Supplemental Quotes to the FCC Letter

“Wi-Fi devices aren’t just radios: they are network devices. The software that governs them impacts the security and reliability of the whole network. If we leave firmware solely in the hands of manufacturers, we close the door to the very independent research that has been advancing the state of Internet technology and security all along.” – Susan E. Sons, Director, Internet Civil Engineering Institute

“The security implications should be obvious to anyone who’s been paying attention to recent headlines. Less obvious is all the research and other work that goes on behind the scenes, by the very people who made the Internet what it is today. Losing the ability to control the software that runs on these devices would bring this kind of research to a halt, and tie the hands of many brilliant minds who have dedicated their lives and careers to the continued improvement of the network we all depend on. If we want to build the fast, secure, reliable Internet of the future, this kind of research must be allowed to continue.” – Jeff Loughlin, Independent Researcher and Open Source Developer

“Leveraging off-the-shelf WiFi hardware plays an important role in academic research in the field. Locked down devices would both independent verification of vendor performance claims and research into improving performance of current and future generation WiFi.” – Toke Høiland-Jørgensen, Bufferbloat researcher at Karlstad University, Sweden

“Dyn provides performance solutions for a significant proportion of the world’s most popular web properties, and invests significant resources in maintaining the availability of our global DNS platform in the face of near constant attack. Low-cost (near zero-margin) home and small-business routers, easily compromised, are a significant contributor to attack traffic that we mitigate every day. In the race to the bottom, these devices are effectively unsupported by those who sell them; the ability to harden such devices is essential to the future success of the Internet as a reliable platform for communication and commerce.” – Joe Abley, Director of Architecture, Dyn

“Software upgradeability and inspection is vitally important, and should not be impaired. It is unimaginable that the FCC would propose anything to impede updates to network elements, and I hope that the words in the petition are considered carefully and used as a template for sane (and light) legislation.” – John Todd, Senior Technologist at Packet Clearing House

“As the editor of the IETF standards document RFC 7368 “IPv6 Home Networking Architecture Principles”, which describes how future IPv6 home networks can be built, I fully support the Letter submitted to the FCC,. The IETF works on the principle of rough consensus and running code, and the ability to modify and update open source home router images enables innovation and the future advancement of the Internet” – Dr Tim Chown, Lecturer, University of Southampton (UK)

“While looking at regulation, it would be more useful to consider ensuring vendors adopt IPv6 as they have ignored it for the last 10+ years requiring a complete device replacement. FOSS has enabled many of their devices to be updated rather than dumped in landfill.” – Brandon Butterworth, Chief Scientist, British Broadcasting Corporation

“The Internet of Things shouldn’t be the Internet of Vulnerable Unpatchable Abandoned-by-Manufacturer Things.” – Will Edwards

“Unlike global climate change, software is a human construct, conceived by engineers. The use and management of it is therefore modifiable to be optimized for future use by qualified people with predictable positive results for security. As such, these issues deserve to have sufficient technical resources and intelligent legal framework to make this happen.” – Randy Resnick, Creator, IP Communications & VoIP Community and VoIP Users Conference

“I was one of the designers of the Minstrel rate control algorithm that is now used for many, many Wi-Fi devices. Minstrel approximately doubled the range and gave a 10x improvement in throughput for Wi-Fi devices of the time, at the same time as decreasing their time-average radiated power. That research would have been prohibited or greatly impeded by the proposed rulemaking. It was done outside of the FCC jurisdiction, in New Zealand, but other countries tend to follow the FCC rule structure, and technical measures to implement the proposed FCC rules would be a serious impediment to doing that sort of work irrespective of the legal aspects. Further, this rule would set a precedent that would inevitably be applied in other areas of technology, and this would cause a great deal of harm to research and innovation. Locked-down firmware on Internet-connected devices stands to become a very serious problem for society, and should not be encouraged in any way. I strongly agree with the proposed alternate path for that reason.” – Andrew McGregor: Linux WiFi developer (Minstrel rate control), IETF working group chair, AQM developer and SDN researcher

“”Software by its very nature has bugs and will be vulnerable to attack. The only way we can be confident that such a critical piece of our societal infrastructure is as safe as possible is if the source code is made fully available for review and can be fixed by anyone with authority when problems arise. This alternate proposal, which is grounded in a deep understanding of how security issues really play out in this context, should be seriously considered by the FCC.” – Karen M. Sandler, Executive Director, Software Freedom Conservancy

“We are entering an era where an array of interconnected devices will create ‘lowest common denominator security’ within the most private reaches of our homes. True cybersecurity results from open code, peer review, and user control over their own devices and data; our recommended solutions are fundamentally important to the future growth of the Internet of Things economy.” – Sascha Meinrath, Palmer Chair in Telecommunications at Penn State University

“With the Internet of Things upon us, regulators can play a vital role in making our hardware secure. By requiring industry-leading engineering practices like we’ve described in this comment, the FCC can ensure Americans have more secure devices which respect the radio spectrum. At the same time, these practices provide makers and inventors with the flexibility necessary for world-leading innovation.” – Eric Schultz