TP-Link Begins Lockdown of Firmware In Response To FCC 157
An anonymous reader writes: In response to an FCC rule that requires manufacturers to lock down computing devices (routers, PCs, phones) to prevent modification if they have a "modular wireless radio," TP-Link has begun locking down its routers to prevent firmware not signed by TP-Link from being installed. This essentially prevents open source OSs (OpenWRT, for example) from being used on routers. TP-Link may not be a prestige brand, exactly, but the company makes a lot of routers suitable for installing third-party firmware, precisely the sort of thing being locked down makes difficult if not impossible.
WOW (Score:5, Interesting)
Re: (Score:2)
Perhaps this will mean that a new consortium will be created whose purpose will be to raise money to pay corporations to bless open source projects for their hardware.
Or, a new company will rise up that uses open source firmware on their hardware (Buffalo does this, I think, with some of its routers)
My initial reaction is to mourn the loss of another freedom, but it is in the name of security.
I am conflicted. The same thing is happening on PC's with secure boot. It is arguable that this raises the bar for s
Re:WOW (Score:5, Insightful)
What's there to be "conflicted" about? In all of these cases, the "security" is "security AGAINST THE OWNER OF THE DEVICE," a.k.a. tyranny. It is unambiguously bad!
Re: (Score:3)
No, not exactly.
That is one aspect of it, to be sure. But that is only one side.
Another side is that, like an immunization, you are protecting the herd by making your system harder to crack and become a platform for attacks against yourself and others.
There are always trade offs and compromises when it comes to security. It would be great if we could live in a world where people didn't do evil things and everything could be free and open, but that is not the world we live in.
Re: WOW (Score:5, Insightful)
Another side is that, like an immunization, you are protecting the herd by making your system harder to crack
No, stock firmware on consumer-grade hardware is unambiguously lowest-bidder buggy trash. Open-source replacement firmware is remarkably more secure. Secure bootloading insecure crap is just putting lipstick on the pig.
Besides, the FCC said this wasn't their intent. We thought they were lying, so either they still are or now TPLink is. A shame, since I've been buying their gear lately for OpenWRT deployments, despite their annoying VLAN assignments. I can't see why they'd want to chase away customers, so I'll guess it's the FCC that's still lying.
Open source gives the people too much power for a totalitarian regime to tolerate. Open source crypto is being attacked in parallel - neither can be allowed to exist without a regime change.
Re: WOW (Score:4, Insightful)
I can't see why they'd want to chase away customers, so I'll guess it's the FCC that's still lying.
That's an incorrect presumption. It's not that they want to chase away customers, it's that to hit that checkmark to be able to sell hardware, they need to lock down the radio. Easiest cheapest way for them to do so? Lock the entire item down, or source a more expensive separate radio controller. I guess we know which way they went.
Re: (Score:2)
Doesn't Meringuoid's Law cover this? XD
Re: (Score:2)
I can't see why they'd want to chase away customers, so I'll guess it's the FCC that's still lying.
That's an incorrect presumption. It's not that they want to chase away customers, it's that to hit that checkmark to be able to sell hardware, they need to lock down the radio. Easiest cheapest way for them to do so? Lock the entire item down, or source a more expensive separate radio controller. I guess we know which way they went.
If you had a facility to have your modification of dd-wrt or successor certified with an appropriate digital signature, then you should be allowed to install that software on your own device. Perhaps you would like that kind of device without a bios chip or operating system. Where there is a legal affordable way to solve a problem, there is no obstruction.
Re: (Score:2)
Besides, the FCC said this wasn't their intent. We thought they were lying
It doesn't matter if they were lying, now we have proof to take to the FCC, and write more complaints about the "clarified" rule.
This isn't the end.... we need to be on the watch for this kind of stuff, and bring it to the FCC as more examples and more proof that they are hurting people.
Re: (Score:2)
Re: WOW (Score:2)
Can they handle 5ghz 802.11ac with MIMO yet? Last time I looked into open router firmware, they were all still pretty dysfunctional with their handling of the advanced 5ghz wifi modes & basically said, "use the open firmware for nat/routing, and get a separate 802.11ac access point for wifi."
Re: (Score:2)
In all of these cases, the "security" is "security AGAINST THE OWNER OF THE DEVICE," a.k.a. tyranny. It is unambiguously bad!
In this particular case, it's security against your neighbor modifying the firmware in their wireless device in such a way that it negatively affects the performance of your wireless device. That's the problem that the FCC is concerned with, since managing the use of the public airwaves is their primary reason for existing.
Re:WOW (Score:4, Insightful)
security against your neighbor modifying the firmware in their wireless device in such a way that it negatively affects the performance of your wireless device
No.... that's just a possible explanation for a reasoning behind the rule, BUT it does a lot more collateral damage, AND it does not actually provide that security.
Your neighbor can still do the simplest possible thing imaginable, which is to attach an amplifier to their wireless device, and boost the signal power over the FCC PEP limits for unlicensed WiFi.
Your neighbor can also run their microwave or cell phone which legitimately uses the frequency and can trash your WiFi performance.
Re: (Score:3)
No.... that's just a possible explanation for a reasoning behind the rule
No, if I understand correctly, it is the reason for the rule. It isn't a "possible explanation", unless you believe that there's some grand conspiracy behind the rule to shut down DD-WRT and similar projects.
BUT it does a lot more collateral damage
I agree, but the FCC has clearly stated that there was intention to prohibit open source operating systems for routers and that manufacturers are under absolutely no obligation to so.
AND it does not actually provide that security...
Things don't have to be 100% effective to be useful.
Re: (Score:2, Troll)
Re: (Score:2)
Unambiguously.
If interference was that important to the FCC, they'd make more spectrum available to all. Think about how measly the b and g spaces are compared to all that spectrum reclaimed from upper UHF TV channels. But companies who rely on cell frequencies bribe better than those who rely on WiFi.
Re: (Score:1, Insightful)
My initial reaction is to mourn the loss of another freedom, but it is in the name of security.
Isn't that always the excuse^h^h^h^h^h^h^h reason?
Re: (Score:2)
It's not in the name of security in the sense that most people would think that means. It's about preventing the router from generating harmful interference to other radio services. Routers with open source firmware can often be set to operate on channels that are not allocated to WiFi in the US and thus interfere with the services that are licensed for those channels, but the FCC has not presented evidence that significant numbers of users are doing that or that harmful interference has actually occurred.
S
Re:WOW (Score:4, Informative)
So this is the end of open source firmware on basically any device with a radio
As has already been well discussed, the FCC already specifically clarified that the only thing they have an issue with is the ability to use firmware to change the radio in a way that would go outside of allowable ranges, for example the ability to jack up the transmit power beyond what is legal for such a device.
TP-Link is simply taking the lazy option, which doesn't really shock me considering they named their company "Toilet Paper - Link".
Re: (Score:2)
TP-Link is simply taking the lazy option
Key signing firmware doesn't sound like a lazy option, it just sounds like they implemented security in the most hostile way. After all the same change they made they could change to only a small portion of their code.
Re: (Score:2)
Or, this is the end of relying on the incredibly shaky pipeline of hackable routers that closed-source router vendors accidentally release. That pipeline is preventing vendors of routers that can run open source software from finding a sufficient market to actually make anything. Yes, what the FCC has done here is bogus, but in the long run it may actually be good for OpenWRT.
Re: (Score:2)
So this is the end of open source firmware on basically any device with a radio
Probably just a transmitter not a radio in general, but that just a guess. I don't think there are regulations against receivers.
Re: (Score:2)
And the beginning of a resurgence of high demand for consumer routers without built-in wireless. I can get by with access points - the only reason I need custom firmware is for the better routing/filtering/QoS
Re: (Score:2)
So this is the end of open source firmware on basically any device with a radio
No, this is the beginning of an endless arms race of developers rooting any device with a radio as fast as the manufacturers try to lock them down.
Re: (Score:2)
Congratulations (Score:3, Insightful)
The FCC didn't claim this would happen, and it still happened. Congrats, FCC!
Re: (Score:2, Informative)
The FCC are not enforcing this, they are enforcing lockdown of the radio (and for VERY good reasons... channel 14 is bad...).
If OEM's are too lazy to sort out radio and OS (like android) well... more fool them
Re:Congratulations (Score:4, Interesting)
What? Best channel on the list, it virtually never sees any contention from countless annoying wifi-enabled phones/tablets/laptops passing by!
Just tell your router you live in Japan (and pray it doesn't have the interface localized), and bam, good to go!
Re: (Score:2)
Re: (Score:3)
Methinks you misunderstand GP, be that accidentally or purposely. Either way, the reason channel 14 is so clear in the US is because it's illegal to use it. That channel overlaps with licensed spectrum users, and by using 14 in the US you'll be interfering with them. Depending on the level of interference you may one day get a visit from the FCC, along with a heavy fi
Re: (Score:2)
Maybe no "trickery" in the case of your router, but definitely in GP's, who said he had to set it to Japan.
But yes, it is your fault if you set it to channel 14 and cause interference, especially seeing as you know you shouldn't be able to. Broadcom does not indemnify you for any interference you cause. This is on top of the ethical point that you're willfully causing interference and don't seem to care.
I have a commercial access point that comes with no restrictions whatsoever as to which channels you can
Re: (Score:3)
That's not a reasonable position to take, given that our freedom is collateral damage!
Re:Congratulations (Score:5, Interesting)
The FCC aren't enforcing it, yes, and I agree that it was not their goal. Still the impact of their decision remains the same.
You can run apps on Android devices. That's the single reason why android devices have separation, even though separation costs more in manufacturing. For routers, separation just isn't an option economically.
If the FCC had cared, it would have required separation, or just left the state as it was, but they didn't do either.
Re: (Score:3)
No, the FCC should not enforce separation. They should let t
Re: (Score:2)
You can run apps on Android devices. That's the single reason why android devices have separation, even though separation costs more in manufacturing. For routers, separation just isn't an option economically.
Just what difference do you think exists in routers and Android devices? Often they are both some linux system with binary driver for the radio. There's no reason and no effort the Android model can't be applied (i.e. let people tinker with the OS, but keep the radio a binary).
WRTNode (Score:5, Interesting)
I don't have first hand experience with it, but if you are an aspiring OpenWRT hacker then you might want to look into WRTNode [wrtnode.com]. Using third party proprietary hardware is always fraught with peril anyway.
Re: (Score:3)
I don't have first hand experience with it, but if you are an aspiring OpenWRT hacker then you might want to look into WRTNode [wrtnode.com]. Using third party proprietary hardware is always fraught with peril anyway.
There are lots of these but they are often 4x as expensive just like this one. At $40 it's really expensive for what you are getting, if you do not need all those features which you mostly don't.
No external antenna, one ethernet port (Score:3)
Except... (Score:5, Informative)
Except the FCC has repeatedly stated time and time again they have no intent of hurting third party open source firmware and they're solely focused on the radio component not causing interference. They even recently modified these rules to appease people worried about this:
http://arstechnica.com/information-technology/2015/11/fcc-we-arent-banning-dd-wrt-on-wi-fi-routers/
So I have a sneaking suspicion this support employee has no damn idea what they're actually talking about.
Re:Except... (Score:5, Insightful)
Re:Except... (Score:4, Interesting)
Re: (Score:2)
Re:Except... (Score:4, Interesting)
I wonder if this is the reason TP-Link has been moving away from Atheros based wireless gear. If you look at reviews on Amazon, TP-Link has been incrementing version numbers on some of their products and replacing the Atheros chip with chips that require binary blob firmware. As far as I know, Atheros is the only chipset that doesn't require a binary blob firmware and it's trivial to hack the kernel module so, dumping it for other chipsets might make sense (at least from their perspective) from a compliance standpoint.
Re: (Score:2)
dumping it for other chipsets might make sense (at least from their perspective) from a compliance standpoint.
If that was the case they wouldn't need to sign the firmware.
Re: (Score:2)
But a router 'firmware' is really a software install. It's architecturally not that distinct from a laptop, with firmware/microcode for things like radios.
Re:Except... (Score:4, Interesting)
As far as I am aware, TP-Link is the hardware behind a lot of different brands including, if I am not mistaken, Google and Apple branded routers.
People would have to do some research before buying and I doubt that anyone but a die-hard open source fan will ever 1) do the research and 2) base the purchase decision on this issue
Re: (Score:2, Insightful)
People who want to install open firmware aren't going to randomly purchase a router and hope it's compatible. They're going to go to the DD-WRT site and purchase a router from the compatibility list. I don't see a problem.
so what if HP locks there systems to windows only (Score:2)
so what if HP locks there systems to windows only that as it's easier to due that and only need to have an windows only bios / firmware update tool.
Embarassing error by the FCC (Score:3)
Regrettably, they seem to have mistaken channel-based hardware with cryptographically-signed (linux, bsd) databases of allowed channels for something completely different, completely programmable "software defined radios".
The latter are an unsolved problem for the FCC: the former are the chip designers and the Linux networking team working hard to make it easy for the FCC... and being treated badly.
Re: (Score:2)
the FCC has repeatedly stated time and time again they have no intent of hurting third party open source firmware and they're solely focused on the radio component not causing interference.
"It became necessary to destroy the town to save it"
Don't these routers have external memory? (Score:1)
If the memory isn't built into the wireless chip itself, what is to prevent JTAG or desoldering of the flash chips to install new firmware?
Figured I may as well ask since once one does this, the rest will follow.
Re:Don't these routers have external memory? (Score:4, Insightful)
Does you no good if the bootloader on the soc wont run anything not signed.
Re: (Score:2)
These routers use UBoot, not a bootloader baked into the SoC. I doubt they have done anything too fancy, probably just checking for signed firmware when the user uploads it. I would suspect that even just using a serial connection to interrupt uboot would be enough to circumvent the checking. We won't know for sure until somebody does a complete evaluation/reverse-engineer of it.
Re: (Score:1)
Routers have done the signing before, you usually just use an local exploit in their webapp (they never fix the local exploits.)
Re: (Score:3)
In nearly every SoC currently available now, the chain is:
IROM (or similar) bootloader baked into the SoC. This verifies the signature of uboot, and jumps to it for execution
Uboot then takes over, verifies the next step in the chain (if configured to do so), then jumps to it if it verifies.
Note: The IROM signature checks prevent you from replacing uboot with something that does not enforce signature verification.
Re: (Score:2)
I grant you that the ability exists on many SoCs. What remains to be seen is whether TP-Link has actually done the secure-boot chain starting with the SoC. If one of the OpenWrt devs could get their hands on one of these locked down devices, we'd find out pretty quickly. I still suspect it's just a check in the stock firmware's web interface.
Re: (Score:2)
Re: (Score:3)
Most modern SoCs have the ability to verify u-boot prior to execution. Either the public key, or a hash of it (The little documentation I could find on TI's architecture was that to avoid storing 2048 bits in efuses, they stored a 128-bit hash of the 2048-bit key in efuses. The chip would verify the key (while in flash, could not be changed due to fixed hash), then use that key to verify uboot. TI had extensions to uboot to support hardware accelerated verification of the next stage in the boot chain.
Not
Re:Don't these routers have external memory? (Score:5, Insightful)
Isn't this a GPL violation? If any of the software they use is GPL v3 then they can't tivoize it in this way.
Re:Don't these routers have external memory? (Score:5, Interesting)
This is a very good point. The question is, is any of the stock firmware covered by GPLv3? Linux kernel is GPLv2, which does not have the tivoization clause.
Re: (Score:2)
That's why the GPL is so good for embedded devices, and why so many embedded device vendors hate it.
Oh well (Score:5, Interesting)
Re: (Score:2)
Honest question... Why would you want a Wireless Router period today? Wired router plus access point(s) seems to work much better than the wireless router hidden away from an interference perspective.
I will admit to being pretty happy with my Asus routers, but between interference with other equipment, range limitations, and a few other issues, I am planning on moving my Mom to a Ubiquity edge router with two access points for her condo, and a similar arrangement for my home. (I have already separated the
Re: (Score:2)
I haven't run ethernet to the right spot or PoE for an access point yet. So despite my router being in a utility room in the basement, it covers my small house and I have nowhere better to place an access point.
Re: (Score:2)
I have an 802.11n WiFi router (that also has an ADSL2+ modem built in) and I can get WiFi signal in every part of my small apartment and even outside on the street. I have no need to spend the extra money buying a separate access point (or the extra power running one vs the power usage of my current router)
Re: (Score:1)
Don't be naive, other manufacturers are starting to lockdown too...
Still open for now, and I already have custom firmware on it. If all the major companies do start locking down firmware, then I think it is a great opportunity for some startups touting that they still have open firmware to make their way into the market.
Re: (Score:2)
You're not supposed to use the stock firmware.
Shame, I liked TP-Link (Score:2, Insightful)
If it can't run OpenWRT without soldering, it's not useful for me. Same goes for any other router that doesn't run a variant of OpenWRT, RouterOS or IOS-*.
Guess I'll be shadowing the OpenWRT forum for my next purchase.
Re:Shame, I liked TP-Link (Score:4, Informative)
Re: (Score:2)
You mean Linksys...
Re: (Score:2)
Re: (Score:2)
Personally I have a fleet of WNDR4300's to play with myself. I have to build my own OpenWRT software for them, but the configuration to do so is out there. I'm just looking a that AC1900 and drooling given it's extra elbow room, USB 3 and eSATA port. The WNDR4300 is about $40 used on E-Bay, where the AC1900 is seen at $130 all day long and sometimes less than that.
Unfortunately your WNDR4500 doesn't seem to be supported and with the Broadcom legal issues doesn't seem likely it ever will.
TP-Link Sales Decline (Score:2, Insightful)
TP-Link is about to see their sales decline. Their cheap shit was eagerly consumed by DIY types putting openWRT on it and frankly you could do some interesting things with it. But, this makes them into just another cheap-shit proprietary Chinese junk network equipment vendor.
I'll pass, thanks.
P.S. Isn't it great how well the FCC listened to all those comments that they solicited? Don;t you feel like your voice matters? That you're part of the system? That your government works for you and takes your concern
Re: (Score:2)
P.S. Isn't it great how well the FCC listened to all those comments that they solicited? Don;t you feel like your voice matters? That you're part of the system? That your government works for you and takes your concerns into consideration?
The FCC, or more specifically the commissioners are political hacks, ALL of them. It's been a long time since the FCC was actually controlled by people who actually understood the technical and business issues upon which they decide. They are driven by lobbyists, political donations and the people who nominated them and not what's good for the people. It's sad, but that's what your government has become, The FCC is just one of the more obvious examples of it.
A drop in the bucket. (Score:3)
TP-Link is about to see their sales decline. Their cheap shit was eagerly consumed by DIY types putting openWRT on it and frankly you could do some interesting things with it.
The TP-Link router is a mass market consumer product that retails for $20 and up when purchased from outlets like Amazon.com.
The DIY market is microscopic and always has been.
Don't even waste your time (Score:2)
I tried OpenWRT on a cheap TP-LINK router and it barely managed 1/3 of the throughput of the stock firmware.
Re: (Score:2)
I tried OpenWRT on a cheap TP-LINK router and it barely managed 1/3 of the throughput of the stock firmware.
I found your problem.. "cheap"
Try something a bit better such as the Netgear WRT1900AC which will perform at least as well with the stock firmware as the OpenWrt build.
Re: (Score:1)
It's not a matter of cheap or expensive. Many routers with gigabit Ethernet don't have a sufficiently powerful CPU for routing at wire speed. They offload some of the work to special purpose function blocks in the SoC. These accelerators often conflict with advanced routing features, which makes it difficult to implement them cleanly in OpenWRT. It creates endless special cases and most of the work is specific to particular SoCs, so the chance of code reuse is slim. In a market where SoCs change even betwee
Re: (Score:2)
Chinese Backdoors (Score:2)
I have no idea of the credibility of such. But it seems now the FCC wants to prevent people from taking steps to reduce that possibility. by using open firmware.
Re: (Score:2)
Why wouldn't the back doors be in silicon?
This isn't very new for TP-Link (Score:5, Informative)
The last few routers I've bought for family and friends have been TP-Link, and of course I immediately flash them all with OpenWRT. The last two routers I bought had firmware from October that was locked down, just like TFA makes note of. I wasn't pleased with the google effort and time required to get to where I wanted to go.
As I recall, first I had to find a sort of neutral flashing dd-wrt firmware from early last year, that was possible to be flashed by TP-Link's firmware. Then, since TP-Link's October's firmware was useless, I had to flash the router with a much older version of their firmware, making the unit an April TP-Link router. Once I got that far, I was able to flash to OpenWRT as planned.
I'm happy with the units price and performance under OpenWRT, however I will look to other vendors from now on. Of course I must also blame the FCC, which sort of hurts because lately the FCC has been making a lot of good calls for its actual constituents, (while ignoring its paid-for lobbyists).
Re: (Score:3)
How wlll the FCC deal with the glibc DNS bug? (Score:5, Interesting)
The FCC's rule change makes the manufacturers responsible for compliance, not the owner/operator. How, then, will the vendors deal with the updates required by the glibc bug, http://linux.slashdot.org/stor... [slashdot.org]
The vendors of anything that can't be reflashed by their users are now responsible to the FCC for any compliance-critical errors in their devices. A DNS hack can can allow anyone to change to an illegal channel or use an illegal power level.
Similarly, the vendors are at risk of being named in class-action suits for anyone whose router gets hacked through their negligence. Especially in the US, where suing people seems to be the national hobby (;-))
Do you suppose some tiny Taiwanese firm can afford to do a recall like an auto manufacturer, and fix all their locked-down devices? Or be haulded into a US court without going broke? I suspect not...
Locking down your products for the US market because "it's easy" may turn out to be a company-killing error.
--dave
Re: (Score:3)
Comment removed (Score:4, Informative)
Different Markets (Score:1)
I recall I purchased one of TP-Link's Mini Pocket Router. There was a US version that did I could not install openwrt but there was a Chinese version that could. So hopefully we can still purchase ones outside of the country that can be modified.
Who Knew (Score:2)
My wireless is not vunerable (Score:2)
I've been worrying about the ability for wireless routers to withstand any significant attack, particularly given the reponsiveness of the manufacturers of the things (like, none at all) to exploits. So I made a decision to put my wireless router behind a firewall that keeps bad people in the cloud from playing.
Yes, the firewall would cost money ($70 for the computer, $0 for the firewall software -- I'm using CentOS and IPTABLES) and it's another box, but that box protects my inside network, so that I ab
In other news, TPLink sales implode (Score:2)
I would never buy a TPLink device (well, to be fair, *any* consumer router) that I couldn't replace the firmware on. It's been very well established that router firmwares are crap.
My router choices are based on the DDWRT HCL. (I'd try OpenWRT, but having to set up a complete toolchain and compile the thing is a bit of a turnoff for me.)
Re: (Score:3)
You don't have to compile the thing. They produce a large number of pre-built images ready to go for a large number of routers.
Re: (Score:2)
.....*facepalm* I honestly don't remember finding anything involving prebuilt binaries, last time I looked. Granted, this was also many years ago, so... *shrug*.
Thanks for pointing that out for me!
this is information coming from tech support (Score:2)
Tech support is not paid to define or even know corporate policy. Asking customer service reps about this is like asking the cashier in the drive through at McDonald's what the next version McD's app will be like.
This means nothing at all.
Intentional Misuse (Score:2)
The idea that manufacturers should be compelled to secure their products against intentional misuse by the purchaser is just ridiculous. Consumer products are not sealed black boxes, they are collections of repurposable components.
TP welcome to my 'don't buy list' (Score:2)
Going from the 'buy' to 'don't buy' list. Ouch.
I hope Asus keeps up with their OpenWRT support.
What methods are locked down? (Score:2)
FCC wants this? (Score:2)
Or is the push to secure routers in general, and this company completely screwed it up by locking out one method of securing routers by replacing their crap firmware?
Who messed it up? FCC? or TP?
Re: (Score:2)
Imagine if a particular algorithm were banned in the US. You might say that Intel could have a write once register that, if set, would stop the CPU from executing that algorithm. But then you need hardware to detect what algorithm the software is making the CPU perform, and that's not simple. I'm pretty sure your write once register idea is closer to that level of difficulty.
The FCC was responding to a case where an interference mitigation algorithm was either disabled or implemented incorrectly. The device
Re: (Score:2)
Re: (Score:2)