Free System software on devices with a radio function, it may soon go to the collar: In the EU, a ban comes into force in June 2016 in North America, it will be soon resolved , Victims are likely to manufacturers such as DD-WRT to be.
New regulations will make it difficult to significantly improve system-relevant software in devices with wireless function on their own or with the help of third party software or to install. The European Parliament and the Council last year largely unnoticed banning decided (Directive 2014/53 / EU), which enters into force on 13 June 2016th The US Federal Communications Commission is now planning a similar restriction, which would then take over Canada. A ban specifically for WLAN devices (5 GHz) is in the two countries, USA and Canada, already in force.
In fact, the restrictions relating to software that affects the radio mode. This is to ensure that rules on spectrum use, transmission power and modulations are respected. However, many modern devices are highly integrated and is available on just a few or a single module space (System on a Chip). Regardless of the good intentions it is likely many manufacturers therefore difficult, only fully hedge the radio firmware from manipulation, but the rest of the system leave open.
As the preamble to the EU directive is of little help, which states that the ban “will not be misused (should) prevent the use of systems with software from independent vendors.” Because Article 3, Section I, stipulates explicitly that the radio equipment must ensure “that only software can be loaded, for the conformity of their combination have been established with the radio system”. And hardly any manufacturer will want to prove that the selected by a consumer free software does not affect the conformity.
In addition, the implementation by Member States should not necessarily be uniform in detail. The EU Commission has not taken the opportunity to adopt more detailed provisions, without the force of law, no use. Pending implementation of the Directive, however, are only about nine months.
In the US, resistance
Public attention stimulates hitherto there has been no, even the producers were apparently caught unprepared. Against the planned expansion in the US is now first resistance stimulates. Because of it every new model is affected, which has a wireless function, not only wireless devices. Various organizations will call to the FCC to say the opinion. For this purpose, everyone has to early October opportunity foreigners.
Software Defined Radios may only be delivered with secure software for years. As the FCC notes, products with SDR but rarely. Why now just expanding the SDR rules to all products intended to be helpful, remains unclear.
DD-WRT has to go
For classical 5GHz WLAN modules for three months subject to the North American restrictions already. You are a model for the planned general restrictions. New models of wireless devices should initially only come with DRM (Digital Restrictions Management) to the market, so that the owner can not make any improvements. In nine months in addition enters sales ban on previously approved models into force. It seems that for this then even simple software updates, as against vulnerabilities that are illegal
It is striking that the authority its documentation on the 5-GHz devices only software called by name.: The widespread router firmware DD-WRT. “Describe in detail how the device with ‘flash’ and the installation of third-party firmware like DD-WRT is protected,” it says in the instructions (see download below) to device manufacturers or importers.
DD-WRT stands but apparently only as an example for any operating system since that users can play so far on their own on their devices. This rigid attitude does not light a. For example, DD-WRT works with Linksys and Marvell, the supplier of the WLAN module together, in order to equip the Linksys router WRT1900AC and WRT1200AC with its own firmware can – and the decisive driver for developing DD-WRT yourself, but relates him Linksys and Marvell.
foreclosure
The manufacturer must also install free software, which is designed for regions other than the United States, prohibit. That might come in handy some providers: Because the US version may be illegal elsewhere, these restrictions prevent the lawful operation of many devices in other countries. Thus closed markets between continents and countries are conceivable and therefore greater price differences.
As an alternative software to be maintained concrete outside, the FCC, however, does not prescribe. They generally recommends the use of “industry standards for strong security and authentication.” But then the authority would want to know what safety measures and systems, there is, to ensure that is “only properly loaded and operated authenticated software from the device”.
unexpected consequences
The proposed ban would have far-reaching implications for IT security and competition. For free software there are often even then security updates, if the manufacturer no longer cares, no longer exists or is due to non-transparent import paths in the dark. In addition, network hardware in safety-critical equipment is often provided with modified firmware that has undergone a security audit and has only a minimum of functions. Because fewer features reduce the risk.
However, consumers want most additional features. The existing competition from DD-WRT router in the market, CyanogenMod smartphones, Linux on laptops and PC as well as other alternative systems that manufacturers keep on your toes and at the same prices in check. Falls off this competition, it could be more expensive for consumers.
solution conceivable but difficult
Although part of the problem could be solved by appropriate system designs, in which the radio parameters are completely sealed off from the other driver and system functions. Then only the manipulation of radio parameters would have to be prevented. With good documentation independent experts could then re-write compatible alternative software.
But most manufacturers have little interest in pushing new system designs. Already missing too often open driver. And the free software writes not of itself. If the wireless parameters even need to be changed, such as changing regulations, a security vulnerability has been identified, or if the user moves with his unit in a country with another radio regulations, the unit would suddenly . useless
Looking up would also licensed amateur radio operators: use today like cheap commercial equipment with modified settings. For this purpose, these operators are entitled qua their license. Once that is technically prohibited, they have to buy much more expensive special products, or resign speed sparks
. (ds)
No comments:
Post a Comment