Best Blackhat Forum

Full Version: Routers being locked down by manufacturers
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
The United States is doing some stupid things to the internet and messing it up for the whole world. Their government now controls the internet using a branch called the FCC. The FCC knew all along manufacturers would do this if the FCC tried to take control of the internet but the FCC tried to trick the people by saying that the FCC would not lock down wi-fi routers. Of course not. Why would they have to if they can bully the manufacturers into doing that for them.

Hers is the article that is from this link http://www.wired.com/2016/03/way-go-fcc-...g-routers/

Hey, remember when the FCC reassured us last year that it wasn’t going to lock down Wi-Fi routers? And everyone breathed a sigh of relief, because custom router firmware is actually a really good thing? Sure, it’s fun to improve your router by extending the range or making your network friendlier for guests. But open firmware is important for other reasons: it enables critical infrastructure, from emergency communications for disaster relief and building free community access points to beefing up personal security.

Well, there goes that. Because even though the FCC said its new requirements were not intended to lock down router software or block the installation of open source firmware, at least one large manufacturer has reacted by doing just that. And more could follow.

Way to go, FCC.

Last month, Libre Planet—a free software community—raised the alarm that TP-Link, one of the largest router manufacturers, had begun locking down firmware in newly released routers. As proof, Libre Planet pointed to a transcript of a support conversation. In the chat, a TP-Link rep says that the lockdown—which blocks the installation of open source firmware—was a reaction to new FCC requirements.

That’s a problem, because alternative router software packages like DD-WRT are hugely popular. These tools provide more sophisticated features and faster security patches than manufacturers offer.
WIRED Opinion

About

Kyle Wiens is the co-founder and CEO of iFixit, an online repair community and parts retailer internationally renowned for their open source repair manuals and product teardowns.

I contacted TP-Link and asked them to confirm whether their support chat rep was correct. The company directed us to a new FAQ page confirming the lockdown. The FAQ reads,
Why is TP-LINK limiting the functionality of its routers?
TP-LINK is complying with new FCC regulations that require manufacturers to prevent certain firmware customizations on wireless routers.”
Foreseeable Consequences

What exactly are these regulations? The FCC recently updated its requirements for “U-NII devices operating on the 5 Ghz bandwidth”—a designation that covers a wide range of Wi-Fi devices and routers—to stop users from modifying RF (radio frequency) devices outside of their intended parameters. Last year, the FCC proposed an expansion on the RF modding prohibition to anything with a software-defined radio.

The wording of the rules was met with concern that the FCC was functionally mandating manufacturers lock down router software. That concern intensified into a full blown uproar in September after the FCC issued a compliance guidance asking manufacturers to “describe in detail how the device is protected from ‘flashing’ and the installation of third-party firmware such as DD-WRT.” DD-WRT is a popular open source firmware available for many consumer routers.

Thousands of people lodged complaints with the FCC, urging the organization to take steps to protect open source software. The outcry prompted an official response from the FCC soon after.

“Were we mandating wholesale blocking of Open Source firmware modifications? We were not,” Julius Knapp—Chief of the FCC’s Office of Engineering and Technology—explained in a blog post. He went on, “I’m pleased that this issue attracted considerable attention and thoughtful submissions into the record and would like to make it clear that the proposal is not intended to encourage manufacturers to prevent all modifications or updates to device software.”

The FCC even changed the troublesome wording in their compliance documents—omitting any reference to ‘third-party software’ and ‘DD-WRT.’
Goodbye to Third-Party Software

Despite the reassurances, experts were quick to point out that it would be easier, quicker, and cheaper for manufacturers to comply with the rules by just locking down the whole router—whether or not that’s what the FCC intended.

“Routers are built around a System on Chip, with the CPU and radio in a single package,” Hackaday’s Brian Benchoff explains. “The easiest way to prevent modification of the radio module would be to prevent modification to the entire router. Some would call it fear mongering, but there was an expectation these proposed FCC rules would inevitably lead to wireless routers being completely locked down.”

It looks like those fears were warranted. Locking that firmware down seems to be what TP-Link just did. TP-Link also issued this statement:

The FCC requires all manufacturers to prevent [the] user from having any direct ability to change RF parameters (frequency limits, output power, country codes, etc.) In order to keep our products compliant with these implemented regulations, TP-LINK is distributing devices that feature country-specific firmware. Devices sold in the United States will have firmware and wireless settings that ensure compliance with local laws and regulations related to transmission power.

As a result of these necessary changes, users are not able to flash the current generation of open-source, third-party firmware. We are excited to see the creative ways members of the open-source community update the new firmware to meet their needs. However, TP-LINK does not offer any guarantees or technical support for customers attempting to flash any third-party firmware to their devices.

The company appears to be using this as an excuse to wash its hands of third-party software. Even though the FCC’s rules only require the manufacturer to prevent modifications to the RF parameters—not to prevent the installation of third-party firmware.

“TP-Link appears to be citing its own interpretation of a proposed FCC policy change—an interpretation the FCC has expressly rejected—as an excuse to lock down its devices,” says John Bergmayer, Senior Staff Attorney specializing in telecommunications at Public Knowledge. “It’s bad enough when companies go out of their way to put unnecessary restrictions on their customers. But it’s just galling when they pretend they are somehow ‘required’ to do so. But even when complying with actual legal requirements, companies should do it in a way that does not put unnecessary restrictions on consumers.”

And while it’s reasonable to ask home hackers and hobbyists not to modify RF parameters in ways that would throw it out of compliance—instituting a wholesale router lockdown is tantamount to throwing the baby out with the bathwater. Sure, you could write custom code to hop onto an unauthorized band. With a little determination, you could also whittle your router down into a shank and stab someone, Bergmayer noted. But manufacturers aren’t preventing hardware modding to stop users from turning routers into a physical weapons. “There’s only so much a company can or should do to prevent theoretical bad behavior,” Bergmayer added.
A Domino Effect

In the meantime, going over and above the FCC’s rules means TP-Link is pushing the door closed on a lot of the beneficial applications of third-party firmware—including personal security. Open source firmware tends to be more rigorously scrutinized, updated, and secured. Worse, this precedent makes it likely that other manufacturers will take the easy route and lock down their routers as well.

“It’s a sad state of affairs, but custom firmware will eventually be loaded onto these routers; it’s just a little harder now and slightly more absurd,” Hackaday’s Benchoff goes on to say.
No problem at all my BBHF friend. As the govt. suit himself admits: “It’s a sad state of affairs, but custom firmware will eventually be loaded onto these routers; it’s just a little harder now and slightly more absurd,” Hackaday’s Benchoff goes on to say.
What about reprogramming the Flash chip itself over SPI? Has anybody has experience of doing that before?
Reference URL's