Stories
Slash Boxes
Comments

SoylentNews is people

FCC Orders TP-Link to Allow Third-Party Firmware on Their Routers

posted by n1 on Thursday August 04 2016, @03:26AM   Printer-friendly
from the open-carefully dept.

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

The Federal Communications Commission's Enforcement Bureau has reached a $200,000 settlement with TP-Link in regards to selling in the US routers that could operate at output levels higher that allowed by FCC rules.

At the same time, TP-Link has also agreed to work with the open-source community and Wi-Fi chipset manufacturers to enable consumers to install third-party firmware on their Wi-Fi routers.

Source: Help Net Security

Original Submission

 
This discussion has been archived. No new comments can be posted.
FCC Orders TP-Link to Allow Third-Party Firmware on Their Routers | Log In/Create an Account | Top | 16 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Informative) by Anonymous Coward on Thursday August 04 2016, @11:07AM

    by Anonymous Coward on Thursday August 04 2016, @11:07AM (#384009)

    The solution is to allow 3rd party software, but have the protected radio firmware refuse to go outside of FCC regulations.

    While a "proper" solution, the problem with this one is economic (specifically the "economies of scale"). The problem begins with the fact that there is not one single world-wide standard for power, frequency, and channel allocations.

    Which means the chipset makers can:

    1) make different chipset hardware, one each, for each different standard the world over (increasing prices on each version, because now each one is much a much lower volume production product;

    2) make one single chipset that is software configurable to operate in each of the multitude of different world-wide standards. This option is what captures the economies of scale, one single software configurable chipset, is going to be by far less expensive to manufacture longer term than 100 different standard specific chipsets.

    So the chipset makers are never likely to want to go to the "one per standard method".

    Now, the same method applies to the router makers (e.g. TP-Link and others).

    They can make one box, that depending upon what factory firmware they load, will operate in one of the 100 world standards, which means they also get economies of scale (make one generic piece of hardware, configure it by what software is shoved onto it at the end of the line).

    Or they can make plural boxes, each with a different chipset hardware in it (thereby driving up their costs because they now have smaller runs of 'niche' products instead of a single large run of "all the same generic box".

    So the economic incentive is pushing very hard towards the single wifi chipset, software configurable, and single route box platform, also software configurable, to keep the costs low. But that then violates the FCC rules because someone can, by loading different software, gain the ability to fiddle with the software configurability of the wifi chipset.

    The only middle ground they have, and which they likely don't want to go because it means re-engineering their hardware, is to isolate the chipset from the main router CPU such that the main router CPU can't reconfigure it. But then they have to add the circuitry to actually configure the chipset (because the main CPU can't configure it anymore) which again drives their BOM cost up somewhat.

    Which leaves open source in a no win situation. The economic incentives are "full-configurability" because that makes the most generic hardware. But that hardware is "against the FCC rules" so it has to be locked out from open source firmware, lest someone have the ability to violate the rules.

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Total Score:   1  

  • (Score: 2) by sjames on Thursday August 04 2016, @07:49PM

    by sjames (2882) on Thursday August 04 2016, @07:49PM (#384189) Journal

    I am suggesting option 2 (the one that captures economy of scale). The modern chipset for WiFi includes a microcontroller running a signed binary blob. Each regulatory domain gets it's own version of that blob. So in the U.S., the (possibly 3rd party) OS loads the signed blob into the radio chipset. The chipset checks the signature and if it is correct, in initializes and sets an appropriate status code.

    In another domain, a different blob is loaded.

    Worst case if some regulator has a stick up it's backside, a few jumpers get strapped on the board to tell the chipset which signed blobs are acceptable.

    In cases where the radio chipset is part of the CPU, the CPU itself likely has a protected domain that the OS can't get at. I know ARM supports that as does x86. I think MIPS does too. Many flash chips are also segmented and have blowable fuses to prevent a portion of them from being re-written. So, bootloader gets it's own segment and OTP fuse gets blown. Main OS gets another segment that remains re-writable. Bootloader establishes the trust zone that controls the hardware, then loads the OS (whatever is flashed into the OS portion of the flash). As a side benefit, the bootloader can have a protected re-flash/diagnostics function that can't be erased, making bricking practically impossible short of a soldering iron.