Bootleg WIFI routers, courtesy of Nanny State
Truly, the world's major problems are being solved.
The Internet Architecture Board (IAB) has gently suggested to the United States' Federal Communications Commission (FCC) that locking WiFi kit to manufacturers' firmware forever might not be a good idea. The IAB's submission to the FCC, made last week, is in response to the FCC suggesting a crack-down on open-source firmware …
That given the RF terrorgasm they're putting about and the long-since availability of mods for existing routers, that they'd have some fecking statistics to back up this FUD by now, wouldn't you.
That they've produced no 'unauthorised spectrum wibbly wobbly interference' figures to accompany their blatherings kinda suggests it's not happening or not happening on any scale that's even worth investigating.
I still want to know how large that book that's thrown at those of us that can do will see. Small, cost of being a hobbyist of any type these days. Some politician, activist, or bureaucrat is always pissed off about something "we" do. Heavy enough, well hell, violations might as well get enbiggened to the whole enchilada!
"because a manufacturer ceasing operation would otherwise leave all hardware orphaned from update, which itself poses significant potential security risks."
What about manufacturers declaring EOL on one year old kit and leaving it with unpatched security holes?
"is particularly concerned that a ban on non-vendor firmware will leave stranded users with orphan devices that no longer get manufacturer support."
There are billions of devices in the wild which no longer have vendor support. Apple's recent iOS9 left older models out of support, and Android in its various guises could be viewed as worse given there are many smaller vendors who customise the OS with their own mods and orphan models more regularly.
Or are the FCC going to force all vendors of radio equipment to support for life?
Why the hate, Velv?
As you state yourself, hardware obsolescence is bad. Nobody is asking the FCC to fix it all, just not to close the door to one of the few options we (the community) still have left. Any effort improve security, reduce landfill and extend the useful life of embedded hardware can only be a good thing. Sure it's a small share of the market but it all helps.
Not to mention that many SOHO routers I've worked with don't even work properly as shipped. OpenWRT provides no end of improvement to such devices. I'm sure I'm not alone in wanting to keep that avenue open for as long as possible
Ah, so my "hate" may not come over as intended. I love openWRT and similar, and my "hate" is directed at the FCC who seem intent on solving a problem that does not exist, namely a tiny tiny tiny number of devices that may in extreme circumstances end up "off band" in a very short range communication.
Keeping stuff out of landfill is great. Something is only obsolete when it no longer does the job required. Keep using it until that point.
However, mandating vendor only firmware does restrict the potential for NSA blocking open source option...
The FCC is suffering from the usual legislators' blindness. There's a problem with bad people doing something they shouldn't, because it's not illegal. Make it illegal, and they'll stop. NOT!
GET A CLUE!
All you'll do is stop everyone else from being able to move the world forwards by playful experimentation and small business formation. Which hands the bad guys a perpetual monopoly on whatever illegality you created, because the technology will cease to evolve. Eventually, it's your state that will collapse under the weight of its own mal-regulation and competition from less-regulated jurisdictions.
The history of China is a superb example. They almost had a global empire and an industrial revolution. In the 15th century. Then the Emperor felt insecure, burned all the ocean-going ships and banned their construction, banned just about everything less than two centuries old.
It took the West about 400 years to catch up and then overtake the now stagnant China.
They could of course open up more channels for the ISM bands, which are the most efficiently used frequencies, that way we wouldn't need to try and find space elsewhere. As usual, this is all about getting as much money as they can, limiting ordinary people to the advantage of companies.
You OBVIOUSLY do not understand the problem!
What the FCC wants to insure is that equipment meant ro operate in the unlicensed 2.4 GHz ISM band does not stray OUT of that band, or is modded to operate with a power level inconsistent with the designated use of that band.
Can you imagine the problems created if someone figured out a way to crank up the TX power of a WiFi router to crank out 10x or even 20x the allowed power output. These devices are designed for a range of less than a 100 meters, imagine the problems if that range can be extended to 1000 meters by a simple SOFTWARE tweak? Every worthless sob would be tweaking their kit to get the max range, and suddenly the number of competing networks at a single location would climb, which would cause serious interference problems.
Also consider that the allowed ISM frequencies in US kit may not allow some frequencies allowed elsewhere, and software limits those frequencies in use. If a simple SOFTWARE mod would open up those frequencies not allowed in the US to be used, then the users of adjacent spectrum face potential interference.
I have no objection to allowing access to improve the overall functionality of WiFi kit, but you must not be able to fuck with the RF portion of the kit.
"You OBVIOUSLY do not understand the problem!"
Well it's a good thing then we have someone like you who does. Except of course that what they are actually trying to protect is that portion of the 5Ghz band (if your router only does 2.4GHz stuff, the FCC's new stuff doesn't even care about you) that some... ugh... bright spark both left open for unlicensed use and also employed as a weather radar band. Routers using that band are supposed to continuously listen for radar chirps and if they receive any they must back off and stay the fuck off that channel; existing routers in that band already contain code that takes care of this. Apparently, some alternative stuff makes it possible to hose that functionality and apparently some clueless people managed to turn it off resulting in nicely "shadowed-in" sectors like this - that's what they're so pissed about.
The limiting factor is the device on the other end, which is typically a phone or laptop. Unless you have a router to router link, cranking up the power on one side to solve issues with a poor connection is like trying to have a conversation in a loud room. If one person shouts and the other continues to talk normally, the conversation doesn't work any better because the shouter still can't hear the person talking normally.
I absolutely DO understand the problem. Example, 802.11b has 12 available channels, but only 11 can be used in the US. The radios in even the earliest equipment supported the 12th channel and it was turned off in the config. Changing the config could potentially turn on a frequency that is illegal in the jurisdiction where the equipment is operating. Of course, you could also import equipment configured for another jurisdiction and have the same problem. I installed my first WiFi network to replace some 900Mhz industrial equipment 17 years ago. Going back further, ham equipment is infinitely adjustable and can be operated illegally. Yet rather than locking down the hardware they actually lessened regulations by implementing the no-code test for amateur radio licenses. The Citizen Band craze of the 70s brought lots of illegal amplifiers. It was common for truck drivers to boost their signal to get more range. Yes, if caught you could be fined and get your equipment confiscated, but unless you were really abusing it (and mostly stationary) you weren't a big enough concern for the FCC to bother. Mostly those blasting out so much power that they were bleeding in on TV broadcasts. And yet the world hasn't come to an end.
My point was that the FCC commissioner this week stated that he didn't think it was their place to regulate LTE-U because it is in an unlicensed band and that the stakeholders (carriers and WiFi) should work out the details since the standards for using the bands are in place. This is a complete contradiction to wanting to lock down WiFi hardware that would be operating in the same unregulated band.
BTW, locking down the hardware won't even solve the problem of illegal transmissions. You can add external amplifiers. And just changing the type of antenna alters the transmission pattern, possibly making you illegal. Omni vs sectors vs yagis, etc.
You're pretty ignorant about what the IAB's job is. And as a matter of fact (if you actually care about facts) the IAB has been worrying about the security of Internet protocols since at least 1994 (https://tools.ietf.org/html/rfc1636). If you want to rant, please pick the actual culprits - vendors who took short cuts in product development.
I just posted my proposed solution to the FCC (along with commenting that DRM -- Digital Rights Restrictions -- do not work, and attempting to require vendors to lock down firmware on all new APs will just cuase a time-wasting "arms race" between vendors and end users.) This isn't an exact quote of it but is essentially what I sent them.
In short, the problem -- I have a Cisco E4200 with DD-WRT. It allows to set regulatory domain to "US", and this removes 2.4ghz channels 12, 13, and 14, but the rest of the regulatory info is apparently not used.. But, in 5ghz, I can set the channel away from "auto" and it shows like 20 channels... but about 12 of those are supposed to require DFS (dynamic frequency selection, i.e. they should require channel to be on auto.)
Solution -- most people are not intentionally using improper channels, they are using improper channels because the GUI gives NO indication that a bunch of those 5ghz channels are not free for any and all usage. Make it so the GUI shows an asterisk ("*") or something next to DFS channels. If the user selects a DFS channel anyway, the firmware can either give them a stern warning or refuse to set that channel. The FCC can't put much pressure on DD-WRT to do this (since they are based in Germany) but I can't imagine DD-WRT or Tomato makers not being willing to take a relatively easy step like this.
Biting the hand that feeds IT © 1998–2019