Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Re: osed data retention law WAS Republicans propose data retention laws etc

From: David Farber <dave () farber net>
Date: Mon, 23 Feb 2009 07:00:40 -0500


Begin forwarded message:

From: Tom Goltz <tgoltz () QuietSoftware com>
Date: February 22, 2009 8:12:37 PM EST
To: "Steven M. Bellovin" <smb () cs columbia edu>
Cc: dave () farber net, "ip" <ip () v2 listbox com>
Subject: Re: [IP] osed data retention law WAS Republicans propose data retention laws etc 

At 02:17 PM 2/22/2009, David Farber wrote:

Given that they already have flash for configuration data and firmware
updates, and given how ubiquitous and large flash chips are, I'm not
sure that that argument is very defensible, especially going forward.
Remember that the goal is to log DHCP lease assignments, not full
traffic or email logs.  At least, that's the goal for now...
Speaking as an embedded systems firmware developer for over fifteen years, with considerable experience working with flash devices, I very much doubt it will be easy to retrofit the majority of the consumer market WiFi routers to internally log 2 years worth of DHCP assignments. Taking for example the highly popular Cisco/Linksys WRT54G: it originally had 4mb of flash, but the latest hardware runs smaller-footprint firmware and only has 2mb, and the "compact" version has as little as 1mb of flash. These devices ALL have a single flash chip.
Generally speaking, the smaller the flash, the larger a percentage of it will be used by the device firmware, and as the vendors have sought to cost-reduce their designs in a fiercely competitive market, the unused flash space approaches zero.
Additional headaches include the fact that few flash chips can be read while they are being written, so logging to a flash chip would prohibit directly executing firmware from that same flash component at the same time.
The cheaper flash parts tend to have limited write-cycle durability, only being able to erase and write a given area around 10k cycles before it wears out. Not a big deal for something that might update it's firmware and configuration a few hundred times in it's normal lifetime, but a real concern for data logging.
Even assuming you could somehow fit a logging facility into the hardware constraints, and Cisco could go back and release firmware updates for the 50+ different versions of the WRT54G alone, the majority of these devices are in the hands of owners who have no concept of "firmware" and how to update it.
The implementation of this data retention requirement would have to mandate the replacement of every single WiFi Router in the country, and possibly ban the use of open-source firmware.
Take a look at the Wikipedia page on the Linksys WRT54G router: http://en.wikipedia.org/wiki/Linksys_WRT54G_series and you'll begin to get a feel for just how improbable a task this logging requirement would be. 






-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: