XS4ALL is much more than a competent ISP. It is the essence of the Hacker. The founders are a mix between the EFF and RMS.
This 10yo interview with one of the founders (Rop Gonggrijp) is fantastic and covers their fight against Scientology, lock picking, privacy, governments using terrorism as a pretext for power grabs, etc. (in Dutch)
(Anecdote of what I personally greatly admired: they used to run a hybrid SSH server on their main website, "xs4all.nl", on port 80. the SSH protocol is a "server-first" one, but HTTP is "client-first", so if you pause the SSH banner for a few seconds, you can basically host both on the same port. this allowed me to defeat many a draconian proxy back in the day; nobody would block a huge ISP like xs4all.nl on port 80. Truly unique.)
> the SSH protocol is a "server-first" one, but HTTP is "client-first", so if you pause the SSH banner for a few seconds, you can basically host both on the same port.
In the interest of accuracy, the condition we are looking for is that there is at most one "server-first" protocol in the set you want to multiplex between on a single port, right? Because realistically, any numer of client-first protocols can be distinguished with some heuristics?
A similar ISP, very much alive and kicking, is https://www.init7.net/en/ in Switzerland. In particular, with their fiber7 brand (see https://www.init7.net/en/internet/fiber7/), they tick all the boxes mentioned in the article: no caps, fully symmetrical gigabit fiber, ISP actively promoting and pushing net neutrality, ISP actively engaged politically, very knowledgable support staff, etc.
I've been a customer of Init7 for several years. They're amazing. Some more boxes to tick:
- Use your own hardware, no crappy ISP router required
- They host a Netflix cache server, in contrast to ISPs actively limiting bandwidth
- They launched https://mirror.init7.net/ after Switch announced they would stop running https://mirror.switch.ch/
* their fiber offering is just plain ethernet, so if you have a switch with an SFP slot, that's all you need (well aside of whatever you use as a router - but in my case, that's a VM running PFSense - you're totally free to chose whatever you want). Fewer moving parts means fewer issues.
* they hand out native IPv6 addresses and if you ask them, even a static prefix (for free)
* if you get a static prefix, they even delegate the ip6.arpa zone for reverse lookups
* total soft-factor: their support people use Dovecot Mail under Linux and their press releases are written in Libre Office
Disclaimer I have no relationship with them aside of being a very, very happy customer and I once brought them two bottles of whisky as a thanks for being really quick to set it up for me after I waited a long time for the electrician to put the fiber in my apartment.
I don't know what mirror switch is, but XS4ALL also has Netflix boxes. I didn't actually realize that it might be a special thing: why not reduce your transit traffic? But now that you mention it, yeah, murica.
And XS4ALL is also fine with you using your own hardware, but so are all German ISPs by law so that's not super special.
It's also not rocket science to clone their MAC and do the authentication afaik. But I've never had to do it so I'm not sure if it seems easier than it is.
In Germany before that law, they made sure you wouldn't get the credentials to roll your own. There were some tutorials around how to extract your PPPoE credentials from certain cheap DSL routers, but many were fixed over time, so if you really wanted to do it, you had to open the box and read the EEPROM by external means. Cable modems always have a certificate baked in and were tied to your account, so just cloning the MAC didn't help.
Some American ISPs have realised they can shake down Netflix for cash by refusing to install caches, connect at peering points and suchlike until Netflix pays them.
Some Americans can only get broadband internet access from a single company, so they don't have the option to move ISPs when their Netflix access is degraded.
Upon re-reading I see how that sentence was badly written. I meant that there is at least one fairly large country (a neighboring country even) that mandates this, so I don't consider being allowed to use my own router very special.
To give an idea about how great support is, I as a customer emailed them asking for them to peer with a particular network I was heavily using and within about a day they actually did it.
On another occasion I was having problems with my own equipment and they were able to help diagnose it and loan out SFPs to see if they helped. The equipment's manufacturer was not so generous (buy more stuff or fuck off).
Same experience here. Tweeted at them saying my latency to Hetzner had regressed by 10ms (w/ smokeping graph as proof). They replied the next day saying "we fixed it", and actually improved latency by an extra 5ms from my previous baseline :-)
It's still a magical feeling for me to have a stable 0.8ms latency to 8.8.8.8 (0.7ms if I plug in directly to my media converter without any switching equipment in the way).
I concur with the other reply regarding privacy but I'll add that according to SmokePing, until 5 days ago, CloudFlare took 6ms total to resolve a query, compared to Google at 900 us and Init7 itself at 106 us.
Init7 is covered by Switzerland's braindead data-retention bill due to being an ISP so it's out, leaving Google the best acceptable performer for me.
I'm perfectly comfortable sending my DNS traffic to 8.8.8.8. I have a pretty good understanding of how Google handles my DNS data, and I don't have any specific reason to trust Cloudflare better.
Has been (and is) my ISP for more than 15 years. It's so sad to see it go, as decided by KPN. Apparently XS4ALL workers new about this decision just 30 minutes before the public announcement.
It's also the ISP I definitely have the best support experience with, always happy to help, even with personal projects. It's tragic to see a brand like KPN (which is generally considered quite bad) kill XS4ALL which is generally seen as a quality provider. KPN says nothing will change for existing customers, but I don't believe in that.
Sadly the alternatives are very limited. In the area I currently live in I seem to have two other choices, one of which is KPN. Neither come close to what XS4ALL _was_. These alternatives don't properly support IPv6, they force you to use some obscure and locked down router, etcetera.
I hope some hardcore XS4ALL workers will fork the company to set up a new ISP to provide similar activities.
Ziggo (Liberty Global) gives a good bang for the buck if you look at the speed you get versus what you pay for. They give either native IPv4 or native IPv6, not dual stack. They're a big multinational with a rather terrible helpdesk (compared to Xs4all; not compared to KPN I guess). I mean you could even phone Xs4all's helpdesk and ask them basically any technical question you had. Ziggo don't give Usenet access anymore. They don't give shell access. However you can put their modem in bridge mode, and you don't have to play around with VLANs because DVB-C gives you the TV signal.
I really hope this customer petition effort has some effect. It's been amazing that their parent company KPN (for context: a run-of-the-mill huge telco) effectively let them alone, do their own thing, for so long. XS4ALL truly has been a force for good in the Netherlands.
I wonder whether numbers are related - admittedly when faced with the choice for a new telco I ended up not choosing XS4ALL simply because they're more expensive than other offerings. Maybe they just gradually shrunk, year after year? That'd be an acceptable reason to shut down, despite how great the company is on other dimensions.
It's a shame they were stuck with DSL for almost all of the Netherlands. Fiber deployment is very limited and DSL has been inferior to cable for 10+ years.
I and most other tech-minded people I know switched to Ziggo (the largest/only cable provider) because they could provide 5-10x faster internet at around the same price. XS4All became even harder to justify than when it was just a slightly more expensive DSL ISP.
54 EUR EUR a month for 200/20 mbit (provided they deliver at your premises)
Where Xs4all is more expensive, is TV, which is actually KPN's.
Previously I had the choice between good quality VDSL2 from Xs4all (or KPN etc) and slightly cheaper Ziggo. That's before they merged with UPC. I consciously picked Xs4all because they deliver a far better service.
When I switched in 2012 I went from 40 Mbps VDSL down, from which I got maybe 14 Mbps tops in practice to a 100 Mbps down cable connection, which I frequently hit. The shop I worked at similarly got a boost from a 40 Mbps VDSL (really 25) to a real 150 Mbps down around the same time. In 2016 I moved to my current apartment and 40/4 was still the max, while I could get 300/30 from Ziggo. Hence my 5-10x claim.
YMMV depending on the copper quality of your neighborhood and distance to the neighbourhood connection point (I don't know how to translate "wijkkast").
I have little experience with VDSL2, but in my experience xDSL delivers a lot less than the theoretical max and has a lot more variance than DOCSIS.
Probably a lot of people ended up not choosing them simply because they are more expensive. You do have to distinguish yourself in the marketplace and XS4ALL has failed in that regard for a long time. All they have left really is the name and history.
People aren’t going to pay extra for a reskinned KPN service.
KPN meanwhile majorly improved their service with extensive free installation service while XS4ALL remained with the useless Gideon offering.
It is not just a reskinned KPN service. Xs4all offers a lot of technical advantages (e.g. being able to configure the ISP-side firewall to allow port 25 access).
The problem is that the market of tech enthusiasts is very small. At the KPN-scale, it is financially probably more attractive to streamline operations and to lose a few tech enthusiast subscribers than to keep several separate operations.
That said, Xs4all gave KPN the moral higher ground, plus testing grounds for new technology.
Did you read the article? It shows many ways in which XS4ALL differs from other ISPs/KPN. Furthermore they run part of their network infrastructure themselves and put a lot of care into it, resulting in less downtime than other ISP's. Sure if you don't care much about your internet connection or the original values of the internet then you won't notice these differences, but I gladly pay a bit more for their outstanding service and support.
If you don't care about anything, you might as well have CGNAT. If you care, it's easy to see what XS4ALL does better: you don't get a locked down xperiabox, you get ipv6, you get good customer support, you get to set your reverse dns, you can set a carrier grade firewall if you want... I don't know how you can say that it's no different. It's different in the same way that a $4000 or a $400k car will both get you to your destination, but one has a lot more features than the other.
You can get IPv6 with Ziggo; it will utilize CGNAT. Its terrible. Things such as connecting over LTE to IPv6 OpenSSH won't work if the LTE is IPv4 only. Things like P2P (BitTorrent) or PlayStation won't work. For a proper networking connection you need either dual stack or IPv4. If you get such a router from Ziggo call them up and tell them you want/need IPv4.
I did that and they told me I had to give up v6 for that, so I noped out of that one. I'd rather have the new protocol than be stuck with the old one. If I need a v4 address (which I did to host a game, I was amazed ziggo pulls this on people and they're not required to have huge warning signs like "you're not really getting a normal Internet connection, you're gonna share an IP address with a million people and not be able to use it in the expected way") I'll do ssh forwarding (-R) to my box at XS4ALL.
Yes, Ziggo don't provide dual stack. It is either IPv4-only or IPv6 with CGNAT for IPv4. I'll take IPv4 in that case, wait till the rest of the world has either dual stack or IPv4, and then once the whole world has IPv6 I'll be OK with IPv6-only.
Ten years ago or so, I was a DDS subscriber. I once send an e-mail to support and was answered by a technically competent sysadmin. If KPN destroys XS4ALL, I might move to DDS again (if they offer fiber in my area).
This makes me all nostalgic about those early internet days. DDS was a fantastic idea. I'm surprised it still exists. Who owns it now? Can we all support it into something like xs4all was?
I'd rather they create another ISP that can work hard to earn our trust. As we can clearly see with this XS4All news it isn't bad to have more than 1 option.
Good point, but my worry is that promoting themselves clearly was never XS4ALL's strong suit, at least compared to other ISPs who cared more about profits, so that might be an uphill battle.
I haven't been with xs4all since their earliest days because I had internet through my university back then, but I do know them from when they were still called Hacktic Netwerk.
They're great. Their helpdesk is widely known to be the best. I've got my digital TV through them, and when I called their helpdesk because it failed to record an episode of Doctor Who, their helpdesk could point me to a website where I could watch it legally. They're geeks like me. In fact, I've known quite a number of people who work/worked there.
I'd be really sad to see them go, and I agree with the article: it sounds unlikely that KPN will fight for digital rights the way XS4all has done.
Wait, what is this going to mean for my email address? I hope they'll keep xs4all.nl email addresses active, or this is going to cause a lot of problems for me.
> I lived in Belgium for a while, a country that still has data caps on landline connections, and moved to Germany last year. I have not been able to find an ISP even remotely equivalent across three countries.
I had the same issue when I moved to the UK; no equivalent ISP that I could find. Very disappointing :-(
The entire thing reminds me of the Laurus debacle[1]; KPN wants to be a "consistent" brand, but in doing so they are alienating a small yet sizeable and incredibly loyal customer base. I was an XS4ALL customer for almost 15 years: from the moment I got my first apartment until I left the country. I never considered switching.
They're not the cheapest in the market, but their market positioning is pro-privacy, anti-censorship, high customer service for expert users.
My connection with them has proved very reliable. I haven't had much cause to use their support, but when I have they've been helpful and communicative.
Demon Internet were the closest thing to xs4all. They were the only ISP who could provide me ADSL when I lived in the UK. Back the BT had marked our entire new build housing estate as being too far from the exchange to get it despite the fact that we had fibre up to the last 100 meters or so.
For five years I was the only person there who had ADSL.
In The Netherlands I've been a loyal customer of xs4all for 12 years now but with this move I've signed up to Ziggo. Got to hit KPN where it hurts.
ADSL2 is max 24 mbit. You probably mean VDSL2. If you can get fiber, Xs4all's 500/500 costs only 3,50 EUR more than Ziggo's 500/50. VDSL2 is max 200/20 and that package costs 58,50 EUR. Which is 4,50 EUR a month more expensive than Ziggo's 200/20 which is 54 EUR. If you want TV the comparison becomes terrible (for Xs4all) but the interactive TV is KPN's anyway.
i moved also to ziggo. kpn has got shit lines. ziggo is not too bad these days and kpn only breaks good things. look at their track record of company take overs and you will see what i mean.
+1 also for GreenNet, a small UK isp whose been going since the 1980s and offer rock solid static ip ADSL and fibre. Their support is great, the time I needed to call them I literally dialled straight through to one of their engineers. They use renewable energy and you use your own router.
I have been a customer with Xs4all since I think 1993. When the uni decided it it might be a good idea to have at least some security policy on their network. Nowadays it just is small stuff I keep around for historical/sentimental reasons.
It is to the credit of the good people at Xs4all that they kept their relative independence for so long after being bought.
I won't be signing any petitions to keep the label. I would like the experience of a knowledgeable, innovating and activist ISP back which has been slowly deteriorating since the buy-out. I don't care about labels. Keeping the label around for service that is going to be far less is actually not a compliment. Like Ben and Jerry's made by Unilever.
So thanks for all the help, discussions and service. It was fun while it lasted.
> It's not some locked down rebranded stuff like with most other ISPs, it's the real deal: your router, you configure it how you want it.
Well, they did once force a Fritz!OS upgrade when I wasn't ready for it, even though I disabled the option that allowed them to do that. So they did have a kind of back door on that router at that time. Still a great deal though.
Oh, so that wasn't just me! I also disabled isp management and automatic upgrades, but it was still upgraded. That was the update where they removed telnet access. When I called them, they claimed not to know of anything, so I assume it was AVM that pushed it. Probably the same thing would have happened if it would not be isp-issued.
Been disabled for years, iirc for modern FritzBoxes there is nearly no way any more for jailbreaking.
Makes sense though as many phishing attacks went through that avenue. A pity that when one as a vendor gives the ability of lowlevel access to appliances installed in homes, evil people will exploit it in a heartbeat...
Even though XS4ALL uses the KPN network, XS4ALL uses their own routers, switches, data centers, and can offer better service and privacy. Not a mere label, the brand XS4ALL. I chose to pay the somewhat higher price (set by KPN by the way) for that service.
What I've noticed the past few days is that quite a few people who bemoan XS4ALL going away, actually chose different providers to get lower prices. Seems hypocritical to me, but also in line with what most people seem to prioritize.
VDSL2 speeds are not up to par in every region, city, neighborhood, or even building. If you can get decent VDSL2 speed and don't care for TV the comparison with Ziggo is quite equal.
> XS4ALL hosts the the European copy of the Internet Archive since 2004. When I was in their datacenter I saw the box (it has a nice Internet Archive label), but did not realize that it was a complete copy.
Is this still true? No way does the IA fit in "a box" today. A building maybe, but not a box.
Still, not sure this still exists or what scope it has - I thought establishing a full secondary mirror was something the IA wanted to have, but didn't achieve yet.
I have seen this somewhere around 2014 when I got a tour of one of their datacenters, it definitely was more than one box, iirc it was a couple of 4u boxes, maybe half a rack high. It think it was marked with the archive.org logo.
This is most likely only the website archive and not the media. It can be highly compressible (as it is html). I would not be surprised if a large rack filled with 4U boxs filled to the max with drives could house much of that.
really tragic. they brought internet to the netherlands and they get put down by some old phone company one who's network they started to pirate internet... it's the only really good isp in the netherlands even though these days is still only a fraction of their glory days. love xs4all, very good and nice company and did a lot of important work for the internet not limited to only the netherlands
I feel rather the same about Demon Internet, one of the earliest UK ISPs which started as a 'tenner a month club' back in 1992. Got sold off in 1998, has been shuffled around various corporate owners until it ended up with Vodaphone - who have just decided to finally kill it.
i used to hear about Demon internet in the old counter-strike days :D shame these smaller players get put down like that. A lot of these bigger ones like kPN in our case believe that all will become just a small handful of big corporations. so they try to buy up a lot of smaller players and then just gradually kill them off to try and keep ahead of the other players.
The other thing to realize is there is essentially two main players on the Dutch Internet market: ADSL (over phone lines run by KPN but any ISP can wholesale their services) and Cable (run mainly by a Ziggo/Vodafone). Cable requires a TV subscription and ADSL requires an active phone line. Both parties have invested in their network quite a bit and have triple/quad play packages (integrating TV, Internet, Phone and Cell Phone).
I can in some way understand KPN needs to slim down their offering in order to better compete with Ziggo, but this will likely bite them in the but. Another brand Telfort is also being shuttered: it's their no-support, cheap brand. Generally services sold under KPN's brand are one of the most expensive.
I have FTTH from XS4All. FTTH has unfortunately not been rolled out enough. One of the advantage is I can take just the internet line and not have to pay for a phone line or TV service I don't use. There's other ISPs that I could choose from, but Xs4all have a good package, not outrageously expensive.
> FTTH has unfortunately not been rolled out enough.
Much of the effort driving the rollout of fiber was done by a company called ReggeFiber. KPN saw it as a threat, bought a majority stake in ReggeFiber and killed most fiber investments. It's classic monopolistic behavior by an incumbent and it's a major failure of telecom regulators that they allowed KPN to buy ReggeFiber.
It's also extremely short sighted given how KPN is totally losing the speed battle against cable. It's like they want to go to shit.
EDIT: just found read comment (from an account created to write that single comment‽): https://news.ycombinator.com/item?id=18920213 - looks like someone at KPN had a change of heart.
They have nodes in EFnet and QuakeNet and had one in IRCnet back in the day.
Doesn't strike me as odd, here in Spain most major ISPs had a stake in the national IRC network, back when latency mattered and IRC was a selling point.
>They were bought in '98 by the former state-owned KPN
As if they couldn't avoid it. The owners of XS4ALL sold the business to KPN. They knew what KPN was going to do with it (dismantle all the "cool" stuff) and didn't care, they just wanted their cash.
They were bought in 1998 and managed to keep their unique way of doing things for 20 years afterwards? Sounds like the founders negotiated a seriously good outcome.
I really don't understand how you can call anyone a sellout with a spectacular outcome like that. Most acquisitions go like "nothing will change, pinky promise!" and then 6 weeks later "oh btw we're discontinuing $WHY_YOU_LOVED_US".
As recent as yesterday I still saw an XS4ALL commercial on national television. It doesn't make much sense to keep investing in a brand that will soon cease to exist, but perhaps the campaign was planned already before the sudden decision came in.
I feel like this was doomed to happen sooner or later, but I wonder if this happening now has anything to do with the new KPN CEO being appointed last April.
To add my anecdote on this topic: I was cut off as well. I had a friend who used my wifi with an infected laptop. I had no trouble getting the block removed the next day, but it probably helped that I use Linux and was not the real source of the malware. My friend was unable to clear his laptop, he had to reinstall windows. I thought the action was reasonable, since the laptop of my friend had become a real hazard.
I recently moved away from them since it was much more expensive. I now joined T-Mobile (€40/month for 750mb/s) but they deliver their Wi-Fi with a Huwawei router. A free spy device from China! When I wanted to change it, I found out they do not support customers with different routers. What the .
They are required by law since 12 December 2016 (actually earlier but it is most definite since then). There is however a (continuing) consulting period for ACM rules to clarify and synchronize the rules for all connection types which has not been concluded and offers them a 'way out'.
In my last move, I had to switch away from xs4all. I always was happy to use them. The ability to open all ports, an essentially static ipv4 address, and even full control over reverse-DNS.
I was sad to leave them, I'm even sadder they are shutting down.
now i'll get to laugh at my dad for being with kpn of all things. and i will no longer have to listen to his arrogant bs about xs4all. praise the lord.
SpaceX is launching global broadband LEO satellite internet over the next few years. They are developing their own silicon to reduce supply chain issues. Hopefully they bring real competition to the last mile globally, both on policy and price. Target latency is 35ms.
The "last mile" is not as much a problem over here in The Netherlands than it is in the US. It's more that Xs4all was one of our first ISPs, always on the forefront of freedom of speech (fighting tooth and nail against a court order to block TPB or dragnet-like intelligence monitoring by our gov), highly competent and overall a very well-known name.
Exactly. I don't mind paying a bit more to support an ISP that fights for our rights and those of others, and gives us access to the full power of the internet. Maybe KPN will continue the latter, but it's hard to imagine them doing the former. I mean, if KPN does fight on the forefront of internet freedom, that would be absolutely fantastic, of course. But it doesn't sound like them.
The last mile is a problem for many people who live in the rural areas but they're able to easier get FTTH because getting to the percentage for petition is much easier in small, local community. Many people get terrible DSL speeds and are doomed to use ADSL2 (if they can get that). Companies like KPN dropped the ball with FTTH, instead milking VDSL2 till it could no longer compete with Ziggo's cable.
Aside from the fact that any US company is an instant no-go if you care about your privacy (and that last mile isn't an issue in the Netherlands), 35ms is actually quite a lot of latency if you're used to a Dutch connection (which will hover around 9ms for a cable).
Given the history how US companies treat privacy I would not bet on them. I would never chose a US vendor that sells my data to the highest bidder. This is standard practice for ISPs over there, also injecting ads, having terrible service and being really expensive. Unless SpaceX addresses all of these than maybe they become an option.
They would struggle as "global ISP" if they go down that route. If they can control their hardware supply chain, they have a chance to displace much-disliked cable companies.
You'd have to take the fact that they fight this on faith, and given the track record of basically every US company so far... You'd have to be very naive.
This 10yo interview with one of the founders (Rop Gonggrijp) is fantastic and covers their fight against Scientology, lock picking, privacy, governments using terrorism as a pretext for power grabs, etc. (in Dutch)
1 https://www.youtube.com/watch?v=CptNDlLKYxA
2 https://www.youtube.com/watch?v=o9e4rlKIFW4
3 https://www.youtube.com/watch?v=6fJMnrT4u0k
4 https://www.youtube.com/watch?v=Bek2Rrefwlw
End of an era.
(Anecdote of what I personally greatly admired: they used to run a hybrid SSH server on their main website, "xs4all.nl", on port 80. the SSH protocol is a "server-first" one, but HTTP is "client-first", so if you pause the SSH banner for a few seconds, you can basically host both on the same port. this allowed me to defeat many a draconian proxy back in the day; nobody would block a huge ISP like xs4all.nl on port 80. Truly unique.)