Slashdot Mirror
Harald Welte Calls Out Netgear's Open Source Sham
Simon80 writes "Harald Welte, known for his involvement in various open source communities, has pointed out the shortcomings of Netgear's open source router hype. Netgear's own astroturfed community site reveals that the router requires the use of binary-only kernel modules for the wireless and ethernet hardware, which is supplied by Broadcom. Also worth noting are the missing features in third-party firmware versions supplied by Netgear."
One of the open firmware shortcomings is "WPA and WPA2 are not working." That is a pretty big shortcoming.
This post climbed Mt. Washington.
*looks at his brand New Atheros 9k powered wifi card which requires no firmware.*
Yes, I have no plans to utilize any cards requiring a blob again. The bar has been raised.
Some problems:
1. They are proclaiming it to be open source, which is deceptive. It's "open source" except where it matters (device drivers/modules) from a maintainability perspective.
2. Their employees are astroturfing
3. Releasing open source drivers does not in any way reveal your chip mask and hardware architecture. Atheros' real competitors have access to electron microscopes and everything else it takes to buy a router off the shelf and copy chips exactly; simply keeping the drivers closed is not going to deter, say, realtek or broadcom in the slightest.
Besides, Buffalo is supporting open source through action (money) not just in press releases - beating Netgear to the punch by a couple of years. Netgear is just playing the "me too! Signed, metoo@aol.com" game.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
Some problems:
1. They are proclaiming it to be open source, which is deceptive. It's "open source" except where it matters (device drivers/modules) from a maintainability perspective.
>
I'm seeing that more and more in marketing hype. "look we are opensource" but when you get there, its a scam. OSS must be teh buzzword of the year.
---- Booth was a patriot ----
Comment removed based on user account deletion
It's idealistic to want all software to be open - but for companies which pour a lot of intellectual property into their drivers and firmware, I find it understandable that they wouldn't want their work made available to competitors' products.
No, they might not want to show people just how technically bad their products are though. There is no 'intellectual property' in drivers, you cannot copy a chip's design by looking at it's drivers. MANY people in the chip design field have stated this already, in fact it has been mentioned so often by now that I'm surprised you didn't know this.
And even then, you should demand freedom from the companies you buy products of, you need this freedom to protect your rights as a consumer. Finding apologies for and sympathizing with the company that is trying to take away your freedom is much like saying "Yes Bob beat all the teeth out of my mouth, but I understand he had a bad day at work."
And if you feel that the freedom to do as you please with the devices you own is not important to you, then why did you post this? You talk about "Idealogical" and yes it is, partially. But the ideology is not that all software should be free because all software should be free. All software should be free so that writers of software do not have the power to abuse users of the software. Or in this case sell buggy hardware without any way for the consumer to find this out until it is too late.
OR being able to apply security updates
OR being sure that your router doesn't inject advertisements into your webpages
etc. etc. etc.
If they're not using any open-source in their binaries themselves, it's no violation
Yes it is, it says so in the license of the software we're talking about (Linux) This is not open for interpretation.
My opinion is this - if you don't like it, don't use it.
Indeed if Netgear doesn't want to play by the rules of the GPL, then they don't have to use GPL code. But they do want to use GPLd code because it saves them an asston of licensing on VXWorks or other router operating systems. They want to use Linux, so they have to play by the rules of Linux which are : If you link code to Linux code code, your code needs to be free.
The broadcom drivers link against Linux code and thus it needs to be free. If they don't want to do that, they can NOT USE LINUX, it's their choice. They can't have it both, they chose to use Linux themselves because they apparently found it beneficial to them, now they need to play by the rules. Or do you think that the authors of VMWorks wouldn't mind if Linksys decides to not play by their rules and just not pay?
Fighting for peace is like fucking for virginity
I put dd-wrt on a Linksys box. Not sure about the chipset or the driver's blobular status, but the dd-wrt ui allowed me to increase the power of the transmitter above 1/4 watt, which is not FCC compliant.
cat
But that's not their problem.
It's yours. If you cause interference because you modified the firmware to get more than 1/4 wat, and you wind up interfering with licensed spectrum, Linksys isn't going to be on the hook. You are.
There is no law against modifying electronics.
Even if you didn't modify the router, if it was interfering with licensed spectrum, it's your repsonsibility to shut it off.
The responsibility does not lie with the manufacturer. It lies with the operator.
--
BMO
And unlike Redhat?
Blaming management mistakes on the market is businessman blunder #1. There are counter examples where management got it right and continues to do so.
Need a Python, C++, Unix, Linux develop
"Indeed if Netgear doesn't want to play by the rules of the GPL"
Ah, but the rules of the GPL are not clear. Some claim that any LKM is a derivative work of the kernel, however from a legal perspective that is not at all clear.
Activism helps spread the word to others so that their dollars can vote too. It also more aggressively lets companies know that they've done something wrong ... sometimes they really don't know unless you tell them.
But the Buffalo and Linksys routers that are supported by DD/Hyper/OpenWRT and Tomato, as far as I know, contain Broadcom radios and require the Broadcom binaries.
I'm no expert, but I did make a few modifications to HyperWRT Thibor. After loading up Busybox to do the compile on my Linux box, I found out that the source package included Broadcom binaries to support the radio. Most of my changes were UI-related so I didn't delve too deeply into the actual radio API, but the Broadcom binary was compiled into the eventual package.
Maybe Jon rewrote the driver for the Broadcom radio in Tomato, but (genius that he is) I sincerely doubt that. That's a massive undertaking, and since Broadcom has a stable and well-established binary for their "G" radios, there's little point in trying to rewrite it. Hopefully their binarly (or Netgear's implementation of it, more likely) will improve.
So, by that definition, I'm not sure if you can honestly consider any current consumer-grade router to be "Open Source" (from a purist perspective). The most popular "modder routers" are all Broadcom units, and all require the same binary to access the radio. All of them appear to contain restricted drivers.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
By the looks of this they are 100% completely closed source. The only thing that is open source is stuff that can be obtained elsewhere.
They have only done the legally acceptable but frowned upon practice of taking open source software, writing closed source drivers and then touting their use of open source as some kind of gift to the community.
Paying taxes to buy civilization is like paying a hooker to buy love.
The very same Broadcom blobs are included in dd-wrt. It must also be noted that dd-wrt is supposedly GPL software, yet the evidence in SVN clearly shows that a large portion of the code is Copyright evil corporations such as Intel and Microsoft and that these corporations have NOT given permission to use the code under the GPL. It is in many cases not even clear if they give permission to distribute the code at all.
9/11: Never forget it was a false-flag operation
In all fairness, Harald's original blog post isn't that rude to them; the Slashdot summary, I believe, is condescending and wrong.
However, I and many other folks are not as concerned about binary modules as Harald is. I view a binary module as a good first step - once a company gets comfortable with part of the code being open source, they'll gradually be receptive to open sourcing other modules. In many cases, yes, this takes a long time; and in some cases it causes companies to get scared and backtrack on open source commitments.
But still I view open source with some binaries as better than no commitments. I encourage people who view themselves as open source advocates to maintain a professional and respectful attitude towards companies who haven't opened up completely.
The problem isn't that they aren't "sufficiently" open, it's that they aren't open at all and are pretending to be. Binary modules and broken independent firmware's aren't open. Harold is right to call them out for false advertising. Astro-Turfing is a real problem, it's basically false advertising and the FTC is allowing it to happen.
What a great way to gently remind them to have a positive attitude towards open source!
So you say we should e.g. congratulate Nvidia for supplying an obfuscated 2D-only piece of shit driver to "encourage" them to open the 3D driver as well? No, positive motivation does not work with corporations. Nothing gets done until lts of people complain. Providing half-assed open source support is actually more harmful that not providing any support at all, because it takes away the manpower needed to implement proper support. If 90% of users are satisfied with the limited functionality, it usually means you have 10x less developers working on proper support.
Those who would give up liberty to obtain working drivers, deserve neither liberty nor working drivers.
My WRT54GS has been stable for fucking years, absolutely years, rock solid for yonks, working its buns off moving packets. A couple months ago, I decided I was going to look for a new router that could do everything my old 54 can do plus wireless-n at 5.8ghz (maintaining g at 2.4ghz) and gigabit ethernet. I had to look at the $250+ range and I'm not even sure if those units would do it because I didn't bother scrutinizing the specs at that price. It may have been necessary to move into commercial grade equipment to get everything I wanted. Screw that. I can just hang a 5.8ghz 'n' WAP off a gigabit switch and plug that into my old 54 for a lot less money and not have to worry about unknown bugs, stability, etc.
In fact, I'm about to pick up a 54GL for my grandfather. I made the mistake of thinking a $20 TrendNet would be fine for him since he doesn't need traffic shaping or anything beyond a basic wireless router. Wrong. Damn thing quits every 5 or 6 days like clockwork. He has to unplug/replug it to get it going again. A 54 is worth the extra money because it just frickin' works. Linksys really hit the nail on the head with that line. As long as consumer broadband is in the 10-20mbit range, I'm not going to waste my time trying other routers.
Many of these routers use Atheros chipsets, which do have completely open drivers available...
There are also other chipsets which have fully open drivers available, tho some drivers have proprietary firmware blobs these execute on the device itself and are thus os independent... I have a device running OpenWRT which uses an Atheros chipset....
I tend to avoid anything made by Broadcom...
Interestingly, Broadcom also make wired ethernet cards and have released open drivers for these, my last experience with broadcom wired ethernet (i believe a 100mbit chipset 440 or something) was terrible, it was incompatible with some types of switches (major packetloss and abysmal performance, other brands of nic talked to the switches fine) and it would drop link when you flooded it with traffic.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Yes, Netgear is to blame as that very same third-party firmware supports WPA and WPA2 on all other supported routers but not on Netgear's. But of course the GP is a moron because he expected Netgear to be able to ship a firmware with the functionality it normally comes with.
USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
As the developer of a popular fork of Tomato, I'd like to address a few points:
Not all features supported
Specific to their Tomato port:
1 > WPA is not working.
2 > There is no support of SAMBA server .
3 > NAS is accessible only through command line using ftp. No GUI support to
access NAS is available till now.
1: Presumably, WPA2 is, which means that this isn't a showtopper, just a big annoyance. There's actually only one missing feature here, WPA support. The rest would not be expected.
2/3: Mainline Tomato doesn't support any of this on USB-supporting routers anyhow.
Binary kernel modules
This is no different than mainline Tomato, which also relies on binary kernel modules. In fact, most opensource firmwares DO.
Looking at this from the perspective of one of the authors of Tomato/MLPPP (bonding multiple DSL lines using a fork of Tomato), only WPA is really of any concern, and even then, you can work around it by using WPA2. This router adds support for 802.11N, more (MUCH FASTER) RAM, and a far faster CPU (200 -> 480MHz, plus other architectural improvements). Considering that memory throughput/latency and CPU power are our main bottlenecks when bonding multiple DSL lines, this router remains quite interesting despite the lack of WPA.
The WRT54G series all use Broadcom chips pretty much identical to the ones you'd find in Netgear routers. See here:
http://www.dd-wrt.com/wiki/index.php/Supported_Devices#Netgear
I am not proud to admit this, but I took a CCNA years ago, and I've built literally dozens of wifi networks using various combinations of off-the-shelf (or off-the-refurbish-list) routers and stock/modified firmware. I am a minor authority on the subject of cheap-ass consumer routers.
Broadcom is what you'd call a "fabless semiconductor company," which means they design chips but don't actually manufacture them. Almost all consumer routers you can find today use Broadcom-based system-on-a-chips, which consists of basically a CPU, flash and DRAM, ethernet interface, and half a wifi-radio, all crammed onto a single CMOS.
Broadcom designs the chip, someone else leases the design for the chip (and all the accompanying drivers) from Broadcom, then the person that leased the chip pays a third person who owns a CMOS fabrication plant to actually manufacture the chip. Then the chips get sold to yet another party, like Linksys, Netgear, Trendnet, Asus (my pick!), Buffalo, and others. The chip has several dozen wires hanging off the end of it, and someone connects them to various external ports or devices on the router: ten wires make a bank of five Ethernet ports, two or four wires are connected to one or two antennas (more if you have MIMO), more wires are connected to the status LEDs and buttons, et cetera. The end manufacturer is also responsible for providing firmware, which historically they've done by combining Broadcom's drivers with some code they ripped off from the Linux kernel (some manufacturers, like Asus and Buffalo, are reputed to be good about providing source code when they do this). Then they put it in a box with a compatible power adapter, slap a lame warranty on it (because many governments and retailers require them), and sell it.
The end result is that pretty much all the routers you can buy are nearly identical in every way except firmware. Furthermore, almost no manufacturer can actually be bothered to provide long-term support for these routers (why fix a broken routers when they can sell you a new one?), and since firmware development is by far the most difficult and expensive part of what the end manufacturers (eg Linksys) actually DO, this is the area where most consumer routers really fail.
(The other problem is that most Broadcom chips only have about ~100 MB/sec of memory bandwidth on chip, tops, which is obviously less than one gigabit per second (~125MiB/sec). This means that there are no consumer routers you can buy that are actually capable of routing a gigabit of traffic per second- at best they all seem to crap out around 160 megabits per second, in my experience (note: you have even less bandwidth when traversing the NAT gateway, particularly with traffic shaping enabled). This is mostly a limit inherited from the CMOS manufacturing process they use, I think - it's the same process they use to make DRAM and flash, and while it's cheap relative to the number of transistors you get, the resulting chips are rather slow compared to what you get with optical lithography.)
As for your grandfather's router, I suggest you try running BitTorrent on a computer connected to it, and see what happens when you quickly spawn hundreds of new TCP connections. I'm betting it'll choke, because the onboard NAT has to keep track of each individual TCP connection, and your $20 Trendnet router (which is probably quite old indeed, regardless of how recently you purchased it) probably isn't expiring old TCP connections for a good 12 hours. There's probably a way you can set the NAT TCP timeout value to something more reasonable, like 15 minutes (if it's not in the web-based interface, try downloading the config file and editing it with a text editor - I shouldn't have to tell you the risk from doing this). You can also look up DD-WRT,