Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Government United States Wireless Networking

FCC's WiFi Rule-Making: Making It Fair For Both Open Source and Proprietary (fcc.gov) 173

Bruce Perens writes: The FCC wants to be sure that WiFi drivers don't cause interference with airport weather radars, but their proposal to lock down WiFi firmware, won't fly. Many commenters in the proceeding have made it clear that Open Source firmware for WiFi devices must remain legal. While an "alternative" proposal to the FCC that would require that all WiFi routers be Open Source is getting most of the publicity today, I have proposed another alternative that would be fair for both Open Source and proprietary software. It requires approval of the source code of a WiFi driver by a person with a technical license from FCC, the GROL+Radar, if that driver is to be mass-distributed in binary form for use by RF-naïve users by either the manufacturer or Open Source. The license assures that the responsible person actually understands how to protect radar systems in a WiFi driver. It's pretty easy for someone competent in radio engineering to pass the license test, and many thousands of people hold the license today. Vendors and Open Source are treated the same. It doesn't place restrictions on testing and development, or conversion of WiFi equipment to other radio services. And it includes an explanation of the problem, for those of you who don't know what the uproar is about.
This discussion has been archived. No new comments can be posted.

FCC's WiFi Rule-Making: Making It Fair For Both Open Source and Proprietary

Comments Filter:
  • Question for Bruce (Score:5, Insightful)

    by MickyTheIdiot ( 1032226 ) on Friday October 16, 2015 @08:24AM (#50742625) Homepage Journal

    Bruce,

    Is it your experience that people at the FCC even understand what Open Source is and that not all software is made by some huge entity like Microsoft and Adobe? It seems to be in my travels there are so many people making important decisions on the governmental level that either don't care about the greater Open Source community because of close ties to big corporations or don't have the background to understand why open software is important.

    • This makes the most sense of all the proposals I've seen. How can we help encourage the FCC to consider this? Is there an email address at the FCC for taking comments (e.g., to encourage it)? I'd like to send a "me too" so that the FCC knows to consider this proposal carefully.
      • Write a reply comment endorsing it. Collect signatures, not that this is a petition process, but it might carry some weight anyway. Submit it by the reply comment deadline of November 9.

        • Do you have a link to where to submit the comments? I tried the almighty Google and have failed.

          I will turn in my Geek card on the way out...

          • fcc.gov/ecfs . Take the two proceeding numbers from the top of my comment. Take your time to craft a well-worded response, at least introducing yourself, they don't get as much value from me-toos without any data attached. Please get it in before the deadline.
      • This makes the most sense of all the proposals I've seen.

        Having a GROL with a ship radar endorsement gives someone absolutely NO special training in how to deal with either WiFi or the software that runs it. If you look here [fcc.gov], you'll see what elements you need to pass to get a GROL and the ship radar endorsement (1,3, and 8), and here [fcc.gov] are links to the question pools from which the exams are created. Look for yourself and see how much relevant knowledge is required for the task Bruce is suggesting they do.

        It is patently ridiculous to think a GROL holder will unde

    • by lowen ( 10529 ) on Friday October 16, 2015 @10:34AM (#50743467)

      I'm not Bruce, but several people within certain Bureaus of the FCC do indeed understand Open Source. Even as far back as the '90's one of the engineers in the former Mass Media Bureau (deals with broadcasters) actually published some Open Source code showing how to use Fortran as a CGI program for websites..... they also have released a large quantity of code over the years.

      One thing to remember about government agencies is that they are made up of people; the question isn't whether the agency knows anything, it's whether the people employed by that agency know.

      • Re: (Score:3, Interesting)

        by Anonymous Coward

        In fact, the agency is strongly influence by the ham radio community, which is in many ways very similar to the open source community.

    • Anything with a link on a website someplace will be considered "mass-distributed" for regulatory purposes. So in effect that would mean that only peer to peer sharing of open source code would be allowed which undermines the whole point of open source.

      I think "commercially distributed" might cover it, so that people can't sell software or hardware without certification. But basically I think some simple disclaimer that comes along with the code that indicates that the code is intended for experimental use

      • Why would you not want enterprises to utilize better software for their Wi-Fi infrastructure?

        Open source simply must be permitted to still exist and be freely used in place of what comes with the equipment. I understand the FCC position, and would even accept a closed source blob that directly controls the radio interface, but there is a vast set of other tools that are used in enterprise environments outside of the core radio interface. These are more frequently patched for features and security enhancem

        • by bigpat ( 158134 )

          Why would you not want enterprises to utilize better software for their Wi-Fi infrastructure?

          Open source simply must be permitted to still exist and be freely used in place of what comes with the equipment. I understand the FCC position, and would even accept a closed source blob that directly controls the radio interface, but there is a vast set of other tools that are used in enterprise environments outside of the core radio interface. These are more frequently patched for features and security enhancements than what you can get from the manufacturer.

          A no Open Source position hurts everyone - enterprise environments included.

          I didn't say that enterprises shouldn't use open source. Actually, I think there is a good reason to require all source code for wifi and other radio devices be publicly available for inspection as open source. Some could have open source licenses while others could have proprietary licenses.

          Just that instead of an outright FCC ban on the use of uncertified firmware, it should simply be made clear that the firmware isn't certified, so that anyone using the software is incurring some risk that the

          • If source code is on a website, it's not "mass-distributed in binary form." I assume that by "binary form", Mr. Perens meant a form other than "the preferred form of the work for making modifications to it" (GPLv3). And if source code is specifically marked as experimental, it's not "mass-distributed [...] for use by RF-naïve users."

            • by bigpat ( 158134 )

              If source code is on a website, it's not "mass-distributed in binary form." I assume that by "binary form", Mr. Perens meant a form other than "the preferred form of the work for making modifications to it" (GPLv3). And if source code is specifically marked as experimental, it's not "mass-distributed [...] for use by RF-naïve users."

              If that is the case, then it is a fundamental disagreement. It shouldn't be made illegal to "mass-distribute" either uncertified binaries or uncertified source code of firmware for wifi routers. Claiming it is certified should be the regulatory issue. And on the use side, it should be the operator that incurs any liability for operating uncertified firmware or an uncertified device that is operating outside of defined parameters.

      • We just be careful to mark test code as being test code, and point to the link for the released version. The goal is to keep the RF-naïve from deploying it. Warning them might be sufficient.

    • FCC staffers come and go. We have, unfortunately, lost the two we knew were hams and up-to-speed on what's happening regarding individuals and innovation rather than companies as the sole source of it. Bill Cross, staffer who wrote some of the rulemakings, is retiring or might already have done so. Riley Hollingsworth was a ham attorney there who has retired.

      FCC does have an advisory board, it would not be a bad thing to get some people we know on it.

      My opinion is that whoever wrote this NPRM was not suffic

    • where else do we have random porn-surfing wackos interfering with a life-safety system?

      so don't do it here, either. prohibit the overlap frequencies.

  • The only proposal so far to actually make sense. No corporate is going to open-source their Wifi code if they haven't already, especially those multi-channel directional systems. And binary- and official-only firmware has obvious problems as well.

    This is the proposal to get behind, to reinforce to the FCC in the public consulations. It lets the corporates keep their trade secrets and allows open source firmware to exist at the same time.

  • What exactly does Open Source have to do w/ something being locked down? Are we entering the 'TiVoization' argument again? Open Source simply means that the source code should be made available to the person who has the executables. Nowhere is there the requirement that the customer has to have the capability to actually modify the in-system code.

    There are several good reasons to lock down firmware, regardless of where one stands on open source vs closed source. I am generally in favor of open source

    • by cHiphead ( 17854 )

      This is all just a DRM mandate, nothing more, and it should be scrapped entirely.

      • Aside from the fact that Doppler radar operates in the 5 GHz band, sure.

        Sorry, but there are real-world physics involved. You can't just blast 5-GHz noise in a radar's observation window. It basically creates a huge blind spot.

        Granted, you have to be a hundred feet above ground level to be relevant, but there are tall buildings near some airports where Wi-fi equipment can be running. You can't have some schmuck turn on his tethering and knock a storm off the map.

        All the software has to do is listen for a fr

        • Granted, you have to be a hundred feet above ground level to be relevant,

          I'm sorry, what? Do you understand how radio works?

          You may have to be 100 feet above ground before you can create a false target or inject false data. You can absolutely interfere with a radar system if you simply transmit at significant power levels near one. If you cause the receiver to desense so it does not receive the echos it requires to work, then you've interfered with it.

          Remember the microwave oven(s) at the National Radio Observatory in West Virginia that were creating fake signals? They weren'

    • What exactly does Open Source have to do w/ something being locked down? Are we entering the 'TiVoization' argument again? Open Source simply means that the source code should be made available to the person who has the executables. Nowhere is there the requirement that the customer has to have the capability to actually modify the in-system code.

      The ignorance, it burns!

      In fact, the ignorance is so appalling I am inclined to think it's deliberate, but that doesn't matter.

      Here's the actual, no kidding, defi [opensource.org]

      • Nothing in the above definition requires that the device that's run by the said software be modifiable itself. What it means is that one should be able to take that software, modify it and use it to run any other device. It's up to the manufacturer of that device to lock it or not.
      • Thats *a* definition, not the only one. opensource.org doesnt have a monopoly on the term.

        • by tepples ( 727027 )

          The GPLv2 and GPLv3 define a work's source code similarly: "the preferred form of a work for making modifications to it".

          • And again, they dont hold a monopoly on the term.

            • by tepples ( 727027 )

              Nor is this proposal by Bruce Perens the complete final bill. If "free software" as defined by Debian (or "open source" as defined by OSI) is meant, the DFSG/OSD will be written into the bill or at least included by reference.

  • What's the best process to add support behind this proposal? At the linked the FCC page it isn't clear to me how I might add support to this proposal as a consumer.
    • Write a reply comment in support of my comment, collect signatures (not that this is a petition process, but it might be impressive anyway), submit your reply comment by the November 9 deadline.

  • by clonehappy ( 655530 ) on Friday October 16, 2015 @08:37AM (#50742699)

    If someone is interfering with a licensed station, why doesn't the FCC investigate the source of the interference? In the old days, if you were being a nuisance to a licensed station, you were in for a world of hurt if being intentionally malicious. At the bare minimum, and idiot user would have had their equipment confiscated for being clueless.

    Is it too hard for them to actually go out and do the one thing they unquestionably have the authority to do? Or is this just another power grab by the FCC and the administration to quash tech freedom wherever they see fit in the name of "safety".

    • The FCC actually has investigated many complaints of transmissions from wireless devices interfering with terminal doppler weather radars. Here's a list of enforcement actions by the FCC: https://www.fcc.gov/encyclopedia/weather-radar-interference-enforcement [fcc.gov]. So, yes, there have been investigations of the source of interference and penalties for doing so.

      • Wireless devices - I think you mean point to point microwave communication systems. The majority of entries in the list are for unlicensed equipment, equipment that doesn't frequency hop away from active radar emitters, or equipment modified to operate on unlicensed frequencies. They might be wireless, but they aren't WiFi, nor are they radiating less than 100mW. These are outputting anywhere from several watts through to kilowatts.

      • 41% of those actions occurred in Puerto Rico, with the number two favorite being Colorado. Looks like two field offices care enough to investigate, most of the time.

      • Note that these are all WISPs with WiFi on towers, using directional antennas, and in line-of-sight of airports. Not your home users.
    • They do investigate, but investigations take expensive equipment out into the field and are extremely time consuming. The certifications are there to reduce the chance that an interfering piece of gear gets out on the market. The question is, where would the money for these investigations come from? The requirements today are mostly about paperwork and a few measurements on sample devices. For a commercial device, it's pretty effective- but the airwaves are a shared resource and we need a mechanism to preve

      • Yeah, I have to agree with this. With the arrival of billions of IoT (Internet of Things) devices all broadcast and receiving WiFi, all it takes is one bad device to cause havoc for the greater area within its broadcast range.

        There's no reason not to both audit code and enforce via physical triangulation/confiscation of malicious equipment.

    • That worked fine when pirate stations, CB, and ham radio were all they had to worry about. These days, there's nothing but a few bucks and a couple of minutes online keeping Joe Schmo from running a wireless router with firmware he doesn't understand that he downloaded from who-knows-where that may be at an early stage in the quality control process. And that situation is only getting more extreme with time as more people go online and more wireless routers make their ways into homes.

      Mind you, I think that

    • Is it too hard for them to actually go out and do the one thing they unquestionably have the authority to do? .

      The FCC has been ramping down Enforcement because it has been spending it's cash on *other* things. They have closed the majority of field offices where monitoring personnel used to work, eliminated the jobs which used to be located there, and cut the enforcement division's staff in DC. It is so bad that it took over a decade to yank the license of a misbehaving amateur radio operator in Maine they had dead to rights on multiple and repeated violations. Heaven only knows if they will ever collect the fine

  • Ok, I know nothing about radios, or how wi-fi works, or what the issue is. (Assume for the moment that I'm also unable to use google.)

    Clearly though it's a Big Deal. Could someone in the know explain why the necessary restrictions to prevent abuse inherently can't be implemented the hardware, such that the software (open or closed) just can't do whatever it is that's causing the problem?

    • Terminal Doppler weather radars (TDWRs) are installed at about 40 major airports. They operate in the 5 GHz range and are used to detect things like wind shear and microbursts, which are dangerous to aircraft. The higher resolution than the WSR-88D (Nexrad) radars probably makes it easier to detect these features. Also, if the nearest WSR-88D is a significant distance away from the, the beam will be significantly above the ground over the airport. Interference from wi-fi isn't an issue for the WSR-88D radar

      • by pr0nbot ( 313417 )

        Thanks. So... presumably TDWR detection is too complex to be done (economically) in hardware?

  • Nice, but there is one big problem: FCC does not give a fuck about open source. Manufacturers piss on one source as well. And Mr Perens has zero influence on either of them.
  • It's the usual regulatory overenthusiasm. Basically trying to criminalize perfectly ordinary actions that might lead to actual criminal actions.

    You can be penalized for emitting interference in a regulated frequency, or for using a regulated frequency for some other purpose. That is correct, and it is all that is necessary. Whether I my device is interfering because it is a cheap piece of crap, or because it is broken, or because I have flashed it - the reason doesn't matter, the result does. On the other s

  • People can already interfere with "airport weather radars" in a variety of ways. What evidence is there that custom WiFi firmware is a problem, and that locking things down would fix this?

  • by mtaht ( 603670 ) on Friday October 16, 2015 @09:37AM (#50743087) Homepage
    Dear Bruce:
    In your slashdot posting today you mischaracterized our efforts as attempting to "open source" all routers. (as have multiple other reporters and people)
    I lost sleep for years trying to create a third not "open source" or "closed source" *option* for making society's safety critical source code *public* vs what is currently buried in inauditable binary blobs - and in this letter, tried to shift the core fcc licensing requirements to mandating that the source code at the lowest layers of the network stack be "public, maintained, and regularly updated".

    What license is slapped on this "public" code I totally do not care about - it could mandate you have to sell off your first born child, or slit your throat after reading, for all I care.
    I care only that the sources be public, buildable, maintained and updated.
    http://www.bufferbloat.net/pro... [bufferbloat.net]
    Open source and closed source alike have been doing a terrible job of maintenance, and in the embedded market - aside from higher end devices like android and mainline OSes like redhat/ubuntu - are not being updated. That is the *real problem* here that we are trying to solve.
    thx in advance for any efforts you might make to correct your messaging, particularly when talking about our efforts! I have been busting my b**ls to make these points with every reporter I've talked to.
    Aside from that... I think extremely highly of your characterization of the problem's stakeholders, the quality of your letter is even better than ours overall, and your proposed solution quite possibly one that could succeed (although I would shoot for a new licensing regime that made the git committer more responsible, perhaps - it is very worthy of discussion!)
    I am totally willing to discuss restrictions on "how public" things become - and how fast they become so! particularly as I am well aware dismal code quality in many mission and public safety critical pieces of software that is out there. Mandating that all that be made public all at once would induce a terrifying amount of risk to society as a whole, and a staged approach towards making the core blobby bits public would be best.
    ...which is why I have tried to initially limit the call to merely opening up the binary blobs going into wifi, particularly as getting the current 802.11ac trends towards doing so have failed so dismally and wifi far less safety critical than many other things.
    I would dearly like, also, to fix the dsl drivers and firmware worldwide, at least in part, because I strongly suspect quite a lot of it, in light of snowden's revelations, is compromised already, and they just need 50 lines of code or so, and a firmware update, to eliminate the bufferbloat in them - and verify, it really is doing what the authors say in the tin, to the FCC.
    Sincerely,
    Dave Taht
    lead author, the cerowrt project's letter to the fcc
    http://fqcodel.bufferbloat.net... [bufferbloat.net]
    • Hi Dave,

      OK, perhaps I misunderstood something. What you are talking about is "disclosed source code". It can be "all rights reserved" except for the rights necessary to produce incidental copies in reading an online document. It is a good idea to use it for any code that presents a risk to life or property, as it makes it possible for an external auditor to review it without going through any permission process. The counter-argument (one we've all dealt with before) is that it makes it somewhat easier to fi

  • A single person has a surprisingly limited amount of bandwidth. They would quickly find themselves overwhelmed by the job.

    • by PPH ( 736903 )

      A single person

      I think the idea was to have any one of such license holders review and approve such firmware mods.

      • Anyone who gets the Gordon West / W5YI book on the GROL+Radar. Gordy himself will probably be at Pacificon (Pacificon.org) tomorrow. Ham Radio Outlet will be there, with the book. Or of course you can buy it on Amazon :-)

        • I think the idea was to have any one of such license holders review and approve such firmware mods.

          Anyone who gets the Gordon West / W5YI book on the GROL+Radar.

          The comment you just made, in reply to the one before that, says that you intend that anyone who buys a book on the subject will be certified to approve WiFi software.

          I'm sure you didn't really mean that, because if you did then you are crazy.

  • but their proposal to lock down WiFi firmware, won't fly

    Can we have some legislation against people misusing commas instead?

    • Bastard. You beat, me to it.

      • A foolish consistency is the hobgoblin of little minds, adored by little statesmen and philosophers and divines. With consistency a great soul has simply nothing to do. He may as well concern himself with his shadow on the wall. Speak what you think now in hard words, and to-morrow speak what to-morrow thinks in hard words again, though it contradict every thing you said to-day. -- 'Ah, so you shall be sure to be misunderstood.' -- Is it so bad, then, to be misunderstood? Pythagoras was misunderstood, and S

  • What the hell is the FAA doing running a safety critical (so they say) radar system in an ISM [wikipedia.org] band? And why is the FCC defending them?

    No license is required to operate within these bands, making the proposal that a person holding a technical license approve router firmware an exception to current policy. Furthermore, equipment using these bands must be tolerant of interference caused by other in-band transmissions.

    As far as I can tell, the FAA is violating FCC rules by operating their radar within these

    • Pretty much all spectrum is shared. Sometimes, you get incompatible sharing partners. Some WiFi channels are to one side or the other of the ISM band rather than in the spectrum reserved for ISM. FCC now wants to allocate yet more of those frequencies to WiFi.
      • by PPH ( 736903 )

        Pretty much all spectrum is shared. Sometimes, you get incompatible sharing partners.

        Which is where the FCC issues licenses and reserves the right to call interfering users in and negotiate a compromise. Reduce power, change your broadcast pattern, change frequencies, etc. Because bthey know who and where they are. But once a block of frequencies is released for unlicensed use (ISM being the 'worst' possible example), how do you get hold of all the radio controlled drones, garage door openers, microwave ovens, and WiFi access points that are out there already?

        FCC now wants to allocate yet more of those frequencies to WiFi.

        And what will they do when the

        • And what will they do when the FAA just plops another "critical" radar or coms system in the middle of the new WiFi (or ISM) band?

          Those guys may have been there before WiFi. In general a service like WiFi is approved after they assure the regulators that they won't interfere with the incumbent users.

          FAA won't put transmitters with a life-and-property duty anywhere without FCC licensing them. I doubt these radars are really operating as ISM devices, I think they have a license.

    • No license is required to operate within these bands, making the proposal that a person holding a technical license approve router firmware an exception to current policy.

      You are wrong. The fact that a specific use of a frequency does not require a license does not mean that the devices used there have no regulatory limitations or oversight.

      For example, the FRS is license-free but you cannot legally use a radio that you put together yourself on those frequencies, nor can you modify a radio that has been certified for FRS and use it there.

      As far as I can tell, the FAA is violating FCC rules by operating their radar within these bands.

      The FAA, as a federal agency, is not subject to FCC rules. They operate under the auspices of the NTIA. But since there frequencies are

  • The problem will be that the bureaucracy will cause 'FCC licensed drivers' to be utterly outdated except for a few proprietary ones because someone could line someones pockets to get it pushed through.

    The unlicensed firmware will still be shipped on most cheap routers however since they're coming from China where the FCC has no jurisdiction and the resellers don't care much about import requirements.

    Be careful what you wish for if you let a government agency get involved with your plans. Your plans however

The person who can smile when something goes wrong has thought of someone to blame it on.

Working...