[Battlemesh] [Office] FCC Firmware lockdown

Paul Gardner-Stephen paul at servalproject.org
Thu Sep 3 23:26:22 CEST 2015


I am considering trying to pull together a submission to the FCC about this
rule if anyone is willing to help out.  We need to start by enumerating the
problems we see with it.  Here is a starting list:

1. Prevents reflashing equipment for use in other jurisdictions.
2. Prevents innovation and repurposing equipment, such as to respond to
humanitarian situations, including for projects such as the Serval Project
and others who are being funded by USAID or other US government entities to
accomplish exactly this goal.
3. Prevents update of firmware on equipment to close security
4. Increases cost burden for manufacturers, resulting in higher costs to
5. Will be of questionable effectiveness (but we need to explain why)

Any other thoughts? Anyone willing to help craft a submission to the FCC on


On Fri, Sep 4, 2015 at 6:50 AM, Paul Fuxjaeger <fuxjaeger at ftw.at> wrote:

> > On 03/09/2015, Amelia Andersdotter <teirdes at gmail.com> wrote:
> >> Dear all,
> >>
> >> I fail to see how the EU directive hinders anyone from putting in
> >> their own software on a radio device.
> >>
> >> Could someone update me? It's being implemented in Sweden with a
> >> deadline for comments in October.
> >>
> Article 3, point (i) of [1]:
> "radio equipment supports certain features in order to ENSURE that
> software can only be loaded into the radio equipment where the
> compliance of the combination of the radio equipment and software has
> been demonstrated."
> My current interpretation is that for all devices using SoftMAC radio
> chipsets this necessitates a lockdown of the complete software stack.
> Because on such devices the code that sets the regulatory rules is
> executed in the same context as everything else.
> AFAIK, the majority of APs currently on the market is based on such an
> architecture. Manufacturers have an alternative: switch back to more
> complex (e.g. FullMAC) architectures that allow to lock down the radio
> subsystem separately [2].
> To me this FCC document [3] indicates complete lockdown:
> "ENSURE that only properly authenticated software is loaded and
> operating the device [...] manufacturers may consider applying existing
> industry standards for strong security and authentication. It is
> suggested that manufacturers follow existing security standards and
> definitions: X.800, RFC 2828, and IEEE 802.11i."
> -paul
> [1]
> http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX%3A32014L0053&from=EN
> [2] Enforcement of local regulatory differences is still an issue as the
> radio subsystem cannot reliably detect where it is located without the
> help of the host system.
> [3] http://www.heise.de/downloads/18/1/5/7/9/4/3/6/GetAttachment.pdf
> _______________________________________________
> Battlemesh mailing list
> Battlemesh at ml.ninux.org
> http://ml.ninux.org/mailman/listinfo/battlemesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.ninux.org/pipermail/battlemesh/attachments/20150904/eeddf28c/attachment-0001.html>

More information about the Battlemesh mailing list