OpenWRT vs. FCC – Forced Firmware Lockdown? [video](cnx-software.com) |
OpenWRT vs. FCC – Forced Firmware Lockdown? [video](cnx-software.com) |
Make a phone call about this:
> 1 (888) 225-5322
Send an email:
> Chairman Tom Wheeler: Tom.Wheeler@fcc.gov
> Commissioner Mignon Clyburn: Mignon.Clyburn@fcc.gov
> Commissioner Jessica Rosenworcel: Jessica.Rosenworcel@fcc.gov
> Commissioner Ajit Pai: Ajit.Pai@fcc.gov
> Commissioner Michael O’Rielly: Mike.O'Rielly@fcc.gov
Write a letter:
> Federal Communications Commission
> 445 12th Street, SW
> Washington, DC 20554
source: https://www.fcc.gov/contact-us
And as much as I appreciate spectrum partitioning, we really need to get the major wifi chipsets completely reverse engineered so we can blow away this ambiguous spectre of "unauthorized" modifications and turn them into something normal. Randos stomping on ch12-15 isn't an actual problem - but that widespread rulebreaking coupled with the unknown of what further mods could do is scary to regulators. Destroy that unknown.
There was a lot of resistance to allowing unlicensed use of 5.25-5.35 GHz and 5.47-5.725 GHz precisely because some were afraid that unauthorized modifications would be commonplace, and devices could not be relied upon to sense and avoid the RADAR systems that also operate in those bands. So bear in mind that the more you insist on modifying, the harder it will be to persuade the FCC to open up new unlicensed bands.
Seems here the original regulation was the problem, not people modding their home routers.
Or are we talking about a widespread use of such devices?
A lot of this is that consumers have been taught that routing, NAT, etc isn't done by a general purpose computing device like a PC or server, but that those tasks MUST be relegated to an appliance.
But compute is compute, and antennas are antennas. And the word "appliance" has long held a secret meaning of "a Linux server on your Windows (or local area) network."
So.... how could you custom-build something akin to say, the Netgear Nighthawk (Netgear R8000)? I'm thinking multiple 802.11ac antennae with all that new multi-user beamforming stuff that's been released lately. Is there open firmware that supports that / do the commodity Linux drivers support controlling and fine-tuning that kind of function?
Added: Interesting.... There's an x86 port of DD-WRT:
Because that's far more reliable. People don't want their whole home's Internet to go down every time they reboot their computer (and buying an extra computer to do routing is a big waste of money/complexity). Not to mention households that only have laptops.
Scout NewEgg for combos -- you too can run a fully supported OS on x86-64 instruction sets with familiar hardware, but at a low cost of both purchase and power.
I was thinking the low brow option would be an old laptop, but that's not going to suffice for someone who wants to keep up with wireless protocols (due to the same FUD under discussion). Obviously you can fix this (coreboot or modded BIOS), but specificity and tinker factor is going way up.
It's the rise of low power general boards that really make this practical. I tried out the ECS E2100 board for a remote server, and with a silver PS it drew around 15W from the wall. It didn't work with the RAM I already had though, so I ended up going with an i5 which still only measured around 20W before I put drives in.
Highly unlikely and unnecessarily expensive. It's also a hassle to make a nice enclosure for what you build. Instead, you can currently consult the OpenWRT website, pick up any of many widely available $50 routers, and be set.
I don't care if it can MASQ gigabit since I don't have a gigabit connection. Whatever slowest CPU possible they put in there is more than enough to run a couple of VLANs, VPNs, IPv6 tunnel, and Samba. Not only that but you can easily recycle older hardware (for additional APs for example) or reuse what you already have.
Just in the past year, I've found 2 great uses for custom firmware, rejuvenate old hardware and improvements to official f/w. I'm going to do some more research and send them a piece of my mind:
The FCC should punish crimes, not impose prior restrictions on innocent people.
Freedom is better.
https://www.federalregister.gov/articles/2015/08/06/2015-184...
There is much more information in the HN comments from a previous time where this was discussed: https://news.ycombinator.com/item?id=9959088
Now if only, I could install OpenWRT on it. Since OpenWRT makes ROUNDS around every custom software I've seen on low-end ADSL modem/routers makes me wonder why on earth companies don't just ship OpenWRT and get over with it?
Now it doesn't matter why is that channel blocked, it's not a licensed channel in many countries (as they are used for air traffic landing assist systems, radars, medical equipment such as panic buttons for elderly and disabled people, alarms etc...) and it seems like it is causing interference other wise the FCC would not be chasing this issue again after relaxing the regulations for restricted channels and asking the users to behave.
It's a felony to tweak your Wifi beyond specs, it causes issues and regulatory bodies react, OpenWRT and DD-WRT could've saved them selves the trouble by developing a mechanism to respect local regulation own their own.
Also as it seems people panic too quickly what will happen is the same thing with the radio's on mobile SOC's each region will have it's own channels enabled, you'll still be able to use DD-WRT or w/e you want in the end you won't be able to play with the Wifi settings out of spec which there's no reason in the world for you to be able to in the 1st place.
It's straightforward to create hardware which is physically incapable of violating licensure, but it is also expensive.
That's not the point though, it's becoming a serious problem with technology enabling restrictions which weren't possible in the past and which now threaten free society through a well intentioned but misguided bureaucracy.
"We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness."
There's a certain unalienable right which is being encroached more and more – the right of ownership, the freedom to tinker.
That is more specifically, everyone should be capable of learning and executing complete control over the things they own. DRM, locked firmwares, license agreements – all of these things are a serious and existing threat to your freedom.
> http://www.infoworld.com/article/2608141/internet-privacy/sn...
An 8-core MT6592 with 4gb RAM makes for a fantastic laptop. And China isn't sharing their backdoors with the Five Eyes, if they have them at all.
https://news.ycombinator.com/item?id=10137739
edit please read the background before downvoting, and you'll see what I mean. Also, there is no loss of freedom here. As long as your radio software is separate from the router software, there is no issue at all.
I do, however, disagree.
In this particular case, it seems that the method employed to "stop idiots who don't know what they're doing from interfering with aircraft weather radar" is to infringe on everyone's right both to run software without the government assessing its content and to broadcast signals regardless of their content.
If you are using a Google or Apple router and they do not want you to replace the firmware on it they could use signed firmware already. They would not need to have the FCC tell them that they have to use signed firmware in order to use signed firmware.
If there was some way to use third party firmware on a non-Google, non-Apple router in order to interact with Google or Apple routers in a way that compromises something Google or Apple are trying to do, then maybe Google or Apple would have an interest in trying to stop that...but this would not be an effective way to stop that.
It would not be effective because people would simply build their own routers using a PC with a wifi card to attack the Google or Apple routers, instead of attacking by replacing firmware on stand-alone consumer routers with firmware that supports that attack.
I can't think of anything else. Did you have some other vested interest in mind?
Often for testing one wants to check the radio operation outside the normal band or modes of operation. In my case, sweeping the radio across a really wide and band noting where the pll fails to lock. I'm going to really twitchy if I can test the pll at frequencies outside the band. Doing things like, turn off spreading and checking carrier and tx power. I'm sure more complicated radio's than I use have similar.
The second is what is legal varies depending on where the product is sold and used. So so a mode that's legal in one country is verboten in another.
In general though, I'd rather hate for the FCC to try and force manufacturers to lock people out. Because likely it won't work well and there is a definite cost to implementing secure boot. But then again the FCC is historically extremely hostile to the idea of ordinary people mucking with wireless. So this doesn't surprise me at all.
So while the rules may not directly ban custom firmware, that will be the implementation result of these regulations. less than 1% of consumers ever customize their devices so if a manufacturer even has to Spend $0.01 more per device to enable the ability to customize they will not do it.
BTW, openvpn performance sucks eggs on the processors used in consumer routers.
At work, we recently got a couple of wifi routers and installed DD-WRT on them to finally get a decent wireless network that spans the entire building, plus a guest network that is isolated from the company network. The freedom and flexibility DD-WRT offers made this both easy and - relatively - enjoyable.
(I do not own a Fritz!Box, and I never have. The last piece of equipment made by AVM I owned was a Fritz!Card ISDN card which sat in an ISA slot, so you can roughly figure out how long ago that must have been...)
The Linux kernel has such mechanisms and they're not trivial to bypass. You'd as a user have to go out of your way to do so, and the devs are not in favour of users doing this. (source: I had to do so to workaround a card that was configured for completely the wrong regulatory domain).
I've been using Tomato firmware for years, and I never did anything illegal with it. How did I bring it on myself exactly?
> you'll still be able to use DD-WRT or w/e you want
RTFA: Vendors will have to “describe in detail how the device is protected from “flashing” and the installation of third-party firmware such as DD-WRT”
As far as I know, all of the issues at hand could be solved with baked-in hardware lockouts without otherwise affecting custom firmware, but that's not what the FCC is demanding.
GP1: "Describe all the radio frequency parameters that are modified by any software/firmware without any hardware changes. Are these parameters in some way limited, such that, it will not exceed the authorized parameters?"
3dP1: "Explain if any third parties have the capability to operate a US sold device on any other regulatory domain, frequencies, or in any manner that is in violation of the certification"
3dP2: "What prevents third parties from loading non-US versions of the software/firmware on the device? Describe in detail how the device is protected from “flashing” and the installation of third-party firmware such as DD-WRT."
They don't care that people can install DD-WRT because of DD-WRT they care about it because it bypasses vendor restrictions if DD-WRT comes up with a way to comply with the regulatory domain, or if the vendor explains that DD-WRT will not be able to modify the Wireless Parameters out of the spec of the US regulatory domain due to limitations on the radio SOC it self they won't care if you can install DD-WRT.
Although airport RADARs sound like a poor choice of a service to share spectrum with, they have the benefit of being stationary, not very numerous, and typically located far from the urban cores where the spectrum is needed most.
Companies would do lots of things if they could get away with it, as someone commented on here a while back (and I wish I could find it) "It's a corporation of course you can expect it to shit on the kitchen floor"
At the low end, I'd think the chipset manufacturer would do most of the software work, then the device manufacturer just cosmetically tweaks the reference.
One big problem is that coprocessors in embedded systems often have full access to the memory bus, meaning there's no way to stop a trojan in the closed and locked radio firmware from reading and modifying any bit of system memory, which can include your personal data and encryption keys.
[1] Although I'd hope that it'd still be possible to buy or build a general-purpose SDR.
This is especially true of Windows laptops nowadays; you're pretty much relegated to 1366x768 screens, shitty dual-core or hyperthreaded single-core processors, maybe 4GB of RAM, and Intel graphics at best. Anything better is still at the prices they were 5 years ago. You'd think that old technology would get cheaper as time goes on, but it seems like the only innovation these OEMs are going for is "how do we make customers pay for progressively shittier hardware and software?".
I don't think Intel has marketed a single core processor since the Core 2 era. You may want to look at Windows laptops again: it's now possible to buy a 1920x1080 13.3", 8GB RAM, and a 256GB SSD for $600 without any bloatware. It does have a weak dual-core hyperthreaded processor, but this allows it to omit fans.
http://www.intel.com/content/www/us/en/processors/celeron/ce...
Specifically: http://ark.intel.com/products/74390/Intel-Celeron-Processor-... (a "hyperthreaded single-core processor", as I was describing) or even http://ark.intel.com/products/58667/Intel-Celeron-Processor-..., which is single-core and not even hyperthreaded. These are being marketed unironically under some "Experience Brilliant PC Performance" marketing blurb.
> You may want to look at Windows laptops again: it's now possible to buy a 1920x1080 13.3", 8GB RAM, and a 256GB SSD for $600 without any bloatware.
And I have a garden that grows unicorns on a vine. Got a link to this mythical creature?
Many laptops have mini-PCIe slots for the WLAN, so you could buy a new card and stick it in. Note that if you want to run 5GHz and the laptop didn't previously support it, you might need new antennas too.
The other caveat is that with some laptops the BIOS will allow only a particular WLAN card to be used. Which is annoying.
Yeah, that's what I was referring to. The FUD of "unapproved changes" invalidating the FCC's approval for the antenna system leads the manufactures to create those restrictions. Since the end user making a modification well after the sale has nothing to do with the manufacturer, I call it FUD. (Of course the user isn't selling their modified device over state lines either, but I disgress).
My experience is primarily limited to Thinkpads and a few crappy consumer models that I've inherited. But I figure the better designed laptops that can make it to "old" and not overheat with continuous usage are more likely to have those restriction lists.
Oh, and you can get freedom -- it's just the radio software that's the issue. The obvious solution is to make the radio software un-flashable, and leave the router software flashable.
So under this rule they will simply make the entire appliance non-flashable as it will be the cheapest way to comply with the regulation.
And locking out the firmware might not be the easiest way to handle this if you are a manufacturer since you'll still need to provide updates and multiple software versions (even basic things like ISP branding), so you'll have to resort to using cryptography building in a secure boot/secure flash mechanism and such and such which isn't cheap to maintain, for you telling broadcom to just disable Channel X Y and Z in their radio might be a cheaper and easier option.
http://www.microsoftstore.com/store/msusa/en_US/pdp/ASUS-Zen...
* People don't enable DFS and they mess up radar for Airports.
* ~20 reported incidents, people are fined ~$25k and stop.
* Therefore we must make it illegal to change the firmware on wireless devices.
Only 20 cases? $25k fines!? Why can't we continue to solve this problem like this? The hobbyists flashing their devices with OpenWRT and then making a conscious decision to override defaults (upon which OpenWRT will warn you about legality) are a rare breed. Those that foolishly do this are being fined heavily.
I just don't understand the jump.
Given that level of potential downside (even if things would have to happen exactly wrong for it to occur), I'm not sure that "we fine them $25K and they stop" is the right trade-off. I'm not sure that "only 20 reported incidents" is a level that you should expect people to be comfortable with. I'm not sure "we'll continue to not be horribly unlucky" is a valid approach.
Now, who decides what "slightly" and "large" mean in this context? You didn't provide any numbers. Given that 87,000 [1] flights take off and land safely in the US each day and that there have been 20 reported TDWR inference incidents ever, we cannot justify the harm this policy would do to the technology community.
The proper way to fix that issue, if there ever was one, was to mandate the implementation of avionics that can't be jammed by a Part 15 device. Instead, look what happened... we got a decade of silly, groundless rules that had no useful effect and were eventually scrapped.
Now it looks like it's the WiFi industry's turn. Gee, maybe putting weather radar right next to an unlicensed ISM band wasn't such a great idea. Maybe they're the ones who should move.
Honestly, if I had to decide between the ability to choose free software, and having all flights grounded indefinitely I would go with the software. I know my opinion is not the majority though.
The main reason is "because I want to".
Any answer to that also justifies my desire to be free to reprogram my radio.
Doesn't work that way. They're trying to detect air movement. That's hard; it's not possible at just random frequencies. You can't (effectively) move the radars without changing physics. They're at the frequency they're at for a reason, not just because of random bureaucratic decisions.
(Of course, it's not that simple. Of course you can move them - at some loss of effectiveness. How much, to move them how far? I can't answer that.)
Personally I like the way that we handle people who point lasers at aircraft: find them, throw the book at them pour encourager les autres, and meanwhile don't try to ban f*cking laser pointers.
Yes, it's more important that 299m Americans who don't live beside an airport be able to use that spectrum than some small number of passengers per year that may or may not die in a possible crash that might be caused by wifi interference.
There are so many lower-hanging fruit for safety that this is a non-issue.
Yes, I do not fly, have no interest in flying and could care less if the entire aviation industry went bankrupt. I stopped flying the day the TSA took over the airports.
Freedom is more important to me than Flying.