[Battlemesh] [FCC] What hardware still works?

Juliusz Chroboczek jch at pps.univ-paris-diderot.fr
Wed Feb 24 14:41:06 UTC 2016


> I thought the chips themselves could be built to only cryptographically
> accept approved firmware?

Yes, they can and some chips are.  What we're expecting, however, is that
the vendors of cheap routers won't bother -- their goal is merely to get
FCC certification, so they'll implement the absolute minimum lockdown
features that they believe will get them FCC certification.

The other hope is that ARM boards are getting cheaper at a vertiginous
pace, so with a little bit of luck (and a lot of hard work) the community
should be able to produce a usable design based on an off-the-shelf board
that is completely open and reasonably priced.  Right now, the main point
of contention is the lack of either wifi or meiniPCI on most boards -- wifi
chips need to be connected over USB, which sucks --, and the limitation to
just one Ethernet port.

If you're interested in learning what mechanisms can be used to lock down
a fairly powerful SoC, have a read through chapter 32 of the Xilinx Zynq
manual:

  http://www.xilinx.com/support/documentation/user_guides/ug585-Zynq-7000-TRM.pdf

Section 32.2.4 describes the "eFuse", which confirms what David has been
saying.

Note that I'm not picking on Xilinx here (or ARM, for that matter) --
quite the opposite, Xilinx provide comprehensive hardware documentation
without registration, let alone an NDA.  Good luck finding similarly
detailed information about MIPS-based Broadcom chips.

(Except that Xilinx are still not documenting the bitstream format.  Grr.)

-- Juliusz


More information about the Battlemesh mailing list