Posted on 09/29/2015 10:36:27 AM PDT by ShadowAce
Open source wireless router firmware may become tougher to install in the United States, if not illegal. That's if device manufacturers interpret new Federal Communications Commission (FCC) rules involving radio frequencies to mean that user-modified software should be banned.
The rules require manufacturers of wireless routers to "implement security features in any digitally modulated devices capable of operating in any of the U-NII bands, so that third parties are not able to reprogram the device to operate outside the parameters for which the device was certified."
In non-geek terms, that means users shouldn't be able to change their routers's radio frequencies, transmit power settings or other characteristics that violate the certified operating rules of the device. Those are all things that Linux-based open source router firmware, including dd-wrt and OpenWrt, can do.
This rule isn't simply the result of the FCC trying to make Linux fans' lives harder. There are good reasons for restricting users' ability to change the frequencies or power settings of wireless routers. For example, routers operating on frequencies for which they are not certified could interfere with other forms of wireless communication, intentionally or not. Similarly, users with malicious intent could use modified firmware to clog the airwaves with data in a way that prevents people around them from getting online.
On the other hand, open source fans will object that there are good reasons for using open source firmware. The most important is that the software that ships with most consumer-grade wireless routers only lets users take advantage of a fraction of the capabilities that the hardware can support. For example, if you want to use your router to repeat and extend the range of an existing wireless network, rather than create a new network, you could spend lots of money on a device marketed specifically to do that. Or you could download dd-wrt for free and repurpose an old router as a wireless repeater.
Fortunately, the FCC rules don't explicitly prevent users from modifying router firmware or require device manufacturers to make such modifications impossible. The potential danger for open source firmware fans is that device manufacturers will decide that banning firmware modifications is the easiest way to enforce the FCC's new policy.
There are other solutions to this problem that could be mutually beneficial to both manufacturers and users. One would be to start shipping routers with more advanced configuration features to allow users to do the things that are currently possible in many cases only by using open source firmware. Companies that do so would enjoy an edge in the market not only among the relatively small number of power users who want to configure their routers in unusual ways, but also resellers and service providers who need easily modifiable devices for their business.
Even better would be for device manufacturers to open source their firmware code—which in many cases is already based on Linux—completely, excepting modules or other bits of code that could be used to violate the FCC certifications. That way, users would have no need to install third-party firmware, since they could work with the code base from manufacturers themselves.
At any rate, it's unlikely that manufacturers could completely prevent users from modifying firmware in the first place. Chances are good that open source enthusiasts would figure out a work-around—by replacing the chips inside devices that contain the code designed to prevent modifications, for example.
Users could also simply purchase devices made for markets beyond the FCC's jurisdiction, which would presumably not place restrictions on firmware modification. The global nature of the hardware market makes things such as DVD region encoding futile. It would do the same for bans in the United States on firmware changes.
This was posted a few weeks ago, IIRC.
I do believe you are correct. This is still important, though. The issue won’t go away if we just stop talking about it.
Some new (since July) Ubiquiti gear has firmware that prohibits flashing with OpenWRT. You can go back to an older firmware and flash. PITA.
I just upgraded my router firmware a few weeks ago. It works much better. The upgrade saved me quite a few bucks since I did not have to go out any buy a new piece of hardware.
[ For example, if you want to use your router to repeat and extend the range of an existing wireless network, rather than create a new network, you could spend lots of money on a device marketed specifically to do that. Or you could download dd-wrt for free and repurpose an old router as a wireless repeater. ]
Sounds like Cronyism!
What’s next?
It would be like Horse trailer makers banning the use of stock racks on pickup trucks. Or the mini-van lobby wanting the DOT to ban those cargo pods you see on the top of cars.....
[ I just upgraded my router firmware a few weeks ago. It works much better. The upgrade saved me quite a few bucks since I did not have to go out any buy a new piece of hardware. ]
CRIMINAL! HOW DARE YOU BLOCK THE GOVERNMENT FROM USING THE FACTORY INSTALLED BACK DOOR ON YOUR ROUTER!!!!
OH AND HOW DARE YOU NOT BUY THE MORE EXPENSIVE MODEL WITH NEW FEATURES THAT CAN BE ACCESSED WITH YOUR NEW FIRMWARE!
HOW DARE YOU!!!
LOL! I *did* get a few more features with the upgrade.
meh. If it is flash-able, it can be modded.
Sadly with the FCC, we’re being silenced one venue at a time.
Yep—so what’s gonna happen is that no more flash-able routers will be sold.
[ Yep—so what’s gonna happen is that no more flash-able routers will be sold. ]
Stock up on Linksys and buffalo flashable wireless routers!
Like incandescent light bulbs
I don't see how that can be true in today's environment. They have to be able to update... Tho maybe some sort of encrypted front door will be employed...
Or cryptographically signed updates that have to be validated by the router before it will install
Can someone help the networking challenged?
We have AT&T internet and are using a Pace 5031nv router.
How can we enhance our security and what basic steps should we be following?
Thank you in advance.
What is DDRT and can we take advantage of it’s usefulness?
Yeah, right - now we're back to 'if it is flash-able, it can be modded'... The eprom has to be readable, and that can be back-engineered to find out the signal the eprom expects from the file... and etc...
And, since the ROM one every router I know of is *nix, and open source at some level, whatever they might add is likely undermined - Linux can get to Linux...
So now you are talking hard shielded e-PROM, shielded ROM, and an unique or different OS to reasonably keep my mitts off of it... Generally speaking, even that will not stop the determined... Surely you know that security is immediately impossible if one is given 'hands-on' and time... There ain't a box out there I can't hack if I have it on my bench... All that's left is to make it such a PIA that it isn't worth it...
To keep those of us in different timezone informed, a repost is important.. This is important for us geeks... :p
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.