I've been wondering when this would happen. It would simply make too much sense for the government to not interfere with our wireless routers, along with every other thing in the world. After I heard that they were going to classify 'intrusive' security software as 'weapons' and place 'export' restrictions on them, I knew that this would go one of only two ways:
The first, preferable, and (more) sensible way would be that our government would allow the domestic technological industries & open source community to keep innovating without counterproductive regulations and interference, so long as we don't 'export' any 'intrusive' security software to other nations. I may have even been okay with this to a point, especially considering that we don't want the Chinese, Russians, or whoever to use our own source code against us... Although it's not accurate to say that open source code is ours, or anyone’s, for that matter... it belongs to everyone. But the point is that I can understand that mentality, to a point.
The second possibility was that the government would begin to see open source code in general as a threat to the establishment, and begin to place restrictions on software development, or on the hardware that the software runs on. Well, that's exactly what's happening with wireless-routers right now, and that is really bad news for the people of planet Earth.
Modems, routers, and embedded devices in general are often the most insecure devices existing. They're also usually the weak point of any given network, mainly because many of them run on proprietary, closed-source software that is rarely (if ever!) updated. Millions of routers end up being turned into zombies, utilized by blood-sucking bot-nets and the like, because they are so insecure, and because the OEM's never update the firmware (like, ever...). I've had at least two experiences in which my router was taken over by a rogue piece of malware, and no matter how many times I reflashed the stock ROM, the virus would simply respawn, and the rest of my network would suffer as a result. Do you want to know how I fixed them? I installed OpenWRT on them, and now not only have they ran happily ever after, they're also about twice as fast, and posses roughly 100 times the functionality that they did running the stock TP-LINK & Netgear firmware. (Netgear routers are the worst routers ever, just so you know.)
The FCC claims that open source software like DD-WRT or OpenWRT allows users to do things like adjust their signal strength, or unlock channels that are illegal to use in the United States. They are (somewhat) correct about that. However, I seriously doubt that this has ever been a problem for anyone, anywhere. Everyone knows that if you run your router on channel 14, than some HAM operator will track you down and rat you out. Operating a pirate radio is a federal crime in the USA, and it's very easy to get caught. Obviously, there is another motive here. Could it be that the NSA does not like the fact that anyone with an IQ of 60 or higher can bypass their backdoors that come preinstalled with ~70% of router firmware on the market...? Hmm...
The FCC wants to force manufactures to lock down WiFi routers so that they cannot run firmware that is not signed by the manufactures key, exactly like what has happened to the Android market over the last couple years. And it's bullshit, doing nothing but making it slightly more difficult for developers, enthusiasts, and people wanting to reclaim a little privacy by running a custom ROM to do so. But at least we can still buy a developer phone with an unlocked bootloader!
"...so far, the commission has only told us that “versions of this open
source software can be used as long as they do not add the functionality
to modify the underlying operating characteristics of the RF [radio
frequency] parameters. It depends on the manufacturer to provide us the
information at the time of application on how such controls are
implemented. We are looking for manufacturers of routers to take more
responsibility to ensure that the devices cannot be easily modified.” [1]
Even if that statement turns out to be true, it still would suck because in my experience, tweaking the radio parameters has made my routers run about 200% better, and (guess what...)... I did all that without breaking any laws, or causing any interference to nearby devices. Not to mention that it's not as if DD-WRT suddenly gives you the power to turn your router into an ion cannon or a satellite jammer. WiFi radios operate within the very small, already noisy, but unlicensed 2.4 Ghz range, and cannot be tuned outside of that range with software modifications alone. And 5 Ghz routers are already tightly regulated, because you need a radio license to modify a device that operates in that range as it is now. The reason we have unlicensed radio spectrums is so that hobbyists and ordinary people can utilize them. Thus, the FCC's "concerns" about open source router firmware are totally reta'ded.
Another possible motivation for these restrictions is likely the increasing popularity of MeshNets. These are privately owned & maintained wireless, peer-to-peer networks. The most well known is Hyperboria. Meshnets are simply the product of the people of Earth trying to rebuild the internet:
The stated goal of Hyperboria is “to provide an alternative to the
internet with the principles of security, scalability and
decentralization at the core.” [2]
It's safe to say that meshnets could be viewed as a threat to the establishment. If they start blacklisting websites and step up the censorship of free speech, privately owned, decentralized networks will be the only thing standing in the way. Without a free, open, uncensored internet, humanity would still be in the dark, technology would never have gotten this advanced, and the governments would still be getting away with whatever the hell they wanted to. Freedom of information must be not infringed upon, in any way, shape, or form. There is so much at risk.
If this law ends up passing, I will never purchase another commercial router again. I will build my own from scratch using something like a Raspberry PI running Debian, a few CAT5 ports, and a couple of Atheros chipsets (I suppose I should buy them now while I still can). The security of every other device on your network depends on the security of your router. All of the traffic that traverses your network goes through the router at some point (unless you're plugged right into the modem), so you better be able to trust the damn thing!
The FCC ought to take a long walk off a short pier. They have not been doing their jobs very well as of late. They are supposed to protect the communications infrastructure, instead of stunting or belittling it. Please visit this site to learn more about this issue. The FCC's side of the story can be found here. And the public comment page, found here, does not work at this time. The deadline for pubic comments has been extended to sometime in November. I hope they fix their page before then.
No comments:
Post a Comment