<div dir="ltr">Hello,<div><br></div><div class="gmail_extra"><div class="gmail_quote">On Fri, Aug 5, 2016 at 7:07 PM, Jonathan Morton <span dir="ltr"><<a href="mailto:chromatix99@gmail.com" target="_blank">chromatix99@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr">Given this specific use case, an external hardware dongle containing the appropriate regulatory database, a firmware update permission flag, and a cryptographic signature is indeed an expedient and probably sufficient solution.</p>
<p dir="ltr">Any self respecting hardware hacker will be able to clone dongles of this sort, but the effort is on the same level as attaching a power output mod, which is much harder to defend against. But if you do the crypto right, they won't be able to forge regulatory data out of whole cloth.</p></blockquote><div>Right. In our case, we aren't even interested in defending against determined and informed persons -- it is sufficient to stop the casual user from misusing it.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<p dir="ltr">For deployment, you simply burn and label some dongles, and ship them with the base hardware, whose wireless and firmware update capabilities are disabled or failsafed without it.</p>
<p dir="ltr">But I would not combine the dongle with the power cable. Put it in line if you must, but keep it physically separate so that the two can be spotted independently.</p></blockquote><div>We are combining them for convenience, because the "dongle" is just linking some pins in the connector.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<p dir="ltr">Incidentally, with this approach it would be feasible to make a "worldwide" dongle which permitted setting any established regional regulatory domain.</p></blockquote><div><br></div><div>Exactly.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr"> That would be compatible with my preferred solution.</p></blockquote><div><br></div><div>Right, and we would expect that orgs like RC would have access to such cables for when they need them.</div><div><br></div><div>Paul. </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="HOEnZb"><font color="#888888">
<p dir="ltr"> - Jonathan Morton<br>
</p>
</font></span><br>______________________________<wbr>_________________<br>
Battlemesh mailing list<br>
<a href="mailto:Battlemesh@ml.ninux.org">Battlemesh@ml.ninux.org</a><br>
<a href="http://ml.ninux.org/mailman/listinfo/battlemesh" rel="noreferrer" target="_blank">http://ml.ninux.org/mailman/<wbr>listinfo/battlemesh</a><br>
<br></blockquote></div><br></div></div>