FCC Rules Endanger Open Source Wireless Router Firmware

The VAR Guy ^ | 28 September 2015 | Christopher Tozzi

[ShadowAce]

[rarestia]

This was posted a few weeks ago, IIRC.

[ShadowAce]

I do believe you are correct. This is still important, though. The issue won’t go away if we just stop talking about it.

[NewHampshireDuo]

Some new (since July) Ubiquiti gear has firmware that prohibits flashing with OpenWRT. You can go back to an older firmware and flash. PITA.

[ShadowAce]

I just upgraded my router firmware a few weeks ago. It works much better. The upgrade saved me quite a few bucks since I did not have to go out any buy a new piece of hardware.

[GraceG]

[ For example, if you want to use your router to repeat and extend the range of an existing wireless network, rather than create a new network, you could spend lots of money on a device marketed specifically to do that. Or you could download dd-wrt for free and repurpose an old router as a wireless repeater. ]

Sounds like Cronyism!

What’s next?

It would be like Horse trailer makers banning the use of stock racks on pickup trucks. Or the mini-van lobby wanting the DOT to ban those cargo pods you see on the top of cars.....

[GraceG]

[ I just upgraded my router firmware a few weeks ago. It works much better. The upgrade saved me quite a few bucks since I did not have to go out any buy a new piece of hardware. ]

CRIMINAL! HOW DARE YOU BLOCK THE GOVERNMENT FROM USING THE FACTORY INSTALLED BACK DOOR ON YOUR ROUTER!!!!

OH AND HOW DARE YOU NOT BUY THE MORE EXPENSIVE MODEL WITH NEW FEATURES THAT CAN BE ACCESSED WITH YOUR NEW FIRMWARE!

HOW DARE YOU!!!

[ShadowAce]

LOL! I *did* get a few more features with the upgrade.

[roamer_1]

meh. If it is flash-able, it can be modded.

[rarestia]

Sadly with the FCC, we’re being silenced one venue at a time.

[ShadowAce]

Yep—so what’s gonna happen is that no more flash-able routers will be sold.

[GraceG]

[ Yep—so what’s gonna happen is that no more flash-able routers will be sold. ]

Stock up on Linksys and buffalo flashable wireless routers!

Like incandescent light bulbs

[roamer_1]

Yep—so what’s gonna happen is that no more flash-able routers will be sold.

I don't see how that can be true in today's environment. They have to be able to update... Tho maybe some sort of encrypted front door will be employed...

[zeugma]

I don't see how that can be true in today's environment. They have to be able to update... Tho maybe some sort of encrypted front door will be employed...

Or cryptographically signed updates that have to be validated by the router before it will install

[Dacula]

Can someone help the networking challenged?

We have AT&T internet and are using a Pace 5031nv router.

How can we enhance our security and what basic steps should we be following?

Thank you in advance.

What is DDRT and can we take advantage of it’s usefulness?

[roamer_1]

Or cryptographically signed updates that have to be validated by the router before it will install

Yeah, right - now we're back to 'if it is flash-able, it can be modded'... The eprom has to be readable, and that can be back-engineered to find out the signal the eprom expects from the file... and etc...

And, since the ROM one every router I know of is *nix, and open source at some level, whatever they might add is likely undermined - Linux can get to Linux...

So now you are talking hard shielded e-PROM, shielded ROM, and an unique or different OS to reasonably keep my mitts off of it... Generally speaking, even that will not stop the determined... Surely you know that security is immediately impossible if one is given 'hands-on' and time... There ain't a box out there I can't hack if I have it on my bench... All that's left is to make it such a PIA that it isn't worth it...

[Svartalfiar]

Fortunately, the FCC rules don't explicitly prevent users from modifying router firmware or require device manufacturers to make such modifications impossible. The potential danger for open source firmware fans is that device manufacturers will decide that banning firmware modifications is the easiest way to enforce the FCC's new policy.

Many smartphone manufacturers do this. And yet, tons of people still root their device and reflash a new, custom ROM on it.

There are other solutions to this problem that could be mutually beneficial to both manufacturers and users. One would be to start shipping routers with more advanced configuration features to allow users to do the things that are currently possible in many cases only by using open source firmware. Companies that do so would enjoy an edge in the market not only among the relatively small number of power users who want to configure their routers in unusual ways, but also resellers and service providers who need easily modifiable devices for their business.

Sigh. Companies already do this. It's called the next model up, and it costs even more.

[Svartalfiar]

How can we enhance our security and what basic steps should we be following?

The easiest way is to change your password from the default. Go to the router login (usually 192.168.1.1 in your browser address bar, if not Google is your friend) and enter default user/pass for your model. Looks to be admin, with the password written on the bottom of the router. Somewhere in there, you can change security types, whether your SSID (internet name) is hidden, etc.

What is DDRT and can we take advantage of it’s usefulness?

DD-WRT, and it's a custom, users-designed firmware for your router. Link below, check out the documentation, wiki, and forum. But no, I don't see the router you mentioned on their list.

http://www.dd-wrt.com/site/index

[Bikkuri]

To keep those of us in different timezone informed, a repost is important.. This is important for us geeks... :p