Slashdot Mirror

← Back to Stories (view on slashdot.org)

FCC Clarifies: It's Legal To Hack Your Router (betanews.com)

Posted by timothy on from the know-your-place-citizen dept.

Mark Wilson writes with an update to an earlier report that the wording of new FCC regulations could mean that it would be illegal to modfiy the software running on wireless routers by installing alternative firmwares. Instead, The commission has now acknowledged that there was more than a little confusion from people who believed that manufacturers would be encouraged to prevent router modifications. The FCC wants to make it clear that most router hacking is fine and will remain fine. With a few exceptions, that is. In a blog post entitled Clearing the Air on Wi-Fi Software Updates, Julius Knapp from the FCC tries to clear up any misunderstandings that may exist.

85 comments

  1. Does this really change anything? by hidden · · Score: 4, Insightful

    Sure. I'm glad to know what the intention of the rule is, but isn't it still likely that the easiest way for manufacturers to comply will be total lockdown?

    1. Re:Does this really change anything? by jazzis · · Score: 1

      Sure. I'm glad to know what the intention of the rule is, but isn't it still likely that the easiest way for manufacturers to comply will be total lockdown?

      Sure it is... path of least resistance and all that grey area crap.

    2. Re:Does this really change anything? by Anonymous Coward · · Score: 0

      Correct it changes nothing.

      At best, it will required two OSs one for the radio, the other of routing. Think the new 4G USB that yse ethernet over usb with a micro computer running the radio. This way the wireless router is gone. left is just a router and you have to "rent" the radio part to talk to anything,

    3. Re:Does this really change anything? by Opportunist · · Score: 4, Informative

      And the easiest way for users to give it the finger is not to buy that broken boxes and instead return to what we did in the 90s, using old computers as routers.

      It's not like you can't build computers that have similar power consumption levels as those routers, with the added bonus that you can actually remove all the parts you don't need that only pose a security risk by their mere existence.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    4. Re:Does this really change anything? by Aighearach · · Score: 2

      Cheapest devices will continue to suck, news at 11?

      Better devices will get better, because they'll have a modular design by following the actual implementation recommendations they gave. They just want the radio block not to have the gain turned up by the main processor. That is it. That is all. Honestly, this is what they should have been doing already under the old guidance. The "new" rule is just a friendlier way than saying, "You've been doing it wrong for 10 years" and leave everybody worrying about fines, or fighting over what the old rules really said. They were never allowed to sell devices that the user could turn up over the output limit; they were always supposed to be unable to be turned up by the user without physical modification.

      And that is better for people that want to violate the rules, too, because external, modular amplifiers that are on the black market now are much, much stronger than the modifications that people can do in firmware. Everybody wins, except the cheapskates.

    5. Re:Does this really change anything? by QuietLagoon · · Score: 2, Insightful

      ... isn't it still likely that the easiest way for manufacturers to comply will be total lockdown?...

      Well, then it will be the manufacturers to blame, not the FCC.

      .
      If the current crop of manufacturers wimp out and lock down the devices, then I am sure some alternatives will crop up that are not locked down (besides the RF stuff). Or,you could even grab an old PC and use that as a router.

      On other forums, I've read comments about how the mod'ers want to be able to change the frequency to non-WiFi channels because the WiFi channels are too busy where they live. Those same people noted that they are not concerned with what other radio devices they would be affecting, so long as they can up the power of their access point and change its frequency. For that reason, I feel the FCC is going in the correct direction with this latest revision.

    6. Re:Does this really change anything? by TsuruchiBrian · · Score: 1

      Even the cheapskates win, because often times trying to be cheap just costs you a bunch more time and money. If you prevent cheapskates from making stupid decisions based on trying to be cheap, then you save them time and money (although they may not see it that way). They can still try to be cheap, but there is a better chance that the cheapest thing they can find will be a decent device.

    7. Re:Does this really change anything? by Aighearach · · Score: 3, Interesting

      There is no reason for an extra OS, because any additional microcontroller will only be managing the radio, and there is no reason to use an OS for that; you can just program the firmware to run directly.

      All they really have to do though is compile the max gain into the existing firmware instead of letting the OS set it on boot. They have to cut/paste a couple lines from one .h file to another. Horrors. The rules on the max output wattage don't change very often; historically, I don't think it has ever been increased. The total net benefit of that being configurable has been zilch.

      People handwaving about things getting "locked down" are a bit breathless. There is no reason companies are going to spend extra money on engineering hours to lock down stuff other than the radio gain and modulation settings.

      The router stuff isn't being prevented or restricted in any way, those are simply the devices where some models were not following the rules. Basically, they moved too much of the radio init code into software out of laziness. The radio is a hardware radio, though, not software; so we're just talking about moving OS driver code into firmware, and all that gets moved is the init. There is no way they're going to save money by trying to "lock down" the OS, which is not really doable anyways.

      Remember, software defined radio is more expensive than hardware radios, because of the processing requirements. So the radios were already all hardware. That is why the FCC engineers are a bit surprised and disappointed in the public and the doomsday speculation.

    8. Re:Does this really change anything? by silas_moeckel · · Score: 1

      What will mostly matter is how the SoC manufactures deal with it. If they put checking at the bootloaded only that's what companies will be forced to do. If the radio can only used signed firmware blobs then that's what they will do. At the end of the day netgear etc are not making chips they are buying them from broadcom etc and will have to use what security is available on those soc's to comply with the fcc.

      --
      No sir I dont like it.
    9. Re:Does this really change anything? by Anonymous Coward · · Score: 0

      How would it be any different than most manufacturers now? Most of them try to make it not easy to put your own software on the router, and most of them only half-ass their attempts at locking it down. The easiest way to deal with it is not to make it locked and secure, but to make some minimal token locking effort.

    10. Re:Does this really change anything? by amiga3D · · Score: 0, Offtopic

      How many Americans are prisoners in Gitmo?

    11. Re:Does this really change anything? by amiga3D · · Score: 2

      This applies to less than 1 percent of the public. I'd bet if you build your own router the day will come that will make you automatically a candidate for closer monitoring.

    12. Re:Does this really change anything? by Aighearach · · Score: 1

      You're just speculating on some unknown that you worry they might be "forced" to do one thing or another, whereas the story, and the analysis such as that you responded to, is telling you the answers. The unknowns you are speculating about are not unknowns, they are known knowns. They are not being forced to use any particular implementation.

      You seem to entirely discount that DRM is very hard to do, and even harder to do in a way that successfully inconveniences anybody. They're not going to spend millions of dollars engineering that for no reason. That is what you should be hearing yourself say when you talk about "signed firmware blobs." You're talking about increasing the cost of the hardware, and engaging in a huge amount of engineering work, to avoid a small change in firmware to place the specific settings for radio gain and modulation level behind write-once fuse bits, which are cheap and easy to add to their existing designs. The runtime code doesn't even change. The init code might change a small amount. They can lock down that one setting really well and really easy, with minimal increase in cost. Locking down the OS is orders of magnitude more disruptive and expensive, and is likely to fail anyways.

      Don't speculate from ignorance just to avoid reading the story or learning about the issues implicated.

    13. Re:Does this really change anything? by Anonymous Coward · · Score: 0

      firmware == OS

      Yes, that is true now since all are software driven,

      Now the world has shifted from hardware devices to software devices. It is why even with the increase in speed of new hardware, there is not next change to actaully using the system. USB2 was polled by the CPU, Sound boards and modems became software driven. Each of these are drivers to the OS. So why build a hardware version of the radio system, when a SoC with self router functionality be build in to USB thumb radio.?

    14. Re:Does this really change anything? by drinkypoo · · Score: 2

      And the easiest way for users to give it the finger is not to buy that broken boxes and instead return to what we did in the 90s, using old computers as routers.

      It's not like you can't build computers that have similar power consumption levels as those routers,

      Sadly, that rapidly gets expensive. Your computer can be as small/cheap/low-power as a router, pick two.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    15. Re:Does this really change anything? by thegarbz · · Score: 4, Insightful

      People handwaving about things getting "locked down" are a bit breathless. There is no reason companies are going to spend extra money on engineering hours to lock down stuff other than the radio gain and modulation settings.

      You're half right. Companies are not going to spend extra engineering hours on this stuff. So rather than going through and locking down specifics they'll likely just disable write and JTAG interfaces after shipping and you get a read-only device for your pleasure.

      Oh but what about official firmware updates you ask?
      I've yet to own a device that's ever received one.

    16. Re:Does this really change anything? by Anonymous Coward · · Score: 0

      What about DFS? That has to be done in software AND moving it into a non-free firmware would STILL BE A PROBLEM! It is LOCKING DOWN *SOMETHING* still that creates all sorts of havoc on security, privacy, and prevents us from fixing bugs and properly maintaining code. Just because your no technically competent to hack on that part of the code base doesn't mean others aren't.

      The FCC has not acknowledged the actual problem. Rather they merely responded to some peoples understanding of the problem which was not in fact the problem. The issue is that the easiest path and the only likely path for manufacturers to take to solve the problems being created by the rule changes is to lock everything down. Could it be done some other way? Yes. In theory it could be (at least the parameters). But it's not how manufacturers *ARE* responding to the rule changes. We've already demonstrated this. The FCC only acknowledged the parameter issue and not the DFS issue which has to be done in software.

      Now what about the fact we are having the companies designing the chipsets refusing to release the code to the firmware components and pointing to these rule changes as the reason why? We've talked to all the major players and this is the response we're getting back.

    17. Re: Does this really change anything? by ememisya · · Score: 1

      Hahahaha! Bwahahahaha! Humm... Yea no, just ask nicely not to be watched.

    18. Re:Does this really change anything? by silas_moeckel · · Score: 1

      It's all speculation till the short term confidentiality comes off for the post ruling chips like the BCM4366 gear that's shipping later this month.

      DRM is very hard to do on tiny microcontroller, it's always hard to do well. So this very much depends on how Broadcom and the likes implements the FCC requirement since they will be the ones most probably picking the path with the least amount of additional silicon/effort to meet that fcc requirement.

      --
      No sir I dont like it.
    19. Re: Does this really change anything? by Anonymous Coward · · Score: 0

      So where can I buy a PCIe EuroDOCSIS 3.0 card (supported in Linux/FreeBSD)? Oh yeah, they pretty much don't exist. I run my own router/firewall box but because of the aforementioned, I have to keep my old router infront of my own setup.

    20. Re:Does this really change anything? by _merlin · · Score: 1

      Oh but what about official firmware updates you ask?
      I've yet to own a device that's ever received one.

      What shitty unsupported devices are you buying? Every wifi AP and DSL modem I've bought has had at least one official firmware update after purchase, including an old Netgear DG632 (still in use), three generations of Apple AirPort Express, some shitty Billion DSL router, and an AVM FritzBox.

    21. Re:Does this really change anything? by Runaway1956 · · Score: 1

      "moving OS driver code into firmware"

      Change of OS requires that driver be recompiled though. A Linux 3.1 kernel can't use a driver from Linux 2.6. If/when my kernel is upgraded to 4.x that driver will have to be recompiled again. That means, updating the firmware of the radio. And, while I'm recompiling that driver, I can set the parameters under which the radio will operate.

      Sorry, it's all or nothing. Either I have access to all the hardware, or I have access to none of the hardware. Anything else is just a brick.

      Router Name DD-WRT
      Router Model Netgear WNDR4500
      Firmware Version DD-WRT v24-sp2 (02/04/15) giga - build 26138M
      Kernel Version Linux 3.10.67 #6269 Wed Feb 4 06:34:18 CET 2015 mips

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    22. Re:Does this really change anything? by KGIII · · Score: 1

      I know where you're coming from but, if I may, how many router bugs have you fixed over the years? I ask because, a long time ago - in the tech dark ages, I had a router building (modification, really) project which enabled us to connect a plotter to a network. Now, it was mostly a spare time project, I admit, but by the time we were done, such was commercially available. If I counted the man-hours that went into this, well... I'm not doing that math. Let's just say it was a pointless exercise that was almost entirely driven by ego.

      Mostly, so long as you didn't look at it funny, it worked. As of eight years ago, it was still working - I think.

      --
      "So long and thanks for all the fish."
    23. Re:Does this really change anything? by Runaway1956 · · Score: 1

      Most of my routers have had firmware updates available from the vendor. Not all, but most. The cheapo routers that I've inherited, like Actiontec, have never been updated at all. Zoom has been updated. I think Zhone had an update availabe, can't remember for certain. But, the better quality routers have all had official updates available. I'm partial to Netgear, and my newest told me that a firmware update was available, just before I upgraded it to DD-WRT.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    24. Re:Does this really change anything? by Runaway1956 · · Score: 1

      OK - good point. Now, tell me which old computers have WIFI transmitters inside of them. The nearest thing to that, was an ASUS server board that came with an optional PCI card. That card had to be installed in the last PCI slot, it wouldn't work in any other slot. Can't remember the board's part number now, but it was one of the earliest AMD Bulldozer offerings. I've still got that PCI card lying around somewhere, but it's not nearly as fast as the routers I'm using today. Wireless G is simply obsolete now.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    25. Re:Does this really change anything? by Aighearach · · Score: 1

      If it is a generic router with a fly-by-night brand that was slapped onto an unaltered OEM whitebox, OK, I'll believe your story.

      But anything from a name brand they're going to want to be able to do a firmware update because otherwise they'd have to exchange or replace every unit sold in a giant recall if there turns out to be a security bug. Huge hit compared to issuing a firmware update and it being up to the consumer to install it.

      I might still be more than half right after all. ;)

    26. Re:Does this really change anything? by Aighearach · · Score: 1

      You failed to understand my comment, and just sortof waved your hands.

      The company making the router can make what you do in the driver to tell the radio firmware how much gain to use into a NOOP. You'll still recompile your driver and try to do it, but the output gain simply won't change.

      There is absolutely no reason at all that your OS would see any difference at all.

      And no it isn't "all or nothing." You can flash the OS already, but the only reason that the OS driver can tell the radio to do x is because the radio listens and obeys. It doesn't have to. A brick would be the nonsense people speculate where the OS would get locked down. Then it would be a brick because security updates are a thing. The radio gain doesn't need to be adjustable.

      One of the reasons it sounds all-or-nothing to the end user is that the whole OS is inaccurately called "firmware," apparently because they didn't put a keyboard port on the case? But there is actually real firmware that controls the radio. That can be altered to ignore the setting from the OS. There is absolutely no reason you would need to alter the OS or lock it down to achieve that.

    27. Re:Does this really change anything? by tlhIngan · · Score: 1

      ... isn't it still likely that the easiest way for manufacturers to comply will be total lockdown?...

      Well, then it will be the manufacturers to blame, not the FCC.

      Most likely what will happen is the chipset manufacturers will build in a set of OTP fuses into the chipset (which already exists for stuff like MAC addresses) that set the regulatory domain. The WiFi firmware reads the fuses and locks out the frequencies it's not supposed to transmit on.

      Existing hardware already has it, and really only the firmware has to change.

    28. Re:Does this really change anything? by thegarbz · · Score: 1

      Oh you know just the run of the mill garbage from Netgear and Cisco (Linksys).

    29. Re:Does this really change anything? by thegarbz · · Score: 1

      My experience with Linksys was that they update their hardware more often than their firmware, and their firmwares are tied to the hardware revision.

      Yes firmware is available, but I've yet to see an "update"

      Actually the only devices I've ever seen get an update were those pre-n or pre-ac models and from what I can tell all the firmware update did was remove the warning on the webpage that the WiFi formats hadn't been ratified yet.

    30. Re:Does this really change anything? by thegarbz · · Score: 1

      have to exchange or replace every unit sold in a giant recall if there turns out to be a security bug.

      Really? Didn't we just run a story only recently on Slashdot about how manufacturers are just generally not fixing the security bugs found in routers?

      I'm still waiting for someone in any country to force a manufacturer to actually keep their product secure and up to date. The big problem with routers is that they seemingly last forever, but right now we can't even keep 1 year old phones up to date.

    31. Re:Does this really change anything? by Anonymous Coward · · Score: 0

      Something like Shuttle DS57U might be what you want as a router. It's a very capable setup, but of course the downside is you have to spend around $250 to set it all up. The upside is that you can then install something like pfSense on it afterwards and be in absolute and full control of everything behind that box. It has everything built-in and it's fairly easy to manage.

    32. Re:Does this really change anything? by swillden · · Score: 1

      I've gotten updates for Netgear, Linksys, Belkin and Asus routers. On my current Asus it pops up a notice when I log into the admin console whenever there's new firmware (maybe twice per year? I don't pay close attention). On the other routers I've had to go look on the manufacturer's site, but they've all gotten updates.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    33. Re:Does this really change anything? by Coren22 · · Score: 1

      It is configurable for good reason.

      Take a look at the table available at: http://www.afar.net/tutorials/...

      The dB values should not be static, as the inclusion of a directional high gain antenna can make you need to adjust the dB value to match the antenna to prevent overrunning the max allowed radiation (EIRP).

      Also, not every country has the same rules as the US, there are actually many countries on this planet, and they don't all use the same set of EM rules.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    34. Re:Does this really change anything? by drinkypoo · · Score: 1

      OK - good point. Now, tell me which old computers have WIFI transmitters inside of them.

      You buy a wifi card and slap it in. Then the problem becomes, does my wireless chip even have MASTER mode support under Linux (etc.)? Because many of them don't.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    35. Re:Does this really change anything? by Aighearach · · Score: 1

      It only requires a very simple analysis to understand that the way it is now only critical security holes that were the manufacturer's fault are guaranteed to get a firmware update, and other security holes are ignored by many manufacturers.

      However, that in no way contradicts my point. They have to be able to update firmware. Not all bugs and problems are equal. I mean think about it, they'd have to at least try to fix the worst bugs before shipping the units in your universe! The one I live in, shit shows up buggy, and every new router will have a critical security update the first year it is being sold. Why aren't there expensive recalls? Because consumers can update the device.

  2. No one with a clue thought it would be illegal ... by Anonymous Coward · · Score: 3, Insightful

    No one with a clue thought it would be illegal to hack your router. There might have been a few idiots spouting that but there are always idiots spouting on the Web. The issue is that certain changes - increasing your transmission power - ARE illegal and have long been illegal. The FCC is looking at putting out rules to prevent that from being possible, or at least make it much more difficult. The easiest way to implement those rules for manufacturers is to prevent the router from running anything other than the default firmware. The FCC made some changes to their wording which may or may not reduce that likelihood a bit. But the changes are largely cosmetic and the possibility of manufactures making changes which prevents users from changing their firmware is still a real concern. It may not be illegal but if you can't do it, does that really matter?

  3. And under the provisions of the TPP? by sholdowa · · Score: 1

    doesnt that limit firmware to authorised versions only...

    1. Re:And under the provisions of the TPP? by amiga3D · · Score: 1

      I authorize my own firmware.

  4. Re:No one with a clue thought it would be illegal by QuasiEvil · · Score: 2

    Wish I had mod points, I'd bump you up. Nobody actually thought the FCC was going to make hacking your router illegal. It's outside their jurisdiction anyway as long as it doesn't change the electromagnetic emissions. The reality is that the easiest way for a manufacturer to assure compliance is to sign the firmware and lock the hardware to that signature, effectively preventing any firmware modification. If anybody thinks manufacturers are going to take the intentional hard road in the design just so a tiny subset of their customers can go in and modify things, you're nuts. Effectively the FCC is still boning us all.

  5. Re:No one with a clue thought it would be illegal by Anonymous Coward · · Score: 0

    No one with a clue thought it would be illegal to hack your router.

    But it was posted right here, on Slashdot. Oh. Dice.

  6. What is a router? by Opportunist · · Score: 0

    So I can't install custom firmware on a piece of hardware I happen to buy. What about using old computers as routers? Running a custom version of Linux. Mostly because there is no "official" software that they could run. Is it now outlawed to use computers that way?

    I honestly didn't think the FCC is staffed with people who know as little about computers as the government.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re:What is a router? by TsuruchiBrian · · Score: 1

      You can run whatever software you want on a computer, as long as any wifi cards are using official firmware to guarantee that they follow FCC rules.

      By making your own computer all you are doing is changing the protocol by which you need to communicate with an FCC controlled device ( TCP/IP -> PCI/PCIE)

      It's doesn't matter what kind of software you run on your home made router for the same reason it doesn't matter what software you run on the computers connected to your store bought router.

    2. Re:What is a router? by Opportunist · · Score: 1

      So... Just to be obvious, it's all fine and dandy to flash firmware into routers that don't come with WiFi?

      Then I guess we should hope manufacturers realize in time that there is a market for such routers. One of the cases where having FEWER features is a feature.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    3. Re:What is a router? by Anonymous Coward · · Score: 0

      A router is just a computer though often times they have highly specialized hardware for making routing decisions. Consequently your average computer routes just fine and dandy. To put together a DIY WiFi router with low power equipment that has no moving parts is relatively easy: you need something like a Soekris embeded computer with 4x1 gig ethernet ports, a dedicated WiFi access point, and some kind operating system for it such as FreeBSD built using nanobsd. This gives you 2 partitions for operating systems images as well as doing an online update of the spare partition and a revert to the last known working version if needed.

      The Soekris units even include a PCI slot so you could put a wifi card in them if you wanted to. There are a ton of options but they will not be as cheap as the average consumer WiFi device.

    4. Re:What is a router? by Opportunist · · Score: 1

      That's basically what I said 4 postings ago in this subthread. Apparently I should have posted it anonymously to avoid being downmodded...

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    5. Re:What is a router? by TsuruchiBrian · · Score: 1

      So... Just to be obvious, it's all fine and dandy to flash firmware into routers that don't come with WiFi?

      I don't see why not. It's not like any firmware you can flash on to a wired-only router is going to ever cause any interference on any broadcast frequencies.

      Wired routers are just little embedded computers with 5 integrated NICs

      The problem is that the firmware for a wireless router is that it is monolithic. If they had split the firmware into parts (i.e. like one for the wifi controller, and one for the OS), then you should logically be able to flash the OS to whatever you want and keep the wifi controller software the same. This would be analogous to changing OSes on your desktop but keeping the PCI wifi card firmware the same.

  7. My router is.. by Anonymous Coward · · Score: 0

    A lower power mini PC running an Intel i3, 128GB SSD, 4GB RAM, and CentOS. I simply enable what I want and decide how I want it to work. So regardless of any FCC ruling, they can all kiss my ass!

    1. Re:My router is.. by amiga3D · · Score: 1

      Careful now. Don't make yourself a target.

  8. Re:No one with a clue thought it would be illegal by mark-t · · Score: 1

    If anybody thinks manufacturers are going to take the intentional hard road in the design just so a tiny subset of their customers can go in and modify things, you're nuts.

    Probably not manufactures in general, but is it really nuts to believe that some still might?

    --
    File under 'M' for 'Manic ranting'
  9. Re:No one with a clue thought it would be illegal by DewDude · · Score: 2

    The issue is that certain changes - increasing your transmission power - ARE illegal and have long been illegal. The FCC is looking at putting out rules to prevent that from being possible, or at least make it much more difficult.

    There are a few cases where increasing your power; as well as operating "out of band" are legal; well..actually....there is one. You can operate a 802.11 wifi device under Part 97 (amatuer radio) if you have an amateur radio license and comply with the other rules of what you can and can't use Part 97 for. There are hams using off-the-shelf WiFi with modified firmware to operate under PArt 97 rules to create wireless networks that can be used by emergency services or for other authorized Part 97 services. One example is streaming video of say...the finish line of a marathon where hams are providing some logistical services. VOIP has also been played around.

    Again, you have to have a ham license to operate in this fashion; and you cannot provide a public internet connection over it; or at the very least; it must be extremely limited.

  10. Open Source Router Hardware by GWXerog · · Score: 1

    There's a few open source/custom hardware platforms out there geared towards custom networking equipment. Personally I use the PC Engines APU http://pcengines.ch/apu.htm It's the best router I've ever owned

    1. Re:Open Source Router Hardware by amiga3D · · Score: 1

      It looks like massive overkill. What OS are you using?

    2. Re:Open Source Router Hardware by GWXerog · · Score: 1

      It is massive overkill, but so is an old PC. I use full Debian with Shorewall handling firewall/routing.

  11. I would like to clarify by Anonymous Coward · · Score: 0, Informative

    It is NOT legal to hack my router, unless you have my permission, and you don't.

  12. Dear FCC by JustAnotherOldGuy · · Score: 0

    Dear FCC,

    Thanks for telling me that I can do what I'm going to do anyway, regardless of your rules.

    Signed,

    Router Owner

    --
    Just cruising through this digital world at 33 1/3 rpm...
  13. Re:No one with a clue thought it would be illegal by Aighearach · · Score: 1

    Trying to add new protections that guard the firmware is a lot harder than taking away the command that the OS sends to the radio firmware.

    The problem isn't the "firmware." One problem is language; people are describing the router OS as "firmware," but it isn't; that is regular software. Being installed on flash drive doesn't turn it into "firmware." But there is a hardware radio, which in most cases has real firmware. Currently, that firmware just does whatever the processor tells it to do. All they have to do in many cases is alter the radio firmware to use compiled-in radio power and modulation limits.

    The ones that are harder are where it is a single System on Chip, and the radio firmware is not accessible to the device programmer. But in that case, any attempt to lock it down would require adding an external microcontroller. An extra controller that limits the output power is going to be a lot easier than one that attempts to implement some sort of DRM scheme. But the real change will come easy; the SoC vendors will just make a tiny, tiny change so that the memory address for the gain can't be altered. That is what will really happen; the companies making the routers won't even have to change anything. It is already normal for microcontrollers to have a fuse bit that can be programmed to prevent further changes to certain parts of memory. This is what that is for. And it won't affect the OS, which will still have to be able to receive security updates.

  14. Ban Lockdown by Anonymous Coward · · Score: 1

    Unless firmware lockdown is banned, it will be the result, regardless of what FCC says. If manufactors have to lock one part, in this case wifi power and they never designed their systems to do so, they either have to make major changes, which cost money to develop and produce. It suddenly doesn't become a question how they feel about their hardware being flashed, but more if they can justify the costs to allow it. They likely can't if the competitors just lock their devices.

    By forcing the hardware to be flashable, then all companies will be forced to find a solution. The problem is that I don't think FCC can ban locks. Their power lies with wireless signals, which mean they basically say they want to lock everything they have power to lock. They now make a statement that they didn't intend to lock the wired and routing parts of the firmware, but I don't think they ever had the power to do so. In other words, their new statement means nothing.

    I don't see a happy end in this for anybody. Either the result is locked routers or overpowered routers. I don't want either, but I can't see any other option to be realistic. I even have a hard time seeing FCC being able to back down even if they want to. Their job is by definition to prevent signals from causing problems for others and they can't ignore that.

    Actually now that I think about it, FCC should be able to make rules about chips controlling the power settings. If they require two numbers to the power controlling hardware and the hardware then uses the lowest value and one of those inputs is fixed with write once memory, then the power setting can be capped at production time. Since this involves the power setting directly it might be able to pass as something FCC can demand legally. If the power is controlled this way, FCC will have a big don't care for the user reachable firmware. It can be debated if it is a good design, but I can't think of anything else the FCC can do to enforce signal power and not lock routers.

  15. Sure. . . by TimSchutte · · Score: 0

    . . .Try and stop us!

    1. Re:Sure. . . by KGIII · · Score: 1

      Laws and regulations don't really stop anyone. What they do is establish that they're punishable actions. Laws against murder do not, for example, prevent people from murdering others.

      --
      "So long and thanks for all the fish."
  16. Re:No one with a clue thought it would be illegal by amiga3D · · Score: 1

    I don't want my router putting out a lot of power. It's more secure if it's not reachable from outside my house. I already use wire where I can.

  17. Re:No one with a clue thought it would be illegal by amiga3D · · Score: 1

    I expect you will still be able to buy some high end hardware that will be owner friendly. I doubt the cheaper stuff will though.

  18. Re:I love our government! by amiga3D · · Score: 1

    They are just trying to keep you safe. Quit being a spoiled child and listen to those who know better than you what's good for you.

  19. Re: Words Words Words by Anonymous Coward · · Score: 0

    Do you expect people to take you seriously when you can't refrain from hyperbole when giving examples.

    If I say I'll give you, say, an old computer, if you reimburse me for shipping costs, and that happens, I didn't sell you a computer, but a computer and money were exchanged.

    I don't know if planned parenthood was actually trying to make money via "reimbursement", but just because an exchange involved money doesn't make it a sale, and they way you worded that seems disingenuous.

  20. Vint Cerf knew it would be illegal ... by davecb · · Score: 3, Informative

    He and Dave Taht wrote the reply to the former rulemaking proposal, which *specifically* asked how the vendor would prevent purchasers from flashing it with DD-WRT. Please see the IETF submission at http://apps.fcc.gov/ecfs/comme...

    --
    davecb@spamcop.net
  21. It only makes it worse... by davecb · · Score: 2

    Regrettably, routers are designed to be extremely cheap, and have only one cpu and OS. Specific vendors (as noted in the IETF submission) have publicly claimed that the FCC rules require them to prevent any modification to the device, and lock it down.

    IMHO, that gives them "forced obsolescence", and sales at full list price for newer models with bug-fixes.

    --
    davecb@spamcop.net
    1. Re:It only makes it worse... by Aighearach · · Score: 1

      Existing SoC designs already have more than one processor; it is just all squished together on one die. It is one chip, but it would be the whole normal nest of chips if it wasn't in an integrated package.

      Vendors will say anything, never believe that breathless crap. They hate rules, even when they have more influence over the rules than the consumers who the rules supposedly protect.

      They won't still be saying that later if you're trying to buy a chip from them that includes DRM. It turns out that is hard, and expensive, and changing the microcontroller that is already on the SoC to use a stored value instead of getting the radio gain from the init code is easy.

    2. Re:It only makes it worse... by davecb · · Score: 1

      I think we're in violent agreement (;-))

      Like you, I expect that cost-averse vendors will be reluctant to add anything pricey to the board. I was thinking of an independent radio chipset that could be locked down separately form the general-purpose processor, you were thinking of DRM. I understand this is what some cell phones have, and that there is a push toward getting rid of the extra expense...

      --
      davecb@spamcop.net
  22. Slashdot says the author doesn't exist by davecb · · Score: 2

    http://hardware.slashdot.org/~Mark+Wilson says "The user you requested does not exist, no matter how much you wish this might be the case."

    Vint Cerf, on the other hand, definitely exists, and his and Dave Taht's submission to the FCC pointed out that the problem existed, no matter how much you wish this might not be the case.

    --
    davecb@spamcop.net
  23. Re:No one with a clue thought it would be illegal by Anonymous Coward · · Score: 0

    Yep, and that is an edge case's edge case. Literally, there are maybe a thousand routers in the US used under these rules.... Manufacturers could really care less. Here is exactly where you get a small, 'real' computer, put some Linux distro on it and diddle to your heart's content.

    Manufacturers are under no obligation to help out a tiny, tiny fraction of their customer base who would buy the damned things at a flea market in any event....

  24. Re:I love our government! by Anonymous Coward · · Score: 0

    The people who know better are the ones objecting to this. They're involved in designing the wifi chipsets (examples of participants: Adrian Chadd, Luis Luis Rodriguez), OS developers (Linux kernel and embedded distributions like LibreCMC, OpenWRT, etc), manufacturers, and people regularly involved in FCC issues (legal people, etc).

  25. Re: Words Words Words by Runaway1956 · · Score: 1

    It is you who is being disengenuous. We see advertisements on Ebay for items worth - ohhh - fifty bucks. They are advertised for some ridiculous price like $1, plus $100 shipping. The vendor who offered that fifty dollar item gets real close to 100% markup. Are we going to argue that he didn't "sell" the item at a profit?

    GP makes a valid point. DIshonest people play with words to make their dishonesty look honest.

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  26. Re:I love our government! by KGIII · · Score: 1

    One of our regulars Bruce Perens, has a good writeup on this. You can read his filing here:
    http://apps.fcc.gov/ecfs/comme...

    There was a Slashdot post about it but I didn't look for it. Ah - it was just a few results down so I'll include it:
    http://yro.slashdot.org/story/...

    You can thank him later. At least he tries and he seems to sum things up fairly well.

    --
    "So long and thanks for all the fish."
  27. Re:I love our government! by magamiako1 · · Score: 1

    Bruce's petition has absolutely nothing to do with the topic at hand. Why bother posting it?

  28. Legal != Technologically Impeded by Anonymous Coward · · Score: 0

    Their actions may not make the hacking illegal, but their actions are still intent on placing major technological impediments on said hacking.

    They have specifically stated that their goal is to lock down WiFi devices and lock out hardware hackers.

    This statement changes nothing.

  29. Re: Words Words Words by Runaway1956 · · Score: 1

    I've kept ledgers. Money in, money out. Accounts receivable, etc ad nauseum.

    If PP receives cash in return for body parts, then they've sold body parts. That is the bottom line.

    That's like they claim that no federal tax dollars are spent on abortions. Utter bullshit - a huge part of their income comes from taxes. Without the taxes, they couldn't keep their doors open. Keeping their doors open enables them to perform abortions. Bottom line - tax dollars enable PP to perform abortions, despite what their imaginative accountants claim.

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  30. FCCing comments not convincing by craighansen · · Score: 1

    These FCC comments do not dissuade me from the concern that whether or not that was the intention of the FCC rule-making, the effect will be to lock down router firmware. Locking down the firmware is one of the easiest way to address the FCC's concern. How else are router manufacturers going to prevent modification to the values place in control registers of commodity I/O devices? The processors in these devices don't have the necessary capabilities to lock these parameters down using a virtual machine model, and the commodity I/O devices don't have any built-in mechanism to prevent other than blessed values to be placed into control registers. Clearly the FCC still values their concerns about preventing us from misusing our devices over our concerns about securing our devices.

  31. Re: Words Words Words by Anonymous Coward · · Score: 0

    Please provide these ledgers you claim to have kept.

    Asserting that "money changing hands" is automatically equivalent to a sale defies common sense. (see my original example of givigng someone a computer if they reimburse shipping costs). PP may have done wring (awaiting the ledgers you've kept), but misrepresenting what they claimed to have done is still misrepresenting what they claimed to have done.