[OpenWrt-Devel] New Ubiquiti AC products locked against 3rd party firmware?
Petr Štetiar
ynezz at true.cz
Mon Nov 30 03:38:43 EST 2015
Ben West <ben at gowasabi.net> [2015-11-27 10:00:51]:
Hi,
> This person is reporting a new Ubiquiti AC AP where there the bootloader
> does an RSA signature check on the firmware image.
let's hope, that it would be possible to replace/patch that unfriendly U-Boot.
> Could anyone else confirm if they've observed the same, and if it now
> prevents loading OpenWRT, etc? Or at least, confirm if the RSA signature
> checking by the bootloader was not present before?
We're using UBNT products and I can confirm, that there wasn't any RSA
firmware signature checking previously and we're able to run OpenWRT on them.
Maybe it's time to look around for alternatives...
-- ynezz
> ---------- Forwarded message ----------
> From: Andrew Margarit | Cucumber WiFI <andrew at polkaspots.com>
> Date: Fri, Nov 27, 2015 at 7:59 AM
> Subject: Re: [FCC] New AP with the lockdown
> To: fcc at lists.prplfoundation.org
>
> Hi there,
>
> Just to let you know, I've been looking at the Ubiquiti new AC APs, and it
> looks like they added a RSA check in the bootloader.
>
> Firmware Version: BZ.qca956x.v3.4.7.3284.150911.1650
> RSA Signed Firmware. Verfiying please wait...
> Decrypted hash: f8 2b 45 72 9f e4 5f 46 a0 96 43 37 57 4f 49 ab 43 dc 1e 8c
> Image hash : f8 2b 45 72 9f e4 5f 46 a0 96 43 37 57 4f 49 ab 43 dc 1e 8c
>
> All fun and good!
>
> --
> Andrew Margarit
>
> Wi-FI Chief | Cucumber Tony
> Andrew at polkaspots.com
> cucumberwifi.io
>
> twitter/cucumbertony
> _______________________________________________
> FCC mailing list
> FCC at lists.prplfoundation.org
> http://lists.prplfoundation.org/cgi-bin/mailman/listinfo/fcc
>
> --
> Ben West
> http://gowasabi.net
> ben at gowasabi.net
> 314-246-9434
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list