FCC will not seek to ban free software from wireless routers, according to a clarification it made earlier this month on a rulemaking related to radio devices. An earlier draft of the official proposal included a specific reference to device manufacturers restricting installation of the open-source project DD-WRT.
That line, in the context of the larger proposal, created confusion in a community of router hackers that already operate in an often unwelcoming environment. Router makers rarely provide much in the way of support or documentation to people developing new software, and have a bad record on delivering software updates to end users. Against this background, the idea that regulators might require or urge those manufacturers to take proactive steps against third-party developers was cause for alarm.
This is especially true considering the valuable innovations and developments that have come out of the third-party router software community—innovations like advancing the state of the art in mesh networking and combatting slowdowns that come from "bufferbloat." Beyond that, free router software is frequently more secure than the manufacturer option, because it continues to receive patches and critical updates through community support.
EFF was far from alone in its concern about the possibility of a regulatory crackdown on free router software. Working together with the Save Wifi coalition, we re-launched our "Dear FCC" platform, originally developed to help the public provide comment on the net neutrality rulemaking earlier this year. More than 1000 concerned individuals used the platform to leave comments on this more recent rulemaking, making it one of the most active open FCC dockets.
To its credit, the FCC seemed to get the message loud and clear. In a blog post earlier this month title "Clearing the Air on Wi-Fi Software Updates," the chief of the agency's Office of Engineering & Technology explained the situation:
[T]here is concern that our proposed rules could have the unintended consequence of causing manufacturers to “lock down” their devices and prevent all software modifications, including those impacting security vulnerabilities and other changes on which users rely. Eliciting this kind of feedback is the very reason that we sought comment in an NPRM and we are pleased to have received the feedback that will inform our decision-making on this matter.
In my last post I recognized the need to work with stakeholders – particularly the user community – to address these concerns in a way that still enables the Commission to execute its mandate to protect users from harmful interference. I’m happy to say that the OET staff and I have spoken directly with some of these stakeholders in the last few weeks.
One immediate outcome of this ongoing dialogue is a step we’ve taken to clarify our guidance on rules the Commission adopted last year in the U-NII proceeding. Our original lab guidance document released pursuant to that Order asked manufacturers to explain “how [its] device is protected from ‘flashing’ and the installation of third-party firmware such as DD-WRT”. This particular question prompted a fair bit of confusion – were we mandating wholesale blocking of Open Source firmware modifications?
We were not, but we agree that the guidance we provide to manufacturers must be crystal-clear to avoid confusion. So, today we released a revision to that guidance to clarify that our instructions were narrowly-focused on modifications that would take a device out of compliance.
That revision is a welcome one. We'll continue to monitor the progress of this proposed rule to ensure it can't be used to jeopardize the important role that free third-party software continues to play in the router ecosystem.