神刀安全网

Why is access to WiFi firmware important?

In my previous post on the new WiFi regulations in Europe , I gave an overview of the new EU directive governing radio equipment in Europe that is currently being implemented into national law. I promised to follow up with another post explaining why it is important to have access to the firmware of our WiFi devices. This is that (somewhat delayed) post.

I will try to explain why having access to WiFi firmware is important. There are several reasons for this: The state of home routers is awful, and we need to fix this; we can use WiFi for things other than providing internet access at home; and it’s important to have infrastructure under our own control in a free and democratic society.

What is firmware?

Firmware is the low-level software that is embedded in electronic devices and control their most basic functions. This exists everywhere, and most devices will have several different pieces of firmware embedded. In the context of WiFi devices this can mean two things: The software running on the router itself (which is an operating system, basically), and the firmware running on the WiFi chip itself which controls the radio parameters.

The recently proposed regulation in the US and EU have focused on the latter type of firmware: That running on the WiFi chips itself. And many of the things I’m going to touch on below are primarily relevant for the former type (the software running on the router itself). However, access to the second type of firmware is important for two reasons: firstly, more and more functionality is moving into the WiFi chip firmware, and this is the functionality we want to change (no commercially available cards supporting the newest 802.11ac standard are suitable for the kind of research I am doing presently, for example, so I’ve had to stay with the previous 802.11n generation of hardware). Secondly, when the regulations specify that the WiFi chip firmware needs to be locked down, the cheapest thing for the manufacturers to do to comply is to lock down the whole box. This has already begun to happen .

So when I’m talking about access to firmware in the following, I really mean both kinds.

The state of home routers

WiFi is everywhere. Laptops, tables, mobile phones, the internet of things: All of them access the internet through WiFi. In people’s homes this is most commonly done by the means of a cheap WiFi router, often delivered by the internet service provider. This device sits between the user and the internet; which means that the correct functioning of this device is paramount for the internet experience of the users. And the problem is that these devices often suck!

They mostly suck in two ways: They are horribly insecure, and they perform badly. And updates are few and far between, if the vendor offers any at all.

Security

Home routers are often horribly insecure . These devices are in an excellent position to do nasty things to the traffic passing through them, such as inject viruses, malware and other nastiness targeted at the users surfing the web. Furthermore, once compromised, the router is a perfect botnet zombie: It is always on and connected to the internet, and can initiate attacks of its own to spread malware, send spam, etc.

Manufacturers rarely ship updates to their devices after they are sold; and if they do, it’s only for a short time, and there’s usually a fairly significant time lag. So oftentimes, the only way to get an up-to-date router without security problems is to install third-party open source firmware on it.

Performance

Home routers are critical for performance for the same reason that they are critical for security: They sit between you and the internet. People have gotten so used to WiFi sucking that they don’t even notice it anymore. But it could actually be a lot better. There is research going on trying to improve the rate selection algorithm in Linux to take power consumption into account . This will cut down on interference, so you don’t have to suffer just because your neighbours also happen to use WiFi. My own research is about improving latency for busy WiFi connections, and making sure a single very slow station doesn’t mess up everything for the whole network. And there is lots more. A simple search on Google Scholar for the most popular open source WiFi drivers yields hundreds of results. None of this could have happened without open WiFi drivers.

Features

Would you like your home router to also be a file server? Web server? Mail server? Music player? Advanced VPN router? Phone exchange? Control your garage door? Would you like support for the newest internet standards, such as IPv6 and DNSSEC? Route all your traffic through Tor for anonymity? Have a backup internet connection and automatically switch to it if the primary one fails?

All of this is possible with the open source Openwrt firmware and its thousands of available packages . But few if any of these features are possible with the stock firmware, and if they are, odds are they are broken in subtle and annoying ways.

Other uses for WiFi

Most people use WiFi in the conventional way: They connect to a regular access point with their phone or laptop and access the internet. But there are other ways to use the same technology to do cool things. For example, WiFi routers can be configured to talk to one another and create a mesh that can then carry traffic without the need for internet service providers. This was used to provide free WiFi to refugees in Germany ; and in Slovenia (as well as in many other countries), people are building open wireless networks that span the whole country . Similar technology powers the FireChat application that has been used by protesters to communicate.

These new and interesting ways to use the technology only exist because it’s possible for interested hobbyists to change how their WiFi gear work. The manufacturers of the equipment do no explicitly support it, but neither do they prevent it; until now, that is! As firmware is increasingly locked down, these sorts of modifications become difficult or impossible.

Freedom and democracy

Finally, the issue of locked down firmware is also one of freedom and democracy: These are devices we as citizens buy and own, we are responsible for operating them within the legal limits of the law, and they carry all our internet traffic. So we should bloody well have the freedom to control how they function and enhance them if we so choose. Locked down firmware that we cannot inspect, cannot change, and that we know to be defective in several ways is not the right foundation to build something as important as everyone’s communication infrastructure on: Having infrastructure under our own control is important in a democracy.

The whim of a manufacturer shouldn’t decide what we can or can’t do with our own devices!

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » Why is access to WiFi firmware important?

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
分享按钮