What questions do we have for the FCC? We will be meeting with them soon (awaiting confirmation on date). Let's work together to craft them below. All meeting minutes will be filed according to Sunshine laws.
- 1 System Software definition and framing
- 2 ability to access and transmit user information
- 3 end-user or owner not an authorized party by default
- 4 unable to replace or change the software on device ever
- 5 System Software mandate is proprietary software
- 6 no requirement on user controlling software updates
- 7 authorized parties not bound by US law
- 8 remote control of device
- 9 control of authorized parties
- 10 authorized parties may disappear
- 11 authorized parties compromised
- 12 computing device may contain private or secret information
- 13 GPLv3 installation information, anti-tivoization
System Software definition and framing
Throughout this document we will use the term System Software to refer to software that controls the radio or other parameters subject to the Commission's rules.
The Commission proposes new rules that will require an applicant for certification to describe the RF device's capabilities for software configuration and upgradeability in the application for certification (Paragraph 46). Such a description would include how the System Software may control the frequency bands, power levels, modulation types, or other modes of operation for which the device is designed to operate, including modes not enabled in the device as initially marketed. However, depending on the configuration of the computer hardware in question, the System Software used to control the RF device, may also have the ability to control and access other parts of the computer unrelated to the RF-device, including the CPU or other processors on the computer as well as system memory (RAM, cache, drives, et al).
ability to access and transmit user information
Does the Commission acknowledge that the System Software software may have the ability to access the user's private information stored on the computer?
Does the Commission acknolwedge that such System Software may also be designed to transmit the private information of the user via the RF device, such as over Wifi or Bluetooth, with or without the end-user's knowledge?
The commission states that "an applicant for certification would have to specify which parties will be authorized to make software changes (e.g., the grantee, wireless service provider, other authorized parties) and the software controls that are provided to prevent unauthorized parties from enabling different modes of operation."
Does the Commission acknowledge that the end-user and owner of a device may not, by default, be considered an authorized party that will be able to install new System Software onto the computing device?
unable to replace or change the software on device ever
Does the Commission acknowledge that since the device is designed to to only run software that is authorized by a party that is not the owner or end-user, that the end-user may, in some cases, be unable to ever replace or change the software on the device?
System Software mandate is proprietary software
The freedom to be able to modify and run a program is part of the definition of free software. Software that is nonfree, is called proprietary software. Because the Commission wants to deny user's the freedom to install and run System Software of their choice, it is unlikely that authorized parties will provide to users with the corresponding source code and other tools needed in order for a user to be able to fix, modify, install new software onto the device. Even if a user was granted access to the source code, they would not necessarily be able to know if the software actually installed on their device corresponds to the source code they have been provided. Without knowing the exact corresponding source to a binary program installed on your computer, a user is not able to determine or know exactly what the software is designed to do. Does the Commission confirm that users will not be able to confirm for themselves whether or not the software installed on their device corresponds to any source code provided for the program, if any such source code were provided?
no requirement on user controlling software updates
Does the Commission acknowledge that, while only authorized parties would be allowed to provide new software to be updated, that the Commission has not put in place any requirements that it **must** be at the choice of the end-user or purchaser of a product to decide **if** new software will be installed on the device?
Does the Commission acknowledge that it may, in some cases, be the case that the only authorized parties listed and able to install new System Software are companies not located in the United States and that are otherwise not required to abide by the laws of the United States?
remote control of device
Does the Commission acknowledge that because the System Software may have the ability to conrol the wireless capabilities of the device that the System Software may be designed to connect and share information, or even allow for the authorized party to be able to effectively remotely control the device without the user's knowledge or consent, when that device has connected to the Internet or a local area network for which the RF device is designed to interact with?
Does the Commission acknowledge that the authorized parties may be corporations that may be controlled or may eventually be acquired by other companies, governments, or foreign entities?
Does the Commission acknowledge that authorized parties may sieze to exist and therefore it may be the case that an individual may never be able to update the computer again?
Does the Commission acknowledge that authorized parties based outside of the United States may be compelled by their local governments or other entities to share the means or methods for providing software updates for authorized equipment?
computing device may contain private or secret information
Does the Commission acknowledge that the computing devices maybe purchased by officials within all branches of state and local Governments which may or may not be using the computing devices for viewing or producing confidential information including, but not limited to, secret information and private medical information?
GPLv3 installation information, anti-tivoization
The GNU General Public License version 3 (GPLv3), is one of the most widely used free software licenses. GPLv3 requires that if you distribute software under its terms such that the software is installed on a device, then you must not only provide users with access to the complete and corresponding source of GPLv3 program, but you must also provide them with the installation information to install and run the program on the device. Does the commission acknowledge that its proposed rules are likely to discourage the use of the GNU GPLv3, since the requirements of GPLv3 are at odds with the Commissions proposed rules?