Murphy's Law: Do You Really Want an Open-Source Router?


I'll admit, I was a little bit excited when I read earlier this week that Netgear was launching a quote-unquote open-source router. It's not very often--well, hardly ever--that one sees a larger corporate manufacturer of computer hardware so brazenly embrace the ideals (and code) of the open-source enthusiasts. If anything, it seems that companies in the networking space tend to go a little out of their way to ensure that one can't add or tweak a store-bought device with unofficial firmware. I think they'd much prefer to up-sell you additional features than watch you unlock them yourself, but that's just me.

And yet, here we are! An open-source router! Just the kind of thing you want to bring home, install into your network, and begin updating with the best DD-WRT, OpenWRT, or Tomato firmware you can get your hands on. Imagine the possibilities! Imagine the new features you might be able to play around with! Imagine the joy in your family's eyes when you tell 'em how you've transformed your Jekyll of a local area network into an beastly, unrestrained Hyde. They'll talk about this day for the next five family gatherings at least !

I exaggerate, but only because it seems that the marketing team for Netgear's WNR3500L gigabit router is probably benefiting the most from this "switch" to open-source. I can't see average consumers using this device to its fullest potential, if that's even possible to begin with. The WNR3500L isn't actually open-source all the way. By incorporating closed-source drivers into the product--and triumphing third-party firmware that may or may not run afoul of the GPL itself--Netgear could actually be costing consumers valuable security and functionality.

Consumers Don't Care

I'm sorry, I just have to state the obvious: Average consumers do not care about open-source. Or, rather, they don't care about open source unless it's packaged into a product such that they don't have to lift a finger to reap its benefits. The Chumby is a perfect example of a device that's full of easy-to-use, open-source goodness; Netgear's WNR3500L is not.

It's a simple equation. When a typical router-purchaser picks up the product, he or she will find a fully working, factory-default installation of Netgear's usual configuration back-end. Said person might even jump into the configuration screen and forward some ports or and rename the wireless network to something witty/profane.

Beyond that, there's no impetus on Netgear's part to guide the user to a third-party, open-source firmware package, nor any reasoning or comparisons to suggest what benefits could come from the switch. Few users typically update the firmware of their devices when the manufacturer offers a change or fix. Fewer still go out into the wide world of the Internet hunting for unofficial replacements to use in place of official firmware.

Let's face it: an average person simply isn't going to explore an open-source route no matter how big and bold the phrase was on the box copy. To these people, a product working as expected out of the box is enough of a reward. Why mess with it?

Enthusiasts Remain Unrewarded

I would expect Maximum PC readers to want to take the plunge into third-party firmware more than most. Kudos to you. Only, by doing so, you run the risk that comes from working with software that's technically unsupported and untested on a wide scale. But let's ignore the potential device-breaking implications and assume that your third-party firmware installs flawlessly. Here's the problem: The underlying code of the WNR3500L's modules --especially those related to the core functionality of its Broadcom chipsets--is proprietary. That includes its ethernet and wireless drivers.

This becomes a real issue for third-party creators that want to update the WNR3500L based on a newer version of the Linux kernel. Without the source code, there's no easy way to compile updated modules that work with later kernels--save for reverse engineering code that's found in completely different routers. Updated Linux kernels aren't backwards-compatible , after all: a module coded for kernel version 2.4 just won't function in kernel version 2.6.

As an open-source enthusiast, you lose the security upgrades and functionality that a newer kernel would bring to the table. And even then, life isn't peachy for third-party firmware that's stuck with the closed Broadcom drivers for kernel version 2.4. Just look at the small list of issues found in the OpenWRT drivers Netgear is hosting and promoting:

  • WPA and WPA2 are not working.
  • SAMBA support is not present.
  • NAS can be accessed only through command line using utilities such as ftp
  • No GUI support to access NAS is available till now.

Is the Firmware Truly Open?

I won't hit this point too hard, as I feel like each week of Murphy's Law is another look into some alleged violation or misinterpretation of the GPL. Suffice, controversy exists over whether firmware like DD-WRT and Tomato--which, again, Netgear promotes--violates GPL licensing. Or, at the very least, that either firmware options violate the spirit of open-source.

The charges back and forth, especially with DD-WRT, are a festering nest of he-said she-said. Suffice, there's been enough squabble over elements like DD-WRT's locked-down UI (a closed feature in an open-source architecture) to give thought that the application might not be playing by the full set of rules required by the GPL. It's conjecturing and controversy rolled into one, and it's not exactly helped by what developer "Brainslayer" states the following on the DD-WRT wiki :

"WARNING: Due to abuse by those re-branding DD-WRT and selling it, or pre-flashed routers with it on eBay, builds dated later than 08/04/2006 have some protections against re-branding the web UI."


As it stands, I see Netgear's WNR3500L as more a product of hype than a legitimate push for a truly open-source networking device. And even then, is the consumer world ready for such a product, especially when said open-source router is clocking in at a $140 price tag? (Admittedly, it includes some extra hardware beyond its non-open-source-themed cousin.) When I think "open-source" from a consumer standpoint, I think, "Wow, this device will probably be less expensive because the software was in all likelihood free of charge."

With the WNR3500L, it's a different question: "Where'd my wireless security go?"

David Murphy (@ Acererak) is a technology journalist and former Maximum PC editor. He writes weekly columns about the wide world of open-source as well as weekly roundups of awesome, freebie software. Befriend him on Twitter, especially if you have an awesome app or game you're dying to recommend!

Around the web