The US Federal Communications Commission is proposing new laws that will ban internet users from modifying setting and firmware on wireless routers, making particular mention of third-party open-source DD-WRT as a firmware to be outlawed.
Third-party firmware – such as DD-WRT, Tomato, and OpenWRT – allows users control over every aspect of a router, can compensate for security flaws with proprietary firmware, and support router VPNs. DD-WRT, a free Linux-based firmware, is a favourite amongst router modders, with manufacturers such as Buffalo manufacturing routers specifically to function with DD-WRT.
The FCC’s new proposals govern software requirements for Unlicensed National Information Infrastructure (U-NII) 5GHz band, calling for 5GHz devices to “be secured to prevent its modification to ensure that the device operates as authorized thus reducing the potential for harmful interference to authorized users,” and that manufacturers ensure that “the device is not easily modified to operate with RF parameters outside of the authorization.”
The footnotes of the proposal outline what the FCC considers weak router security, calling out “those that rely solely on the distribution of firmware in compiled binary form without any form authentication or verification between the device and entity sending the firmware. These implementations are typically susceptible to device ‘flashing’ with third-party firmware or software capable of operating the device outside of its authorization.” The document then lists rules that router manufacturers should abide by, including, “What prevents third parties from loading non-US versions of the software/firmware on the device? Describe in detail how the device is protected from “flashing” and the installation of third-party software such as DD-WRT.”
Do you enjoy greater security, firewall control, wireless strength, and VPN options in the US thanks to DD-WRT? Enjoy it while it lasts.
Thank you ExtremeTech for providing us with this information.