The Freedom to Flash (your home router, among other things)
September 4, 2015 6:39 AM   Subscribe

LibrePlanet.org: Save WiFi.
Right now, the FCC is considering a proposal to require manufacturers to lock down computing devices (routers, PCs, phones) to prevent modification if they have a "modular wireless radio" (c.f. 1, 2) or a device with an "electronic label" (c.f. 3).
These rules would likely:
  • Restrict installation of alternative operating systems on your PC, like GNU/Linux, OpenBSD, FreeBSD, etc.
  • Prevent research into advanced wireless technologies, like mesh networking and buffer bloat fixes
  • Ban installation of custom firmware on your Android phone
  • Discourage the development of alternative free and open source WiFi firmware, like OpenWrt
  • Infringe upon the ability of amateur radio operators to create high powered mesh networks to assist emergency personnel in a disaster.
  • Prevent resellers from installing firmware on routers, such as for retail WiFi hotspots or VPNs, without agreeing to any condition a manufacturer so chooses.
Make sure to read their page to see how to take action. The deadline for comments is October 9th.
posted by snortasprocket (42 comments total) 14 users marked this as a favorite
 
Huh, Stallman was right.
posted by Steely-eyed Missile Man at 6:53 AM on September 4, 2015 [23 favorites]


It isn't clear immediately from scanning the document how this would prevent installation of alternative operating systems on a PC, etc. Can someone with legal experience point out the relevant sections?
posted by grumpybear69 at 6:54 AM on September 4, 2015


I could almost understand modular radios being locked down, since radio is a serious part of infrastructure. But the bit with "an electronic label?"

The first bullet point seems a bit alarmist. Surely the result of this awful idea would be WiFi cards/chips with locked down black box firmware that interacts with the computer as a peripheral?

It'd be a real shame for openwrt routers to go away. Aside from being useful and powerful home network devices, they're also cheap and versatile embedded computers. There's lots of cool robots and diy smart home gizmos using a flashed TP-Link router as the brains.
posted by mccarty.tim at 6:57 AM on September 4, 2015 [1 favorite]


Forgot to mention that this is very much a case of closing the gate after the animals are out. There's already open source SDR transceivers that could do nasty attacks in the wrong hands. And a handful of electric components and a basic understanding of radio is all you'd need to just dump noise on a frequency.

This doesn't happen partly because it'd be really traceable and carry a huge fine. But also because most people aren't interested in destroying useful mediums.
posted by mccarty.tim at 7:04 AM on September 4, 2015 [3 favorites]


So I haven't read this whole article yet but someone may have misunderstood how some devices with radios work.

For Android phones there are actually two sets of firmware - one is for the operating system but there's another mostly untouchable firmware blob for the radio. When you flash a new OS onto your Android device the radio firmware is untouched - the OS just says "send some bytes" or "find a new cellular network" but all the actual hard work of handling the baseband is done by a separate processor and a separate blob of firmware.

Because if you think phones are shit now, if you could flash radio firmware they'd be really, really shit.
posted by GuyZero at 7:05 AM on September 4, 2015 [7 favorites]


No, The FCC Is Not (Intentionally) Trying To Kill Third-Party Wi-Fi Router Firmware

Curiously nobody seems to have asked the FCC what they think about all of this. So I asked, and the FCC offered me this admittedly clunky statement (note the bold bit):
"(FCC rules) require that the devices must ensure that under all circumstances they comply with the rules. The majority of the devices have software that is used to control the functionality of the hardware for parameters which can be modified and in turn have an impact on the compliance of devices. Our rules do permit radios to be approved as Software Defined Radios (SDRs) where the compliance is ensured based on having secure software which cannot be modified. The (FCC's) position is that versions of this open source software can be used as long as they do not add the functionality to modify the underlying operating characteristics of the RF parameters. It depends on the manufacturer to provide us the information at the time of application on how such controls are implemented. We are looking for manufacturers of routers to take more responsibility to ensure that the devices cannot be easily modified."
So in essence the FCC is saying that third-party firmware is just fine, just as long as it's not pushing the radio outside of legally-mandated parameters and causing a safety hazard. I also talked a little bit about the FCC's plan with Public Knowledge lawyer and FCC wireless policy guru Harold Feld, who spends more time wading through FCC NPRMs and telecom policy wonkery than any expert I know. Feld agrees that killing custom firmware isn't the FCC's intentional goal. That said, he's also quick to note there's still reason for concern if the rules aren't crystal clear:
"This is, of course, why the FCC does notices of proposed rulemaking and seeks comment from the parties and affected stakeholders. Especially on technical engineering matters like this, it isn't a matter of something being baked already. The FCC is responding here to a real world issue: we had problems with illegally modified equipment interfering with terrestrial doppler weather radar (TDWR) at airports. Naturally the FAA freaked out, and the FCC responded to this actual real world concern.

But at the same time, we don't want the FCC to accidentally write rules that are over-broad or subject to misinterpretation by companies. The real concern here is not some government conspiracy to wipe out open source or mandate encryption. The real worry is that major chip manufacturers will respond by saying "the easiest thing for us to do is lock down all the middleware rather than worry about where to draw the line." That would potentially kill a lot of innovation and valuable uses."
posted by cnelson at 7:06 AM on September 4, 2015 [45 favorites]


cnelson's quotes seem like the most logical take on the situation but some of the clauses do confuse me:
It also proposed to eliminate the rule provision that permits authorization of modular transmitters that are “split” into the “radio front end” (the radio elements) and the “transmitter control element” (the hardware on which the software that controls the radio operation resides), based on its determination that such a device configuration has not been widely implemented.
What? This device configuration is used all over the place. I'm going to assume they're talking about some specific context that's not clear to me.
posted by GuyZero at 7:10 AM on September 4, 2015


Yeah, the problem isn't with the rule(s) in and of itself. It's that manufacturers would rather completely remove the ability to upgrade/update the firmware than develop some other regime which would allow that and still be compliant.
posted by Pogo_Fuzzybutt at 7:33 AM on September 4, 2015 [3 favorites]


The FCC has a long history of trying to limit permissible modification to radio devices - reasonably, since its job is to stop anarchy on the air - and, since it is never possible to hit the perfect mix of permissiveness and prohibition, the best it can reasonably hope for is a compromise that works well enough in practice for as many people as possible. The history of how it tried to (and mostly sorta managed) to regulate CB as that service changed nature is a good example of that, but this margin is too small to go into the details.

I'm reasonably sure it'll end up with some sort of 'the radio blob is sacrosanct' approach, which won't help all that much as stuff for the international market (which is all the stuff, as it all comes from China) has to work with the various different country standards, some of which allow more power than the FCC wants on channels the FCC does not want to allow. But, in effect, we're there already - my router's native firmware is open source and it could easily be reflashed with various alternatives, but they all rely on the OEM's RF binary. Which has bugs, which cannot be fixed until the OEM gets around to it (and may never be fixed: the people who make the radio chips don't release detailed data sheets to the public; if you want to know enough to program them, you have to sign an NDA and enter into a commercial agreement, so perhaps the bugs are in hardware. Who knows?)

You can be paranoid about this if you like - and probably should be, a bit, as we know that the NSA exploits RF-side bugs in routers to inject and control target machines (I forget the Snowden-revealed code for the program - NIGHTSTAND?). But the FCC's doing its best, as always, to fix an unfixable problem, and I have high confidence that it'll decide that draconian compliance would be counter-productive. It'd be interesting to find out what the radar interference problem was, and perhaps I'll dig into that later...
posted by Devonian at 7:42 AM on September 4, 2015 [1 favorite]


Meanwhile, Verizon and T-Mobile prepare to extend LTE to the unlicensed 5GHz band shared with Wifi.

But I doubt that's the primary driver; rather I think the gubmen't has heartburn about citizens being able to do things like listen to airplane transponders with $30 TV tuners, and this is a security-through-obscurity approach. A shame, because citizen use of radio always depended on the honor system more than strict controls.
posted by RobotVoodooPower at 7:55 AM on September 4, 2015


The proposals would modify the SDR-related requirements in part 2 of its rules based in part on the current Commission practices regarding software configuration control. To minimize the potential for unauthorized modification to the software that controls the RF parameters of the device, grantees would have to implement well-defined measures to ensure that certified equipment is not capable of operating with RF-controlling software for which it has not been approved. (emphasis mine)

I thought manufacturers already had to lock down the low-level radio functionality. I can flash new ROMs on my Android phone all day but the baseband radio firmware is a binary blob. It's the same thing with my Intel wireless card on Linux: the iwlwifi driver is open-source (GPL), but it loads firmware distributed under a closed-source license.

If OpenWRT is a Linux distribution for routers, I don't see how the FCC's rules would alter the status quo at all. Besides researchers, are people using OpenWRT actually fiddling with low-level RF parameters? Otherwise it seems like business as usual.
posted by anifinder at 7:55 AM on September 4, 2015


(Also if this were really about controlling wifi interference, we'd ban microwaves)
posted by RobotVoodooPower at 7:59 AM on September 4, 2015


Besides researchers, are people using OpenWRT actually fiddling with low-level RF parameters?

Depends on your definition of "low level". For example, setting the regulatory domain for your wifi adapter on bootup (US, Bolivia, etc) controls the channel definitions and max transmit power your adapter can use. This can be changed via command-line on Linux.
posted by RobotVoodooPower at 8:18 AM on September 4, 2015 [1 favorite]


Good point.
posted by anifinder at 8:21 AM on September 4, 2015


"Surely the result of this awful idea would be WiFi cards/chips with locked down black box firmware that interacts with the computer as a peripheral?"

That's exactly how they work now, for what it's worth. That's not some dumb peripheral you're plugging in there, it's an ARM CPU running its own OS.
posted by mhoye at 8:26 AM on September 4, 2015 [1 favorite]


> A shame, because citizen use of radio always depended on the honor system more than strict controls.

This is basically why we have government - In an "honor system," there are always those who will act without honor. For something like, say, a company pool of snacks, paid for individually on the honor system, a small minority of those who do not honor the agreement will be compensated for with the cash of the majority - One person generally won't disrupt the system enough to make it unusable for everyone else.

For systems where one person can cause tons of problems for everyone else, the honor system falls apart VERY quickly once it starts scaling up beyond very small groups. In smaller societies and groups and in person, this can be handled by "shunning." This does not work in large groups, nor does it work for anonymous actors.

Any honor system will evolve into formal governance with enough scale and time - the key is to have a system where that governance has public involvement and transparency.

Full disclosure - Much of my work is in security/compliance. I cannot tell you how many times growing organizations end up putting facist controls in place as a response to their loose "honor systems" and end up crippling themselves in the process.

This is also why I believe that pure libertarianism is a fantasy.
posted by MysticMCJ at 8:53 AM on September 4, 2015 [7 favorites]


Yeah, the problem isn't with the rule(s) in and of itself. It's that manufacturers would rather completely remove the ability to upgrade/update the firmware than develop some other regime which would allow that and still be compliant.

1) If they develop and market unflashable wifi chips, when a vuln is found in the firmware (and it will be) they're going to have some pretty pissed off customers that they have to tell, "well, the easiest fix is for you to buy another wifi card/device"

2) Buy futures in JTAG connector manufacturers, because that firmware blob got on there somehow.

3) Quite a cottage business could be made out of opening the firmware of a closed chip in Malaysia and then selling it to the US: it's illegal in the states to jam cell signals, but I can still buy a cell signal jammer.

In all seriousness, I understand where the FAA and FCC would really want to clamp down on this - as mccarty.tim noted above, an rtl2832 usb dongle is less than 20 bux - and unlike unlicensed use of ham radio, a malicious actor can really wreak havoc with an sdr and an antenna and amplifier. I think, however, that the best course of action would be to require that critical infrastructure (public or corporate) be better protected in their implementation rather than trying to lock down the firmwares on everybody else's hardware.
posted by eclectist at 9:25 AM on September 4, 2015 [1 favorite]


That's not some dumb peripheral you're plugging in there, it's an ARM CPU running its own OS.
At least in the case of a router you're communicating with that CPU only when your own network stack chooses. Even with a WiFi card you've got an IOMMU limiting the card's access to only what your driver allows. None of that makes you impervious, but if the firmware gets allowed access to your OS it's by mistake rather than by design.

The nasty case is that of smartphones, where the baseband CPU doesn't just have its own closed firmware, it may have unrestricted DMA access to the same memory used by your OS. At that point it doesn't matter whether you root your phone, how securely you lock it down afterwards, or what level of encryption you try to apply to the data you send; if the NSA doesn't still have unimpeded access that's merely because they aren't currently bothering to.
posted by roystgnr at 9:33 AM on September 4, 2015 [4 favorites]


This is a lot of unnecessary fear mongering. The FCC is just trying to get ahead of the curve on the trend to more Software Defined Radio. Software defined radio moves traditional analog hardware implemented functions into the software digital domain. Of particular concern are modulation/demodulation, which allows you to change the frequency, and amplification, which allows you to change the transmission power. These are functions you can't give access to users because of the potential for widespread havoc and besides, its a violation of FCC law.

This doesn't mean you can't reflash your router. The only portions you should care about are the back end processing of packets and the protocol stack. That's where you can find bugs, create faster algorithms of operation and encrypt/decrypt to your heart's delight without harming others.

The FCC is saying that if manufacturers implement software defined portions of their radios, they have to lock down and make that separate from the actual packet processing firmware that users can modify.
posted by JackFlash at 1:22 PM on September 4, 2015 [2 favorites]


The FCC is saying that if manufacturers implement software defined portions of their radios, they have to lock down and make that separate from the actual packet processing firmware that users can modify.

Yeah, in fairness to the FCC tweaking the PHY layer of your wifi router is a terrible idea unless you're an actual antenna designer or whatever.
posted by GuyZero at 1:48 PM on September 4, 2015


Just as an example, think if any 12-year-old script kiddie could reflash his router to get away from his annoying neighbors in that crowded wifi band and edge over to the much cleaner adjacent aeronautical navigation band. Oh, and may as well turn up the power to illegal levels at the same time.
posted by JackFlash at 2:03 PM on September 4, 2015 [3 favorites]


Well he'd have to reflash his client devices too and the antennas would probably be ok if not optimal but yeah, the FCC is going to do the same thing to SDR that they did to pirate radio stations: make them mostly illegal.
posted by GuyZero at 2:37 PM on September 4, 2015


I don't believe OpenWRT & fellow travelers are worried about this over nothing.

The blob that implements RF parameters is non-trivial. You can tell this because they release updates for existing systems :). It can implement a bunch of stuff that's not purely RF. We've established there can be a whole CPU running it, and there are various pressures to take advantage of that. The result can have unrelated limitations (e.g. on creating multiple virtual interfaces) and known bugs. Doubtless including security holes.

Some of these wifi cards don't use "blobs" [un-modifiable binaries]: they have open source firmware.

Where open-source projects are blocked by deficiencies in device firmware, they want options to fix it. My personal interest is in Dave Täht's projects to fix latency (bufferbloat) and solve the wifi congestion-collapse problem on commodity Linux access points (#makewififast).

I expect open-source people prefer a compromise like the Linux kernel CRDA. Linux has various controls to help you comply with local law. When you connect to a wifi access point, the AP specifies the country and Linux follows the appropriate law. You can break that, but only by building your own kernel with hacked source code. Maybe similar principles could be pushed into the device firmware; I don't know whether that makes sense or not.
posted by sourcejedi at 3:14 PM on September 4, 2015 [2 favorites]


IOW it's complex. So people affected by this need to scrutinize it and provide feedback. And as TechDirt say, to make sure that it's clear and router manufacturers don't over-react and lock us out. Don't stop us fixing devices that become out-of-date, accumulate known bugs and security vulnerabilities, and remain limited by widespread oversights. (The latency problem again).
posted by sourcejedi at 3:28 PM on September 4, 2015 [2 favorites]


The problem with taking a Chicken Little stance, though, is that it creates a false impression of the situation. As people are pointing out, they're not doing this to be mustache twirling villains, but because there are some genuine issues of safety and cooperation involved. This is something that the tech community has had issues on being good neighbors about. Yes, they should be looking things over, but they also need to acknowledge that there are real issues being brought up, and that they aren't the only stakeholders.
posted by NoxAeternum at 3:43 PM on September 4, 2015


rather I think the gubmen't has heartburn about citizens being able to do things like listen to airplane transponders with $30 TV tuners, and this is a security-through-obscurity approach. A shame, because citizen use of radio always depended on the honor system more than strict controls.

No, I rather think it's a concern that someone will flash WiFiSpEeDuP.eXe and end up with their router shitting all over the frequencies used by TDWR to warn ATC about microbursts and so would lead to more of this, or this, or this, or....
posted by MikeKD at 7:58 PM on September 4, 2015 [1 favorite]


A shame, because citizen use of radio always depended on the honor system more than strict controls.

That is not true. Use of the radio spectrum has been strictly regulated for almost a century. Amateurs (ham radio operators) who want to experiment are strictly limited to a few amateur radio bands, and even then they first must pass proficiency and knowledge tests and get a license before they start messing around. Violations are enforced and routinely do result in license and equipment forfeitures and fines.

Use of the commercial bands is very strictly regulated and all radio equipment must pass stringent and expensive laboratory qualification tests before it is released to the public.

So any software modification of a radio would require testing and re-qualification before use. For software defined radios, each discrete software mode must be tested and qualified and then only those tested modes implemented in software. Users modifying the radio specifications would be a violation and the new regulations are intended prevent users from doing that.

You can do what you want with the software protocol stacks and data handling, but you can't mess with the radios. The proposed rules are to keep those two functions separated.
posted by JackFlash at 11:05 PM on September 4, 2015


The interference with TDWR turns out to be an interesting and complex issue. Many reports, equally mixed between WiFi and WiMAX (really!), and with a huge concentration of problems in Puerto Rico.

Some of them are because transmitters weren't using a feature that's designed to sense nearby radars and disable appropriate channels, and others were because of use of high gain antennas. All the WiFi problems were caused by a single vendor (which, unfortunately, I can't see because the FCC database of violations is down over the weekend because the commission is upgrading its IT).
posted by Devonian at 5:48 AM on September 5, 2015 [2 favorites]


I understand where the FAA and FCC would really want to clamp down on this - as mccarty.tim noted above, an rtl2832 usb dongle is less than 20 bux - and unlike unlicensed use of ham radio, a malicious actor can really wreak havoc with an sdr and an antenna and amplifier.

FWIW, these cheap TV tuner dongles can receive only. They don't have the capability to transmit, even when making use of the undocumented feature that allows them to function as SDRs.

To transmit, one would need to invest more, such as US$300 for a HackRF or $1500 for a USRP. Then you'd need to design or purchase an antenna for the desired frequency and/or directionality, and an amplifier to boost the signal enough to cause any mayhem.

This is all stuff that a sufficiently motivated and funded attacker could do anyway, regardless of the existence of these experimental ("development") systems, which by my understanding the FCC doesn't regulate/require certs for. After all, you need to develop a system before you can even apply for a cert. For a supplier of boards to hobbyists/researchers, one way around draconian restrictions might be to just ship your board sans firmware and have the customer take on the responsibility for flashing it and using it. I don't believe the FCC cares about nonfunctional radios.

The amateur radio service does rely on an "honor system", but part of the reason it works is that hams are self-policing. Many have a hobby of tracking down the source of illegal/disruptive transmissions and then reporting the offender's address to the FCC, which can then apply fines.
posted by vira at 10:55 AM on September 5, 2015


FWIW, these cheap TV tuner dongles can receive only.

While the FCC is more concerned about transmitters than receivers, all receivers must also pass FCC certification. That is because receivers contain local intermediate oscillators that are used to heterodyne the high carrier frequency down to a more manageable lower frequency for signal detection. Interference due to unintended radiation from local oscillators in receivers is a prime concern for FCC certification. So, no, receivers are not immune from restrictions on user modifications.

For a supplier of boards to hobbyists/researchers, one way around draconian restrictions might be to just ship your board sans firmware and have the customer take on the responsibility for flashing it and using it. I don't believe the FCC cares about nonfunctional radios.

This is exactly the thing that the regulations are designed to prevent. If it is intended to be used as a radio, then it falls under FCC regulations. A manufacturer is forbidden from shipping to end users uncertified radio equipment.

An example of this were some imported CB radios during the CB trucker era. Some of these radios had a jumper inside that when cut would permit the radio to use channels outside of the designated bands. The FCC stopped these imports even though the radio as shipped was certified.
posted by JackFlash at 11:15 AM on September 5, 2015


You can, to this day, go buy a big-name-brand radio, unsolder a couplefew 0 ohm jumper resistors, and suddenly you can transmit on all kinds of bands the radio was absolutely not certified for. (See: Kenwood TM-V7A and being able to transmit in satellite VHF bands, military VHF, MURS, etc.) The FCC doesn't care unless it becomes big news, you advertise it, or the modifications are too trivial. The FCC has never cared beyond what they'll get into trouble over. They don't have the funds to care.

It's a complicated issue, but the FCC is doing its usual bumbling and stumbling, reminding us they're a dysfunctional and largely toothless agency.
posted by introp at 2:06 PM on September 5, 2015


That Kenwood radio has those jumpers to allow it to operate in different countries which have slightly different frequency bands. They are not put there to allow illegal operation. Those jumpers are intended to only be modified at the factory. That radio requires an amateur radio operator's (ham) license. Ham operators know that it is illegal to operate a radio out of band and unlikely to risk their license. The FCC is not particularly concerned about this radio because it was not intentionally designed to violate the law and ham operators are pretty good about policing their own members.
posted by JackFlash at 8:36 PM on September 5, 2015


If it is intended to be used as a radio, then it falls under FCC regulations. A manufacturer is forbidden from shipping to end users uncertified radio equipment.

The issue of regulating software/firmware seems pretty murky. For example, the HackRF (which had some funding from DARPA, so one Gov't hand approves of it at least) would seem to face a "high bar" to certification due to its use of purely open source firmware. That link also opines:
Similarly, the FCC’s ancillary jurisdiction cannot reasonably extend to the development of software by parties uninvolved in the marketing or sale of radio devices. Congress did not contemplate the FCC as a generic technology regulatory agency, and courts have repeatedly limited the FCC’s reach when it attempted to make rules outside of the realm of the distribution or marketing of equipment capable of wire or radio signal transmission.13 Attempts by the FCC to regulate the activities of software developers not engaged in the importation or marketing of radio devices and not employed by telecommunication carriers are likely to be met with similar judicial restriction.
The HackRF has not undergone any certification testing, and it appears there are no plans for it to do so. The designer, Michael Ossmann, states in this podcast that "The power on board is limited by design; this reduces cost and stays under the radar (sic) for the FCC. Regardless, it still has 10 dB of front end gain." So even if it's forbidden, this device seems to be getting away with it.

Sparkfun notes here that "The FCC allows a hobbyist to build up to five devices of a single design for personal use with no testing whatsoever. If you are contacted by the FCC (or anyone else) about a matter of spectrum interference, immediately stop using the device, don't use it again, and you should be okay."
posted by vira at 10:01 AM on September 6, 2015


It isn't particularly murky. From your link:
"The rules require any manufacturer certifying a device under the new process to take steps to prevent “unauthorized” changes to the software on the device that might alter its radio frequency and power parameters in a way that takes it out of compliance with the regulations known as FCC Part 15 regulations. The specific technology implemented to accomplish this task is left to the manufacturers seeking certification, although the FCC suggests several possible mechanisms that can serve as such “security measures."

The FCC is clear that modifying software is fine as long as it doesn't allow the user to change the power or frequency of the radios in a way that violates regulations. So the software can modify the radio in order to switch channels, for example, but the software must prevent changing to channels outside of regulations. There must be a security mechanism that restricts direct access to radio parameters.

The method for ensuring that security is up to the manufacturer. The FCC also states that open source software will receive extra scrutiny because it invites user experimentation. This means that open source software developers for commercial products must demonstrate a robust security mechanism walling off the radio portions from the user. That could be a physical mechanism, such as making the radio configuration separate from user software, or it could be a software security mechanism such as an OS that makes the radio kernel separate from application software.

The HackRF device is so low powered that it is unlikely to be an FCC concern. 10 dbm is less than 10 milliwatts, about one-tenth of what your wifi router puts out and less than one-hundredth of a cellphone. It is going to be near undetectable outside of your own house and unlikely to cause interference to your neighbors. However, if it becomes known that people are abusing this device by attaching external amplifiers, then I wouldn't be surprised if the FCC cracks down. In other words, don't screw things up for everyone by being jerk
posted by JackFlash at 11:23 AM on September 6, 2015


The Kenwood radio is a perfect example, because no, those jumpers aren't there to allow it to be adjusted for different markets. There are three models (US/Canada, general NA, and Europe); the jumpers allow a user to open up transmit in bands that aren't enabled on any of those three models. Read that again: none of the three models can transmit below 144 MHz, and none of them are certified by any regulatory agency to do so. But you can lift a couple jumpers and transmit WAY down into the sat band, etc. Literally the only reason the jumpers are there is so you can modify the radio to illegally transmit. THIS IS SUPER-COMMON.

The FCC does not care if it is trivial to modify the radio to have it transmit in unapproved licensed bands. It just has to not cause them a public headache. Thus it has always been.

I used to work for a company that made transmitters and receivers. Among other things, we were one of the companies supporting the US 2G and later 3G rollouts. When people acquired all that new spectrum, they had to have mid-power (10 to 100 W) test transmitters to verify coverage models. We made those. We put them through FCC cert. Many variants. I can personally attest that the FCC does not give a flying crap if your hardware is clearly designed to transmit outside the licensed or legal range, nor if it is trivial to modify the transmitter to do so. It just can't cause them grief (mostly political grief) and it can't clearly say on the nameplate / operating screen.
posted by introp at 3:00 PM on September 6, 2015 [1 favorite]


To be clear: it can't transmit illegally out of the box. You do have to make a legal declaration that its operation is within the legal bands, etc. But if all you have to do is open the cover and do X to circumvent that limit? DON'T CARE. DON'T WANT TO KNOW DESPITE HOW OBVIOUS IT IS.
posted by introp at 3:11 PM on September 6, 2015


Literally the only reason the jumpers are there is so you can modify the radio to illegally transmit. THIS IS SUPER-COMMON.

Not, that is not the reason for the jumpers. This is not "super common." No reputable radio manufacturer is making radios that can transmit illegally. What, you think manufacturers like being sued or shutdown by the government?

The jumpers are there to allow the equipment to work in various countries. Seriously, you think a reputable company like Kenwood is intentionally making radios for illegal use? That is just dumb.

There are various combinations of jumpers that tune the voltage controlled oscillator. But only certain, legal, combinations are intended for use and set at the factory appropriate for the country of sale. The four jumpers have 16 possible combinations. The extra, unused, combinations are just an artifact of the circuit implementation, not an intention to allow illegal transmissions.

Kenwood does not publish any information on these jumpers for users. Someone may have reverse engineered the system and determined how to modify it for other purposes, but that can be done for any radio equipment. Kenwood did not intend for them to be used in this way. What useful purpose would it serve? It's not like the amateur bands are overcrowded. And who would you talk to in an illegal band. Usually hams want to find bands with lots of people to talk to. Do you really think Kenwood decided that there is a big market for illegal radios? Keep in mind that this radio requires a ham license to operate. Do you really think there are lots of criminal hams out there? Nothing you are saying makes any sense.

"The FCC does not care if it is trivial to modify the radio to have it transmit in unapproved licensed bands."

This is clearly a false statement. The entire purpose of the new FCC rules is to prevent trivial modification.
posted by JackFlash at 3:37 PM on September 6, 2015


You seem to be talking about something which you have no experience. Many of the things you are claiming are directly contradicted by evidence.

The jumpers don't directly control the VFO! They're entirely software (config) inputs to the micro. They tell the software what it's allowed to do. If Kenwood were really interested in not allowing you to transmit down at 136 MHz, which no version of that radio sold is approved to do, they'd disable that feature in software. I.e., not pay attention to those particular jumpers. They already have region-specific firmware (note the changes in the bootup display regardless of what jumpers you have installed/removed) to handle band config. Those jumpers are simply digital config signals to the micro that say "open up your range nearly as wide as the hardware (which we deliberately designed to be considerably wider than necessary) will allow."

(I'm picking on the TM-V7 because I happen to know a lot about its development.)

Fact: Kenwood wants it to be possible to modify the radio to be able transmit where it is both uncertified and illegal. They had ample opportunity to disable that feature in firmware but have no reason to. Once it leaves factory test mode (in which the jumpers do not participate), it could trivially limit itself to just legal frequencies.

That radio is probably, what, 18+ years old and was sold for over a decade? People modded them left and right to open up the RX and TX and the FCC did not care. Kenwood did not care. Kenwood did not get in any more trouble than any other radio manufacturer, which is to say very nearly zero trouble.

This is not an outlier. Tons and tons of radios are built this way. Ask yourself why.
"The FCC does not care if it is trivial to modify the radio to have it transmit in unapproved licensed bands."

This is clearly a false statement. The entire purpose of the new FCC rules is to prevent trivial modification.
Read the next sentence, please. (Emphasis mine.)
The FCC does not care if it is trivial to modify the radio to have it transmit in unapproved licensed bands. It just has to not cause them a public headache.
Which is exactly my point. They care right now about this one thing. Clearly! As with virtually everything the FCC has done in the last 23 years, this crack-down is part showmanship and part real concern. Enough parties with political clout complained and so the much-starved FCC has to do something. Much like what happened with old analog 850 MHz cellular reception, which for a long time was blocked but often trivially enabled by lifting a jumper or diode; eventually the FCC squashed that, too, because they continued to get in trouble from the hill over it. They know these tricks, but they won't crack down on them unless they get in trouble with what amounts to their bosses. If they were specifically concerned with unlicensed transmissions and interference, there are a LOT bigger targets to be going after.
posted by introp at 6:11 PM on September 6, 2015


An LWN commenter points to document dated March 18. "Describe in detail how the device is protected from “flashing” and the installation of third-party firmware such as DD-WRT."

So if we believe TechDirt then the documents were since revised. But it might help explain where the backlash comes from.
posted by sourcejedi at 2:13 AM on September 11, 2015 [1 favorite]


Wow. That document is fairly damning. :(
posted by introp at 7:22 AM on September 11, 2015


"Yes, the FCC might ban your operating system". Extreme-sounding title, but actually pretty well-written. Ignore my previous hedging; the "U-NII Device Security" document on the FCC website still explicitly bans DD-WRT.

I don't imagine open source OS's are going to be locked out of every single Wi-Fi connected machine for good. But that's why we need the rules to be changed. (Note there's nothing particularly specific to "routers" there).
posted by sourcejedi at 10:49 AM on September 27, 2015




« Older so many severed doll limbs   |   Ride, hustle, kill, repeat. Newer »


This thread has been archived and is closed to new comments