On Tue, Jul 28, 2015 at 1:25 PM, Marc Juul <juul(a)labitat.dk> wrote:
On Sat, Jul 25, 2015 at 5:18 PM, Mitar <mitar(a)tnode.com> wrote:
Hi!
From Battlemesh V8 agenda (
http://battlemesh.org/BattleMeshV8/Agenda):
The new FCC rules are in effect in the United States from June 2nd 2015
[1] for WiFi devices such as Access Points. They require to have the
firmware locked down so End-Users can't operate with non-compliant
parameters (channels/frequencies, transmit power, DFS, ...). In
response, WiFi access point vendors start to lock down firmwares to
prevent custom firmwares (such as OpenWRT) to be installed, using code
signing, etc. Since the same type of devices are often sold world wide,
this change does not only affect routers in the US, but also Europe, and
this will also effect wireless communities.
We would like to discuss:
* What are your experiences with recently certified WiFi Hardware
* How can we still keep OpenWRT on these devices
* What can we suggest to Hardware vendors so that they keep their
firmware open for community projects while still compliant with the FCC?
Fucking hell. I just sent emails to TP-Link and Ubiquiti stating that we
rely on this for our organization and asking what they're planning to do.
Ubiquiti already locked down channel selection and made separate EU/US
models so it's not unthinkable that they'll actually do the right thing.
TP-Link also already has Chinese and US/EU versions of some routers. Maybe
we can get the EFF to help launch a campaign for device freedom to make the
manufacturers aware that this is important?
Hopefully we can scale quickly enough using current-generation gear that
we'll be able to have our own routers FCC certified and mass produced
before it becomes an issue. If need be we can create a meta-organization
for all the world's mesh groups to make a few types of routers that we need.
Maybe we can convince the router manufacturers to interpret the FCC
regulations such that opening the case on a router and soldering a
connection is required to flash the router. That would be super easy for
them to implement and very convenient for us. If we got EFF lawyers to
interpret the new FCC regulations and issue a statement that they believe
this is legal (they did something similar for their open wireless movement)
then we could take that statement to all the relevant folks.
Ok I just actually read it. Quote:
"An applicant must describe the overall security measures and systems that
ensure that:
1. only properly authenticated software is loaded and operating the
device; and
2. the device is not easily modified to operate with RF parameters
outside of the authorization."
Here it is:
https://apps.fcc.gov/kdb/GetAttachment.html?id=1UiSJRK869RsyQddPi5hpw%3D%3D…
It is specifically an anti-openwrt measure (well, they list dd-wrt).
So... yeah that's insanely broad and it looks like we're fucked.
--
marc/juul