[LEDE-DEV] FCC killing open platforms and inovations

Petr Štetiar ynezz at true.cz
Thu Jan 19 06:22:25 PST 2017

Simon Wunderlich <simon.wunderlich at open-mesh.com> [2016-11-17 11:19:48]:

Hi Simon,

> On the other hand, swapping the u-boot is not so trivial, at least without 
> opening/soldering/modifying the flash from outside, which is considered a 
> reasonable hurdle.

the more I'm exploring the secrets of U-Boot code with pepe2k's help, the more
I'm puzzled and really wondering why is someone doing all this locking.

You or someone else for OpenMesh has put so much energy to make the U-Boot use
RSA keys for image verification, but on the other hand you keep the ART
partition, where you store the RSA key, writable from the system. So it's
quite trivial to unlock the device using the following commands:

  ssh root at router


  dd if=/dev/zero bs=$BYTES count=1 | dd of=/dev/$ART_PARTITION bs=$BYTES seek=$SEEK count=1 conv=notrunc

It works on OM5P and MR1750. It doesn't seem like a big deal, no soldering
needed. Am I missing something?

-- ynezz

More information about the Lede-dev mailing list