
Imagination Solution to FCC Rules: Run OpenWrt and WiFi Driver in Separate VM's - zdw
http://www.cnx-software.com/2016/06/10/imagination-solution-to-fcc-rules-for-wifi-routers-run-openwrt-dd-wrt-and-the-wifi-driver-in-separate-virtual-machines/
======
davb
I understand why this solution has been proposed, but is there any chance of
convincing the FCC that the devices should be left "open" and that it is up to
end users/hackers to operate their device within the regulations set forth?

I mean, that's how it is with plenty of other devices and types of equipment
(cars aren't speed limited to 70mph - you're expected to operate your
equipment within the bounds of the law, regardless of capability).

I'm not in the US, but I can imagine global firmware versions being locked
down just to placate the FCC.

Or is it too late and do we have too little sway to convince them?

~~~
lfam
This is my take on the subject as a person who has worked professionally in FM
radio regulatory compliance in the USA.

The FCC's approach to regulation of the electromagnetic spectrum is that it is
a "common good", i.e. it is rivalrous but non-excludable. In their view,
nobody has a right to use the spectrum in the USA. They grant licenses to use
it, and they can tell you how to use the spectrum you are licensed to use.

Apparently, there were documented problems with WiFi radios being operated
outside of their licensed parameters and interfering with safety critical
airport radar systems.

It's probably too late to persuade them to change their minds. The public
response to this topic was voluminous. They received way more comments than
they usually do, but they still chose this approach.

If you care, you should choose to support hardware vendors that make the
effort to separate the WiFi radio from the main system, allowing you to
install your own firmware.

~~~
mkhpalm
Can you point me to the documented cases you are referring to?

~~~
lfam
I used a search engine and found this list of enforcement actions against
businesses:

[https://www.fcc.gov/general/u-nii-and-tdwr-interference-
enfo...](https://www.fcc.gov/general/u-nii-and-tdwr-interference-enforcement)

After reading a few of those reports, you should learn enough of the
terminology to effectively search further.

------
jMyles
I find the locking down of wireless access points to be one of the most
politically terrifying movements in play in the USA today.

Mesh networking is one of the most radical ideas to which I've ever been
exposed, and I think that the auspice of spectrum regulation will make a
convenient way to nip it in the bud if we don't act fast to develop and deploy
it.

~~~
MichaelGG
But that's not what is happening. Manufacturers are deciding to go this route
because it's cheaper/easier for them to do. Nothing stops them from limiting
the power of a radio while still letting you run your own software, or
providing mesh networking.

~~~
wtallis
Transmit power isn't really what's at issue; it's radar avoidance measures
like dynamic frequency selection that aren't implemented by the radio hardware
and thus have to be done by the host Linux system. Existing wifi hardware is
capable of limiting maximum transmit power for each channel, but unless router
manufacturers want to disable half of the 5GHz band, they need to do something
to ensure that the user can't turn off DFS. Existing chipsets don't allow for
appropriate separation of concerns: the host system is responsible for some RF
parameters like DFS, and the radio's baseband processor (running proprietary
signed firmware) is being used to do packet scheduling and retransmissions.

~~~
ryao
Could they just disable support for the U-NII-2 channels in the hardware?
Those are the ones that require DFS and I would find losing them to be
preferable to manufacturers trying to prevent people from using OSS.

~~~
ZenoArrow
What are U-NII-2 channels used for? I've not come across that term before.

As an alternative suggestion, couldn't the transmit power be capped in
hardware? I don't see why you'd need to have hardware that could exceed the
specified transmit limits, other than to save money for the manufacturers
(allowing them to tweak transmit power in software to meet the regulations in
different countries, assuming the maximum transmit power for wireless routers
varies from country to country).

As a side note, the L4Re hypervisor the article proposes using looks very
promising, first I've heard of it, was hoping someone would make a hypervisor
based on a provably secure kernel like L4 one day, seems like it already
exists.

[http://kernkonzept.com/l4re.html](http://kernkonzept.com/l4re.html)

~~~
ryao
[https://en.m.wikipedia.org/wiki/U-NII](https://en.m.wikipedia.org/wiki/U-NII)

------
feld
Will the locked down VM ever get updates? What happens when it's full of known
vulnerabilities and nobody can touch it?

~~~
mjevans
Given the cost of the devices; Probably not.

No end users will touch it, but any vulnerabilities present will be used if
present. In such a market I believe you'd actually spend your money on a high
quality non-wifi router that you can update on your own and dangle insecure
wifi access off of it, requiring VPN or other 'from the Internet' style for
entry to the 'secure' network.

------
delbel
Civil disobedience is a valid response. Don't give the FCC the power to do
this, by simply ignoring them. Giving in to a solution only validates their
overreaching powers to do this. Don't buy TP-LINK products simply buy products
that ignore the FCC.

~~~
qb45
Are there products on the US market that ignore the FCC?

Also, I heard that current TP-LINK are a piece of cake to jailbreak. Being a
cheap Chinese brand, they have little reason to go out of their way to
"secure" those devices any more than the FCC will care to specifically demand
under the threat of banning them from the US.

~~~
dogma1138
No it's illegal to import and sell them if they are regulated.

That said any 10$ SDR can be used to violate FCC regulations.

And if you know what you are doing a microwave can be turned into a decent
2.4ghz jammer.

:)

------
mtgx
Glad to see Imagination is finally putting OmniShield to good use.

[http://blog.imgtec.com/powervr/omnishield-multi-domain-
secur...](http://blog.imgtec.com/powervr/omnishield-multi-domain-security-
connected-devices)

------
db48x
That doesn't make it any easier to run free software on your router.

------
swiley
It's disappointing to see the distrust in Linux even after the developers bend
over backwards to keep people from using Wi-Fi devices wrong.

