[colug-432] FCC Changes blocks use of open source software

Wed Aug 26 16:32:46 EDT 2015

The FCC is wanting to lock down wifi and phone devices so changes can not
be made to them. This will have a big impact on open source software for
phones, tablets and wireless routers such as CyanogenMod,  DDWRT and an
even bigger impact on AREDEN http://www.aredn.org/ and Broadband Hamnet
mesh firmware http://www.broadband-hamnet.org/  which use part 15 WiFi
devices and configure them to operate as amateur radio devices.

There is a thread about it with some other links on the AREDN forum with
some links here.
http://www.aredn.org/content/fcc-rules-change-will-lock-out-your-software-new-equipment

The FCC extended the deadline for filing comments to October 9th.
http://apps.fcc.gov/ecfs/proceeding/view?name=15-170

I wanted everyone to be aware of this and have time to comment on it before
October 9th.

https://apps.fcc.gov/oetcf/kdb/forms/FTSSearchResultPage.cfm?id=39498&switch=P

What are the software security requirements for non-SDR devices and what
limitations apply to software configuration control for such devices?
------------------------------

* Answer: *

Attachment 594280 D01 Configuration Control provides guidance on
permissible options and restrictions on configuration controls for devices
not approved as Software Defined Radios.

Further, the Commission revised (FCC 14-30, ET Docket No. 13-39) the rules
(effective June 2, 2014) for U-NII devices operating under Part 15 rules to
require all devices to implement software security to ensure that the
devices operate as authorized and cannot be modified. Attachment 594280 D02
UNII Device Security provides guidance on the information that must be
provided in the application filing to show that proper security is
implemented in the device.

The Commission has established a transition period as follows:

   - New devices will be permitted to be approved under the old rules for
   until June 1, 2015.
   - Starting June 2, 2016, permissive changes will not be permitted for
   devices approved under the old rules, unless they meet the requirements of
   the new rules.
   - All devices partially or completely approved under the old rules
   cannot be marketed starting June 2, 2016 unless they meet the requirements
   of the new rules in all the bands of operation.
   - Applications for devices for approval under the new rules must apply
   all of the applicable test procedures for such devices and provide software
   security documentation as discussed in the guidance 594280 D02 U-NII
   Device Security. This also applies to all applications for new devices
   and applications for permissive changes of previously approved devices
   under the new rules. Further SDR devices must also provide software
   security documentation as discussed in the guidance 594280 D02 U-NII
   Device Security and KDB Publication 442812.
   - For further information on transition rules and requirements for
   permissive changes of already approved devices refer to KDB Publication
   926956.

Note: Effective January 1, 2015 equipment authorization applications for
all new Wi-Fi Client devices capable of operating on Channels 12 and 13 (in
2.4 GHz band under Part 15 rules) must demonstrate compliance with the
guidance in 594280 D01 Configuration Control. Wi-Fi Client devices capable
of operating on Channels 12 and 13 approved prior to that date and
otherwise relying on passive scanning modes may be marketed without
modification after that date.

-- 
-Ed Liddle

No trees were killed in the creation of this message. However, many
electrons were terrible inconvenienced.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20150826/cae363b7/attachment-0001.html 