[LEDE-DEV] FCC killing open platforms and inovations [Was: Re: [PATCH] ar71xx: Add usable, inactive LEDs on OpenMesh devices]

Tue Nov 15 03:39:58 PST 2016

Simon Wunderlich <simon.wunderlich at open-mesh.com> [2016-11-15 11:51:54]:

> Hey Petr,

Hi!

> We don't have any influence on the production decisions, though.

sure, I'm not blaming any of you, I understand this, it's very hard :-)

> But as Sven said, please contact customer support. I'm sure they will find a 
> solution for you.

I'm not selfish, I've started wasting my time on this, so we've solution which
works for everybody. But I'll try to ask customer support and share the
outcome.

> Well, we are. We can't change the fact that the devices need to be locked to 
> be sold in the US.

You see, this is getting really crazy all this quick FCC workarounds...

Imagine following situation. OpenMesh support will give me for example
unlocked U-Boot bootloader for OM5P-AC or I'll pay someone to dissasemble it
and patch it so U-Boot doesn't need any signed images at all, or we keep this
security by obscurity in place and use it with just custom keys. Then anybody
in the world, including US citizens can download it and unlock their devices.

IANAL, it's still GPL licensed software, even in binary form, so I'm probably
not going to break any law doing this. But law can be interpreted in many ways
so just to be safe, I'm actually considering some help, probably via FSF.

> But if you google a little, you will find a lot of patches for various Open
> Source projects signed by @open-mesh.com mail addresses (LEDE, Linux,
> hostapd, etc)

Sure, I know! Exactly opposite, you're doing great work, I recognize the work
of you, Sven, Antonio and Marek for example even without your @openmesh.com
addresses.  So I know, that developers like you are strong opensource minded
people. We probably just need to change thinking of management people, the
almost impossible task.

I'm not interested in sources of OpenMesh's proprietary Cloudtrax stuff, I
don't care about it.

I just want to have an option to be able to rebuild the opensource parts so I
can find & fix any potential problems very quickly.

Few years ago it was possible to rebuild the firmware minus the proprietary
stuff from dev.cloudtrax.com sources. It's not possible for a long time
anymore.

> FYI, the decryption stuff has been released now. It was considered too dirty 
> for upstream for a long time, but it was decided to at least provide the patch 
> in public now for others to clean it up:
> 
> https://patchwork.kernel.org/patch/9381651/

Great, thanks a lot everybody involved!

> The other strings shouldn't be anything Open-Mesh specific, but maybe from a 
> different version (or patchset), as far as I can tell.

Ok, so what's the problem with OpenMesh management people? :-) Why not just
put all the sources online again? So I'm able to build firmware minus
Cloudtrax proprietary bits without much hassle. Christmas is comming! :-)

-- ynezz