Skip to content
Naked Security Naked Security

Feel free to hack your Wi-Fi routers, says FCC

The Federal Communications Commission put out new guidelines with less muddy wording about open-source firmware.

Router

No, the feds will not come and knock down your door if you tinker with your Wi-Fi router.

That’s what the Federal Communications Commission (FCC) had to say on Thursday, as it reassured people who, rightfully enough, had cause to think otherwise.

In March, the commission had apparently banned the use of third-party firmware on Wi-Fi routers when it issued a Software Security Requirements document that said manufacturers applying for equipment authorizations should explain “what prevents third parties from loading non-US versions of the software/firmware on the device” and to …

Describe in detail how the device is protected from 'flashing' and the installation of third-party firmware such as DD-WRT.

DD-WRT is a Linux-based, open-source firmware used on a variety of Wi-Fi routers.

It’s one of a few open-source firmwares that people use to get more control over their devices and to add a user interface that’s not as clunky as routers’ default GUIs.

The proposed rule only affects devices operating in the U-NII bands: that’s the portion of the spectrum used for 5GHz Wi-Fi.

The FCC on Thursday issued an updated version of the guidelines, saying that it hadn’t intended to encourage manufacturers to prevent all modifications or updates to device software.

Rather, the goal was to secure devices against tweaks that would take a device “out of its RF [radio frequency] compliance” by, for example, causing a device to emit frequencies, types of modulation, or power levels that could interfere with other systems.

Telecom policy expert and Senior VP of Public Knowledge Harold Feld told TechDirt that one such example is interference at airports:

We had problems with illegally modified equipment interfering with terrestrial doppler weather radar [TDWR] at airports. Naturally the FAA freaked out, and the FCC responded to this actual, real-world concern.

Julius Knapp, Chief of the FCC’s Office of Engineering & Technology, said in a post on Thursday that the revised guidance clarifies that the FCC’s instructions were narrowly focused on modifications that would take a device out of compliance.

Some commenters on the FCC post thanked the FCC for clearing the air, but others were less impressed.

One such, Ken Arromdee, noted that the clarification doesn’t address the problem, which is that manufacturers can’t, or won’t, selectively lock down just RF:

The problem is that even if the ruling doesn't require that manufacturers lock down the whole router, it's not practical to lock down just the RF part, so the ruling is going to end up making manufacturers lock down the whole router anyway.

And they're not going to redesign the router to put the RF into a separate part just so that they don't need to lock the whole thing, since locking the whole thing is much cheaper.

Hackaday’s Brian Benchoff, for one, agrees, noting that while the proposed rule only affects the radios inside these devices, nowadays, most routers pack the CPU and the radio onto the same chip.

That means you can’t discriminately tinker with one without also modifying the other, he writes:

Because of the economics of cheap routers, nearly every router is designed around a System on Chip – a CPU and radio in a single package. Banning the modification of one inevitably bans the modification of the other, and eliminates the possibility of installing proven Open Source firmware on any device.

So while the FCC well might not have intended to ban open-source firmware, it seems that there are still fears that this could be an unintended result.

Image of workmen on router courtesy of Shutterstock.com

6 Comments

First let me state that I only use WiFi to access my RPi’s at home, that is I do not use public WiFi. My work network has one access point, and we provide WiFi for public visitors , and that’s where my WiFi saga begins. I began receiving complaints that people could not get a good connection to the public WiFi. The problem I discovered comes from two main sources: constant polling by devices whether they connect or not, and the 15+ nearby WiFi networks (there are other devices that also can cause interference however). Apparently, connecting to public WiFi is often difficult for these reasons, I think in part because businesses just put up some AP’s and leave it at that, and because of the FCC’s regs concerning the 2.4 and 5 GHz bands. I am about to install a cloud based system (from C*-M*) hoping the “smart” AP’s will resolve most of the problems.

Instead of asking questions about what would prevent 3rd party firmware running on a device, why don’t they ask why so many routers have so many backdoors and vulnerabilities? The whole point of DD-WRT is it’s open source which means the likelihood of a vulnerability is diminished. If manufacturers made secure routers and updated them when vulnerabilities were found then people wouldn’t need to feel they have to take care of vulnerabilities themselves.

Naked Security has covered this before with their war biking – a staggering number of open or WEP vulnerable routers found. Add in the mix WPS routers that can be cracked with Reaver…. You would be a fool to run anything other than DD-WRT!

Well, there are other open source firmwares besides DD-WRT :-)

I’ve tended to use OpenWRT, primarily because of the modularity. If I am worried about WPS, for example, I can leave that whole piece out, which is much safer than making sure it’s turned off and stays off.

I think some of the frustration toward the FCC is misguided — it’s reasonable for the FCC to require compliance with radio frequency emissions, and to be concerned regarding modifications that can operate a device in an improper or illegal manner. This concern doesn’t simply go away because a router manufacturer builds a router that has CPU and radio on the same chip and thus is difficult or impossible to separate, and it’s not the FCC’s fault that they can’t be separated.

Agreed. Seems the frustration should be against router vendors who aren’t patching promptly…after all, even if you prefer DD-RT or OpenWRT or whatever, you shouldn’t feel a *need* to update a router you just bought, regardless of price point. (Or the vendor should ship it blank and say, “Over to you.”)

> (Or the vendor should ship it blank and say, “Over to you.”)

I have been thinking the same. Does shipping a box with say just a bootloader satify the requirements?

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?