Does it count as “China made” if the firmware is FOSS and I load it myself? NICs and boards are pretty much all made in China, but how far does this go?
It depends on how bad China wants your porn. There could be secondary MCUs that are designed to completely bypass the original firmware. (Think Intel ME)
That is not very practical for consumer grade gear, but still possible.
Wifi chips have their own firmware that could have a backdoor. If it’s connected to the CPU over PCI-E or another interface that supports DMA then it’s also able to inject code into the main system even if it’s running FOSS firmware.
It seems that a few router types have WiFi + SoC setups now. (Like ones using the IPQ4019, for example.)
While that doesn’t significantly reduce the risk of something nasty, it would limit places for nasty code to hide. Well, “hide” in the traditional sense, like on another chip entirely.
However, I haven’t really looked into any drivers to see how these SoC’s are segmented to see if its really any different than the old MCU + WiFi chipset setups.
So… All of them?
Does it count as “China made” if the firmware is FOSS and I load it myself? NICs and boards are pretty much all made in China, but how far does this go?
Yes, it counts. Hardware backdoors are absolutely a thing.
It depends on how bad China wants your porn. There could be secondary MCUs that are designed to completely bypass the original firmware. (Think Intel ME)
That is not very practical for consumer grade gear, but still possible.
Wifi chips have their own firmware that could have a backdoor. If it’s connected to the CPU over PCI-E or another interface that supports DMA then it’s also able to inject code into the main system even if it’s running FOSS firmware.
It seems that a few router types have WiFi + SoC setups now. (Like ones using the IPQ4019, for example.)
While that doesn’t significantly reduce the risk of something nasty, it would limit places for nasty code to hide. Well, “hide” in the traditional sense, like on another chip entirely.
However, I haven’t really looked into any drivers to see how these SoC’s are segmented to see if its really any different than the old MCU + WiFi chipset setups.
Hmm, it’s pretty spicy porn.