OpenWRT vs. FCC – Forced Firmware Lockdown? [video]
cnx-software.comIf you're in the US please take 5 minutes and do something about this. This is a big deal.
Make a phone call about this:
> 1 (888) 225-5322
Send an email:
> Chairman Tom Wheeler: Tom.Wheeler@fcc.gov
> Commissioner Mignon Clyburn: Mignon.Clyburn@fcc.gov
> Commissioner Jessica Rosenworcel: Jessica.Rosenworcel@fcc.gov
> Commissioner Ajit Pai: Ajit.Pai@fcc.gov
> Commissioner Michael O’Rielly: Mike.O'Rielly@fcc.gov
Write a letter:
> Federal Communications Commission
> 445 12th Street, SW
> Washington, DC 20554
source: https://www.fcc.gov/contact-us
PLEASE put in comments on this proceeding, everyone! WE NEED YOUR HELP!
First I would advise you to understand why this is being done.
I don't understand your/his reasoning here.
* People don't enable DFS and they mess up radar for Airports.
* ~20 reported incidents, people are fined ~$25k and stop.
* Therefore we must make it illegal to change the firmware on wireless devices.
Only 20 cases? $25k fines!? Why can't we continue to solve this problem like this? The hobbyists flashing their devices with OpenWRT and then making a conscious decision to override defaults (upon which OpenWRT will warn you about legality) are a rare breed. Those that foolishly do this are being fined heavily.
I just don't understand the jump.
Because one case can (potentially) cause the radar to miss a wind-shear threat, which is precisely what the radar is there to detect. Missing that can cause a plane crash and kill anywhere from one to a few hundred people.
Given that level of potential downside (even if things would have to happen exactly wrong for it to occur), I'm not sure that "we fine them $25K and they stop" is the right trade-off. I'm not sure that "only 20 reported incidents" is a level that you should expect people to be comfortable with. I'm not sure "we'll continue to not be horribly unlucky" is a valid approach.
You would stop all WiFi experimentation just to decrease slightly the odds of inference with a radar that _might_ help prevent a crash? We don't live in a society focused entirely on safety. Safety is important, but it's not trump card that automatically beats all other concerns. When a proposed policy reduces risks only slightly but has large costs, we shouldn't enact that policy.
Now, who decides what "slightly" and "large" mean in this context? You didn't provide any numbers. Given that 87,000 [1] flights take off and land safely in the US each day and that there have been 20 reported TDWR inference incidents ever, we cannot justify the harm this policy would do to the technology community.
This is just a variation on the old "Turn off your Game Boys before takeoff, or the plane might crash" schtick.
The proper way to fix that issue, if there ever was one, was to mandate the implementation of avionics that can't be jammed by a Part 15 device. Instead, look what happened... we got a decade of silly, groundless rules that had no useful effect and were eventually scrapped.
Now it looks like it's the WiFi industry's turn. Gee, maybe putting weather radar right next to an unlicensed ISM band wasn't such a great idea. Maybe they're the ones who should move.
> Gee, maybe putting weather radar right next to an unlicensed ISM band wasn't such a great idea. Maybe they're the ones who should move.
Doesn't work that way. They're trying to detect air movement. That's hard; it's not possible at just random frequencies. You can't (effectively) move the radars without changing physics. They're at the frequency they're at for a reason, not just because of random bureaucratic decisions.
(Of course, it's not that simple. Of course you can move them - at some loss of effectiveness. How much, to move them how far? I can't answer that.)
I haven't looked into it in depth, but AFAIK weather radar works at X band, doesn't it? And it doesn't detect air movement, but water droplets, correct?
It's not quite the same as the gameboy. There have never been any instances of electronics interfering with avionics, but there have been quite a few instances of wifi interfering with weather radar. Also the weather radar was there first, and the issues were known right from the start.
If by "quite a few", you mean "20" - which is insignificant compared to the ~80K flights happening in this country every year.
20 that have been noticed and charged. One is too many. How would you like to end up flying through a thunderstorm or a microburst? Most of the cases happened in Puerto Rico, where they get thunderstorms almost every day at certain times of year. It just takes one plane to fly through a thunderstorm to give everyone a very bad day.
Kill all humans. That's a surefire way to prevent any more violations. After all, "one is too many". Your comments indicate that you're not even trying to balance different public interest concerns.
I'm a pilot, so I understand the issue first-hand. The simple way to balance all interests is to separate the radio software from the router software. Are you more interested in getting a cheap flashable router than in air safety? This has nothing to do with freedom, but more to do with people/companies being too cheap to separate the radio from the router software.
Not the best way to balance all interests - then you get into a wonderful situation like we have in the mobile market where there's a closed source, proprietary, unauditable (and therefore potentially hostile) blob running in the radio that can do evil things no matter what the rest of the software is doing.
Personally I like the way that we handle people who point lasers at aircraft: find them, throw the book at them pour encourager les autres, and meanwhile don't try to ban f*cking laser pointers.
> Are you more interested in getting a cheap flashable router than in air safety?
Yes, it's more important that 299m Americans who don't live beside an airport be able to use that spectrum than some small number of passengers per year that may or may not die in a possible crash that might be caused by wifi interference.
There are so many lower-hanging fruit for safety that this is a non-issue.
The 299m Americans who don't live near an airport will be able to continue using that spectrum after this goes into affect.
They will not be able to do that with software of their own choice.
They will as long as it doesn't have a programmable radio.
>>Are you more interested in getting a cheap flashable router than in air safety?
Yes, I do not fly, have no interest in flying and could care less if the entire aviation industry went bankrupt. I stopped flying the day the TSA took over the airports.
Freedom is more important to me than Flying.
False dichotomy. The pilots like yourself are more of a risk to everyone on the plane than the probability of one of these causing a crash. Was it a WiFi router than made a Malaysian airline fly over an active war zone? Was it a WiFi router that causes the air France pilots to forget how to fly and stall the Airbus into the ocean?
I guess they just don't want to make it too easy to do this, given the serious consequences.
Why not just increase patrols for people breaking the law? Or change the radar to use a different frequency?
Honestly, if I had to decide between the ability to choose free software, and having all flights grounded indefinitely I would go with the software. I know my opinion is not the majority though.
It would have been a lot easier for the FCC to have just not allowed unlicensed use on these channels than move all the weather RADAR. Instead, they put a lot of effort into rules that would make unlicensed use possible alongside it. Please remember this before firing off your letters to the FCC, and think about the alternative if the Commission can't count of reliable DFS.
Here is where you do that: https://www.federalregister.gov/articles/2015/08/06/2015-184...
Better off just building your own router. The high brow option is an embedded motherboard and minipcie wifi card. If the hardware is powerful enough to MASQ gigabit, it won't be obsolete for a decade. And you can upgrade wireless standards with a new card. The only reason there's such an upgrade cycle for consumer routers is that they're built shoddily and with the slowest CPU possible.
And as much as I appreciate spectrum partitioning, we really need to get the major wifi chipsets completely reverse engineered so we can blow away this ambiguous spectre of "unauthorized" modifications and turn them into something normal. Randos stomping on ch12-15 isn't an actual problem - but that widespread rulebreaking coupled with the unknown of what further mods could do is scary to regulators. Destroy that unknown.
> And as much as I appreciate spectrum partitioning, we really need to get the major wifi chipsets completely reverse engineered so we can blow away this ambiguous spectre of "unauthorized" modifications and turn them into something normal. Randos stomping on ch12-15 isn't an actual problem - but that widespread rulebreaking coupled with the unknown of what further mods could do is scary to regulators. Destroy that unknown.
There was a lot of resistance to allowing unlicensed use of 5.25-5.35 GHz and 5.47-5.725 GHz precisely because some were afraid that unauthorized modifications would be commonplace, and devices could not be relied upon to sense and avoid the RADAR systems that also operate in those bands. So bear in mind that the more you insist on modifying, the harder it will be to persuade the FCC to open up new unlicensed bands.
Curious why we have home devices run on the same band as airport radar systems and what-not.
Seems here the original regulation was the problem, not people modding their home routers.
The answer is pretty simple: we are desperately in need for more spectrum (at least in urban areas), licensed and unlicensed, for wireless internet traffic. And there really are no unused bands that can simply be reallocated for this purpose without dealing with the users already in the band.
Although airport RADARs sound like a poor choice of a service to share spectrum with, they have the benefit of being stationary, not very numerous, and typically located far from the urban cores where the spectrum is needed most.
Can a single modified home router actually cause disturbance to a RADAR?
Or are we talking about a widespread use of such devices?
Short range radar no, long range yes. The problem with using those frequencies (for WiFi) are that they are very useful for radar, they reflect off rain drops very well and propagate in the clear very well.
> The only reason there's such an upgrade cycle for consumer routers is that they're built shoddily and with the slowest CPU possible.
A lot of this is that consumers have been taught that routing, NAT, etc isn't done by a general purpose computing device like a PC or server, but that those tasks MUST be relegated to an appliance.
But compute is compute, and antennas are antennas. And the word "appliance" has long held a secret meaning of "a Linux server on your Windows (or local area) network."
I hadn't actually put those thoughts together - which is funny considering I've been working a lot with embedded boards lately.
So.... how could you custom-build something akin to say, the Netgear Nighthawk (Netgear R8000)? I'm thinking multiple 802.11ac antennae with all that new multi-user beamforming stuff that's been released lately. Is there open firmware that supports that / do the commodity Linux drivers support controlling and fine-tuning that kind of function?
Added: Interesting.... There's an x86 port of DD-WRT:
All the fancy wifi stuff is part of the wifi chipset, which most router vendors tend not to have any hand in - especially for consumer stuff. (also, beamforming is a very misleading term). You can basically buy a card that does all this stuff 'off the shelf', and could even plug it into a laptop. Though, antenna placement may be something you'd need to do some research on.
My router runs dd-wrt and cost me 50$. It uses iptables for a firewall and only burns 12W max. That's hard to beat going the custom route.
consumers have been taught that routing, NAT, etc isn't done by a PC or server, but MUST be relegated to an appliance.
Because that's far more reliable. People don't want their whole home's Internet to go down every time they reboot their computer (and buying an extra computer to do routing is a big waste of money/complexity). Not to mention households that only have laptops.
If that's the highbrow option, what's a mini-ITX motherboard with an AMD 5350, 4GB RAM, an SSD and an Intel 4-port gig-e card plus the onboard gig-e?
Scout NewEgg for combos -- you too can run a fully supported OS on x86-64 instruction sets with familiar hardware, but at a low cost of both purchase and power.
You built a server that also happens to route?
I was thinking the low brow option would be an old laptop, but that's not going to suffice for someone who wants to keep up with wireless protocols (due to the same FUD under discussion). Obviously you can fix this (coreboot or modded BIOS), but specificity and tinker factor is going way up.
It's the rise of low power general boards that really make this practical. I tried out the ECS E2100 board for a remote server, and with a silver PS it drew around 15W from the wall. It didn't work with the RAM I already had though, so I ended up going with an i5 which still only measured around 20W before I put drives in.
I was thinking the low brow option would be an old laptop, but that's not going to suffice for someone who wants to keep up with wireless protocols
Many laptops have mini-PCIe slots for the WLAN, so you could buy a new card and stick it in. Note that if you want to run 5GHz and the laptop didn't previously support it, you might need new antennas too.
The other caveat is that with some laptops the BIOS will allow only a particular WLAN card to be used. Which is annoying.
> some laptops the BIOS will allow only a particular WLAN card to be used
Yeah, that's what I was referring to. The FUD of "unapproved changes" invalidating the FCC's approval for the antenna system leads the manufactures to create those restrictions. Since the end user making a modification well after the sale has nothing to do with the manufacturer, I call it FUD. (Of course the user isn't selling their modified device over state lines either, but I disgress).
My experience is primarily limited to Thinkpads and a few crappy consumer models that I've inherited. But I figure the better designed laptops that can make it to "old" and not overheat with continuous usage are more likely to have those restriction lists.
Manufacturers like HP and Lenovo don't only have the FCC to worry about upsetting. They have to worry about regulators in every other country, too. So they want to make sure their type approvals can't be breached.
Better off just building your own router.
Highly unlikely and unnecessarily expensive. It's also a hassle to make a nice enclosure for what you build. Instead, you can currently consult the OpenWRT website, pick up any of many widely available $50 routers, and be set.
I don't care if it can MASQ gigabit since I don't have a gigabit connection. Whatever slowest CPU possible they put in there is more than enough to run a couple of VLANs, VPNs, IPv6 tunnel, and Samba. Not only that but you can easily recycle older hardware (for additional APs for example) or reuse what you already have.
Yeah there was a dead zone in my house that was so bad, I was about to buy a $100 repeater. Then on a whim, I googled "DD-WRT bridge" sure enough there's some black magic that allows me to use my old WRT54g without creating more e-waste. Also, my new Asus router had to be rebooted about once a month until I found and flashed it with Asuswrt-Merlin firmware.
Just in the past year, I've found 2 great uses for custom firmware, rejuvenate old hardware and improvements to official f/w. I'm going to do some more research and send them a piece of my mind:
A noob question: what does MASQ refer to?
Also, do you have any suggestions for a motherboard + minipcie combo? I'd like to get off of our DSL router soon-ly.
MASQ refers to IP Masquerading or Network Address Translation (NAT)
(slap forehead) OK. Got it, now. Thanks.
A government-mandated locked-down radio firmware isn't much better than a government-mandated locked-down main firmware.
The FCC should punish crimes, not impose prior restrictions on innocent people.
The reason they're doing this is because a lot of crimes have been committed -- resulting in interference with weather radar.
There have also been a lot of crimes committed over the internet. We'd better lock it down.
We are and have been.
The reasonable answer to that is to regulate wifi frequencies world wide and modify weather radars if necessary. That would solve the interference problem while keeping the firmware open.
Freedom is better.
As I understand it, this was all known when 5Ghz wifi was introduced, so it was a trade-off (see the 2013 NTIA report for details). I don't think it makes sense for them to move all existing services in the 5Ghz band to a completely new band (which might not work anyway, due to the technical requirements of doppler windshear radar). It probably also wouldn't make sense to limit wifi to a small range of the 5Ghz band. However I'm not really an expert on this, so feel free to correct me.
Oh, and you can get freedom -- it's just the radio software that's the issue. The obvious solution is to make the radio software un-flashable, and leave the router software flashable.
However in reality manufacturers will do what ever is cheapest for them under the regulation, not what allows for the most freedom
So under this rule they will simply make the entire appliance non-flashable as it will be the cheapest way to comply with the regulation.
Having government-locked software of any sort is not freedom.
Even the FSF is willing to compromise on that, as long as the locked software is hardware-locked and totally unchangeable by anything and anyone (including things like over-the-air updates), so it can be considered part of the hardware, and as long as it does not have access to main memory or can otherwise interfere with the free-software part of the system.
It's only the radio that has to be locked. Why do you need the freedom to reprogram the radio (not talking about the router)?
Why do you need the freedom to reprogram your computer?
The main reason is "because I want to".
In this case the radio is not the computer. The fair balance here is to lockdown the radio, but not the chips that run the software that uses it.
You didn't answer my question. Why do you need the freedom to reprogram your computer?
Any answer to that also justifies my desire to be free to reprogram my radio.
Submit a formal comment on the Federal Register:
https://www.federalregister.gov/articles/2015/08/06/2015-184...
Alright, after searching on this a little bit more, it seems that the FCC is not prohibiting the installation of software like OpenWRT or DD-WRT, but are instead mandating that there is software for the radios only that ensures they operate in the manner they are certified for.
There is much more information in the HN comments from a previous time where this was discussed: https://news.ycombinator.com/item?id=9959088
Given appropriately designed radio hardware, this would be a non-issue. But given the radios that are on the market right now, this could be a very bad thing in the short term for the most open products that are the only affordable platforms for further R&D of Linux-based wireless router software. Anything that would take ath9k hardware off the market before an equally-open successor is available would be more damaging than any interference these products are capable of producing.
I mess with radio's at work. The there are two issues.
Often for testing one wants to check the radio operation outside the normal band or modes of operation. In my case, sweeping the radio across a really wide and band noting where the pll fails to lock. I'm going to really twitchy if I can test the pll at frequencies outside the band. Doing things like, turn off spreading and checking carrier and tx power. I'm sure more complicated radio's than I use have similar.
The second is what is legal varies depending on where the product is sold and used. So so a mode that's legal in one country is verboten in another.
In general though, I'd rather hate for the FCC to try and force manufacturers to lock people out. Because likely it won't work well and there is a definite cost to implementing secure boot. But then again the FCC is historically extremely hostile to the idea of ordinary people mucking with wireless. So this doesn't surprise me at all.
This is where technical regulations meet with real world implementation. To have a "locked down" radio will increase the cause of the Appliance, computers and other devices. Manufacturers will take the cheapest way to implement these regulations, the cheapest way will be to lock down the entire device. An example of this is the Lenovo WiFi White lists in BIOS, there are other ways for Lenovo to comply with the regulation but it is cheaper to simply only allow approved wifi modules instead of implement a more costly solution
So while the rules may not directly ban custom firmware, that will be the implementation result of these regulations. less than 1% of consumers ever customize their devices so if a manufacturer even has to Spend $0.01 more per device to enable the ability to customize they will not do it.
The lab guidelines mention DD-WRT by name.
I recently bought an ADSL modem/router TP-Link 8970 (or something). The thing is awesome, except for that fact that it doesn't support OpenVPN... Supports PPTP or IPSec.
Now if only, I could install OpenWRT on it. Since OpenWRT makes ROUNDS around every custom software I've seen on low-end ADSL modem/routers makes me wonder why on earth companies don't just ship OpenWRT and get over with it?
Their firmware is the feature they're selling you. The hardware is generic and without their wonderful firmware, they'd be competing solely on price. This is what the skinjobs think, at least.
BTW, openvpn performance sucks eggs on the processors used in consumer routers.
Feels like the same problem that a lot of Android handsets have had. "Look! We added value by making the product worse!"
And the same problem that Windows PCs have had for two decades now. The hardware is effectively equivalent; it's now a matter of trying to "add" value with shitware.
This is especially true of Windows laptops nowadays; you're pretty much relegated to 1366x768 screens, shitty dual-core or hyperthreaded single-core processors, maybe 4GB of RAM, and Intel graphics at best. Anything better is still at the prices they were 5 years ago. You'd think that old technology would get cheaper as time goes on, but it seems like the only innovation these OEMs are going for is "how do we make customers pay for progressively shittier hardware and software?".
> hyperthreaded single-core processors
I don't think Intel has marketed a single core processor since the Core 2 era. You may want to look at Windows laptops again: it's now possible to buy a 1920x1080 13.3", 8GB RAM, and a 256GB SSD for $600 without any bloatware. It does have a weak dual-core hyperthreaded processor, but this allows it to omit fans.
> I don't think Intel has marketed a single core processor since the Core 2 era.
http://www.intel.com/content/www/us/en/processors/celeron/ce...
Specifically: http://ark.intel.com/products/74390/Intel-Celeron-Processor-... (a "hyperthreaded single-core processor", as I was describing) or even http://ark.intel.com/products/58667/Intel-Celeron-Processor-..., which is single-core and not even hyperthreaded. These are being marketed unironically under some "Experience Brilliant PC Performance" marketing blurb.
> You may want to look at Windows laptops again: it's now possible to buy a 1920x1080 13.3", 8GB RAM, and a 256GB SSD for $600 without any bloatware.
And I have a garden that grows unicorns on a vine. Got a link to this mythical creature?
The mythical creature is the UX305. You have to apply the promotional code "SAVE100" at checkout to get the price I mentioned.
http://www.microsoftstore.com/store/msusa/en_US/pdp/ASUS-Zen...
Yeah, and 1366x768 is only really still around in the very low end or the very small.
The only SOHO router I have seen whose vendor-supplied firmware did not totally suck is the Fritz!Box, and they are fairly expensive for what they do. But people seem to be willing to pay the price if that means they at least get a device that just works (tm), at least most of the time.
At work, we recently got a couple of wifi routers and installed DD-WRT on them to finally get a decent wireless network that spans the entire building, plus a guest network that is isolated from the company network. The freedom and flexibility DD-WRT offers made this both easy and - relatively - enjoyable.
(I do not own a Fritz!Box, and I never have. The last piece of equipment made by AVM I owned was a Fritz!Card ISDN card which sat in an ISA slot, so you can roughly figure out how long ago that must have been...)
AFAIK most lower-end routers have pretty generic firmware (with their logo added) as well. Maybe paying a no-name firmware sweatshop to tweak some reference firmware is cheaper than tweaking OpenWhatever.
Do they even have enough memory for OpenWRT? Maybe DD-WRT.
At the low end, I'd think the chipset manufacturer would do most of the software work, then the device manufacturer just cosmetically tweaks the reference.
Ah, memories of the bad old days when the VxWorks license fee was less than the cost of the extra RAM necessary to run Linux.
Many Buffalo routers ship with DD-WRT, a fork of OpenWRT:
It wasn't a fork of OpenWRT per se. Rather, OpenWRT and DD-WRT are siblings, both having descended from the stock firmware on the Linksys WRT54G. They share some code nowadays, but that's a convergence rather than a divergence.
I wasn't aware, thanks for the clarification!
Asus does ship a open source fork of Tomato (AsusWRT) on at least their high-end routers. I've used it, it's actually pretty decent.
I didn't even know OpenWRT could work on a DSL modem? I wonder what it would take to get it working on the new ATT IPDSLAM based DSL network?
From my experience, you'll also lose DSL functions when you do. It's all proprietary from what I've read.
Asshats brought it on themselves, don't commit felonies and mess with regulatory bodies... There is no reason in the world to run Wifi on outlawed channels other than pure selfishness to have a better connection and not be on the same base band or expansion bands as your neighbors. The FCC even allowed people to run low power transmitters on the restricted channels 12/13 but stated that channel 14 is banned and asked nicely for people not to dick around with it.[1] https://transition.fcc.gov/oet/ea/presentations/files/oct05/...
Now it doesn't matter why is that channel blocked, it's not a licensed channel in many countries (as they are used for air traffic landing assist systems, radars, medical equipment such as panic buttons for elderly and disabled people, alarms etc...) and it seems like it is causing interference other wise the FCC would not be chasing this issue again after relaxing the regulations for restricted channels and asking the users to behave.
It's a felony to tweak your Wifi beyond specs, it causes issues and regulatory bodies react, OpenWRT and DD-WRT could've saved them selves the trouble by developing a mechanism to respect local regulation own their own.
Also as it seems people panic too quickly what will happen is the same thing with the radio's on mobile SOC's each region will have it's own channels enabled, you'll still be able to use DD-WRT or w/e you want in the end you won't be able to play with the Wifi settings out of spec which there's no reason in the world for you to be able to in the 1st place.
> It's a felony to tweak your Wifi beyond specs, it causes issues and regulatory bodies react, OpenWRT and DD-WRT could've saved them selves the trouble by developing a mechanism to respect local regulation own their own.
The Linux kernel has such mechanisms and they're not trivial to bypass. You'd as a user have to go out of your way to do so, and the devs are not in favour of users doing this. (source: I had to do so to workaround a card that was configured for completely the wrong regulatory domain).
> Asshats brought it on themselves
I've been using Tomato firmware for years, and I never did anything illegal with it. How did I bring it on myself exactly?
> you'll still be able to use DD-WRT or w/e you want
RTFA: Vendors will have to “describe in detail how the device is protected from “flashing” and the installation of third-party firmware such as DD-WRT”
As far as I know, all of the issues at hand could be solved with baked-in hardware lockouts without otherwise affecting custom firmware, but that's not what the FCC is demanding.
Have you read it?
GP1: "Describe all the radio frequency parameters that are modified by any software/firmware without any hardware changes. Are these parameters in some way limited, such that, it will not exceed the authorized parameters?"
3dP1: "Explain if any third parties have the capability to operate a US sold device on any other regulatory domain, frequencies, or in any manner that is in violation of the certification"
3dP2: "What prevents third parties from loading non-US versions of the software/firmware on the device? Describe in detail how the device is protected from “flashing” and the installation of third-party firmware such as DD-WRT."
They don't care that people can install DD-WRT because of DD-WRT they care about it because it bypasses vendor restrictions if DD-WRT comes up with a way to comply with the regulatory domain, or if the vendor explains that DD-WRT will not be able to modify the Wireless Parameters out of the spec of the US regulatory domain due to limitations on the radio SOC it self they won't care if you can install DD-WRT.
Yes, I appreciate that the FCC's proposal imposes the fewest possible restrictions, but you'd be crazy to think that it will work this way in practice. It's far easier to comply with FCC regulations by preventing any modifications whatsoever than to lock down the specific modules.
Really depends on how the open firmware community decides to handle this, if they'll put their heads in the sand and say well FCC are bad and write to your representatives nothing will come out of it. If they work out a framework to prevent misuse of regulated equipment there's a good chance that thats what we'll see implemented.
And locking out the firmware might not be the easiest way to handle this if you are a manufacturer since you'll still need to provide updates and multiple software versions (even basic things like ISP branding), so you'll have to resort to using cryptography building in a secure boot/secure flash mechanism and such and such which isn't cheap to maintain, for you telling broadcom to just disable Channel X Y and Z in their radio might be a cheaper and easier option.
Does this affect phones that can be used as hotspots? If so, you can say goodbye to any remaining Android phones that come with unlocked bootloaders, such as the Nexus series.
The unintended consequences of this will be millions upon millions of compromised devices all over the world with owners completely unable to solve the problem themselves.
Or the router manufacturers will properly modularize their designs so that the parts you need to replace to fix a compromise are separate from the parts that ensure that the radio stays on legal frequencies, under legal power limits, and uses legal modulation modes.
The cheapest way to ensure those things is to do it in software, which is how we get into this situation in the first place. Modularization will cost more, and what manufacturer is going to willingly sign up for that?
The one made too by FCC regulations.
Companies would do lots of things if they could get away with it, as someone commented on here a while back (and I wish I could find it) "It's a corporation of course you can expect it to shit on the kitchen floor"
Grid-tied power inverters are implemented this way.
I don't know too much about these things, but isn't it possible to have some sort of hardware filter on the antenna to block illegal channels?
They release physical hardware which is capable of operating in many regions and firmware which is specific to a region.
It's straightforward to create hardware which is physically incapable of violating licensure, but it is also expensive.
That's not the point though, it's becoming a serious problem with technology enabling restrictions which weren't possible in the past and which now threaten free society through a well intentioned but misguided bureaucracy.
"We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness."
There's a certain unalienable right which is being encroached more and more – the right of ownership, the freedom to tinker.
That is more specifically, everyone should be capable of learning and executing complete control over the things they own. DRM, locked firmwares, license agreements – all of these things are a serious and existing threat to your freedom.
This makes a great reason to buy Chinese equipment. Do that, it might be substandard, but you preserve your freedom.
Unless of course their equivalent of the NSA doesn't install something that runs next to the firmware independently.
> http://www.infoworld.com/article/2608141/internet-privacy/sn...
At this point in history I fear less the Chinese government intercepting my data than I do my own ( UK )...
It's a nice option as long as it (1) is still legal to buy and use in the US and (2) Chinese government does not cripple it even harder than US government, just in different ways.
So far so good on both counts.
I stick to Rockchip and Mediatek, myself.
An 8-core MT6592 with 4gb RAM makes for a fantastic laptop. And China isn't sharing their backdoors with the Five Eyes, if they have them at all.
This appears to me to be a clear-cut example of prior restraint, if common sense standards of free speech are to be applied to source code.
I'm not sure that is a valid analogy. They're not trying to prevent "free speech", just stop idiots who don't know what they're doing from interfering with aircraft weather radar.
https://news.ycombinator.com/item?id=10137739
edit please read the background before downvoting, and you'll see what I mean. Also, there is no loss of freedom here. As long as your radio software is separate from the router software, there is no issue at all.
I certainly didn't downvote you.
I do, however, disagree.
In this particular case, it seems that the method employed to "stop idiots who don't know what they're doing from interfering with aircraft weather radar" is to infringe on everyone's right both to run software without the government assessing its content and to broadcast signals regardless of their content.
Assuming that the radio and router are separate and only the radio firmware is locked down, is there any way that the NSA could snoop on the content? Or are you saying you want to have the right to reprogram the radio?
I'd be happy [1] with locked-down radio firmware if it could talk only to the radio.
One big problem is that coprocessors in embedded systems often have full access to the memory bus, meaning there's no way to stop a trojan in the closed and locked radio firmware from reading and modifying any bit of system memory, which can include your personal data and encryption keys.
[1] Although I'd hope that it'd still be possible to buy or build a general-purpose SDR.
I would have thought (correct me if I'm wrong) that it would be pretty straightforward to give the radio unit its own memory, and not give it access to the system memory bus at all. However I don't know if manufacturers will want to go to the trouble of segregating the radio.
As a skeptic I have to wonder whether Google lobbied for this prior to their OnHub release. I'm also expecting Apple to announce some sort of router on Sep 9 to go with HomeKit + AppleTV. Both parties would have a vested interest in locking down the open source router ecosystem.
If you are not using a Google or Apple router, I don't see why they would care if you are running third party firmware on your router.
If you are using a Google or Apple router and they do not want you to replace the firmware on it they could use signed firmware already. They would not need to have the FCC tell them that they have to use signed firmware in order to use signed firmware.
If there was some way to use third party firmware on a non-Google, non-Apple router in order to interact with Google or Apple routers in a way that compromises something Google or Apple are trying to do, then maybe Google or Apple would have an interest in trying to stop that...but this would not be an effective way to stop that.
It would not be effective because people would simply build their own routers using a PC with a wifi card to attack the Google or Apple routers, instead of attacking by replacing firmware on stand-alone consumer routers with firmware that supports that attack.
I can't think of anything else. Did you have some other vested interest in mind?
I think parent meant competition. If all other choices are super-exploitable crapware-laden routers, then Google's and Apple's devices become that much more valuable. Not sure effects on the market would be that great, but I can see how it would benefit GOOG/AAPL to reduce choices.
Oth hand no way in hell would I consider putting a Google device in the most important spot on my network, My distrust of them grows by the day.
When Google bought Nest, someone quipped something like: "great, now I'll have to listen to an ad before my smoke alarm goes off".
Believing every crackpot conspiracy theory that pops into your mind is actually the opposite of skepticism.