Slashdot Mirror

← Back to Stories (view on slashdot.org)

TP-Link Begins Lockdown of Firmware In Response To FCC

Posted by timothy on from the climate-of-fear dept.

An anonymous reader writes: In response to an FCC rule that requires manufacturers to lock down computing devices (routers, PCs, phones) to prevent modification if they have a "modular wireless radio," TP-Link has begun locking down its routers to prevent firmware not signed by TP-Link from being installed. This essentially prevents open source OSs (OpenWRT, for example) from being used on routers. TP-Link may not be a prestige brand, exactly, but the company makes a lot of routers suitable for installing third-party firmware, precisely the sort of thing being locked down makes difficult if not impossible.

10 of 157 comments (clear)

  1. WOW by andydread · · Score: 4, Interesting

    So this is the end of open source firmware on basically any device with a radio

  2. WRTNode by lazarus · · Score: 4, Interesting

    I don't have first hand experience with it, but if you are an aspiring OpenWRT hacker then you might want to look into WRTNode. Using third party proprietary hardware is always fraught with peril anyway.

    --
    I am not interested in articles about life extension advancements.
  3. Oh well by siuengr · · Score: 5, Interesting

    Glad I already returned my TP-Link and bought an Asus. I had the C9 Archer and it was terribly unstable. I guess TP-Link will be falling into obscurity again.

  4. Re:Congratulations by pla · · Score: 3, Interesting

    and for VERY good reasons... channel 14 is bad.

    What? Best channel on the list, it virtually never sees any contention from countless annoying wifi-enabled phones/tablets/laptops passing by!

    Just tell your router you live in Japan (and pray it doesn't have the interface localized), and bam, good to go!

  5. How wlll the FCC deal with the glibc DNS bug? by davecb · · Score: 5, Interesting

    The FCC's rule change makes the manufacturers responsible for compliance, not the owner/operator. How, then, will the vendors deal with the updates required by the glibc bug, http://linux.slashdot.org/stor...

    The vendors of anything that can't be reflashed by their users are now responsible to the FCC for any compliance-critical errors in their devices. A DNS hack can can allow anyone to change to an illegal channel or use an illegal power level.

    Similarly, the vendors are at risk of being named in class-action suits for anyone whose router gets hacked through their negligence. Especially in the US, where suing people seems to be the national hobby (;-))

    Do you suppose some tiny Taiwanese firm can afford to do a recall like an auto manufacturer, and fix all their locked-down devices? Or be haulded into a US court without going broke? I suspect not...

    Locking down your products for the US market because "it's easy" may turn out to be a company-killing error.

    --dave

    --
    davecb@spamcop.net
  6. Re:Except... by davecb · · Score: 3, Interesting

    If they lock it down, they become legally and financially resposnible for compliance-critical bugs like the glibc DNS one.

    --
    davecb@spamcop.net
  7. Re:Except... by The-Ixian · · Score: 3, Interesting

    As far as I am aware, TP-Link is the hardware behind a lot of different brands including, if I am not mistaken, Google and Apple branded routers.

    People would have to do some research before buying and I doubt that anyone but a die-hard open source fan will ever 1) do the research and 2) base the purchase decision on this issue

    --
    My eyes reflect the stars and a smile lights up my face.
  8. Re:Except... by somenickname · · Score: 3, Interesting

    I wonder if this is the reason TP-Link has been moving away from Atheros based wireless gear. If you look at reviews on Amazon, TP-Link has been incrementing version numbers on some of their products and replacing the Atheros chip with chips that require binary blob firmware. As far as I know, Atheros is the only chipset that doesn't require a binary blob firmware and it's trivial to hack the kernel module so, dumping it for other chipsets might make sense (at least from their perspective) from a compliance standpoint.

  9. Re:Don't these routers have external memory? by JonathanP.Bennett · · Score: 4, Interesting

    This is a very good point. The question is, is any of the stock firmware covered by GPLv3? Linux kernel is GPLv2, which does not have the tivoization clause.

  10. Re:Congratulations by NotInHere · · Score: 5, Interesting

    The FCC aren't enforcing it, yes, and I agree that it was not their goal. Still the impact of their decision remains the same.

    You can run apps on Android devices. That's the single reason why android devices have separation, even though separation costs more in manufacturing. For routers, separation just isn't an option economically.

    If the FCC had cared, it would have required separation, or just left the state as it was, but they didn't do either.