Ask Slashdot: How Can You Avoid Routers With Locked Firmware?

thejynxed writes: Awhile ago the FCC in the USA implemented a rule that required manufacturers to restrict end-users from tampering with the radio outputs on wi-fi routers. It was predicted that manufacturers would take the lazy way out by locking down the firmware/bootloaders of the routers entirely instead of partitioning off access to the radio transmit power and channel ranges. This has apparently proven to be the case, as even now routers that were previously marketed as "Open Source Ready" or "DD-WRT Compatible" are coming with locked firmware.

In my case, having noticed this trend, I purchased three routers from Belkin, Buffalo, and Netgear in Canada, the UK, and Germany respectively, instead of the USA, and the results: All three routers had locked firmware/bootloaders, with no downgrade rights and no way to install Tomato, DD-WRT, OpenWRT, etc. It seems the FCC rule is an example of the wide-reaching effect of US law on the products sold in other nations, etc. So, does anyone know a good source of unlocked routers or other technical information on how to bypass this ridiculous outcome of FCC over-reach and manufacturer laziness?
The FCC later specified that they were not trying to block Open Source firmware modifications -- so leave your best suggestions in the comments. How can you avoid routers with locked firmware?

Get a cheap PC that 10 years old, add PFSense

[Anaerin]

It's a fantastic router platform, supports oodles of hardware, and can run on cheap machines. For instance: Start here [orangecomputers.com] use a 5600 series Xeon and the smallest amount of RAM and HDD you can get, and you've got a killer router capable of handling much greater than gigabit traffic. If you need Wireless as well, you can either add a low-profile 802.11 card, or buy a cheap home "router" and run it in Access Point only mode, which will put it behind your firewall (and thus safe from internet-based hack attacks), rather than it being your firewall and vulnerable.

Re:Get a cheap PC that 10 years old, add PFSense

[eastlight_jim]

Whilst your electric might be free, running a 100-200W PC instead of 6W router is a little overkill for most people. The best solution, of course, is to be allowed to put new firmware on your existing router ;-)

Re:

[Salgak1]

. . .and if your existing router won't take, or doesn't have a DD-WRT or OpenWRT image available. . . . there's always Ebay. I built out an entire Legacy Systems lab off of Ebay purchases, after we got complaints from the field that the latest plastic fantastic software wouldn't run on their old Win7 or WinXP boxes. . .

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[TheCarp]

What you could do though, is make the wifi router as dumb as possible and use a pi to replace its services.

I use an ancient WRT54G with a tomato firmware. its nice, but I prefer a bit more control over dhcp and dns so I setup a VM for that. Well... that means my network services break whenever the VM host needs some TLC. So I moved all those services to a pi.....because needing to reconfigure my desktop to connect to the web and explain to others why the network isn't working are both annoying when I need t

APU2C4

[nuckfuts]

You can run pfSense on a small platform such as the APU2C4 [pcengines.ch] from PC Engines. It draws 6W to 12W.

I bought a complete kit from here [corpshadow.biz]. Quite happy with it.

SSD for APU2C4

[nuckfuts]

I should have mentioned, you'll probably want to add a storage option such as this [corpshadow.biz] for the APU2C4.

auto-updating computers with linux, hostap

[Kludge]

I no longer buy wireless routers. I use old laptops or raspberry pis running hostap. I set them to auto-update so I do not have to worry about security vulnerabilities. For additional network ports I use usb devices.
These systems are rock solid.

Re:Get a cheap PC that 10 years old, add PFSense

[TheRaven64]

Power here costs about £1/W/year. If you're expecting to keep your router for 2 years, it's worth spending up to £20 to reduce the power consumption by 10W. A typical old desktop will draw around 60W, an embedded router board will draw around 6W. That works out at a saving of £108 over two years, which is about the total cost of the embedded router board (PC-Engines or Soekris). After three years, even if you got the old PC for free, it's still more expensive. I used a PC-Engines WRAP board as my home router for around 5 years before needing to upgrade.

Re:

[arth1]

Flash storage is cheap. You don't need an SSD, just a USB thumbdrive. Firewall distributions are optimized for read only operation, so size and speed of the flash storage are not a concern.

Reliability is, though, and data rot rates over time on typical pen drives are rather bad compared to most storage. Re-imaging the entire drive every year helps reduce the risk, but do you really want to do that?

USB drives used to be better, with controllers that would rewrite data when idle. But the average consumer never cared about inner workings as much as getting a cheaper product, so low MTBFs is what you get now.

Re: Get a cheap PC that 10 years old, add PFSense

[raburton]

Can't argue with the pricing there. But if you want something lower power and smaller size try one of these https://m.aliexpress.com/s/ite... [aliexpress.com] still more power than you need for most applications (especially if you're comparison is some crappy little MIPS router). I considered pfsence but I'm more of a Linux person and didn't need the bells and whistles of the nice GUI, so it's just running stock Debian with ip tables and very little else on it (but with a lot of options if you want to do more with it).

Re:Get a cheap PC that 10 years old, add PFSense

[thegarbz]

It's recommendations like this that are the reason for America's incredible high emissions per capita stats.

Running a full powered PC from an era that didn't concern itself with efficiency, in a field (servers) which didn't concern themselves about efficiency instead of a small appliance that should use less power than an energy saving bulb.

Re:

[dwywit]

So do it with a laptop instead. Find a used but serviceable core2duo or core i3, replace the HDD with a small SSD, and make sure the power management is set to as low a usage as it can be without affecting performance (mostly make sure the screen turns off ASAP - you could even run it headless, how 'bout dat?). One ethernet and one wi-fi interface makes it perfect for home use.

You might even get away without an SSD - run a live distro off a bootable USB. Generous RAM, no swap needed.

Re:

[Hognoxious]

One ethernet and one wi-fi interface makes it perfect for home use.

Yeah, if you live on your own.

Re:

[dwywit]

Yeah, 'home', as in 'family' - not a bunch of enthusiasts who will readily saturate a connection with ISOs or GoT torrents. I've figured out how to throttle my linux torrents and let them run overnight or off-peak, instead of causing problems for the other people sharing my connection.

Anyway, if you're using that kind of bandwidth, shouldn't you be looking at a commercial solution, and not a hacked domestic router/modem?

Re:

[DuckDodgers]

I have four kids and my wife and I are cable-cutters, so we're routinely drawing a lot of bandwidth on our 200 Mbps internet connection. My home router is running DD-WRT, because it's three years old. But if I didn't have that, I think I might be able to get by with an old laptop as long as it had two USB 2.0 ports. I could plug USB gigabit ethernet devices into those. The bandwidth would be capped at what USB 2.0 can handle, but that should be well above 200 Mbps.

Re:

[Wolfrider]

> I might be able to get by with an old laptop as long as it had two USB 2.0 ports. I could plug USB gigabit ethernet devices into those. The bandwidth would be capped at what USB 2.0 can handle

--No. Just NO. If you're going to use an old laptop, at least get one that can handle a USB3 expansion card, like the Startech 2-port Expresscard. (ECUSB3S22, ~$30 on Amazon.)

--Using 2xUSB2 ports for Gig Ethernet will limit your bandwidth to ~15MB/sec maximum if they're both in simultaneous use. (Real world, prob

Re:

[DuckDodgers]

So I have a much weaker understanding of this kind of thing than I would like. My understanding is that the total bandwidth of any set of USB ports connected to a single USB "card" on the motherboard is actually the max for one port. i.e. if a particular version of USB has bandwidth X, then you can't have port 1 with throughput X as the same time port 2 has throughput X. If they both use the same "card" on the motherboard, then the total throughput between them combined is X. Then on top of that, I took

Re:

[Wolfrider]

--Real-world measurements/experience. I have an older laptop that has a single-core, 64-bit CPU, USB2 native ports and 100MBit native Ethernet port.

More info here:
https://freedompenguin.com/art... [freedompenguin.com]

( You can search freedompenguin for 'zfs' if you want to see my other articles )

--I switched out the sloow original laptop spinning-platter 160GB SATA drive with an SSD, BTW - boots Antix nice and fast. If I put a USB3 Gig Ethernet adapter on a USB2 port along with an external USB3 1 Terabyte spinning hard drive

Re:

[DuckDodgers]

To be pedantic about "that didn't concern itself with efficiency": they were extremely concerned with efficiency. Google, Microsoft, IBM, Oracle, HP, Amazon, Yahoo, and others in 2005 (for example) cared very much about every dollar spent on power and every dollar spent on cooling. They bought the most efficient server hardware they could afford. That hardware was just twelve years behind the levels of efficiency we have today.

This whole problem is very much one of those places where the Free Softwar

Re:

[thegarbz]

No, what I want is for the world to get to a stage where cheap-shots against America don't exist. You could start by taking some responsibility for your energy use.

Re:

[DNS-and-BIND]

LOL, give me a break. Entire nations are built on foundations of hating America. It's not going to stop any time soon and if we ever did like you wanted you'd just change to a new issue.

Remember the gay marriage thing? Supreme Court ruled it legal. What was the reaction? "Hooray for America"? Hell no, it was "well it was about fucking time." Followed by an immediate retargeting of America-hate onto different subjects. It will never stop, it can't stop. People have too much invested in it.

Re:Get a cheap PC that 10 years old, add PFSense

[mellon]

I'm currently experimenting with the NanoPi, which I think has better I/O (it has gigabit ethernet and comes with an antenna). I haven't gotten openwrt running on it yet, but am working on it: http://nanopi.org/NanoPi-2_Fea... [nanopi.org]

The best thing about it is that if it doesn't suck, I can just scatter a bunch of them around the house--they are ridiculously cheap compared to typical WiFi routers.

If you want something a lot beefier, consider getting a Turris Omnia [turris.cz]. Not cheap, but it's practically a server, and will draw a lot less power than your 10-year-old PC. They are working on FCC certification, should be available in the U.S. in a few months. I have one from the kickstarter... :)

Re:

[DuckDodgers]

Thanks for the Turris Omnia suggestion. That's awesome.

Though I suspect their 802.11ac wireless drivers are proprietary. I haven't done research recently, but when I checked last year there were no fully open source 802.11ac device drivers.

Re:Get a cheap PC that 10 years old, add PFSense

[arglebargle_xiv]

If you're going to go that way, get an Alix APU [pcengines.ch], which is x86 without all the bloat and heat of a standard PC. It's designed for use as routers/firewalls/whatever, and runs pfSense out of the box. Also, unlike a Pi, it's actually properly designed, with real ethernet NICs, proper power conditioning, proper flash storage that doesn't shit itself every time there's a power glitch, and so on. I've got older Alix hardware that's been running for close to ten years without being touched, and that I have no expectation of needing maintenance for many more years to come.

Re:

[John Smith]

You're probably much better off getting a NUC-style system, perhaps with multiple NICs. The power consumption on the old CPUs is what gets you.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[DuckDodgers]

This was covered up-thread, but the Raspberry Pi has a 100 Mpbs ethernet port and also shares bandwidth between ethernet and USB 2.0, so that if you're doing something data-intensive over USB 2.0 like reading a big file it will actually slow your network throughput.

So that's an acceptable solution for someone that isn't using much data, but won't work if you and your friends are watching a few different shows on Youtube or Netflix at the same time.

Re:Get a cheap PC that 10 years old, add PFSense

[danbert8]

If you are going for a 10 year old PC, why not just get an older router that supports flashing firmware?

Re:

[CastrTroy]

The minimum CPU on those boxes is 80W. You'll pay a lot for your power bill in the long run over going for something like an i3 mini PC from AliExpress. Not only are those servers huge, but they also create a whole lot of noise.

Re:Get a cheap PC that 10 years old, add PFSense

[viperidaenz]

and put everything through a single usb port?
Perfect for routing your dialup connection!

Re:

[sheramil]

it isn't any good as a router, but think of the street credibility! the only way to beat that would be to use an Arduino.

Re:

[AmiMoJo]

You probably could use an Arduino...

http://lallafa.de/blog/amiga-p... [lallafa.de]

Re:

[bobbied]

Raspberry Pis have a single 10/100 port on them. In what universe is that good for a router?

No universe I know... That port is USB based (USB 2.0) which is going to be pretty slow. Now don't be fooled by a single port... Coupled with a VLAN enabled switch (which are cheap) you can have multiple ports on your system, no problem.

Re:

[vtcodger]

"Raspberry Pis have a single 10/100 port on them. In what universe is that good for a router?"

The many 10s of millions of North Americans who live in rural areas? Contrary to the assumption of those running things, a lot of us are lucky to be be able to get enough bandwidth to stream video while downloading Slashdot, much less saturate a 100 mbps connection. Yeah, I know a Raspberry Pi probably won't transfer anywhere near 100 mbps in practice. I expect it'd manage routing stuff to/from a 5mbps DSL line

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[arglebargle_xiv]

And yeah, the Turris is on the expensive end of the scale.

It's more than three times the price of an Alix (see my other post below). You do get a little bit more on the Turris but most of it is kinda superfluous, I think for most people an Alix more than meets the requirements.

Re: Get a cheap PC that 10 years old, add PFSense

[ERJ]

87,600 Wh = 87.6 kWh 87.6 kWh * .12 = $10.50 / year

Re:Get a cheap PC that 10 years old, add PFSense

[PhunkySchtuff]

Two orders of magnitude actually.
24 hours × 365 days × 100 Watts = 876,000 Watt-hours = 876 kW/h
876 kW/h at $0.12c per kW/h is $105.12 per year.

Think about your annual power bill - if it cost $1,000 to run a 100W globe for a year, we'd all be sitting around in the dark.
In a house with, say, 10 light globes running them each for 8 hours per day, your power bill for lighting alone would be over $3,000

Re:Get a cheap PC that 10 years old, add PFSense

[TheRaven64]

You can't do arithmetic: 24 * 365 * 100 = 876000. 24 * 365 * 100 / 1000 = 876. Your 87600 is neither of these numbers and I have no idea how you calculated it. The rough rule of thumb is $1/W/year, with your price estimate it's $1.0512, which is close enough. With 18 cents/kWh, it's $1.5768, but for most of the US $1-2 is the right ballpark. For Germany, it's $3. That doesn't actually detract too much from your main point. You're paying $300/year for power for the 100W machine. A 6W machine that costs $200 will save you over $90 in the first year.

Roll your own

[Zarhan]

http://elinux.org/RPI-Wireless... [elinux.org]

Pretty much only way to be sure.

Beyond that, you go with the same approach as when getting a PC to use with Linux - try to verify each individual component and whether it works or not.

Re:

[arglebargle_xiv]

The RaspberryPis are terrible choices for a router.

The Raspberry Pi is a terrible choice for anything that's put into a production environment, not just routers. They're educational toys, not something that's meant to be run 24/7/365 in a serious situation. By all means prototype it on a Pi, but for fscks sake don't ship a commercial product based on it.

Re:

[jon3k]

not something that's meant to be run 24/7/365 in a serious situation

First, I don't know what qualifies as a "serious situation", we are talking about someone's home router. But what exactly makes a RPi incapable of running 24x7? There thousands of these running 24x7 without issue.

Solution: Don't buy those brands anymore...

[Steve Jackson]

PLENTY of "make your own" options out there these days... Easy options even. Newegg has an ITX mainboard with a built in AES-NI CPU for Hardware accelerated encryption, for 56$... Add a dell Broadcom SFF 4 Port Gig NIC and some RAM, and whola! Whatever router config you need is just a download away!

Re:

[PolygamousRanchKid]

Well, as soon as the NSA spooks get wind of this, the US government will ban vendors from supplying any useful encryption, as well.

Because banning encryption from the hands of ordinary citizens will "fix" the problem of terrorism, right?

If good old King George of England had the NSA back then, the American Revolution never could have happened.

"One, if by land! Two, if by sea!"

Oh, wait, the American Colonists are not allowed to have lanterns!

Re:

[PolygamousRanchKid]

Aren't you aware that the NSA works towards making encryption and secure systems available to the US public and corporations?!?

Yes, the NSA has a long history of "helping" the US public and corporations with encryption . . . like the DES standard . . . invented by IBM, intentionally crippled by the NSA.

An ancient rule of war . . . don't provide your allies with any weapons that you are not able to defeat yourself . . . just in case your allies today become your enemies tomorrow.

Re:

[tstrunk]

PLENTY of "make your own" options out there these days... Easy options even. Newegg has an ITX mainboard with a built in AES-NI CPU for Hardware accelerated encryption, for 56$... Add a dell Broadcom SFF 4 Port Gig NIC and some RAM, and whola! Whatever router config you need is just a download away!

I disagree with your statement, because you are missing one thing: "The Modem" (however I'm limiting this statement to Europe, because I don't know the situation in the US)
In Europe you cannot buy isolated cable modems for Eurodocsis 3.1. The most you can get is a complete router with an integrated Eurodocsis modem, which, if you are lucky, you can configure into a bridged modem mode.

For your project to succeed and be the "be all, end all" solution, you would require a cable modem add-in card. This is some

Re: Solution: Don't buy those brands anymore...

[Entrope]

Here is the world smallest viola, playing a requiem for people who don't know how to spell "voila".

Turris Omnia

[JoSch1337]

https://omnia.turris.cz/ [turris.cz]

Specs: 1.6 GHz dual-core ARM, 2 GB DDR3, 8 GB flash, 5 Gbit LAN, 1 Gbit WAN, 2 USB 3.0, 2 Mini PCI Express, 1 mSATA / mini PCI Express, 3x3 MIMO 802.11ac, 2x2 MIMO 802.11b/g/n

I use it together with two hard drives attached via SATA.

It ships with a custom version of OpenWRT but you can also install other stuff on it like Debian:

https://wiki.debian.org/Instal... [debian.org]

Or openSUSE:

https://en.opensuse.org/HCL:Tu... [opensuse.org]

Re:

[alantus]

It looks good, but overpriced.

Re:

[klapaucjusz]

The Turris Omnia is some very nice hardware, and built by people who are very much devoted to free software (nic.cz [www.nic.cz], the same guys who brought us the Bird routing suite and KnotDNS). It's a little bit overkill for a home router (it's got massive amounts of memory and a fiber interface), but if you're fine with spending over 200 euros, it's an excellent choice.

Re:

[Cramit]

I didn't see a way to purchase in the US; did I miss it?

Re:Turris Omnia

[AmiMoJo]

Seems very expensive for what it is... If you go on AliExpress and search for "x86 router" or "arm router" you will find hundreds of options costing less than 1/3rd as much. For example: https://www.aliexpress.com/ite... [aliexpress.com]

Celeron J1900 (quad core, 2.4GHz)
1x DDR RAM RAM socket
Intel chipset
mSATA SSD slot
4 Intel I211AT gigabit LAN ports
3x USB 2.0
1x USB 3.0
2x MiniPCIe ports
10W max power consumption

The case has holes for wifi antennas, which you can order with it. It's pretty much a standard PC so will run whatever Linux or even Windows OS you want. It's got VGA as well which can be handy for an emergency shell.

You could add a really simple UPS with a 12V lead acid battery and a few diodes too.

Separate Access Point from Router

[aaarrrgggh]

Personally, I find that going with a dedicated router and dedicated access point(s) makes for a more flexible solution anyway. Better placement options, easier to upgrade the wireless, etc. I use Ubiquiti gear, which gives me Vyatta on the routing/firewall and a solid (locked down) access point.

Curious to try out the little pfsense appliances, but they are a bit more pricey.

"save wifi" campaign

[lkcl]

The FCC later specified that they were not trying to block Open Source firmware modifications

they were told IN NO UNCERTAIN TERMS that this is exactly what would happen - that manufacturers would take the "lazy" way out. unfortunately, a number of prominent "open source" activists completely and utterly failed to comprehend that this would happen, and ENDORSED the FCC's proposal.

there are some very specific companies that sell RYF-Endorsed products (answering the OP's question: google "RYF Certified router" or other such keyword combinations), and these companies are near-completely screwed. if they are not careful they have to sell ILLEGAL products in order to satisfy the RYF-Endorsement Criteria! however it turns out that there's a small workaround: what they can do is put an UNPUBLISHED hidden link into the web interface in order for users to carry out quotes unauthorised quotes firmware updates.

basically as a world-wide community we f******d up. the opportunity to stop the FCC from being a Corporate lap-dog was when the "Save WIFI" campaign was underway. it was a complex situation understood by very few people: we should have listened to the people who properly understood it, and supported them. we didn't do that... and now we suffer the consequences, as indicated by the OP.

well, how could they predict..

[gl4ss]

that apparently USA selling companies would put in misleading advertising(ddwrt compatible) on devices where you cannot put ddwrt on.

look, the simple choice: ORDER FROM ASIA. like come on, you're ordering shitty cheap shit all the time from dx etc anyways..

I mean come on, it is more of a consumer issue anyways.

x64

[darkain]

Intel/AMD x64 pfSense. #DONE!

"wide-reaching effect of US law on the products"

[Nutria]

What is your evidence that this is true?

Don't blame the FCC

[Solandri]

Blame the idiots hacking their firmware and using their routers irresponsibly (illegally).

First you have to understand why the FCC made the request to router manufacturers. Shortly after the FCC opened up the 5 GHz band for unlicensed use, terminal doppler weather radar [wikipedia.org] was invented in response to several airliner crashes due to adverse weather conditions. Unfortunately, it relies on frequencies smack dab in the middle of the open 5 GHz band, so the FCC took the unusual step of revising their rules which opened up those frequencies

That's why most 5 GHz devices only support channels 36-48 and 149-165. The intermediate channels were reclassified as DFS - dynamic frequency selection. Open devices could use them, but if they detected weather radar in use they had to switch to a different channel. A few devices actually do this and check to see if weather radar is in use. Most manufacturers just took the easy way out and blocked out channels 50-144 entirely in the firmware.

DD-WRT supports DFS - it will change frequencies if it detects weather radar in use (at least it does on my hacked TP-Link). If you install third party firmware and use the 5 GHz band, do the responsible thing and enable this functionality if you're going to enable channels 50-144. Unfortunately, some idiots didn't do this [aerohive.com], which caused the FCC to grow concerned about the impact of third party firmware on the effectiveness of TDWR. That's why the FCC made the request to router manufacturers. Not because they hated third party firmware, but out of concern for the safety of the flying public.

This is why we can't have nice things - a few idiots ruin it for everyone else. I had lots of fun with lawn darts as a kid, but we always treated the target area as if it were a shooting range. Here's an example of what happens to TDWR when an idiot blasts their router in the TDWR frequencies. The unauthorized broadcast shows up as a wedge-shaped area spanning a few degrees and extending to the edge of the radar image [fpvlab.com], completely obscuring any weather in the wedge.

And buying the router in Canada or Europe won't make any difference because those countries have the exact same restrictions on those TDWR frequencies [wikipedia.org]. The only reason they're not being as aggressive as the FCC is because TDWR so far is mostly used at U.S. airports. Eventually most airports in the developed world are going to upgrade to it (or at least airports which frequently encounter bad weather). So the regulatory agencies in Canada, the EU, and most of the rest of the developed world are all going to be on the same page as the FCC once TDWR is rolled out in those countries.

Re: Don't blame the FCC

[Entrope]

I have a modest proposal: stop designing safety critical radar systems that operate smack in the middle of an unlicensed band.

Re: Don't blame the FCC

[thegarbz]

I know. What is with these people obeying the laws of physics when choosing spectrum. How dare they!

Re: Don't blame the FCC

[Entrope]

I assure you that will not be a problem in Australia.

Re:Don't blame the FCC

[GrumpySteen]

Do you want to foot the bill for massive army of personnel and equipment required to hunt for signals in the tens of thousands square miles covered by TWDR systems?

And before you say it... no, waiting for hundreds of people to die in a plane crash because interference prevented a TWDR system from detecting wind shear conditions is NOT an acceptable solution.

Re:

[bobbied]

Yea, brown shirts and jack boots for ALL at the FCC...

Seriously. We don't have the budget for that kind of enforcement activity. Besides, it takes the FCC YEARS even DECADES to actually get around to enforcing interference. In one case (see K1MAN) it took nearly 20 years to yank a ham radio license, even then it didn't end his on air activities until the guy actually died.... They where a bit quicker with the guy who kept interfering with emergency services, but it still took decades to get him finally

Some routers aren't "locked" particularly well...

[AC-x]

Some routers aren't "locked" particularly well, for example I have a WR841N v11 here which had supposedly FCC locked firmware, but it was relatively simple to install open firmware on it using the TFTP firmware recovery procedure [openwrt.org]

Sod locked firmware

[Chrisq]

I'd be happy if we could just stop Americans from pronouncing it "rawter". They need to learn the difference between "rout" and "route".

Re:Sod locked firmware

[Zontar The Mindless]

Or maybe you need to learn the difference between "route" and "root"?

Re:

[Zontar The Mindless]

Route can be pronounced as /ræwt/ or /ru:t/. Both are equally correct, as a few seconds with any dictionary will tell you.

Re:

[fnj]

It's pronounced "ow" as in "ouch", dipstick. Not "aw". Sheesh.

Re:

[thegreatbob]

Perhaps we should rename it something like "Quazi-intelligent Internet packet translocator" to avoid this issue.

Re:

[thegreatbob]

That being said, folks that pretend that the pronunciation of a word causes it to make no sense, even when the context is unambiguous, are mildly annoying.

Re:

[Bill Hayden]

As an American who's worked in the computer industry for 20+ years, I've never once heard anyone pronounce it "rawter".

FCC: The inept Paper Tiger....

[beheaderaswp]

First off, the FCC is underfunded and cannot enforce it's own rules. This is one of those cases where lack of funding leads to inept regulation. The FCC cannot set a rule and simply enforce the rule. They have to set a rule that is enforced in a defacto manner without them spending any money.

So by regulating what manufacturers can and cannot do- they get the "appearance" of responsible regulation. With the added side effect of stifling innovation, modification, or customization (within the law) of the equipment.

You can try to explain this to people.. but since the principles involved are nuanced and technical most eyes glaze over. But the short form is this: if you lock down the hardware you stifle innovation.

Another primary example of the FCC failing for lack of funding is the regulation of radio bandwidth which citizens have access to. That would be the CB, GMRS, FRS, MURS, or Amateur Radio services. The FCC either farms out the enforcement (Amateur Radio is farmed out to the ARRL) or simply makes no enforcement action at all. The result being that the radio spectrum has become a cesspool of "pirate radio", free-banders (Illegal unlicensed operators), or licensed operators who break all the rules.

There are illegal operators across all the bands in the spectrum that are known by the FCC, the general public who use the spectrum, local law enforcement, and the defense community. But they are rarely enforced against.

They are not enforced against because the FCC has no budget for enforcement. They rarely enforce interference with government services first, commercial services second, and do nothing at all anywhere else. Very occasionally there is Amateur enforcement.

This means as a citizen FCC enforcement will come through any tangential avenue that has no cost to the FCC.

Re:FCC: The inept Paper Tiger....

[StatureOfLiberty]

The FCC either farms out the enforcement (Amateur Radio is farmed out to the ARRL) or simply makes no enforcement action at all.

ARRL [arrl.org] has no enforcement power. It does have an Official Observer [arrl.org] program. These operators do look for improper operation and can document this behavior. They do send out notices of improper operation to ham operators (amateur radio is usually called ham radio). There are no teeth behind this notice. An important part of their role is sending out notices when hams operate particularly well.

Documentation of improper operating can end up being forwarded to the FCC in hopes that they will act on it. It is only the FCC that has actual enforcement power. Many submissions never get acted upon. The ones that seem to get immediate action are if you interfere with another licensed service (interfering with police, emergency medical, aviation, commercial broadcast).

Lack of enforcement by the FCC is a problem. Many field offices have been closed down. Lack of funding is definitely making the problem worse.

ARRL is a great organization. They do provide great training materials for proper operation. They do a lot of lobbying for the Amateur Radio Service. They work to protect the service from band encroachment. They watch for well intentioned but poorly worded legislation that impacts the service. For example: North Carolina has been considering legislation (SB 393) [ncleg.net] that would ban use of almost any electronic communication device in a vehicle. ARRL is organizing operators in the state to ask their representatives to amend the verbiage to exclude amateur radio. Mobile operation is an important part of the amateur radio service. Banning it would make much of the value that the amateur radio service provides impossible. In addition, amateur radio mobile operation has a stellar safety record.

ARRL cannot enforce, but it can educate and work to influence.

Wait for a crowdfunding campaign

[cloud.pt]

Since companies like to consolidate different markets with the same products with minor flavor changes, I don't see them allowing unlocking when the most important market of all (US) requires it indirectly (by the aforementioned complexity of making specific channel/power output locks instead of flat out firmware lock).

So I believe our best hopes reside in non-US-centric crowdsourced solutions for open routers, compatible with existing solutions or even packaging their own open software solution in the prod

Stop audio ads on Slashdot

[MobyDisk]

Slashdot needs to stop the ads with self-playing audio.

Re:

[thegreatbob]

Would mod up if I knew what ads were.

Buy TP-Link

[user32.ExitWindowsEx]

The FCC *forced* TP-Link to support open firmware as part of a settlement agreement made AFTER these new rules.
https://www.fcc.gov/document/f... [fcc.gov]

Re:

[Bill Hayden]

Ironically, this could lead to a massive increase in TP-LINK sales.

We used to make fun of TP-LINK as brand a few years ago, but I now own some TP-LINK hardware and have been very happy with it.

Ridiculous

[l0n3s0m3phr34k]

I can easily purchase a 4 watt 2.4ghz or 5ghz amp for under $100, and a "decent" one for under $200. The FCC has to know about these, so it almost seems that locking out open-source WAS one of the goals.

Open Source Router

[Murdoch5]

It's fairly simple, you just make your own open source router and you're off to the races. If you need WiFi, you buy a proper access point, and then you're set.

Re:

[thegreatbob]

pfSense has WiFi-related capabilities (e.g. using a NIC that supports AP mode), but then you're at the mercy of FreeBSD kernel support for device drivers. I'm not really sure how their driver ecosystem stacks up to Linux, so I might actually be arsed to look into that.

bullshit

[shentino]

Contrary to what other people say, requiring OEMs to lock down their outputs DOES make the FCC responsible for open source hostile routers.

Almost ever piece of consumer equipment I've seen has had some sort of "part b/15 computing device" thingy sticker on it saying

* This device may not cause harmful interference
* This device must accept any interference recieved

It's not supposed to be the OEM's responsibility what their users do with the devices they pay for. As far as I'm concerned, tampering with the fi

Answe

[fubarrr]

Mikrotik

Unintended consequences

[John Allsup]

Sure the difference between murder and manslaughter is one of intent to kill. But in both cases the outcome at hand is death of the victim.

The FTC's requirement may not have intended this effect, but it was forseeable, and avoidable.

A dedicated router and access points

[SIGBUS]

IMO, it's far better to get a dedicated box that only does routing (like Ubiquiti or Mikrotik), and use access points for the Wi-Fi. With multiple access points, you can give your house blanket coverage and eliminate dead spots, and if/when a new, faster Wi-Fi standard comes along and you want it, you can just replace the APs instead of an entire all-in-one device.

Not to mention that APs typically look far better than the today's all-in-one monstrosities that look like robotic spiders.

Buying a supported device

[malachid69]

Your best bet is to start with the site supporting the firmware flavor (DD-WRT, OpenWRT, etc) that you want to run. Their site will be able to tell you which models currently work with their current firmware. When I went to buy my router, they had screenshots of the packaging to help identify between v1 and v2 - which the casual buyer might not have noticed. Support levels on them were different. If the shiny new router mentioned at CES isn't supported yet, you may need to rethink your plan or do a lot m

Re:

[Megol]

Speculation without any basis in reality? How insightful...

Re:that was the previous administration

[Austerity Empowers]

There's no particular reason to play politics on this.

When you get FCC certification, you are certifying to the government that your product meets their requirements for EM emissions and reception (intentional or otherwise). This isn't new, it's been around since before, I would guess, everyone reading this was born. By allowing customers to go monkey with those settings you can no longer give any such certification. It makes some sense for the FCC to stop this, and honestly I wondered how long before they did since most people doing this are dramatically boosting the transmission levels on their routers.

Now it may be that you think that the burden is on the government to find and stop people who are breaking the rules individually, rather than putting the burden on manufacturers, and I agree with the point in principle, but in practice the entire point of the FCC is to ensure the airwaves are shared and we don't end up with broadcast power wars. I do not know of many people who after making changes to their radio settings, also go put their router in a testing chamber and ensure that it is still compliant, not only at 5GHz (for example), but that harmonics are not leaking out at other frequencies that they did not intend (in some cases also due to lazy electronics design). Those labs cost some bucks, so unless you happen to have access to one, and your boss happens to look the other way when you use it for personal use rather than billing a customer, its hard to do. Hunting down each and every person who is breaking the rules is very expensive, and I think we can all agree we don't want to pay more in taxes for this. Therefore putting the burden on mfg's is a cheap solution that solves their problem. I'm not sure why we would want to fight the FCC on this.

The fact that manufacturers are ALSO locking out the non-radio facing firmware is an entirely different issue that the FCC is not responsible for. That part needs to be fought, but hopefully some manufacturer will see some money in doing it right. Shipping WiFi firmware is so universally awful that almost anything else is better.

Re:that was the previous administration

[skids]

most people doing this are dramatically boosting the transmission levels on their routers.

General rule of thumb: if you can't get a good signal at 15dBm on 2.4 and 18dBm on 5GHZ, do not try to go higher. Install more APs closer to your clients. Otherwise you are just damaging the spectrum. The higher levels are really meant for when you have real antennas on both ends, like a WDS. You can't make cheap client antennas better by shouting at them. Also, you should have a compelling reason to deploy 5GHz outdoors, even using factory firmware... you are a lot less likely to do something destructive fumbling around with the 2.4GHz band outdoors. Partly because it is already ruined, and partly because it doesn't have to worry about radar.

Many settings that are not strictly RF-related are bunched in with the RF settings, and can use some tuning, and are not settable from factory firmware -- which you should never run anyway because it is full of junk plug-and-play services and will stop receiving security updates long before you are done using the AP.

Vendors have no incentive to separate out these settings in hardware, nor support them in software, nor continue to support an AP after it is out of warranty, as then they are just decreasing demand for their latest models.

Most people who install Open Source firmware are after features not related to RF, few people feel any need to install custom firmware on the WiFi card (more on some models than on others) and what special WiFi card settings they are looking to alter are things like beacon formats and timing, noise floor detection, etc.

Refusal to publish solid specs from which open source drivers can be written probably account for the majority of issues where RF parameters are set up wrong.
Especially, vendors shipping product whose EEPROM settings are wrong and then kludging things back together in their binary-only drivers, rather than reprogramming the EEPROM on upgrade, might be the number one cause.

Re:that was the previous administration

[Anonymous Coward]

Many Americans replied to their consultation on network neutrality. They ignored all comments that didn't suit them. The only thing you can do is vote out the republicans. Most likely you will need to vote out the democrats after that too.

Re:

[Riceballsan]

I believe the point is in huge issues that effect the whole country in which we can get public awarness campaigns backed by reddit, google, and several main stream TV personalities like John Oliver backing the public and helping them navigate through the intentionally obtuse comments section of their page, things are still not looking so positive in this direction. Issues like custom router firmware... in which well, maybe .001% of the population is even aware that such is even possible, and only a very

Re:

[superdave80]

and the Internet, which he helped make public - and never said he 'invented', folks

And he never said 'helped make public' either. I don't know where you got that. The exact quote was, " I took the initiative in creating the Internet." He tried to make it sound like he was more important to the development of the internet than he really was.

Re:

[Grishnakh]

Overturning that boneheaded decision was prominent in the Democratic platform - a point Bernie Sanders, if not all of his supporters

Bernie wasn't a Democrat. He ran as a Democrat, which the DNC hated him for, and they did everything they could to throw a wrench into his campaign.

And that guy, whatshisname?, Al Gore... He got net neutrality (and the Internet, which he helped make public - and never said he 'invented', folks). But yes, he's a bit of a stick in the mud politically, so we got W instead.

Gore wa

Re:

[petermgreen]

AIUI

Locking down nothing takes no effort.

Locking out modified firmware takes a little bit of effort. Basically add a signature check to the firmware update mechanisms.

Locking down just the radio settings in question without locking out third party firmware is very difficult. The hardware simply wasn't designed to put a barrier between the router firmware and the radio chips.

Re:

[thegreatbob]

Second for routerboards, they're very nice, and won't usually REQUIRE a 3rd party firmware to be highly functional, though the possibility appears to exist.

Re:

[alantus]

What do you mean exactly with "the possibility appears to exist"?

Re:

[hierofalcon]

Merlin runs well on them - although it is pretty much a "fedora" version of the corporate software. It frequently has security patches before the mainline version.

Re:

[bobbied]

Seriously? Before you start soldering new flash chips in, you might want to consider a couple of other things first. There will usually be a J-TAG header someplace that I'd try first in your attempts to alter the boot loader.

Re:

[thegreatbob]

I go far, far out of my way to avoid WiFi, especially in congested areas, for this and many other reasons. If transmit powers should be tuned to near-zilch from the factory, and required a modicum of effort to increase, we might actually not be having these problems. There's also this pervasive mentality that wires are ugly and inconvenient; while true in some context, the higher speeds (try touching 500+ gbit/s on consumer wireless devices at 20m+ with an omni antenna) and stability make sticking with ethe