Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: How Can You Avoid Routers With Locked Firmware?

Posted by EditorDavid on from the wise-why's-of-WiFi dept.

thejynxed writes: Awhile ago the FCC in the USA implemented a rule that required manufacturers to restrict end-users from tampering with the radio outputs on wi-fi routers. It was predicted that manufacturers would take the lazy way out by locking down the firmware/bootloaders of the routers entirely instead of partitioning off access to the radio transmit power and channel ranges. This has apparently proven to be the case, as even now routers that were previously marketed as "Open Source Ready" or "DD-WRT Compatible" are coming with locked firmware.

In my case, having noticed this trend, I purchased three routers from Belkin, Buffalo, and Netgear in Canada, the UK, and Germany respectively, instead of the USA, and the results: All three routers had locked firmware/bootloaders, with no downgrade rights and no way to install Tomato, DD-WRT, OpenWRT, etc. It seems the FCC rule is an example of the wide-reaching effect of US law on the products sold in other nations, etc. So, does anyone know a good source of unlocked routers or other technical information on how to bypass this ridiculous outcome of FCC over-reach and manufacturer laziness?
The FCC later specified that they were not trying to block Open Source firmware modifications -- so leave your best suggestions in the comments. How can you avoid routers with locked firmware?

28 of 320 comments (clear)

  1. Get a cheap PC that 10 years old, add PFSense by Anaerin · · Score: 5, Insightful

    It's a fantastic router platform, supports oodles of hardware, and can run on cheap machines. For instance: Start here use a 5600 series Xeon and the smallest amount of RAM and HDD you can get, and you've got a killer router capable of handling much greater than gigabit traffic. If you need Wireless as well, you can either add a low-profile 802.11 card, or buy a cheap home "router" and run it in Access Point only mode, which will put it behind your firewall (and thus safe from internet-based hack attacks), rather than it being your firewall and vulnerable.

    1. Re:Get a cheap PC that 10 years old, add PFSense by viperidaenz · · Score: 3, Insightful

      and put everything through a single usb port?
      Perfect for routing your dialup connection!

    2. Re:Get a cheap PC that 10 years old, add PFSense by eastlight_jim · · Score: 5, Informative

      Whilst your electric might be free, running a 100-200W PC instead of 6W router is a little overkill for most people. The best solution, of course, is to be allowed to put new firmware on your existing router ;-)

    3. Re: Get a cheap PC that 10 years old, add PFSense by raburton · · Score: 4, Interesting

      Can't argue with the pricing there. But if you want something lower power and smaller size try one of these https://m.aliexpress.com/s/ite... still more power than you need for most applications (especially if you're comparison is some crappy little MIPS router). I considered pfsence but I'm more of a Linux person and didn't need the bells and whistles of the nice GUI, so it's just running stock Debian with ip tables and very little else on it (but with a lot of options if you want to do more with it).

    4. Re:Get a cheap PC that 10 years old, add PFSense by thegarbz · · Score: 4, Interesting

      It's recommendations like this that are the reason for America's incredible high emissions per capita stats.

      Running a full powered PC from an era that didn't concern itself with efficiency, in a field (servers) which didn't concern themselves about efficiency instead of a small appliance that should use less power than an energy saving bulb.

    5. Re:Get a cheap PC that 10 years old, add PFSense by mellon · · Score: 4, Interesting

      I'm currently experimenting with the NanoPi, which I think has better I/O (it has gigabit ethernet and comes with an antenna). I haven't gotten openwrt running on it yet, but am working on it: http://nanopi.org/NanoPi-2_Fea...

      The best thing about it is that if it doesn't suck, I can just scatter a bunch of them around the house--they are ridiculously cheap compared to typical WiFi routers.

      If you want something a lot beefier, consider getting a Turris Omnia. Not cheap, but it's practically a server, and will draw a lot less power than your 10-year-old PC. They are working on FCC certification, should be available in the U.S. in a few months. I have one from the kickstarter... :)

    6. Re:Get a cheap PC that 10 years old, add PFSense by arglebargle_xiv · · Score: 4, Informative

      If you're going to go that way, get an Alix APU, which is x86 without all the bloat and heat of a standard PC. It's designed for use as routers/firewalls/whatever, and runs pfSense out of the box. Also, unlike a Pi, it's actually properly designed, with real ethernet NICs, proper power conditioning, proper flash storage that doesn't shit itself every time there's a power glitch, and so on. I've got older Alix hardware that's been running for close to ten years without being touched, and that I have no expectation of needing maintenance for many more years to come.

    7. Re:Get a cheap PC that 10 years old, add PFSense by TheRaven64 · · Score: 4, Informative

      Power here costs about £1/W/year. If you're expecting to keep your router for 2 years, it's worth spending up to £20 to reduce the power consumption by 10W. A typical old desktop will draw around 60W, an embedded router board will draw around 6W. That works out at a saving of £108 over two years, which is about the total cost of the embedded router board (PC-Engines or Soekris). After three years, even if you got the old PC for free, it's still more expensive. I used a PC-Engines WRAP board as my home router for around 5 years before needing to upgrade.

      --
      I am TheRaven on Soylent News
    8. Re:Get a cheap PC that 10 years old, add PFSense by PhunkySchtuff · · Score: 4, Informative

      Two orders of magnitude actually.
      24 hours × 365 days × 100 Watts = 876,000 Watt-hours = 876 kW/h
      876 kW/h at $0.12c per kW/h is $105.12 per year.

      Think about your annual power bill - if it cost $1,000 to run a 100W globe for a year, we'd all be sitting around in the dark.
      In a house with, say, 10 light globes running them each for 8 hours per day, your power bill for lighting alone would be over $3,000

      --
      Specialist Mac support for creative pros, Melbourne
    9. Re:Get a cheap PC that 10 years old, add PFSense by danbert8 · · Score: 5, Insightful

      If you are going for a 10 year old PC, why not just get an older router that supports flashing firmware?

      --
      Yes it's an anecdote! Were you expecting original research in a Slashdot comment?
    10. Re:Get a cheap PC that 10 years old, add PFSense by TheRaven64 · · Score: 3, Informative

      You can't do arithmetic: 24 * 365 * 100 = 876000. 24 * 365 * 100 / 1000 = 876. Your 87600 is neither of these numbers and I have no idea how you calculated it. The rough rule of thumb is $1/W/year, with your price estimate it's $1.0512, which is close enough. With 18 cents/kWh, it's $1.5768, but for most of the US $1-2 is the right ballpark. For Germany, it's $3. That doesn't actually detract too much from your main point. You're paying $300/year for power for the 100W machine. A 6W machine that costs $200 will save you over $90 in the first year.

      --
      I am TheRaven on Soylent News
    11. Re:Get a cheap PC that 10 years old, add PFSense by Gaygirlie · · Score: 4, Informative

      All the four USB-ports share bandwidth, so no. A single USB 2.0-port has a 480Mbps bandwidth, not counting for the losses of the USB-protocol and whatnot, and since all the ports share bandwidth it'd make no difference whether you used a single gigabit ethernet USB-adapter or 4. Also, don't forget that the 10/100 Ethernet-port on the RPi also shares bandwidth with those USB-ports!

  2. Roll your own by Zarhan · · Score: 3, Informative

    http://elinux.org/RPI-Wireless...

    Pretty much only way to be sure.

    Beyond that, you go with the same approach as when getting a PC to use with Linux - try to verify each individual component and whether it works or not.

  3. Solution: Don't buy those brands anymore... by Zurkeyon3733 · · Score: 4, Informative

    PLENTY of "make your own" options out there these days... Easy options even. Newegg has an ITX mainboard with a built in AES-NI CPU for Hardware accelerated encryption, for 56$... Add a dell Broadcom SFF 4 Port Gig NIC and some RAM, and whola! Whatever router config you need is just a download away!

  4. Turris Omnia by JoSch1337 · · Score: 5, Interesting

    https://omnia.turris.cz/

    Specs: 1.6 GHz dual-core ARM, 2 GB DDR3, 8 GB flash, 5 Gbit LAN, 1 Gbit WAN, 2 USB 3.0, 2 Mini PCI Express, 1 mSATA / mini PCI Express, 3x3 MIMO 802.11ac, 2x2 MIMO 802.11b/g/n

    I use it together with two hard drives attached via SATA.

    It ships with a custom version of OpenWRT but you can also install other stuff on it like Debian:

    https://wiki.debian.org/Instal...

    Or openSUSE:

    https://en.opensuse.org/HCL:Tu...

    1. Re:Turris Omnia by AmiMoJo · · Score: 3, Interesting

      Seems very expensive for what it is... If you go on AliExpress and search for "x86 router" or "arm router" you will find hundreds of options costing less than 1/3rd as much. For example: https://www.aliexpress.com/ite...

      Celeron J1900 (quad core, 2.4GHz)
      1x DDR RAM RAM socket
      Intel chipset
      mSATA SSD slot
      4 Intel I211AT gigabit LAN ports
      3x USB 2.0
      1x USB 3.0
      2x MiniPCIe ports
      10W max power consumption

      The case has holes for wifi antennas, which you can order with it. It's pretty much a standard PC so will run whatever Linux or even Windows OS you want. It's got VGA as well which can be handy for an emergency shell.

      You could add a really simple UPS with a 12V lead acid battery and a few diodes too.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  5. Separate Access Point from Router by aaarrrgggh · · Score: 4, Interesting

    Personally, I find that going with a dedicated router and dedicated access point(s) makes for a more flexible solution anyway. Better placement options, easier to upgrade the wireless, etc. I use Ubiquiti gear, which gives me Vyatta on the routing/firewall and a solid (locked down) access point.

    Curious to try out the little pfsense appliances, but they are a bit more pricey.

  6. "save wifi" campaign by lkcl · · Score: 3, Interesting

    The FCC later specified that they were not trying to block Open Source firmware modifications

    they were told IN NO UNCERTAIN TERMS that this is exactly what would happen - that manufacturers would take the "lazy" way out. unfortunately, a number of prominent "open source" activists completely and utterly failed to comprehend that this would happen, and ENDORSED the FCC's proposal.

    there are some very specific companies that sell RYF-Endorsed products (answering the OP's question: google "RYF Certified router" or other such keyword combinations), and these companies are near-completely screwed. if they are not careful they have to sell ILLEGAL products in order to satisfy the RYF-Endorsement Criteria! however it turns out that there's a small workaround: what they can do is put an UNPUBLISHED hidden link into the web interface in order for users to carry out quotes unauthorised quotes firmware updates.

    basically as a world-wide community we f******d up. the opportunity to stop the FCC from being a Corporate lap-dog was when the "Save WIFI" campaign was underway. it was a complex situation understood by very few people: we should have listened to the people who properly understood it, and supported them. we didn't do that... and now we suffer the consequences, as indicated by the OP.

  7. Don't blame the FCC by Solandri · · Score: 5, Interesting

    Blame the idiots hacking their firmware and using their routers irresponsibly (illegally).

    First you have to understand why the FCC made the request to router manufacturers. Shortly after the FCC opened up the 5 GHz band for unlicensed use, terminal doppler weather radar was invented in response to several airliner crashes due to adverse weather conditions. Unfortunately, it relies on frequencies smack dab in the middle of the open 5 GHz band, so the FCC took the unusual step of revising their rules which opened up those frequencies

    That's why most 5 GHz devices only support channels 36-48 and 149-165. The intermediate channels were reclassified as DFS - dynamic frequency selection. Open devices could use them, but if they detected weather radar in use they had to switch to a different channel. A few devices actually do this and check to see if weather radar is in use. Most manufacturers just took the easy way out and blocked out channels 50-144 entirely in the firmware.

    DD-WRT supports DFS - it will change frequencies if it detects weather radar in use (at least it does on my hacked TP-Link). If you install third party firmware and use the 5 GHz band, do the responsible thing and enable this functionality if you're going to enable channels 50-144. Unfortunately, some idiots didn't do this, which caused the FCC to grow concerned about the impact of third party firmware on the effectiveness of TDWR. That's why the FCC made the request to router manufacturers. Not because they hated third party firmware, but out of concern for the safety of the flying public.

    This is why we can't have nice things - a few idiots ruin it for everyone else. I had lots of fun with lawn darts as a kid, but we always treated the target area as if it were a shooting range. Here's an example of what happens to TDWR when an idiot blasts their router in the TDWR frequencies. The unauthorized broadcast shows up as a wedge-shaped area spanning a few degrees and extending to the edge of the radar image, completely obscuring any weather in the wedge.

    And buying the router in Canada or Europe won't make any difference because those countries have the exact same restrictions on those TDWR frequencies. The only reason they're not being as aggressive as the FCC is because TDWR so far is mostly used at U.S. airports. Eventually most airports in the developed world are going to upgrade to it (or at least airports which frequently encounter bad weather). So the regulatory agencies in Canada, the EU, and most of the rest of the developed world are all going to be on the same page as the FCC once TDWR is rolled out in those countries.

    1. Re:Don't blame the FCC by GrumpySteen · · Score: 3, Insightful

      Do you want to foot the bill for massive army of personnel and equipment required to hunt for signals in the tens of thousands square miles covered by TWDR systems?

      And before you say it... no, waiting for hundreds of people to die in a plane crash because interference prevented a TWDR system from detecting wind shear conditions is NOT an acceptable solution.

    2. Re: Don't blame the FCC by thegarbz · · Score: 3, Insightful

      I know. What is with these people obeying the laws of physics when choosing spectrum. How dare they!

  8. Some routers aren't "locked" particularly well... by AC-x · · Score: 4, Informative

    Some routers aren't "locked" particularly well, for example I have a WR841N v11 here which had supposedly FCC locked firmware, but it was relatively simple to install open firmware on it using the TFTP firmware recovery procedure

  9. Re:that was the previous administration by Anonymous Coward · · Score: 5, Funny

    Many Americans replied to their consultation on network neutrality. They ignored all comments that didn't suit them. The only thing you can do is vote out the republicans. Most likely you will need to vote out the democrats after that too.

  10. FCC: The inept Paper Tiger.... by beheaderaswp · · Score: 3

    First off, the FCC is underfunded and cannot enforce it's own rules. This is one of those cases where lack of funding leads to inept regulation. The FCC cannot set a rule and simply enforce the rule. They have to set a rule that is enforced in a defacto manner without them spending any money.

    So by regulating what manufacturers can and cannot do- they get the "appearance" of responsible regulation. With the added side effect of stifling innovation, modification, or customization (within the law) of the equipment.

    You can try to explain this to people.. but since the principles involved are nuanced and technical most eyes glaze over. But the short form is this: if you lock down the hardware you stifle innovation.

    Another primary example of the FCC failing for lack of funding is the regulation of radio bandwidth which citizens have access to. That would be the CB, GMRS, FRS, MURS, or Amateur Radio services. The FCC either farms out the enforcement (Amateur Radio is farmed out to the ARRL) or simply makes no enforcement action at all. The result being that the radio spectrum has become a cesspool of "pirate radio", free-banders (Illegal unlicensed operators), or licensed operators who break all the rules.

    There are illegal operators across all the bands in the spectrum that are known by the FCC, the general public who use the spectrum, local law enforcement, and the defense community. But they are rarely enforced against.

    They are not enforced against because the FCC has no budget for enforcement. They rarely enforce interference with government services first, commercial services second, and do nothing at all anywhere else. Very occasionally there is Amateur enforcement.

    This means as a citizen FCC enforcement will come through any tangential avenue that has no cost to the FCC.

    --
    Another consultant who stuck it out.

    "We are the Priests, of the Temples of Syrinx..."
    1. Re:FCC: The inept Paper Tiger.... by StatureOfLiberty · · Score: 3, Informative

      The FCC either farms out the enforcement (Amateur Radio is farmed out to the ARRL) or simply makes no enforcement action at all.

      ARRL has no enforcement power. It does have an Official Observer program. These operators do look for improper operation and can document this behavior. They do send out notices of improper operation to ham operators (amateur radio is usually called ham radio). There are no teeth behind this notice. An important part of their role is sending out notices when hams operate particularly well.

      Documentation of improper operating can end up being forwarded to the FCC in hopes that they will act on it. It is only the FCC that has actual enforcement power. Many submissions never get acted upon. The ones that seem to get immediate action are if you interfere with another licensed service (interfering with police, emergency medical, aviation, commercial broadcast).

      Lack of enforcement by the FCC is a problem. Many field offices have been closed down. Lack of funding is definitely making the problem worse.

      ARRL is a great organization. They do provide great training materials for proper operation. They do a lot of lobbying for the Amateur Radio Service. They work to protect the service from band encroachment. They watch for well intentioned but poorly worded legislation that impacts the service. For example: North Carolina has been considering legislation (SB 393) that would ban use of almost any electronic communication device in a vehicle. ARRL is organizing operators in the state to ask their representatives to amend the verbiage to exclude amateur radio. Mobile operation is an important part of the amateur radio service. Banning it would make much of the value that the amateur radio service provides impossible. In addition, amateur radio mobile operation has a stellar safety record.

      ARRL cannot enforce, but it can educate and work to influence.

  11. Re:Sod locked firmware by Zontar+The+Mindless · · Score: 3, Informative

    Or maybe you need to learn the difference between "route" and "root"?

    --
    Il n'y a pas de Planet B.
  12. Re:that was the previous administration by Austerity+Empowers · · Score: 5, Insightful

    There's no particular reason to play politics on this.

    When you get FCC certification, you are certifying to the government that your product meets their requirements for EM emissions and reception (intentional or otherwise). This isn't new, it's been around since before, I would guess, everyone reading this was born. By allowing customers to go monkey with those settings you can no longer give any such certification. It makes some sense for the FCC to stop this, and honestly I wondered how long before they did since most people doing this are dramatically boosting the transmission levels on their routers.

    Now it may be that you think that the burden is on the government to find and stop people who are breaking the rules individually, rather than putting the burden on manufacturers, and I agree with the point in principle, but in practice the entire point of the FCC is to ensure the airwaves are shared and we don't end up with broadcast power wars. I do not know of many people who after making changes to their radio settings, also go put their router in a testing chamber and ensure that it is still compliant, not only at 5GHz (for example), but that harmonics are not leaking out at other frequencies that they did not intend (in some cases also due to lazy electronics design). Those labs cost some bucks, so unless you happen to have access to one, and your boss happens to look the other way when you use it for personal use rather than billing a customer, its hard to do. Hunting down each and every person who is breaking the rules is very expensive, and I think we can all agree we don't want to pay more in taxes for this. Therefore putting the burden on mfg's is a cheap solution that solves their problem. I'm not sure why we would want to fight the FCC on this.

    The fact that manufacturers are ALSO locking out the non-radio facing firmware is an entirely different issue that the FCC is not responsible for. That part needs to be fought, but hopefully some manufacturer will see some money in doing it right. Shipping WiFi firmware is so universally awful that almost anything else is better.

  13. Re:that was the previous administration by skids · · Score: 5, Insightful

    most people doing this are dramatically boosting the transmission levels on their routers.

    General rule of thumb: if you can't get a good signal at 15dBm on 2.4 and 18dBm on 5GHZ, do not try to go higher. Install more APs closer to your clients. Otherwise you are just damaging the spectrum. The higher levels are really meant for when you have real antennas on both ends, like a WDS. You can't make cheap client antennas better by shouting at them. Also, you should have a compelling reason to deploy 5GHz outdoors, even using factory firmware... you are a lot less likely to do something destructive fumbling around with the 2.4GHz band outdoors. Partly because it is already ruined, and partly because it doesn't have to worry about radar.

    Many settings that are not strictly RF-related are bunched in with the RF settings, and can use some tuning, and are not settable from factory firmware -- which you should never run anyway because it is full of junk plug-and-play services and will stop receiving security updates long before you are done using the AP.

    Vendors have no incentive to separate out these settings in hardware, nor support them in software, nor continue to support an AP after it is out of warranty, as then they are just decreasing demand for their latest models.

    Most people who install Open Source firmware are after features not related to RF, few people feel any need to install custom firmware on the WiFi card (more on some models than on others) and what special WiFi card settings they are looking to alter are things like beacon formats and timing, noise floor detection, etc.

    Refusal to publish solid specs from which open source drivers can be written probably account for the majority of issues where RF parameters are set up wrong.
    Especially, vendors shipping product whose EEPROM settings are wrong and then kludging things back together in their binary-only drivers, rather than reprogramming the EEPROM on upgrade, might be the number one cause.

    --
    Someone had to do it.