FCC reported to be trying to prevent 3rd party WiFi device firmware upgrades
Martin
dcmk1mr2 at gmail.com
Thu Sep 3 11:25:45 CDT 2015
This extends beyond WiFi routers - it's anything with a Part 15
Certification. Phones with WiFi, IOT, ...
The FCC seems to be suggesting that manufacturers use a bootloader that
looks for signed binaries.
The comment deadline has been extended to Oct 9.
https://www.federalregister.gov/articles/2015/09/01/2015-21634/extension-of-time-for-comments-on-equipment-authorization
Martin W6MRR
On Thu, Sep 3, 2015 at 8:18 AM, Artie Lekstutis <Artie at lekstutis.com> wrote:
> Has anyone else heard of this? Is this accurate? Bad news if it is. This
> would probably exclude the use of Broadband-Hamnet (and DD-WRT).
>
> This is the Hackaday article that first brought my attention to this.
> Their stuff can be a bit fringe, especially their opinions, but is usually
> somewhat accurate:
> http://hackaday.com/2015/09/02/save-wifi-act-now-to-save-wifi-from-the-fcc/
>
> Here’s a direct link to the FCC website that specifically identifies
> DD-WRT as an example of needing to be excluded from all firmware updates
> for future regulatory compliance:
>
> https://apps.fcc.gov/kdb/GetAttachment.html?id=1UiSJRK869RsyQddPi5hpw%3D%3D&desc=594280%20D02%20U-NII%20Device%20Security%20v01r02&tracking_number=39498
>
> Except that it is conveniently unavailable now until the end of the
> comment period while “the FCC IT Team will be working to upgrade and
> modernize the FCC’s legacy infrastructure”. I was able to read it
> yesterday. Luckily I have a cached copy. I'm reluctant to distribute it
> even though it's an FCC document that was published publicly. If you can
> find a copy, see “II. SOFTWARE SECURITY DESCRIPTION GUIDE: Third-Party
> Access Control: 2”.
>
> If what they are saying is true- this will exclude many very useful
> projects from being flashed on future commercial hardware of any type. This
> would include DD-WRT, OpenWrt, SECN, Broadband-Hamnet, HSMM-MESH, etc…
>
> This in fact degrades security as it means you are now entirely dependent
> on the WiFi device manufacturer patching vulnerabilities, which they often
> don’t do or do very slowly, especially on older hardware. Options like
> DD-WRT usually address such vulnerabilities very quickly, if they ever had
> them in the first place.
>
> I haven’t made a public comment yet. Still trying to understand the
> details.
>
> https://www.federalregister.gov/articles/2015/08/06/2015-18402/equipment-authorization-and-electronic-labeling-for-wireless-devices
>
> Thanks,
> Artie Lekstutis
> KC2MFS
> 73
> _______________________________________________
> Tacos mailing list
> Tacos at amrad.org
> https://lists.amrad.org/mailman/listinfo/tacos
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amrad.org/pipermail/tacos/attachments/20150903/c9c0a7e4/attachment.html>
More information about the Tacos
mailing list