I understand why this solution has been proposed, but is there any chance of convincing the FCC that the devices should be left "open" and that it is up to end users/hackers to operate their device within the regulations set forth?
I mean, that's how it is with plenty of other devices and types of equipment (cars aren't speed limited to 70mph - you're expected to operate your equipment within the bounds of the law, regardless of capability).
I'm not in the US, but I can imagine global firmware versions being locked down just to placate the FCC.
Or is it too late and do we have too little sway to convince them?
This is my take on the subject as a person who has worked professionally in FM radio regulatory compliance in the USA.
The FCC's approach to regulation of the electromagnetic spectrum is that it is a "common good", i.e. it is rivalrous but non-excludable. In their view, nobody has a right to use the spectrum in the USA. They grant licenses to use it, and they can tell you how to use the spectrum you are licensed to use.
Apparently, there were documented problems with WiFi radios being operated outside of their licensed parameters and interfering with safety critical airport radar systems.
It's probably too late to persuade them to change their minds. The public response to this topic was voluminous. They received way more comments than they usually do, but they still chose this approach.
If you care, you should choose to support hardware vendors that make the effort to separate the WiFi radio from the main system, allowing you to install your own firmware.
> Apparently, there were documented problems with WiFi radios being operated outside of their licensed parameters and interfering with safety critical airport radar systems.
I've never seen a report listing more than about 45 instances of WiFi interfering with TDWR, and that's counting repeat offenders. I also haven't seen a clear statement of how many of those instances resulted in impaired operation of the airport's systems, or how many of them could have been prevented with the FCCs preferred solution. Meanwhile, the FCC has shown considerable ignorance of and disregard for the consequences of imposing such strict regulations on WiFi.
It shouldn't have been hard for the FCC to make a clear and compelling case for this, with a similarly clear call to action for chipset vendors to produce products that could meet the need for secure regulatory enforcement while remaining open to all the tweaking that is outside the FCC's purview.
From my current understanding, that's not how other devices work.
If you go and buy a 30$ BaoFung and operate it on bands that the device is not certified to be used under ( CB/MURS/wakie talkie bands) then you can be fined for using it.
On the other hand, if you are a HAM then you have full access to do whatever you'd like in that regard. It doesn't even need to be for within your license class. So long as you are legally allowed to transmit on that band, you can do so as a HAM.
This was done because lots of us HAMs build our own equipment.
It is easy to see a speeding car, snag the license plate, and inform the police of flagrant violators.
Detecting and tracing wireless interference is much more difficult, requiring specialized equipment and a lot of FCC filings. All of the major carriers tend to bump shoulders in one market or another and the issue is often difficult to resolve due to the need for a lot of evidence.
So in short, it's harder to identify and confront violators. Like figuring out who peed in a crowded pool.
These regulations are intended to protect airport radars of a type that have a very narrow beam width, which ought to provide a reasonably accurate bearing along which to search for the offender. Offending transmissions can be further tracked using dirt cheap off the shelf WiFi equipment, especially the stuff that has a spectral scan mode: https://wireless.wiki.kernel.org/en/users/drivers/ath9k/spec...
If the offending transmissions are not intermittent (ie. an access point is operating normally, but with DFS off and a high transmit power for broadcasts), then it's probably feasible to pinpoint at least the correct building by searching on foot for a few hours.
True, but is misuse facilitated by modern firmware really that prevalent? Or is it just as likely that an enthusiast would violate the regulations by building non-compliant radio equipment from components?
The only way to really prevent misuse would be to regulate the supply of any electronic components that could be used to build non-compliant equipment.
A better solution would be to include warnings with all certified equipment that it must be operated in accordance with regulations, as we do now.
I think the threat is being overstated and the proposed solution too bluntly applied.
I find the locking down of wireless access points to be one of the most politically terrifying movements in play in the USA today.
Mesh networking is one of the most radical ideas to which I've ever been exposed, and I think that the auspice of spectrum regulation will make a convenient way to nip it in the bud if we don't act fast to develop and deploy it.
But that's not what is happening. Manufacturers are deciding to go this route because it's cheaper/easier for them to do. Nothing stops them from limiting the power of a radio while still letting you run your own software, or providing mesh networking.
Transmit power isn't really what's at issue; it's radar avoidance measures like dynamic frequency selection that aren't implemented by the radio hardware and thus have to be done by the host Linux system. Existing wifi hardware is capable of limiting maximum transmit power for each channel, but unless router manufacturers want to disable half of the 5GHz band, they need to do something to ensure that the user can't turn off DFS. Existing chipsets don't allow for appropriate separation of concerns: the host system is responsible for some RF parameters like DFS, and the radio's baseband processor (running proprietary signed firmware) is being used to do packet scheduling and retransmissions.
Could they just disable support for the U-NII-2 channels in the hardware? Those are the ones that require DFS and I would find losing them to be preferable to manufacturers trying to prevent people from using OSS.
What are U-NII-2 channels used for? I've not come across that term before.
As an alternative suggestion, couldn't the transmit power be capped in hardware? I don't see why you'd need to have hardware that could exceed the specified transmit limits, other than to save money for the manufacturers (allowing them to tweak transmit power in software to meet the regulations in different countries, assuming the maximum transmit power for wireless routers varies from country to country).
As a side note, the L4Re hypervisor the article proposes using looks very promising, first I've heard of it, was hoping someone would make a hypervisor based on a provably secure kernel like L4 one day, seems like it already exists.
I'm not discounting the short-cutted (or -sighted) approach that TP-Link seems to be taking, but isn't that exactly the stakes of a corporatocratic system like this one? The producers fall in line, even those whose hardware I otherwise adore. I own at least a dozen TP-Link products, but their loyalty isn't to my right to free expression.
Trust me, there are a lot more things to be terrified about in the US than the FCC deciding they know what they might be doing. They don't of course, but it really doesn't matter[1].
No end users will touch it, but any vulnerabilities present will be used if present. In such a market I believe you'd actually spend your money on a high quality non-wifi router that you can update on your own and dangle insecure wifi access off of it, requiring VPN or other 'from the Internet' style for entry to the 'secure' network.
Civil disobedience is a valid response. Don't give the FCC the power to do this, by simply ignoring them. Giving in to a solution only validates their overreaching powers to do this. Don't buy TP-LINK products simply buy products that ignore the FCC.
Are there products on the US market that ignore the FCC?
Also, I heard that current TP-LINK are a piece of cake to jailbreak. Being a cheap Chinese brand, they have little reason to go out of their way to "secure" those devices any more than the FCC will care to specifically demand under the threat of banning them from the US.
I mean, that's how it is with plenty of other devices and types of equipment (cars aren't speed limited to 70mph - you're expected to operate your equipment within the bounds of the law, regardless of capability).
I'm not in the US, but I can imagine global firmware versions being locked down just to placate the FCC.
Or is it too late and do we have too little sway to convince them?