FCC Requires TP-Link To Support Open Source Router Firmware 52
An anonymous reader writes: Earlier today, the FCC reached a settlement with TP-Link over Wi-Fi router interference. Most of the agreement was routine, addressing compliance with radio emission rules.
But the FCC also did something unprecedented. It required TP-Link to support open source firmware on its routers. You might recall that, last year, the FCC caused a ruckus when it mistakenly suggested it was banning open source router firmware. In fact, the FCC only required that router vendors implement protections for specific radio emission parameters. But the FCC didn't work with router vendors in advance to maintain open source compatibility, resulting in certain vendors (including TP-Link) trying to lock down their routers.
The FCC eventually issued a clarification, but the damage was done. Only recently have a couple router vendors (Linksys and Asus) affirmed that they will continue to support open source firmware.
Today's settlement is a milestone for the FCC. The agency is finally doing something, with deeds and not just words, to demonstrate its support for the open source community. It would be better if the agency hadn't created this mess, but they deserve serious credit for working so hard to fix it.
But the FCC also did something unprecedented. It required TP-Link to support open source firmware on its routers. You might recall that, last year, the FCC caused a ruckus when it mistakenly suggested it was banning open source router firmware. In fact, the FCC only required that router vendors implement protections for specific radio emission parameters. But the FCC didn't work with router vendors in advance to maintain open source compatibility, resulting in certain vendors (including TP-Link) trying to lock down their routers.
The FCC eventually issued a clarification, but the damage was done. Only recently have a couple router vendors (Linksys and Asus) affirmed that they will continue to support open source firmware.
Today's settlement is a milestone for the FCC. The agency is finally doing something, with deeds and not just words, to demonstrate its support for the open source community. It would be better if the agency hadn't created this mess, but they deserve serious credit for working so hard to fix it.
Now do the same for ISP's that force you to use (Score:4, Insightful)
Now do the same for ISP's that force you to use there routers
Re: (Score:1)
Re: (Score:1)
I'm on FIOS. The ONT does have an Ethernet jack on it, and you can request that service be provisioned via Ethernet. When I had service installed in my most recent move, I told the tech they dispatched that I wanted service over Ethernet so that I could use my own router. He ran the Ethernet and called it in as such. If you want to run a line from the Ethernet jack yourself after service is up and running via coax, I presume support could switch the provisioning over for you.
Re: (Score:3)
Re: Now do the same for ISP's that force you to us (Score:2, Informative)
You can plug any router directly into the FiOS ONT's Ethernet port and it will work. Sometimes you have to clone the MAC address of their router and reset the ONT though. I've done this on several FiOS installations in various states for years, it works.
Re: (Score:2)
Obviously, you've never met Uverse.
Re: (Score:2)
Weird then that ATT provides instructions [att.com] on how to use your own router,
Re: (Score:3)
You missed a line: (Score:3)
Weird then that ATT provides instructions on how to use your own router
Another user has pointed out that the instructions are for DSL, not for U-verse. So far, U-verse modems are only available from AT&T.
But you missed the line at the end of the page:
Note: AT&T Tech Support does not support non-AT&T provided routers. Please contact the manufacturer of your router for further assistance.
Which means that if THEY break your service at THEIR end, they won't FIX it until you hook up one of THEIR mod
Sure can: By causing an outage and not supporting (Score:5, Informative)
Don't think any ISP can force you to use their's. FIOS ones i guess could force their's on you but you should be able to bridge it and use your own anyway.
Sure they can:
1. Break the user's feed by reconfiguring things in the company's plant - and do it incorrectly.
2. When the user calls in to get things fixed, tell him that the problem is in his modem and you don't support that modem - or any modem not purchased from the ISP.
3. The user must buy a modem from the ISP before the ISP will bother to fix things at their end.
4. Profit!
I recently had a ONE MONTH! (to the day) AT&T DSL outage. (My town doesn't have fiber to the home, and fiber to the curb got bundled with the U-verse tarbaby and had several other downsides. So I was on legacy DSL. And as an early adopter it was VERY OLD technology - in Internet Time.)
In the process of decommissioning some of the now-nearly-redundant DSLAMs (as they get most of their customers moved over to U-verse), they moved my legacy DSL line to a new box. This box didn't support the modem I had, and they also screwed up the propagation of the routes so the packets didn't reach the new DLSAM. But they didn't bother to tell me (until they finally let me talk to an actual tech, nearly a month later after purchase of two replacement DSL modems) that they'd made any changes.
My legacy DSL modem was old enough that the web configuration interface was an extra-cost option - which AT&T hadn't chosen to buy. They gave me instructions for getting to the interface (IF it had been present) - and we were both convinced that the modem had failed.
I was unable to find the replacement that they recommended at any (silicon valley!) dealership - including the AT&T phone store. So I purchased a Linksys DSL modem at Best Buy that claimed AT&T (non U-verse) capability. Hooked it up, got the web interface. Had ATM sync (yay!) but no ping (boo!).
Called service to get things running. "Sorry, we don't support that modem. We don't support any modem that we don't sell."
So I bought ANOTHER DSL modem - from an AT&T store - that the store claimed was supported. Also a Linksys. An older model with fewer features, but with AT&T approved firmware and from their own store. And about 1 1/2 times the price.
NOW they were willing to debug the problems in their own plant. After another week, being switched to still another DSLAM (becaue the first one they'd put me on was on a router that had also been decommissioned), and having the routes re-propagated, I was able to get ONE of my (changed!) fixed IP addresses live.
And by this time I was past the return date for the modem from Best Buy. So I ended up with store credit, rather than a refund.
And the new DSL connection is PPPoE over ATM, rather than Ethernet over ATM (which the new DSLAM doesn't support). That adds 8 extra bytes to every packet.
And the official modem I bought from AT&T doesn't support a subnet, so I have to run in bridge mode to get more than the router's own address. I won't get the rest of my (changed!) fixed addresses up until I have time to configure a PPPoE daemon on the firewall/router machine (which is currently running software from before the PPPoE standards were finalized...).
B-b
Re: (Score:1)
Well crap... (Score:4, Insightful)
... we were boycotting TPLink for its snubbing of the open source community. Now it'll be the easiest target for OpenWRT.
Maybe they can sell the company to competent management and we can buy from them..
Yeah. (Score:2)
TP-Link routers have been faves for the Hacking community for a while now.
Re: (Score:2)
Yea.. they really help grow my bot net.. ;-)
Re:Yeah. (Score:4, Informative)
That's what I thought, until I bought one (TP-Link Archer C7). The hardware seems decent but when I tried to load OpenWRT I ran into the "safeguards" that the article is talking about. I was finally able to get an alternate firmware installed, but it certainly wasn't easy (or at least, wouldn't have been easy for a less technical user).
Re: (Score:1)
Re: (Score:2)
Flashing FOSS firmware is never easy or for less technical users..
Hey if you didn't have to add pins and get out a JTAG it is easy.
Misleading summary (Score:5, Insightful)
Nowhere in that document does it say the FCC REQUIRES TP-Link to allow open source. What it says is:
“While manufacturers of Wi-Fi routers must ensure reasonable safeguards to protect radio parameters, users are otherwise free to customize their routers and we support TP-Link’s commitment to work with the open-source community and Wi-Fi chipset manufacturers to enable third-party firmware on TP-Link routers.”
They SUPPORT a company working with open-source, not REQUIRE,
Later on it says:
TP-Link has also agreed to take steps to support innovation in third-party router firmware by committing to investigate security solutions for certain 5
GHz band routers that would permit the use of third-party firmware while meeting the Commission’s security requirements and maintaining the integrity of critical radio parameters.
So the requirement is that any open-source stuff must meet the security requiements and maintain correct operation, not that they MUST allow open source,
Re: (Score:3)
The Official FCC announcement [fcc.gov] suggests that there is that requirement and that you're simply not looking at the right document, or the right portion of it:
"TP-Link has also agreed to work with the open-source community and Wi-Fi chipset manufacturers to enable consumers to install third-party firmware on their Wi-Fi routers."
Re: (Score:2)
Hit the submit button instead of the preview button a second time, so apologies for the fragmented post...
Emphasizing the word "SUPPORT" while disregarding phases "commitment to work... to enable third party firmware" and "committing to investigate security solutions... that would permit the use of third party firmware," and the key words "agree," "commitment," and "committing" in connection with a settlement agreement is also a bit off.
When you agree and commit in a settlement agreement, and other manufact
Re: (Score:1)
Read the whole document (which is what I quoted), not just the bits you like.
The part you quoted was just an introductory statement, it has no content. The second quote I gave says exactly what they committed to - investigating ways to allow open source on certain 5Ghz routers without allowing the radio operation to be changed. Hardly a requirement to allow open source.
I imagine the conversation went like this: your routers allow the user to adjust the radio, we can't have that. Well, we think the hacker
Re: (Score:3)
Yes, read the whole document, including the hyperlinked order and consent decree at the bottom.
The fact that the FCC has the authority to levy much larger fines, and thus the ability to ask for
Re: (Score:3)
I mean, the regulation was meant to make manufacturers restrict users from changing radio parameters (turn off DFS, for instance). That was not possible with stock firmware, only with customized OpenWrt/LEDE. So, what's the point of the regulation, now, after this precedent? What difference does it make for the users or for TP-Link?
Essentially, it sounds like TP-Link will need to ensure that router firmware (ANY firmware, not just their own) can't make illegal adjustments to the radio parameters. This would probably mean a change to the hardware in some form to lock the radio down. Maybe a separate bit of firmware that just controls the radio and sits between the hardware and the main firmware.
Re: (Score:1)
This is not possible with current ath9k chips (almost all of TP-Link 802.11n routers), firmware is uploaded to the chip by the driver. So there's no current way to rely on a "locked/trusted" firmware to restrict the operation.
Re: (Score:2)
This is not possible with current ath9k chips (almost all of TP-Link 802.11n routers), firmware is uploaded to the chip by the driver. So there's no current way to rely on a "locked/trusted" firmware to restrict the operation.
I don't think anyone ever said it was possible with a specific chipset. Obviously if it's not, then a new chipset may be required. However Linksys, Asus, and now (maybe) TP-Link are all working on it so it's not, overall, impossible.
Mandate just as bad as a ban (Score:2)
Re:Mandate just as bad as a ban (Score:4, Insightful)
There is no such mandate. The summary writer is an idiot.
Re: (Score:3)
That's barely relevant. The point is, most of Slashdot would've been happy if there was...
Re: (Score:3, Insightful)
Re: (Score:2)
Funny enough, it was RightSaidFred99, not me, who called most of the /. colleagues idiots :-)
Re: (Score:1)
There is a ban on killing people, as well. Do you have a problem with that?
The government is doing what it is supposed to do: find the best thing for their people. If that's not what you want you are free to go to africa, where governments do what its best for the powerful. Have a nice journey.
Re:Mandate just as bad as a ban (Score:5, Interesting)
How is such a mandate any better than a ban? A free country should have neither...
It shouldn't be a blanket mandate for all manufacturers, and in this case it isn't for TP-Link either. However, this is part of a larger issue (TP-LINK sold out of compliance routers in violation of FCC rules) and as part of the settlement for that, they agreed to work with the community to allow 3rd party firmware while staying compliant with the new FCC rules, as well as other FCC rules they violated that brought the action in the first place. I'm sure there was some haggling involved and TP-Link probably used this condition to help reduce their fine ($200K as it stands now). It's something I assume the FCC asked for and TP-Link agreed to do as part of the settlement. I'm sure if they said no, the FCC would have settled with them anyway, just probably for a larger fine instead. In this case it's pretty much a win-win-win. TP-Link gets their fine reduced and gets some good publicity out of it, the FCC gets to show that they really didn't mean to ban 3rd party firmware and they get TP-Link in compliance, and the community gets another option for compliant routers they can flash with 3rd party firmware.
asus routers (Score:2, Interesting)
I like my Asus routers. I get very good wifi bandwidth through them and their manufacturer firmware benefits from features being added to its open source codebase.
They're not cheap, but I think they're value for money.
Buffalo routers (Score:1)
..in the heart of the interwebs,
Stolen from NewEgg,
brought to America,
Opensource on arrival,
routing for survival
Is TP-Link stuff even worth worrying about? (Score:2)
I understand the FCC's position here and all of this makes sense from a legal standpoint.
But all I'm saying is, as a customer who has to implement wireless devices in the workplace as well as what I use at home? TP-Link is pretty much off my list of brands I'll even consider. I believe there are some serious questions about the quality and reliability of what they sell, which may be a reason this "out of compliance" issue came up too. It's part of a larger problem.
EG. We purchased a TP-Link access point re
FCC screwed us and here is why this is WORSE (Score:4, Informative)
If you read far enough into what the FCC has actually required TP-Link to do you'll quickly realize this is worse for free and open source software than TP-Link locking down its routers. Go look at https://apps.fcc.gov/edocs_pub... [fcc.gov] (the settlement PDF links to this as a source document). In fine print:
"the Commission required . . . device software that controls the RF parameters that ensure compliance with the Commission’s technical rules for preventing harmful interference must be secured. The purpose . . . is to prevent modifications to the software that could, for example, . . . enable tuning to unauthorized frequencies, increased power above authorized levels, etc. The rule is not intended to prevent or inhibit modification of any other software or firmware in the device, such as software modifications to improve performance, configure RF networks or improve cybersecurity.”.
What this means is that the community won't be able to add features like mesh networking support to modern 802.11ac wireless firmware components (I should also point out that we don't even have source code for any 802.11ac wifi firmware... and the people trying to get it are being hindered by these FCC rule changes.. I know. I'm one of these people.). The reason we have great support for Atheros 802.11n chipsets is explicitly because the community has had access to critical bits of code. This code has now been moved to the wireless firmware which is *LOCKED DOWN*.
So no this is NOT good news. It's actually creating a security threat because we will be prevented by gaining access to the complete set of source code running on our devices.
Re:FCC screwed us and here is why this is WORSE (Score:4, Informative)
Proper mesh networking support was added to the 802.11n atheros wifi drivers via the community. The companies which design these chipsets have no incentive to add proper mesh support themselves, but because we had access to the sources could add it in the past. This was before the critical components were moved into the firmware on the newer atheros 802.11ac chipsets. Now if the sources were available for the firmware components we could add proper support for mesh networking. It's not and the situation is really bad @ atheros. Management changes and the loss of two key developers at atheros has resulted in a brick wall as far as getting them to understand the value and popularity of there 802.11n wifi chips. It took many many years to get prior management @ atheros to understand the importance and value of releasing the full set of source code. Given this AND the FCC situation there is zero hope at getting the code from atheros now.
I'm hoping we can fix this in the years to come and convince a different chipset company to release the source code for an equivalent firmware. Unfortunately that argument won't fly if the FCC is requiring lock downs.
Wrong path (Score:2)
No The F/OSS community must come together with funding for both the from-scratch code AND FROM-SCRATCH HARDWARE with not one blob nor black box to be seen. Pony up the cash and the fellas on the Pacific Rim will build whatever you like. Then and only then will an thousand roses bloom (after FC
Media and public should take blame too (Score:1)
I am inclined to put this in the "win" column (Score:2)
As someone who helped put together one of the biggest filings with the FCC on this matter, with 260+ other people...
http://fqcodel.bufferbloat.net... [bufferbloat.net]...
(in addition to 1300? 1700? filings from other orgs)
And later met in person with many of the top people there:
https://www.fcc.gov/ecfs/filin... [fcc.gov]
I am inclined to put this result in the "win" column, provisionally.
June 2 came and went, tp-link's router firmware returned to field upgradable, and other manufacturers did nothing to make flashing other firmwares an