Re: [Discuss-gnuradio] FCC creates obstacles for Open Source software radio

[David Young]

On Sat, Jul 07, 2007 at 09:29:37AM -0400, Lamar Owen wrote:
> On Friday 06 July 2007, Philip Balister wrote:
> > Found on /. I wonder how much Cisco paid for the words ....
> >
> > http://news.com.com/Feds+snub+open+source+for+smart+radios/2100-1041_3-6195
> >102.html?tag=nefd.lede
> 
> Well, quite honestly, Cisco's only costs would have been the lawyer time and 
> the filing of the petition.
> 
> This action to me seems rather reasonable.  The only software that the FCC is 
> worried about is that which sets the radio's operating mode, emission mask, 
> and transmit power.  Given the FCC's well-known reticence to radio anarchy 
> this is as much of a concession as could be expected at this time.

Do you think that the software that concerns the FCC is concerned with
must reside in the radio?  Sometimes the transmission parameters such
as modulation, mask, and power are under control of the host computer.
If the FCC's definition of software-defined radio encompasses software
running on the host computer, then it seems that they have encumbered
the development of open-source software for a broad category of devices,
including most of the 802.11 radios on the market.  I feel certain that
this was not their intention, but I do not think one can tell by reading
the law alone, and that is worrisome.  What do you think?

> But is open source less secure, when the item being secured is 'how do I 
> manipulate the operating frequency, power, and mode of this radio?'  
> Discussion, anyone?

I do not think open source is less secure.  Commercial software is
developed under enormous time pressure for very narrow purposes by
teams of developers that are oftentimes insulated from outside ideas
and criticism by corporate secrecy, IP paranoia, and the "not invented
here" syndrome.  The narrow purposes of commercial development do include
"best performance for the price on the market"; they do not include "show
how our security measures can be defeated and our equipment exploited to
interfere with television broadcast."  There is less time, and there
are fewer persons for finding defects in a commercial development
than in open-source development.  Developing out in the open exposes
your security measures to the diverse purposes of a wider segment of
companies, of hobbyists, of academic researchers, and---let us admit---of
"bad guys."  In this way, I believe an open-source community will detect
more security problems in a product before a firm sends it to market than
if the product had survived the scrutiny of one firm's developers alone.

Dave

-- 
David Young             OJC Technologies
address@hidden      Urbana, IL * (217) 278-3933 ext 24