[LINK] What's Behind the Huawei Fracas
cas at taz.net.au
Sat Mar 31 09:19:27 EST 2012
On Wed, Mar 28, 2012 at 05:51:44AM -0300, Fernando Cassia wrote:
> Just another reason to use Open Source routers.
this is a typical open source project, with a web site, wiki, mailing
lists, and a github repository for the code. as it should be.
i may be missing something, but imagestream's web sites seem to have
NO references at all to licensing, the GPL, source code, development
community, or any of the other things typically associated with open
they make no effort to identify or distinguish any additional
software they install in their ImageStream Linux product. same for
patches/changes they might have made to existing FOSS code.
in fact, they seem to avoid mentioning even the names of the software
they embed in their product, let alone link to the upstream projects.
i've checked their main web site, their wiki, and their downloadable PDF
based on a preliminary investigation lasting only 10 minutes (i.e. my
findings are NOT conclusive - they may have the code somehwere i haven't
found yet), it would seem that imagestream are not living up to their
obligations according to the licenses of much of the software they use.
this thread is about security and privacy, not about licensing issues,
so i'll ignore that side of things.
the unfortunate fact is that without access to the source code (including
all the tools required to build a binary that can be installed and run
on your hardware), there is no practical difference to a proprietary
if you can't examine the source code, compile it, install and run it
on your router then you can't verify that there aren't any hidden
backdoors, any more than you can with proprietary routers like cisco or
juniper or huawei.
in short: "Based on Linux!" is not enough, by itself. it's just a
craig sanders <cas at taz.net.au>
BOFH excuse #377:
Someone hooked the twisted pair wires into the answering machine.
More information about the Link