back to article Internet daddy Vint Cerf blasts FCC's plan to ban Wi-Fi router code mods

Vinton Cerf has added his name to a campaign begging the FCC to scrap plans to ban custom firmware on Wi-Fi routers and other wireless devices. The internet pioneer is among 260 signatories on an open letter urging the US watchdog not to pass a proposed package of rules [PDF], formally known as Docket 15-170. The suggested …

  1. Mark 85

    Common Sense vs. FCC

    I hope common sense wins but this is nanny state government we're talking about. I wonder also if the TLA's have chimed in privately that "locked down" firmware will allow them to what they want to do...?

  2. streaky

    Does it matter?

    The companies who make the routers in the first place don't like you doing it and take a long list of measures to stop it. Net effect? Status quo - who cares really?

    1. Velv
      FAIL

      Re: Does it matter?

      And your proof the companies don't like it?

      Some manufacturers market models that specifically encourage the loading of custom firmware, and it's in no manufacturers benefit to block you, you modify at your own risk and they sell tin they no longer need to support.

    2. asdf

      Re: Does it matter?

      >Status quo - who cares really?

      Anybody with a brain. Open source firmware is the only secure firmware for most home routers as all the major manufacturers have massive security fails (and with low margins not much interest in fixing them). It is also some of the only firmware that is regularly updated with security fixes. Getting in the way of open source firmware is the surest way the FCC could gimp internet security.

      1. asdf

        Re: Does it matter?

        As an aside could the FCC just do what is done with mobile phones today and force the manufacturers to have two firm wares. An antenna firmware they can lock down very tight with cryptography or whatever that only the manufacturer would be able to update and then a general firmware (on phone would be the the custom rom) that can be overwritten if so desired?

  3. tom dial Silver badge

    I am not especially paranoid, and in particular do not fear law enforcement or intelligence agencies. I have some concern about criminals who are after my money or identity (mostly to go after my money). For that reason alone I think it a Really Bad Idea to lock down what might well be my premise firewall to prevent replacing vendor software with alternative software that I think more secure or resilient against penetration. I understand that nearly all users will not do this, but don't consider that a valid reason that I should not.

    As far as out of band operation is concerned, there are two points worth making. First, most - probably nearly all - who do this will not choose to operate outside the authorized frequency bands. Second, there are people who are licensed to operate transmitting equipment at frequencies close to the standard WiFi ranges and there seems no good reason they should not take advantage of wifi equipment to do so. For instance, in the US, amateur radio license holders (other than novice) are allowed operation in bands that include, but are wider than, both the 2.4GHz and 5.8GHz WiFi bands.

    1. Nick Kew

      Software vs Firmware

      The article says firmware. You talk about software.

      I can see many good reasons to customise one's software. Firmware seems less clear: I'm prepared to accept there could be good reasons to hack it, but I don't see them in my life.

      1. Old Used Programmer

        Re: Software vs Firmware

        What do you see as a fundamental difference between software and firmware?

        1. Dave 126 Silver badge

          Re: Software vs Firmware

          [Software / Firmware] vs Hardware

          If the concern is that people can operate outside of legitimate frequencies, the authorities could just insist that OEMs make routers that can't do so. That way, it doesn't matter what firmware the user installs.

          I appreciate that this might add a few cents to the cost of a router. Whilst not infallible, anyone really wanting to trespass on reserved frequencies will at least have to get their soldering iron out.

          1. Mage Silver badge
            Facepalm

            Re: Software vs Firmware

            It's trivial to buy or make transmitter/receivers outside the ISM (WiFi) bands. As a spectrum regulator THEY, not firmware providers, are supposed to police use of spectrum.

            They need to forget this foolishness.

            How many routers are made IN the USA?

            What percentage of routers are sold in USA?

            Are they worried about illegal use of Ch 12 & 13 (allowed in Europe and not USA)? Very little hardware can work much outside the WiFi bands, if at all. The aerial limits bandwidth. I don't know of any router that can use 1.9GHz or 2.1GHz instead of 2.4GHz.

            Even if router hardware CAN work outside ISM bands on transmit, in theory, it's up to FCC to prosecute people doing that without a licence.

            What next, Smart phones that can only have FCC approved applications?

            1. Anonymous Coward
              Anonymous Coward

              They're worried about SDR

              Today's routers are restricted to channels 1-11 + 12-13, plus whatever in the 5 GHz area. Tomorrow's routers will use software defined radio chips, when they become cheaper. You could trivially reprogram such a chip to broadcast on GPS frequencies instead of the 'correct' wifi range.

              There are other ways around this, like requiring some sort of binary blob for the lowest level radio code to restrict this, or IMHO better, require a filter (which will likely be software, if so it would be in a part of the firmware that CAN'T be changed by end users) on the output that filters out frequencies other than the approved wifi range. Similar to how TV/radio broadcast towers and satellite transponders have analog filters at the output that insure their emissions are within the desired range only.

          2. Tridac

            Re: Software vs Firmware

            Software was historically seen to be an application or os running on the machine, the visible part. Firmware is code permanently programmed or "embedded" into the hardware, such as disk controller boot code, network and graphics adapter configuration etc. The bios image on your machine would normally be seen as firmware. Firmware usually ends up in flash or other type of non volatile memory, though the distinction becomes blurred at times, since mobile phones, for example, often have both os and apps permanently stored in flash memory.

            The customisation of wifi firmware really got going when some of the vendors started using open source code in their firmware (eg: Linksys) and thus had to release full source code due to oss licensing rules. Later version of Linksys routers used the VxWorks real time os, where source code is not released, though hardware is slow to change between revisions and there are dozens that are modifiable.

            It's a really a harmless experimenter / hacker pursuit that contributes a lot to the state of the overall art and is no threat to anything, so why all the fuss ?. Thankfully, we don't have such draconian rules here in the uk...

          3. armitasp

            Re: Software vs Firmware

            some kit has software defined radios as this makes region coding much easier (and more often cheaper). Also those that don't have software defined radios still need to support lots of channels (as the different regions allow different channels). The US, ETSI, China and Japan frequency requirements are all different.

        2. BillG
          Holmes

          Re: Software vs Firmware

          What do you see as a fundamental difference between software and firmware?

          Short answer: Software is stored in an easily user-modified form like a disk drive or USB drive. Firmware is stored in semiconductor memory and is deliberately difficult for a user to modify, it requires a technician's skills.

          More complex: Software is is closer to OSI Level 7 and is interactive and reprogrammable on the fly by the user, where user = someone using the system without any technical skills.

          Firmware is always stored in semiconductor memory like Flash or ROM. Firmware is closer to OSI Level 1 and is the closest layer to the hardware. It typically requires more advanced knowledge to modify.

          A PC's operating system is software. A mobile phone's OS is firmware.

          I'm sure there's a better explanation but I' haven't finished my first cup of morning coffee yet.

          1. Mage Silver badge

            Re: Software vs Firmware

            I had a Mac with the OS in a ROM.

            "A PC's operating system is software. A mobile phone's OS is firmware."

            A bit misleading.

            A PC BIOS is Firmware, yet users ought to be able to easily upgrade it. It should be for security write protected by a physical jumper. It used to be.

            My older laptop had four BIOS upgrades and one Graphics firmware upgrade. These were supplied with instructions for any end user to apply. It's always had the same copy of the OS, though with "patches" applied.

            My Netbook has choice of Flash memory on a PCB or a CF card adaptor. The original "flash memory" has XP and the CF card has now Linux on it.

            My Kobo and Kindle both have had firmware upgrades. In one case simply manually applied via USB storage, Third party patched versions are available. Any differentiation between "firmware" and "software" is a bit arbitrary.

            1. BillG
              IT Angle

              Re: Software vs Firmware

              "A PC's operating system is software. A mobile phone's OS is firmware."

              A bit misleading.

              A PC BIOS is Firmware, yet users ought to be able to easily upgrade it.

              Not misleading, it's technically accurate. A PC's OS is software.

              Yes, a PC BIOS is of course firmware, but I disagree that users should be able to easily upgrade it. Typically PC software is kinda forgiving when upgrading, worst case you reinstall. But we all know that mistakes in upgrading the BIOS can brick the computer permanently.

              I've seen "users" remove the CD-ROM when running from the CD-ROM, despite the big bold warning "DO NOT REMOVE CD UNTIL PROGRAM IS COMPLETE", then blame the computer when it locks up. Despite onscreen warnings, I've known of people to turn off their laptop while the BIOS is updating then blame the manufacturer that the laptop is now an expensive door stop. These people are obviously not Mensa candidates and are blessed with the IQ of celery.

              We are mostly experienced techies here on El Reg and can easily forget that the cupholder story is true.

          2. chris 17 Silver badge

            Re: Software vs Firmware

            @Bill G

            You'd need s lot more than coffee to make any of that right.

            Osi layer 1 is physical layer as in Ethernet cables connecting PCs to a switch. Current cat5 or cat 6 Ethernet cables do not have any active components therefore no firmware. Next generation cables probably will be active to improve s/n ratios.

            Firmware is typically stored on Read only memory or most likely these days programmable read only memory which enables it to be changed. The device, component or machine loads it's firmware at poweron and uses its firmware to perform its function. Software interacts with its os that talks to its attached peripherals firmware to perform tasks.

            This is all computer code collectively known as software.

            I'm sure there's a better explanation but I've not finished my bottle of wine yet.

          3. PNGuinn
            Megaphone

            Re: Software vs Firmware @BILLG

            More and more equipment does not have "firmware" loaded into the device by the manufacturer. It's loaded onto the device at boot. From the hard disk. (Or SSD. Perhaps that makes it firmware?)

            I would say a phone os is no different to a pc os. "Software". Where it's stored and how difficult it is to get at to modify or replace is another matter.

            "Firmware" used to mean software loaded into rom on the device to make the hardware work. Software which survived shutdown. Like the bios. Then you had os specific device drivers to talk to the os and the device interface. Things are getting more and more blured these days.

            The FCC are a goverment organisation with less and less technical understanding. (Although they probably have lots of extremely good engineers working for them. But hey, we're the FCC what do those guys know,eh?

          4. Tom 13

            @ BillG Re: deliberately difficult for a user to modify

            That definition may have worked circa 1983, but these days any old fool can easily modify most firmware.

            Yes, I did replace a BIOS chip once or twice back in the day although I never had the "pleasure" of adding more RAM to reach my 640K limit. These days people don't think twice about flashing the BIOS on a motherboard.

    2. Anonymous Coward
      Anonymous Coward

      " who do this will not choose to operate outside the authorized frequency bands"

      Are you sure? We have morons pointing lasers at airplanes just for fun. If disrupting some radio frequencies can be easily done, there will be morons doing it.

      Just, the FCC solution is wrong - but a way to lock devices out of reserved frequencies - especially those used by emergency or vital services, should be found - and one that can't be bypassed.

  4. JoAnywhere

    VHS vs Wifi

    Isn't this a similar argument to the original bleat the movie companies had about VHS (and music companies had about tape decks). There was an illegal use for these devices, as well as many legal uses.

    Ultimately, commonsense won, and people were able to buy cassette decks and VHS players on the premise that the device was just a device, and that peoples use of it would be prosecuted if they used the device in an illegal manner. This seems to me fundamentally the same as the conversation having had right here. a Wifi router is just a device. If someone chooses to use it illegally, then prosecute them for it.

    oh, and how is it the FCC could outlaw custom firmware, and the US can't control guns?

    1. Anonymous Coward
      Anonymous Coward

      Re: VHS vs Wifi

      Thing is, the matter was over copyright infringement, so it was easy to just let it slide.

      This time, however, the potential concern is jamming emergency or air traffic frequencies, That can have some serious consequences and affect many other lives. Now you have a "the needs of the many" justification. It IS within the FCC's remit to safeguard the radio spectrum and minimize potential jams and interference, especially on such critical frequencies as these.

      1. Tridac

        Re: VHS vs Wifi

        These devices run at frequencies unrelated to any emergency or aviation services, have an output of just a few 10's of milliwatts and an effective range of 10's of metres, so are very unlikely to cause interference with any sensitive services. Also, they run in spread spectrum mode, which is designed for low interference with adjacent channels.

        Just looks like another example of the US paranoid control state mentality. Land of the free my a**...

        1. Anonymous Coward
          Anonymous Coward

          Re: VHS vs Wifi

          "These devices run at frequencies unrelated to any emergency or aviation services,'

          They can be retuned...

          "have an output of just a few 10's of milliwatts"

          ...amplified...

          "and an effective range of 10's of metres"

          ...and fitted with special antennae.

          "Also, they run in spread spectrum mode, which is designed for low interference with adjacent channels."

          That can be turned off.

          Look, until very recently, the FAA were forced to be paranoid regarding cell phones on airplanes (due to overabundance of caution--they don't want to be the ones that allowed a cell phone that in turn interfered with airliner function and caused it to crash, no amount of hand-waving will keep the egg off them). The FCC don't want to be in the same boat. There's little they can do about a malcontent amplifying and directing their radio devices. That's all down to physical hardware, but what about the radio chip being able to be retuned into one of those critical frequencies? Given they're usually made in one region and sent to another, what assurances are there they can't possibly be retuned?

          1. Tridac

            Re: VHS vs Wifi

            Sorry, absolute FUD. Out of all the perhaps 1000 housewives surveyed who use 3rd party soap powder, how many a) have the abilty or interest in retuning to different channels; b) Use amplifiers; c) Fit high gain antenea and d) Have the interest or ability to turn off the spread spectrum mode in software, even if that is possible and if that would be of any use or potential threat anyway..

            Look, you can buy surplus and ready made transmitters for just about any frequency range of interest that are much more of a potential threat to established com services than any wifi router, yet there is no blanket ban on anyone buying such kit. Why ? - because other than the case of a handful of individuals, such usage has never been a problem.

            That is the crux of the matter: Good law is made on a risk assessment basis and benefit / disadvantage basis. ie: where there is real need. Not to suit some civil servant using brain dead consultants for advice, to protect us all from a handful of individuals who may modify kit for illicit purposes. Otherwise, the law is brought into disrepute and mockery, even more than usual, though there is far too much of that getting in the way of getting anything done these days anyway...

          2. Mage Silver badge

            Re: They can be retuned...

            Not to any aviation frequency.

            There are FAR easier starting points if you want to use outside ISM bands. With 1W to 1kW instead of 10mW to 100mW.

            You'd need different aerials too.

          3. PghMike

            Re: VHS vs Wifi

            This is a pretty foolish argument. Anyone who's prepared to do all of that can just build a radio.

      2. PNGuinn
        Facepalm

        Re: VHS vs Wifi

        The problem is that however you try to lock things down there will always be numpties who are determined to do something stupid. Interfere / block x vital service? just for the lulz. Call the emergency services just for the lulz? Laser pointer abuse just for the lulz?

        The only way is to make it clear to those idiots that if they do stupid dangerous antisocial things ther are going to get hit hard by the law.

        There's no difference with routers. Pirate broadcasting - as it used to be called - way predates the internet age.

        1. Anonymous Coward
          Anonymous Coward

          Re: VHS vs Wifi

          "Interfere / block x vital service? just for the lulz. Call the emergency services just for the lulz? Laser pointer abuse just for the lulz?"

          Funny thing about that last...that actually happened multiple times. And now laser sales are being scrutinized because, again, they don't want to see an airline crashing (and it's gotten pretty damn close). Nasty thing about radio is that it's invisible, and (even more so than with a visible laser) with a mobile base even with triangulation equipment the transmitter can be long gone by the time you got there.

      3. druck Silver badge

        Re: VHS vs Wifi

        Not even with the most advanced software defined radio will you be able to interfere with VHF air band frequencies from hardware designed for 2.4GHz and 5GHz Wifi.

    2. Anonymous Coward
      Anonymous Coward

      Re: VHS vs Wifi

      Somewhat ironically there is no 28th Amendment saying "A well-regulated Internet, ..."

    3. Anonymous Coward
      Anonymous Coward

      Re: VHS vs Wifi

      There's a "little" difference. Radio frequencies are a scarce, shared resource, and often used for vital services. Interfering with them is more dangerous than copying a VHS or LP. Could the FCC or whatever keep on policing on reserved frequencies and use radiogoniometers everywhere to pinpoint idiots or criminals disrupting communications? Would you like if someone plays over phone frequencies when you're in dire needs of a call or the like? Or even sone worse situation?

    4. Tom 13
      Unhappy

      Re: VHS vs Wifi

      You are harkening back to a bygone era. Yes, the courts did rule that because VHS had more legal uses than illegal ones the big media companies had to pound sand. But those days are gone. We now live in the era of BlueRays that can disable your legitimately purchased disk at the whim of the vendor.

  5. imaginarynumber

    How do you police this?

    And how will the old bill know what firmware you are using?

    Will the TSA prevent tourists with European phones from entering the USA lest they use channel 12 or 13 when using their phone as a Wifi HotSpot?

    1. Kubla Cant

      Re: How do you police this?

      And does the FCC plan to procure a ban on soldering irons, because you can use them to build a device that broadcasts on illegal frequencies?

    2. Anonymous Coward
      Anonymous Coward

      Re: How do you police this?

      Same way they do today. They act on reports - so if you program your router to use channel 13, and some licensed user of that spectrum (I have no idea what it is used for in the US) detects interference they call the FCC. The FCC finds you and fines you heavily, and you decide that being clever and using channel 13 because "my neighbors won't be using it so I'll get better performance" wasn't worth it after all.

      1. Anonymous Coward
        Anonymous Coward

        Re: How do you police this?

        True, but there's the Sixth Amendment to contend with. You get wind the FCC is coming, you spirit away your gear, the FCC comes and they don't find anything, innocence must be presumed and you get off.

        1. Tom 13

          Re: there's the Sixth Amendment to contend with

          ???

          How does the right to a speedy trial by a jury of your peers affect your ability to spirit away the equipment?

          1. Charles 9

            Re: there's the Sixth Amendment to contend with

            Not that. The presumption of innocence, meaning they gotta catch you in the act.

  6. Alister

    The regulator is worried that, by allowing people to load their own software on these gadgets, they can reprogram the radio hardware to broadcast on any frequency they like

    Is this really a problem at the moment?

    Obviously it's not the sort of thing that many will admit to - even if they do it - but I've never heard of anyone re-programming the radio, custom firmware is more about improving the security and in a lot of cases reliability of proprietary hardware.

    1. Anonymous Coward
      Anonymous Coward

      It isn't a problem today

      Because cheap consumer wireless routers aren't using software defined radio chips. Yet. They're becoming cheaper, and will be used pretty soon. The equivalent in 'receive' technology are already starting to be used in satellite and cable receivers (google 'full band capture')

    2. asdf

      not quite

      >Obviously it's not the sort of thing that many will admit to - even if they do it - but I've never heard of anyone re-programming the radio

      Its actually not that hard to do and I did it to increase the power output on my 2.4ghz router from 49mW to 249mW or whatever. Of course all I did was get a binary blob someone else modified from the internet that the firmware would load at run time. I only did this for a few hours though because i quickly learned it gave me no advantage reception wise and as I found out later actually usually causes problems because the hardware doesn't handle it effectively (outside its design range).

      1. asdf

        Re: not quite

        Correction: I did actually get the source (someone else modified) off the internet and build it myself . I also increased output power from 50mW (17dBm) to 251 mW (23 dBm). Like I said doing this though especially with consumer cheapo radios tends to introduce a lot of noise that ends up hurting more than the signal boost helps.

  7. Uberseehandel

    On Balance Mucking Around In The 5GHz Bands May Not Be A Good Idea

    Reluctantly, I have had to spend a surprising amount of time getting to grips with the problems of spectrum sharing in as much as it applies to that part of it used by 802.11ac specification devices.

    The problem is that right in the middle of the frequencies earmarked for WiFi, weather radar operates. This doesn't sound like a big deal, at first sight. But weather radars are immensely powerful, mostly range limited by the curve of the earth.and they are not only used for weather forecasting (thunderclouds particularly), but also used at airports to pick up windshear. Windshear might not sound particularly ominous, but in reality its pretty scary for pilots and their passengers. The effect of windshear is to reduce the lift generated by the flow of air over the wings and to reduce the airspeed, eventually to the point where the aircraft will stall. In the past this has caused some very serious air accidents.

    There is a network of weather radars across large areas of the world, unless they have been upgraded to s-band units, they are prone to interference by domestic wifi routers and access points..And shipping uses c-band radar, not only ships, but harbours, shore installations and shipping control regimes, such as the Straits of Dover (which is a mass of c-band radar).

    In order to make spectrum sharing work, without adversely affecting safety, three (yes 3 not 2) techniques have been specified to make sure that wifi does not cause any problems with the operation of radars. Dynamic Frequency Selection (DFS), Transmit Power Control (TPC) and the less well known and documented Channel Availability Checking (CAC).. These pretty well do what is written on the label. CAC, involves listening on a channel to check it is vacant before using it.

    Unfortunately, every part of the world has slightly different rules, even the European Spectrum Management Organisation (ETSI), allows different countries to adjust the rules somewhat as they require. There are considerable variations in broadcast signal strength.

    Generally speaking, part of the setup of a wifi router or access point involves specifying the device's location. This enables the onboard firmware to select the appropriate parameters for the device to operate within. There is even talk of providing devices with GPS receivers so the location is set automatically.

    If end users can load third party firmware, all these safeguards can be overcome, Locations, frequencies and transmission volumes can be altered at will. Which could well become a major issue as far as safety is concerned.

    Governments are not too keen on differentiating between minimal risk and risk, let alone major risk, consequently they tend to err on the safe side; they really are in a no-win situation.

    I know some manufacturers are taking this very seriously, but the people who make 3rd party firmware, are thy going to be able to prevent users from creating problems?

    Weighing the options, I personally don't mind steps being taken to stop users operating their equipment when it is out of specification., and I know that many have done so in the past. Currently I'm hoping that the introduction of 802.11ad will be brought forward - real soon now.

    1. Tridac

      Re: On Balance Mucking Around In The 5GHz Bands May Not Be A Good Idea

      Airborne wx radars used to be primarily at X band, ~10GHx, not C band (~2.5GHz), nor at the ~2.4GHz of Wfi devices. Would the few 10's of milliwats of such a device even be detectable by C band radar receivers unless it were right next door, spread spectrum that it is ?. Anyway, WiFi routers and devices are made down to a cost and use synthesisers to generate the frequencies involved and I doubt if the synthesisers are even capable of going far off band, if at all, though you could verify that via the Broadcom or similar data sheets for the device.

      I agree that far more active spectrum usage needs to be regulated to avoid chaos, but this proposal just seems over the top and based on precautionary principle where in fact no threat exists anyway. I run modified firmware on my ancient wrt54g's, but just how many people actually do this ?, < 1000 worldwide ?. A none problem, imho, dreampt up by bureaucracy to justify it's existence....

      1. Uberseehandel

        Re: On Balance Mucking Around In The 5GHz Bands May Not Be A Good Idea

        Airborne radars used to be c-band and are mostly now s-band, according to the FCC and ETSI.

        Ofcom, ETSI and US sources discuss the current c-band interference issue.

        What you appear to be missing is the fact that there is a comparatively large number of channels in the 5GHz band for WiFi usage, not all of which are usable in all countries. Further the max TX volumes differ from country to country. Some of these channels are only usable if they are equipped with DFS/TPC/CAC and they are active. In the event that weather radar is active, then the available channels and maximum TX volumes along with the current active channel will be changed, automatically.

        End users could override this channel sharing arrangement with third party firmware. Interfering with active radar systems will result in chaos. If people really need their internet connection, whilst their router or AP is causing radar interference they have other options, planes relying on airports to warn them of the presence of wind shear do not.

        I know that most home wifi hackers do not care about abiding by the regulations for spectrum sharing, because they tell the world this is the case. I can tell you that getting caught out by windshear is a very thought provoking experience.

        1. Tridac

          Re: On Balance Mucking Around In The 5GHz Bands May Not Be A Good Idea

          Sorry, but airborne wx radars are all X band, something to do with the frequency being ideal in terms of atmospheric absorption of the signal, though pushing knowledge base there :-). They may be using 24GHz for specilised apps these days as well. Also, C band needs much larger antennae, no use for airborned unless for some specialised mil application. As for S band, ~1.25Ghz, that's transponder, ssr stuff, nowhere near wifi frequencies.

          Can't comment on 5GHz wifi, as no direct experience, but doubt that would be a problem either. If you want the real elephant in the room for 2.4GHz, look no further than your friendly microwave oven.: ~2.4 Ghz range, with an frequency unstablised magnetron rf generator, 500-1000 wetts, orders of magnitude more than wifi, driven from half wave rectified 50Hz mains power and polluting a wide spectrum. Could not be a worse example of spectrum irresponsibility and has been driving the radio astronomy folks, who really are looking for very weak signals, mad for decades.

          As for channels, if I run network stumber on the laptop, can see at least half a dozen nodes in this area, many of whom are on the same channel. How do they do this ?. Because spread spectrum tech is used with different spreading codes, perhaps using the mac address as key, whatever, but they all use the same nominal channel and they all work without interference. If you look at wifi on a spectrum analyser, it looks like white noise and is not only difficult to detect and hack, but also makes very efficient use of a limited spectrum assignment and bandwidth. Vorsprung durch tech indeed :-)...

      2. Techie007

        Re: On Balance Mucking Around In The 5GHz Bands May Not Be A Good Idea

        The Tomato Anon database (http://anon.groov.pl/) shows over 30,000 users of Tomato that have the reporting feature enabled. There are a whole lot more than 1000 people running custom firmware on routers. All I can say is that this proposed legislation is totally INSANE.

        I use Tomato because my router's performance is bad without it, and I need the advanced QoS, bandwidth monitoring, DNS intercept and caching features. I know a lot of hotels with terrible free WiFi that would benefit immensely from having their network backbone powered by a router with these features enabled.

        I've got another router that outputs way too much power with the stock firmware, and that firmware has no setting to change it. Enter Tomato. Works beautifully now. Yet another router took forever to boot and would frequently drop WiFi connections. Doesn't support Tomato, but I was able to load DD-WRT onto it. Again, much better.

    2. Gerhard Mack

      Re: On Balance Mucking Around In The 5GHz Bands May Not Be A Good Idea

      That is a lot of FUD for devices whose 5hz signals can often be measured in meters.

      As for hobbyists respecting frequency restrictions, they already do. People who code wireless drivers tend to take RF restrictions very seriously and many of the core Wifi people on Linux were/are HAM radio fans and as a result, tend to know first hand how much it sucks when they have to deal with interference. And I have no reason to believe it's any different for the *BSD folks.

      Debian Linux, as an example, defaulted to a minimal wireless config where the wireless was limited very limited channel wise until I specified my actual region. After I set my region, it opened the channels allowed by my country. To change that, would require me to actually go and edit the kernel source.

      The few replacement firmwares I have used tend to not edit the kernel source and instead focus on security updates and providing interfaces the Wireless manufacturers hate like "AP mode" (mostly because they want to charge more for business class routers). In many cases 3rd party firmware is the ONLY way to secure your wifi router.

    3. BinkyTheMagicPaperclip Silver badge

      Re: On Balance Mucking Around In The 5GHz Bands May Not Be A Good Idea

      The issue is not 'users', the issue is developers. Users will use pre-canned ROM images, the number of people that customise the code created by a development group is close to non existent.

      So, the real issues here are 1) Why would someone want to work around the safeguards (speed?) and 2) Could this be done accidentally through either lack of skill, or more probably, sub par documentation.

      The sensible approach is to consider that it's not possible to stop people modifying firmware, and that there are clear benefits to doing so. The logical conclusion is therefore that manufacturers should release better documentation for their hardware.

      The less sensible approach is to sign everything up to the hilt and prevent any documentation getting out, never mind customised firmware.

      Manufacturers might see an advantage to this, but it is only a question when, not if, they are forced to continue updating their firmware beyond the current roughly two year 'we can't be arsed because it's been superceded by a new model' period, to cope with security risks. At that point it becomes an active advantage for a third party to provide firmware, and to push customers on to that.

  8. Paul Hovnanian Silver badge

    Licensed?

    Nope.

    The controversy, as I understand it, is that the frequencies in question all lie within an ISM band. And the stated reason for this lockdown is that after market software is allowing routers to encroach upon the frequencies used by Terminal Doppler Weather Radar in the USA within an ISM band.

    One of the defining characteristics of the ISM bands is that they require no licenses and equipment operating within these bands must tolerate interference from other equipment in the same band. It serves the FAA right for having an outfit design a critical system such as this who were not smart enough to understand radio frequency interference issues and select a dedicated, licensed frequency for operation. They jumped right in the middle of RF controlled toys and garage door openers. Serves them right. Go fix your radar.

    While WiFi may represent the greatest number of potentially interfering installations in and around TDWR frequencies, it is not the only one. Quite a few transceiver systems are available in this band with SDR radio* capabilities, allowing the user to programatically select whatever frequency they want. No license required.

    *An example of RAS Syndrome.

    1. Tridac

      Re: Licensed?

      Would upvote 10 for that if I could. Didn't think to look to see if it was in an ism band. How stupid could they get and just goes to prove that you really can't get the staff these days :-)...

    2. tom dial Silver badge

      Re: Licensed?

      And yet according to the ARRL, (licensed) amateur operation is allowed in the bands 2300-2310, 2390-2450, and 5650-5925 MHz. The upper two include the 2.4 and 5.8 GHz segments used for WiFi, and it seem possible that software (or for those who prefer, firmware) modification might allow WiFi radios to be operated (outside their usual design limits) in all three. Perhaps someone more knowledgeable than I will comment as to the possibility and appropriateness of such operation.

  9. sisk

    Absolutely ludicrous. What's to keep me from cobbling together a crystal transmitter device that broadcasts on whatever frequency I want it to? That's not exactly difficult. In fact if I remember correctly it was a mainstay of the electronics project kits I had when I was in middle school. I'd even go so far as to say it's easier that getting an unsigned firmware into a router unless you've got instructions for cracking it from someone who's already figured it out. If I REALLY wanted to go off spectrum that's what I'd do. That being the case what's the point of crippling consumer grade routers and access points even more than they already are?

    1. Paul Hovnanian Silver badge

      "Absolutely ludicrous. What's to keep me from cobbling together a crystal transmitter device that broadcasts on whatever frequency I want it to?"

      On licensed bands, the FCC vans. They'll hunt you down and issue a citation.

      But they did create these ISM bands with exactly people like you in mind. Within limits (out-of-band radiation, etc.) you are free to do what you want. Induction heating, ground penetrating radar, RC toy control, etc. Its all good. I suspect that the initial R&D on weather radar used an ISM band for exactly this reason (the S in ISM). And that's OK, right up to the point where you want to put the radar into 'production' use. Then, it would have been better to assign a nearby licensed frequency for its operation. Where the FCC has the authority to slap down violators and hasn't already let a few million non licensed devices out onto the market.

      Within licensed bands, the FCC has the names and addreses of all the users. And they can reassign frequencies without much problem. But once they let a block go as ISM, it's really difficult to pull it back. There are tub skids of 5 GHz WiFi hubs lacking firmware lockdown available at the local PC recycler. Enough to keep the firmware hackers supplied for years.

  10. PghMike

    Bozos at the FCC know that these are just one form of computer, right?

    I hope those bozos at the FCC figure out that routers are just low power computers. If someone really wants to violate the FCC regulations, they can just buy at small PC, Raspberry Pi, a dumb storage appliance, or pretty much anything, and drop their own kernel on it. All they're doing with these regulations is making life harder for people just trying to get some decent router software.

    The FCC should concentrate on people who actually violate their regulations, not worry about "pre-crime."

  11. Henry Wertz 1 Gold badge

    DFS and radar

    "That is a lot of FUD for devices whose 5hz signals can often be measured in meters."

    It's not FUD, there's some shots online of 5ghz wifi interfering with weather radars. It can be received meters away using a tiny wifi-sized antenna... but weather radar uses a much larger antenna to try to detect reflections from up to 200 miles or so away.

    "Debian Linux, as an example, defaulted to a minimal wireless config where the wireless was limited very limited channel wise until I specified my actual region. After I set my region, it opened the channels allowed by my country. To change that, would require me to actually go and edit the kernel source."

    (Or change the regulatory region.) But still, point made, the aftermarket firmware can follow regulatory limits.

    I actually know where the FCC is coming from here. Their response is 100% wrong, but the problem is there?

    I have a Cisco E4200 with DD-WRT on it (among some other access points, but his is the only one with 5ghz support.) I set the regulatory domain to US and it removes channels 12, 13, and 14 on 2.4ghz. On 5ghz? If I take the channel off "auto" it lists like 20 or so channels, but about 12 of those are supposed to require DFS. The GUI gives no indication those channels are any different from the other channels.

    My proposal to the FCC is

    1) Scrap the signed firmware thing. It's a waste of time, the firmware signature system will be cracked anyway and it'l then be just as easy to put my own firmware on as it is now.

    2) I assume most people are not intentionally breaking FCC regs, but the current GUI just gives no information whatsoever to determine if a setup follows FCC rules or not (it uses the installed regulatory DB to remove totally prohibited channels but doesn't seem to use the DFS, TPC, etc. info at all). If the DD-WRT so much as put a asterisk ("*") next to DFS channels, and a short explanation of what the asterisk means (in short, pick a different channel or use "auto"), most people would choose non-asterisk channels. If the user chooses a DFS channel anyway it can either give a firm warning or refuse to set to that channel. They can't "force" DD-WRT to do this (since they are based in Germany) but it's such an easy change I seriously doubt there'd be resistance.

    1. Gerhard Mack

      Re: DFS and radar

      If DD-WRT is not doing the correct thing here, feel free to open a bug with them about it although would be curious is if the hardware is capeable of DFS but if it's not, it's probably better to disallow the channels completely. I imagine the problem is also in the other direction. If you are using these bands around a radar system, I'm guessing the frequency will be close to unusable for data transfers.

  12. Boris the Cockroach Silver badge

    Why dont

    they mandate that all wi-fi routers have physically set frequencies to use (as defined by the transmitter hardware) and that you cant change the frequencies unless you open said routers, remove the chips and timing circuits and then put new ones in.

    Or am I being naive?

    1. Gerhard Mack

      Re: Why dont

      Because the regulations vary by region and:

      1 It's expensive to make different hardware per region..

      2 For things like laptops or portable hotspots, you have the problem of people traveling from region to region with their devices so there should be an easy way to make the per region change as you travel.

      1. Anonymous Coward
        Anonymous Coward

        Re: Why dont

        Plus it'll eventually become cheaper to use software-defined radio setups. With the caveat being that, being software-defined, you can reprogram them with much more latitude. It would probably be adopted in laptops and other designed-to-be-portable gear first, given they can readily be moved from region to region.

  13. Dillon Pyron

    Build a "tiny network"

    Build your own network with your own "world". Now when the router boots and asks "who am I?" this tiny network gives it an IP, a name server, etc. This tiny network supplies all of that and isn't connected to the "real world". When the router asks "I need to find d-Link" (or whoever) your network says "why that's me!". Then the router says "is there an update?", you say "why yes there is, and this is it". Pump in your software. Now you can tear down your tiny network and connect to the "real world" running your own software.

    "Ta da"! (please use Minion when reading this to yourself and please don't read this line aloud. Damn, the warning is too late!)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like