tp-link – Techdirt (original) (raw)

from the freedom-to-tinker dept

Last year, we noted how the FCC updated its rules governing routers in the 5 GHz band over safety concerns, stating that some illegally modified router radios operating in the unlicensed bands were interfering with terminal doppler weather radar (TDWR) at airports. The rule changes prohibited tinkering with just the RF capabilities of the devices. But engineers, the EFF, hobbyists and custom-firmware developers feared that because many routers have systems-on-a-chip (SOC) where the radio isn’t fully distinguishable from other hardware — vendors would take the lazy route and block third-party firmware entirely.

That only partially happened.

While the FCC told us explicitly that locking down third-party firmware was not its intent, router manufacturers like TP-Link did indeed take the lazy route — locking down its routers to prevent third-party firmware installs, then blaming the FCC for it. Fortunately other router manufacturers like Belkin/Linksys took the opposite tack, going so far as to use the new rules as a marketing opportunity, highlighting how they’d continue to support tinkerers (at least in regards to its WRT line of routers). Companies like Asus also stated they’d continue supporting the tinkering community.

Fast forward to this week, when the FCC took some interesting steps to try and force TP-Link’s hand on the subject. The regulator announced that it had reached a $200,000 settlement with TP-Link (pdf) for marketing routers to consumers that operated outside of FCC parameters. The FCC’s full consent decree (pdf) offers a bit more detail, noting that TP-Link effectively let some router models be modified to operate outside of accepted U.S. parameters via a toggle setting that let users pretend they lived in other countries, opening the door to potential interference.

Note that this settlement involved routers in the 2.4 GHz band, while the rule changes above governed the 5 GHz band. But in an interesting wrinkle, the FCC used the settlement to push TP-Link back toward supporting open source third-party firmware for 5 GHz devices:

“TP-Link has also agreed to take steps to support innovation in third-party router firmware by committing to investigate security solutions for certain 5 GHz band routers that would permit the use of third-party firmware while meeting the Commission?s security requirements and maintaining the integrity of critical radio parameters.”

The FCC stated the move was an attempt to balance RF safety and interference policy while supporting the freedom to tinker:

“The Commission?s equipment rules strike a careful balance of spurring innovation while protecting against harmful interference,? said Travis LeBlanc, Chief of the Enforcement Bureau. ?While manufacturers of Wi-Fi routers must ensure reasonable safeguards to protect radio parameters, users are otherwise free to customize their routers and we support TP-Link?s commitment to work with the opensource community and Wi-Fi chipset manufacturers to enable third-party firmware on TP-Link routers.”

Note it’s not entirely clear just how hard the FCC will push to ensure TP-Link compliance, and what “steps” TP-Link has to take to return to supporting third-party open source firmware remains a little murky. It’s also likely that other router manufacturers will continue to take the lazy route and shut out tinkerers from installing third-party firmware. Still, it’s a solid signal from the FCC that it at least realizes the value in open source modifications (or the bad PR in hindering it), an increasingly rare position in an era where you often no longer actually own the hardware and devices you buy.

Filed Under: fcc, firmware, open source, routers, third party
Companies: tp-link

Despite New FCC Rules, Linksys, Asus Say They'll Still Support Third Party Router Firmware

from the apocalypse-averted dept

Mon, May 16th 2016 02:06pm - Karl Bode

The apocalypse for those who like to tinker with their router firmware may be postponed.

Last year we noted how the FCC updated router and RF device rules for safety reasons, stating that some illegally modified router radios operating in the unlicensed bands were interfering with terminal doppler weather radar (TDWR) at airports. The rule changes prohibited tinkering with the just the RF capabilities of devices. But some sloppy FCC language worried tinker advocates and custom-firmware developers, who feared that because many routers have systems-on-a-chip (SOC) where the radio isn’t fully distinguishable from other hardware — vendors would take the lazy route and block third-party firmware entirely.

And, at least with some companies, that’s exactly what happened. TP-Link for example stated that it would be preventing custom router firmware installations with gear built after June 2016, blaming the FCC for the decision while giving a half-assed statement about respecting the hobbyist community’s “creativity.” Again: the rules don’t mandate anything of the kind; TP-Link just decided to take the laziest, most economical route.

Fortunately, not all hardware vendors are following TP-Link’s lead. Linksys has announced that while it will lock down modifications on some router models, the company will continue to let enthusiasts tinker with its WRT lineup of hardware, which has been a hobbyist favorite for years. From its comments the company is well aware that while custom firmware flashers may comprise a minority of overall customers, they’re a vocal minority that companies really don’t want to piss off. As such, a company spokesman was quick to breathlessly praise third party custom firmware options:

“The real benefit of open source is not breaking the rules and doing something with malicious intent, the value of open source is being able to customize your router, to be able to do privacy browsing through Tor, being able to build an OpenVPN client, being able to strip down the firmware to do super lean, low-latency gaming,? La Duca said. ?It’s not about ?I’m going to go get OpenWrt to go and piss off the FCC.’ It’s about what you can do in expanding the capabilities of what we ship with.”

While it would be nice to see more models supported, it’s certainly a step in the right direction. It should be noted that (now Belkin-owned) Linksys said it wasn’t a very big deal to lock down the radio specifically, contrary to what some vendors have claimed:

“The hardware design of the WRT platform allows us to isolate the RF parameter data and secure it outside of the host firmware separately,” Linksys said in a written statement given to Ars. La Duca declined to get more specific about Linksys’s exact method. Even though this is about enabling open source, Linksys?s method is proprietary and provides a competitive advantage over other router makers that aren?t supporting open source, La Duca said.”

So while one vendor used the FCC rule change as an opportunity to be lazy and cheap, others are using the news as an opportunity to embrace an important part of their community. And from the looks of thinks Linksys won’t be alone in the effort; representatives from Asus have been telling some hardware enthusiasts that they plan to continue supporting third-party open source firmware as a point of pride as well:

“As you may know, FCC requires all manufactures to prevent users from changing RF parameters. Not only manufactures’ firmware but 3rd party firmware need to follow this instruction. Some manufactures’ strategy is blocking all 3rd party firmware, and ASUS’s idea is still following GNU, opening the source code, and welcome 3rd party firmware. ASUS are co-working with developers such as Merlin and DDWRT to make sure 3rd party firmware’s power are the same as ASUS firmware and obey the regulations.”

None of this is to say these companies can’t go back on their word down the line (concerned users should keep the pressure up), but it’s refreshing to see at least a few vendors actually standing behind their communities’ right to tinker.

Filed Under: fcc, firmware, open source, routers
Companies: asus, linksys, tp-link

Router Company Lazily Blocks Open Source Router Firmware, Still Pretends To Value 'Creativity'

from the unintended-consequences dept

Mon, Mar 28th 2016 02:04pm - Karl Bode

Last fall, you might recall that the hardware tinkering community (and people who just like to fully use the devices they pay for) was up in arms over an FCC plan to lock down third-party custom firmware. After tinkering enthusiasts claimed the FCC was intentionally planning to prevent them from installing third-party router options like DD-WRT and Open-WRT, we asked the FCC about the new rules and were told that because modified routers had been interfering with terrestrial doppler weather radar (TDWR) at airports, the FCC wanted to ensure that just the radio portion of the router couldn’t be modified.

The FCC stated at the time that locking down the full, broader use of open source router firmware entirely was absolutely not their intent:

“Our rules do permit radios to be approved as Software Defined Radios (SDRs) where the compliance is ensured based on having secure software which cannot be modified. The (FCC’s) position is that versions of this open source software can be used as long as they do not add the functionality to modify the underlying operating characteristics of the RF parameters. It depends on the manufacturer to provide us the information at the time of application on how such controls are implemented.

The FCC also updated the guidance in question (pdf) and penned a blog post that tried to explain all this. But while the FCC may not have intended to block third-party firmware, many worried that because many routers have “system on chip” — where the CPU and radio exist in a single package — router vendors would “solve” the problem by just taking the cheapest and easiest path and locking down firmware entirely. And that’s precisely what appears to be happening — at least with one router manufacturer.

Gearmaker TP-Link recently posted a notice to the company’s website announcing that as of June of this year, it would be locking down firmware installations on its routers entirely. In a statement, the company blames the FCC for the fact it’s taking the lazy route and annoying its more technically-proficient customers:

“The FCC requires all manufacturers to prevent user from having any direct ability to change RF parameters (frequency limits, output power, country codes, etc.) In order to keep our products compliant with these implemented regulations, TP-LINK is distributing devices that feature country-specific firmware. Devices sold in the United States will have firmware and wireless settings that ensure compliance with local laws and regulations related to transmission power.”

Again, TP-Link could work with the community and developers to ensure users can mod everything but radio parameters, but it’s being cheap and lazy. The company’s statement then adds insult to injury by pretending it still values the community’s “creativity”:

“As a result of these necessary changes, users are not able to flash the current generation of open-source, third-party firmware. We are excited to see the creative ways members of the open-source community update the new firmware to meet their needs. However, TP-LINK does not offer any guarantees or technical support for customers attempting to flash any third-party firmware to their devices.”

So, hey kids, we’re locking down your ability to be creative starting this June, but go be creative! In one blow, TP-Link is not only alienating a large number of potential customers, but making networks less secure (since custom firmware tends to be more secure and updated more religiously among the tinkering faithful).

I’ve reached out to the FCC for comment, but wasn’t able to glean any more detail from the agency beyond what has already been said. And while the TP-Link lockdown may have not been the FCC’s plan or its fault directly, it may very well be a very ugly, unintended consequence. It’s a shame that an agency that has been a bit more consumer friendly in terms of opening up other hardware and beefing up broadband competition didn’t spend more time thinking this through.

Fortunately, TP-Link isn’t exactly a brand favorite for most router buyers anyway, and the company’s language leaves some wiggle room to suggest that while “the current generation” of open-source third-party firmware won’t work on routers made after June 1, future versions of this same firmware may. TP-Link also appears to be the only vendor doing this (so far at least, please correct me in the comments if this has changed). With any luck, a few competing router vendors will see this as an opportunity to not be lazy and alienate customers — but to compete by providing gear that still respects a user’s freedom to tinker.

Filed Under: dd-wrt, fcc, firmware, open source, open-wrt, router
Companies: tp-link