Asus locking down routers to comply with new FCC rules

[KevTech]

No one will be locked into stock firmware if the router is in compliance. It's what's Asus is doing now in the US but didn't think much of a better solutions for others.

Bu if you have 3rd parties that do not live in the USA making firmware out of spec for the USA and people who live in the USA are installing said firmware...manufacturers may end up having to go completely closed source.

Openwrt, Tomatousb, DD-WRT, Merlin would no longer have a source for any future firmware builds which would put an end to anyone using non stock/3rd party firmware.

Unless they could figure out how to decrypt the firmware.

 

[Deleted member 22229]

Bu if you have 3rd parties that do not live in the USA making firmware out of spec for the USA and people who live in the USA are installing said firmware...manufacturers may end up having to go completely closed source.

Openwrt, Tomatousb, DD-WRT, Merlin would no longer have a source for any future firmware builds which would put an end to anyone using non stock/3rd party firmware.

Unless they could figure out how to decrypt the firmware.

This is true and it could be any routers sold in the USA will be locked closed source or no sell here in the states. Lets hope it dont come down to this. Just another reason internet sucks in the USA.

 

[bluepoint]

Bu if you have 3rd parties that do not live in the USA making firmware out of spec for the USA and people who live in the USA are installing said firmware...manufacturers may end up having to go completely closed source.

If Asus and others are locking the local codes, not only through the firmware but the bootloaders too, no third party will be able to create an out of spec versions.
They have two things to do.
a. lock the bootloader
b. correct all local country codes's

 

[sinshiva]

how do you lock the bootloader without also locking the firmware? how do you lock the firmware without killing support for 3rd party firmware?

[edit/] fixing country codes is obviously not a viable option since the bootloaders in the US have been US since before Netgear sued Asus. in Asus routers, at least.

 

[sfx2000]

Depends on how one reads the FCC rules...

The RF aspects can be dealt with by required signed code for the Wireless Chipset drivers without impacting other apsects of the software - e.g. the value added fixes/functionality improvements that rmerlin and others contribute for the common good.

Happens all the time in mobile phone space...

 

[sinshiva]

Depends on how one reads the FCC rules...

The RF aspects can be dealt with by required signed code for the Wireless Chipset drivers without impacting other apsects of the software - e.g. the value added fixes/functionality improvements that rmerlin and others contribute for the common good.

Happens all the time in mobile phone space...

so essentially they could provide wireless binaries that are region locked. then they'd have to maintain different firmwares for each driver. would they not still then have to lock the firmware to prevent people from compiling with a wireless driver of their choosing?

[edit1] pretty much from where i'm standing, the FCC requirements are impossible to fulfill. to me it comes down to them requiring entirely separate locked HARDWARE for the US while the rest of the world could use hardware unlocked and set their regions accordingly. Then a US citizen merely needs to import their router. As far as i can tell, the FCC doesn't know shirt about what they are talking about. [/edit1]

[edit2/]

Here in the US, i thought we charged he that pulled the trigger, not the maker. that's the way things worked before and if that's changed, then i want every weapons manufacturer eradicated from US soil.

 

[sfx2000]

It's actually pretty easy...

It's a simple #ifdef regulatoryDomain=US (or North America since CA and MX tend to follow US FCC rules for the most part)

And put the wireless driver/config signing key in the bootblock, along with the regulatoryDomain

easy, peasy, simple as pie...

This is a lot of fuss over something that is extremely simple to implement and still allow third-party improvements - OpenWRT might get a little bent perhaps, as with this approach, they'll never get chipset source code, but it is what it is...

sfx

 

[sfx2000]

so essentially they could provide wireless binaries that are region locked. then they'd have to maintain different firmwares for each driver. would they not still then have to lock the firmware to prevent people from compiling with a wireless driver of their choosing?

[edit1] pretty much from where i'm standing, the FCC requirements are impossible to fulfill. to me it comes down to them requiring entirely separate locked HARDWARE for the US while the rest of the world could use hardware unlocked and set their regions accordingly. Then a US citizen merely needs to import their router. As far as i can tell, the FCC doesn't know shirt about what they are talking about. [/edit1]

[edit2/]

Here in the US, i thought we charged he that pulled the trigger, not the maker. that's the way things worked before and if that's changed, then i want every weapons manufacturer eradicated from US soil.

Well... one doesn't need to lock the bootloader itself... see my post earlier about signed code for the wireless driver and config files - on boot up, it's two key encryption, using a robust method, and you're fine...

and the NA market (US/CA/MX) is large enough to do a dedicated SKU for that market... or as I suggested earlier, bootblock keys for the RegDomain..

Worst case that an imported device/emitter ends up jamming Doppler Radar resulting in property damage and personal casualties - you might get an FBI Tactical Response Team busting down your door, shooting your dog, terrorizing your kids, and you spend a couple of hours on the curb with a zip-tie around your wrists - but that's highly unlikely... most likely they'll find the device and confiscate it...

sfx

BTW - depends on how the weapon was discharged - could be the person pulling the trigger, could be the manf. if the weapon was safed and dropped resulting in injury or death...

 

[Deleted member 22229]

Well... one doesn't need to lock the bootloader itself... see my post earlier about signed code for the wireless driver and config files - on boot up, it's two key encryption, using a robust method, and you're fine...

and the NA market (US/CA/MX) is large enough to do a dedicated SKU for that market... or as I suggested earlier, bootblock keys for the RegDomain..

Worst case that an imported device/emitter ends up jamming Doppler Radar resulting in property damage and personal casualties - you might get an FBI Tactical Response Team busting down your door, shooting your dog, terrorizing your kids, and you spend a couple of hours on the curb with a zip-tie around your wrists - but that's highly unlikely... most likely they'll find the device and confiscate it...

sfx

BTW - depends on how the weapon was discharged - could be the person pulling the trigger, could be the manf. if the weapon was safed and dropped resulting in injury or death...

Is it really possible a home router with very low output could really jam a high powered radar ? Its not like the 5 Ghz band propagates like lower freqs do.

 

[sfx2000]

Is it really possible a home router with very low output could really jam a high powered radar ? Its not like the 5 Ghz band propagates like lower freqs do.

Doppler Radar works at much lower power levels - so an out of compliance transmitter will basically show up as a spoke on the trace... see below (cribbed from the Web

 

[Deleted member 22229]

Doppler Radar works at much lower power levels - so an out of compliance transmitter will basically show up as a spoke on the trace... see below (cribbed from the Web

I see. But home routers on 5 Ghz dont really travel far probably less then a 1/4 mile. I guess anything is possible. Thanks for the post.

 

[sinshiva]

Doppler Radar works at much lower power levels - so an out of compliance transmitter will basically show up as a spoke on the trace... see below (cribbed from the Web

never seen that before, very interesting. i guess at this point we can only wait and see how things go. i hope the manufacturers can figure out the least obstructive way to go about things, but this whole situation has left me awfully pessimistic. i know i'm being quick to lay blame, but it feels like the FCC is going about things in the same manner.

i guess with all i've seen groups of hobbyists accomplish, i feel like anything short of a hardware solution will be bypassed. this is in part why i feel like the multinational retailers need to be involved as much as the manufacturers themselves. or will the FCC decide that only in the case of imported products will the blame be passed to the person responsible rather than the manufacturers or retailers?

i'd rather see the FCC get tougher on the responsible parties. i've never used 2.4ghz channels beyond 11 nor intend to. of course, that doesn't change the fact that i feel the US is remiss in using technology that is susceptible to interference from home products while other nations don't seem to have any trouble at all.

 

[Deleted member 22229]

never seen that before, very interesting. i guess at this point we can only wait and see how things go. i hope the manufacturers can figure out the least obstructive way to go about things, but this whole situation has left me awfully pessimistic. i know i'm being quick to lay blame, but it feels like the FCC is going about things in the same manner.

i guess with all i've seen groups of hobbyists accomplish, i feel like anything short of a hardware solution will be bypassed. this is in part why i feel like the multinational retailers need to be involved as much as the manufacturers themselves. or will the FCC decide that only in the case of imported products will the blame be passed to the person responsible rather than the manufacturers or retailers?

i'd rather see the FCC get tougher on the responsible parties. i've never used 2.4ghz channels beyond 11 nor intend to. of course, that doesn't change the fact that i feel the US is remiss in using technology that is susceptible to interference from home products while other nations don't seem to have any trouble at all.

Totally agree the 2.4 Ghz band in the US sucks unless you live in the woods. I can count at any time day or night at least 30 other AP on 2.4 Ghz makes things hard to remain stable and 40 Mhz forget it.

 

[sfx2000]

We're getting a bit off track (good discussion though)

Anyways, it's not as bad as it seems - much depends on how the OEM's (incl. Asus) interpret the FCC rules...

What I've offered is one way to work around them - a solution seeking a problem, but dammit Jim, I'm an Engineer, not a Doctor...

sfx

 

[sinshiva]

We're getting a bit off track (good discussion though)

Anyways, it's not as bad as it seems - much depends on how the OEM's (incl. Asus) interpret the FCC rules...

What I've offered is one way to work around them - a solution seeking a problem, but dammit Jim, I'm an Engineer, not a Doctor...

sfx

ok riddle me this; i recall there being situations in which keys have been leaked. i've personally pulled cleartext passwords from memory. if these keys are stored on the device to decrypt whatever, what happens when the device is reverse engineered and techniques made public/automated? am i just wrong in assuming this could happen?

 

[sfx2000]

ok riddle me this; i recall there being situations in which keys have been leaked. i've personally pulled cleartext passwords from memory. if these keys are stored on the device to decrypt whatever, what happens when the device is reverse engineered and techniques made public/automated? am i just wrong in assuming this could happen?

I agree - it could happen - and then the OEM's if they want to sell HW in the US would lock things down even more - and that would be the end of the hobbyist scene... just because someone could, doesn't mean someone should...

Agree?

 

[sinshiva]

absolutely. unfortunately, i can only speak for myself :/

[edit/] which is why i keep circling back to the FCC nonsense

 

[philmiami]

I read thru this post
and all I see is people getting worked up over what always happens with the government
they want to keep everyone under their finger
5Ghz 'probably' interferes with the cell phone fake tower package.
You know, that thing that no one can talk about, where law enforcement can setup a mini tower and capture and decode ALL cell phone traffic.
I guess someone, somewhere jacked their 5Ghz output to like 3 watts and it screwed the cops/NSA. I honestly forgot the name for the device but anyway
There is always a angel on everything that has ever come out of Washington,D.C. since the 1920's.
Just my take on it.....

 

[sinshiva]

I read thru this post
and all I see is people getting worked up over what always happens with the government
they want to keep everyone under their finger
5Ghz 'probably' interferes with the cell phone fake tower package.
You know, that thing that no one can talk about, where law enforcement can setup a mini tower and capture and decode ALL cell phone traffic.
I guess someone, somewhere jacked their 5Ghz output to like 3 watts and it screwed the cops/NSA. I honestly forgot the name for the device but anyway
There is always a angel on everything that has ever come out of Washington,D.C. since the 1920's.
Just my take on it.....

stingray. it was big news for being used where i live. and where i was raised lol (leon county, fl and oakland county, mi, respectively)

 

[Deleted member 27741]

The point is that routers are being locked down and NOT correctly localised. So one cannot change to the correct locale. I just want to be able to use my router to UK regs as that is where I am. If it is locked to the UK - I would not care as I do not intend leaving in the foreseeable future. If you want to configure your locale, do not upgrade to Merlins 374.44 or the Asus equivalent.

DrTeeth, I think you are being short-sighted about this issue.

What we are discussing, or at least what I was getting at is that the US FCC has passed a law that regulates routers to the point where users cannot change their locale. Some reasons this is a problem-
1- The US dictates a policy that affects others.
2- Router companies to do not configure their localization settings (power, channels, etc) correctly for all areas.
3- The FCC has regulated third party support out of other electronics, and certainly has the power to COMPLETELY lock down routers. Party over. Or at least made much more difficult.
4- Sure your current router can be fit with an older version of rmerlin to get proper localization, but what about the next router you buy? It may not have the potential for third party software at all.

Will they do it? If they wish it, they will. The FCC has not listened to millions of US citizens asking for net neutrality, they will not listen to a couple nerds on a networking forum. So in that sense, we hold just as much sway with the FCC as millions of people- none. The FCC is beholden to big money in the US, as are most policy creating organizations.