[NNagain] Internet Education for Non-technorati?

David Lang david at lang.hm
Wed Oct 11 18:58:49 EDT 2023 

On Wed, 11 Oct 2023, rjmcmahon wrote:

> I don't know the numbers but a guess is that a majority of SoCs with WiFi 
> radios aren't based on openwrt.

>From what I've seen, the majority of APs out there are based on OpenWRT or one 
of the competing open projects, very few roll their own OS from scratch

> I think many on this list use openwrt but 
> that may not be representative of the actuals. Also, the trend is less sw in 
> a CPU forwarding plane and more hw, one day, linux at the CPEs may not be 
> needed at all (if we get to remote radio heads - though this is highly 
> speculative.)

that is countered by the trend to do more (fancier GUI, media center, etc) The 
vendors all want to differentiate themselves, that's hard to do if it's baked 
into the chips

> From my experience, sw is defined by the number & frequency of commits, and 
> of timeliness to issues more than a version number or compile date. So the 
> size and quality of the software staff can be informative.
>
> I'm more interested in mfg node process then the mfg location & date as the 
> node process gives an idea if the design is keeping up or not. Chips designed 
> in 2012 are woefully behind and consume too much energy and generate too much 
> heat. I think Intel provides this information on all its chips as an example.

I'm far less concerned about the chips than the software. Security holes are far 
more likely in the software than the chips. The chips may limit the max 
performance of the devices, but the focus of this is on the security, not the 
throughput or the power efficiency (I don't mind that extra info, but what makes 
some device unsafe to use isn't the age of the chips, but the age of the 
software)

David Lang

> Bob
>> On Wed, 11 Oct 2023, David Bray, PhD via Nnagain wrote:
>> 
>>> There's also the concern about how do startups roll-out such a label for
>>> their tech in the early iteration phase? How do they afford to do the 
>>> extra
>>> work for the label vs. a big company (does this become a regulatory moat?)
>>> 
>>> And let's say we have these labels. Will only consumers with the money to
>>> purchase the more expensive equipment that has more privacy and security
>>> features buy that one - leaving those who cannot afford privacy and
>>> security bad alternatives?
>> 
>> As far as security goes, I would argue that the easy answer is to ship
>> a current version of openwrt instead of a forked, ancient version, and
>> get their changes submitted upstream (or at least maintained against
>> upstream). It's a different paradigm than they are used to, and right
>> now the suppliers tend to also work with ancient versions of openwrt,
>> but in all the companies that I have worked at, it's proven to be less
>> ongoing work (and far less risk) to keep up with current versions than
>> it is to stick with old versions and then do periodic 'big jump'
>> upgrades.
>> 
>> it's like car maintinance, it seems easier to ignore your tires,
>> brakes, and oil changes, but the minimal cost of maintaining those
>> systems pays off in a big way over time
>> 
>> David Lang
>> _______________________________________________
>> Nnagain mailing list
>> Nnagain at lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/nnagain
>> 
>> _______________________________________________
>> Nnagain mailing list
>> Nnagain at lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/nnagain
>

More information about the Nnagain mailing list