maintain. We had to do daily truck rolls to realign customer antennas, we had to deal with interference issues with other equipment on our shared towers, and as we grew, we had to upgrade our connectivity to each tower. We replaced some leased lines with big wireless backhauls to other towers and then back to our buildings.
During all of that time, many of the other independent local ISPs got bought up by bigger ones, those in turn getting bought by even bigger ones. I can only remember one other ISPs that is still around and independent, and their website looks like it did back in 1999, still offering 56k dialup service.
Going on a decade later, Comcast is now merged with NBC and provides Internet, TV, and phone service in one. This company providing Internet service now has a financial interest in policing what its Internet customers are doing with regard to copyright, as well as monitoring what its Internet customers are watching in terms of media and advertising. A lot of users don’t even use their ISP’s e-mail systems anymore, opting for things like Gmail because it’s better than most webmail systems and they don’t mind targeted advertising.
I have Internet service from Comcast because it’s basically the only high-speed option in Chicago. ADSL is at most 6mbit/768kbit, AT&T’s U-verse isn’t available, and wireless options from companies like the one I used to work at don’t work in Chicago (too dense, too many buildings, have to install equipment on apartment buildings, etc.)
The telco got broken up and everyone can use their infrastructure, but it’s not very useful anymore. The fact that Comcast’s NBC merger was approved is a fair warning that they don’t stand a chance of being broken up any time soon, nor will they get regulated to the point of having to give up access to their infrastructure.
The idea of starting an independent ISP keeps popping up in my head, until I think about all of this and realize there’s practically no way to be an actual service provider anymore without having millions of dollars of infrastructure. The other day I thought, why not revert Comcast and other big ISPs into a dumb pipe and avoid dealing with expensive infrastructure?
This ISP could start as a “virtual” one that ships a hardware box to customers that acts as their router, but it just does an IPsec tunnel over their existing DSL/cable connection to this ISP’s servers somewhere. It provides the standard e-mail, webmail, spam/virus filtering, DNS, and other services that ISPs do, and it fairly routes your traffic out to the Internet without snooping on your data or acting in the financial interests of any other companies. Logging would be kept to an absolute minimum and user privacy and security would be the absolute top priorities.
I know there are things like Tor and the dozens of VPN providers around, but Tor is not a full-time solution and its exit nodes can be sketchy for plaintext traffic. Most of the VPN providers seem so shady and designed as just a “start OpenVPN when you want to download a torrent” service. I want to start a respectable company that people will feel comfortable routing all of their traffic through, as well as actually using it for their e-mail, Usenet, chat, etc.
As the company grows (or laws or technology changes), owning infrastructure and connecting users directly might be feasible down the road, but for now the service could just rely on the existing infrastructure and tunnel over it. The infrastructure needed for this ISP would be relatively inexpensive to start, just limited to a few colocated servers, a switch, IPsec terminator(s), and IP space. The technical nature of the service would attract mostly experienced users to start, so technical support requirements would be limited. The hardware box sold/leased to customers would be a small, low-power device capable of doing IPsec at up to, say, 30mbit/sec and have a web GUI for simple administration. The service could also support doing IPsec from a laptop or mobile device, to protect users at coffee shops and the like.
I suppose the question is whether enough people value privacy anymore enough to pay for such a service on top of their monthly Internet bill.
Towns have rolled out their own (really awesome) infrastructures and generally can provide homes with better service for a low utility fee. They get met with such harsh opposition from the monopolies. I think having towns invest in their own infrastructure is amazing… need more of that.
http://arstechnica.com/tech-policy/2009/10/want-50mbps-internet-in-your-town-threaten-to-roll-out-your-own/ http://arstechnica.com/tech-policy/2011/03/133-us-cities-now-run-their-own-broadband-networks/
Selling privacy is sort of selling insurance for the possibility that a customer’s ISP decides (rightly or wrongly) that they’re not following the TOS/copyright law and cutting them off. I think the people who consider this possibility are already technical and will have workarounds like Tor/VPNs in place.
Let me come at it another direction: yes, it’s certainly technically possible, but how do you sell it? Why does the average user want to pay Comcast, pay this ISP, and plug in an extra box? Educating people to sell privacy concerns is really hard. It may be useful but not a viable business.
It probably won’t make financial sense for many people even if it were its own dedicated end-to-end infrastructure. Paying three bills is too hard, so they’d rather just continue getting Internet, phone, and TV from the same company.
For technically savvy people that want a reliable company to do business with while still having their privacy respected, it might make sense. I just don’t know if there’s enough of those people to make it a business plan out of it.
The strange part is that it’s not really selling any privacy above the level you should expect, it’s just going back to the level of privacy and service there was 10 years ago.
I don’t know how I forgot it, but FreedomBox’s recent release reminded me. This seems to address many of the same concerns that you wrote about above.
I know you mentioned that “Most of the VPN providers seem so shady”, how your service will be different? I’m using tunnelr.com SSH tunnel for over year, and its alright. I don’t like VPN because usually online banking starts asking me about my SSN and stuff.
I am curious, if you are still paying Comcast/Time Warner etc on top of the new ISP, how do the incentives of any of the current players change? I suppose the new service could build out infra if it got enough money, but up until then it’s dicey…
Short of building a multi-billion dollar nationwide infrastructure, I don’t think the major players would even notice this ISP, let alone change their actions because of it. The goal is just to provide an alternative means of Internet transport for users that want privacy and support from a smaller company.
There will be a market for more VPN services once people start getting their 5th strike. I may have found this PDF here, still an interesting read – https://www.usenix.org/conference/foci12/vpwns-virtual-pwned-networks
Yeah but that’s what I mean about the VPN providers being shady, I don’t want to start a company that only attracts people using BitTorrent and doing illegal things.
Did you have any particular hardware in mind? What about the software side of things? Can we assume it would be built on top of OpenBSD?
My first thought is a tiny Soekris/Alix box running OpenBSD with probably a small web GUI for simple administration tasks (and things like “test whether my internet service works without the tunnel”). However, I’m thinking maybe some kind of ARM box would be better for energy/size, but OpenBSD wouldn’t run on it. I haven’t really nailed down any specifics yet.