[OpenWrt-Devel] New Ubiquiti AC products locked against 3rd party firmware?

Ben West ben at gowasabi.net
Fri Nov 27 11:00:51 EST 2015

I'm forwarding a post from listserv discussing the proposed FCC regulations
that would (indirectly) compel firmware lockdown.

This person is reporting a new Ubiquiti AC AP where there the bootloader
does an RSA signature check on the firmware image.

Could anyone else confirm if they've observed the same, and if it now
prevents loading OpenWRT, etc?  Or at least, confirm if the RSA signature
checking by the bootloader was not present before?

---------- Forwarded message ----------
From: Andrew Margarit | Cucumber WiFI <andrew at polkaspots.com>
Date: Fri, Nov 27, 2015 at 7:59 AM
Subject: Re: [FCC] New AP with the lockdown
To: fcc at lists.prplfoundation.org

Hi there,

Just to let you know, I've been looking at the Ubiquiti new AC APs, and it
looks like they added a RSA check in the bootloader.

Firmware Version: BZ.qca956x.v3.4.7.3284.150911.1650
RSA Signed Firmware. Verfiying please wait...
Decrypted hash: f8 2b 45 72 9f e4 5f 46 a0 96 43 37 57 4f 49 ab 43 dc 1e 8c
Image hash    : f8 2b 45 72 9f e4 5f 46 a0 96 43 37 57 4f 49 ab 43 dc 1e 8c

All fun and good!


Andrew Margarit

Wi-FI Chief | Cucumber Tony
Andrew at polkaspots.com


FCC mailing list
FCC at lists.prplfoundation.org

Ben West
ben at gowasabi.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20151127/900d746b/attachment.htm>
-------------- next part --------------
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list