Re: [Cerowrt-devel] [bufferbloat-fcc-discuss] arstechnica confirms tp-link router lockdown

[David Lang <david@lang.hm>]

On Sun, 13 Mar 2016, Brandon Butterworth wrote:

> On Sat, 13 Mar 2016, David lang wrote:
>> I would do us no good to create a fully open chip if the FCC mandates
>> that the firmware must be locked down.
>
> Which firmware must be locked down? I was under the impression that is
> just retail end user devices, is the suggestion that chip manufacturers
> will not be allowed to sell parts to people who might make a non locked
> down device? Does that include if they don't supply firmware and the
> user writes their own/reverse engineers others? Sounds like a road to
> future regulating all rf hardware sale (stop people selling rp
> connectors as it's letting them circumvent the antenna limitations they
> were designed to impose?)
>
> Given the interference that caused this is a few incidents a year
> compared to the millions of units sold and that those cases were
> either bad users or caused by faulty devices it seems that the
> lock down would have to be total to prevent future incidents. Quite
> impractical.

the original proposed ruling specifically asked for ways to block loading DD-WRT 
on devices.

If the FCC requires a lockdown like this, then it becomes something they test 
during the certification process, so unless you buy the chips and build 
something yourself that is not certified, you can't user it.

That would mean that even if we were to build a free component, we would never 
see it in any devices that aren't locked down.

>> Would I like someone to do this, Sure. I'll contribute towards a
>> kickstarter, even if it's $100 for a mini-pci card that is the
>> equivalent of what we can get today for $30, but it would take
>> tens of thousands of people doing that to fund the project, and
>> I have serious doubts if you can get that much funding for
>> something with such a long lead time.
>
> It think it would be cheaper and quicker to reverse engineer drivers
> for others hardware. Even if the cost could be covered to build it'd
> lag commercial products by years making it a difficult sell, and likely
> subjected to IPR claims from current manufacturers

the issue isn't the drivers, it's in the firmware running on the radio chip. 
That does a lot of stuff (implements the entire 801.11 protocol)

>> If someone does the research and puts together a FPGA version
>
> That could be an interesting project. It may not help but we have
> an FPGA MIMO implementation we may be able to release to such a
> project (it may be unsuitable though, we've been making radio cameras
> https://www.google.co.uk/?gws_rd=ssl#q=bbc+r%26d+mimo
> https://www.google.co.uk/?gws_rd=ssl#q=bbc+r%26d+halfrf )
>
>> and is looking for funding to convert it to a ASIC, I think you
>> could get funding. But that's not the question in front of us now.
>
> Yes, and if the lock down expands to chips too would have
> the same problem

As I understand it, every 802.11ac chipset is using closed-source firmware. The 
proposal was to solve this by createing a new chipset with open firmware. That 
isn't going to be useful if it's only a FPGA implementation that is priced out 
of range for commercial products, so whatever is built to be a replacement 
chipset would have to be reduced to ASIC or it won't be cheap enough to be used.

David Lang