The OpenBSD [1] project has long been associated with security. Indeed, thanks to proactively and regularly auditing its code, the project's web site is able to boast "only one remote hole in the default install, in more than 8 years," and another page states "our aspiration is to be NUMBER ONE in the industry for security (if we are not already there)." However, security is not the only focus of OpenBSD, as reflected in the project's slogan which reads, "Free, Functional and Secure." All three of these words are strongly backed by OpenBSD developers.
If you speak with OpenBSD creator Theo de Raadt for any length of time, you will quickly realize just how important freedom is to the project. For example, freedom was the driving force behind the now ubiquitous OpenSSH [2], developed within the OpenBSD project. It has also lead to the development of OpenNTPD [3], OpenCVS [4], and the widely used pf Packet filter [story [5]]. In recognition of these many contributions, Theo recently received [6] the 2004 Free Software Award from the Free Software Foundation. The freedom that the OpenBSD team works so hard for comes without any strings, patents, or conditions, distributed under the BSD license [7].
Currently, the OpenBSD project is focusing on wireless networking technology, working to convince hardware manufacturers to make the firmware for their wireless cards freely distributable. It sounds simple enough, but the effort has taken much persistence and perseverance. Many of today's corporations require the signing of non-disclosure agreements and other legal red tape prior to making firmware or documentation available, requirements that don't measure up to OpenBSD's standards for freedom.
Wireless Support In OpenBSD 3.7:
OpenBSD 3.7 will be available on May 19'th, 2005. In it, users will find a dozen drivers for a range of wireless networking cards and chipsets (See Table 1). All but two of these work straight out of the box. For example, new in 3.7 and still under active development is the ral driver for Ralink Technology's RT2500 chipset, developed by Damien Bergamini. Damien notes that "the RT2500 chipset does not require a firmware. It relies on the host CPU for everything related to 802.11." 802.11 is the family of specifications around which wireless LAN technologies are designed.
| Driver | Description |
|---|---|
| an [8] | Aironet Communications 4500/4800 IEEE 802.11B wireless network adapter |
| ath [9] | Atheros IEEE 802.11A/B/G wireless network adapter |
| atu [10] | Atmel at76c50x 802.11B wireless network interfaces |
| atw [11] | ADMtek ADM8211 802.11B wireless network interface |
| awi [12] | BayStack 650 IEEE 802.11FH PCMCIA wireless network driver |
| ipw [13] | Intel PRO/Wireless 2100 IEEE 802.11B wireless network adapter |
| iwi [14] | Intel PRO/Wireless 2200BG/2225BG/2915ABG IEEE 802.11A/B/G wireless network adapters |
| ral [15] | Ralink Technology RT2500 IEEE 802.11A/B/G wireless network adapter |
| ray [16] | Raytheon Raylink/WebGear Aviator IEEE 802.11FH 2Mbps wireless network adapter |
| rln [17] | device driver for RangeLAN2-based wireless network cards |
| rtw [18] | Realtek 8180 802.11 wireless network driver |
| wi [19] | WaveLAN/IEEE, PRISM 2-3 and Spectrum24 802.11B wireless network interfaces |
OpenBSD's new ral driver was reverse engineered from the now GPL'd Linux driver developed by Ralink Technology. Damien described the Linux rt2500 driver as basically being "a quick and dirty port" of their MS Windows NDIS driver. He noted that it contained its own 802.11 layer making the effort quite difficult. "I had to distinguish clearly what was device dependant and what belonged to the 802.11 layer, because both are clearly separated in OpenBSD. As a result of this work, the OpenBSD driver is only ~3,500 lines long compared to the ~30,500 lines of the Linux driver for roughly the same functionalities." Damien went on to point at that this is important because "less code makes review and bug fixing much easier."
Also new in OpenBSD 3.7 is the ath driver for the Atheros chipsets, an effort led by Reyk Floeter. Reyk originally began working on an Atheros driver for Linux, an effort that earned him threats by Atheros Communications. He notes, "I discontinued working on any WLAN drivers for Linux for several reasons. It's mostly because I got excited about OpenBSD ;-)." Later, Sam Leffler, an Atheros Communications employee at the time, developed a FreeBSD ath driver that links to a binary-only HAL object. Atheros refused to open the binary file, so through much dedicated effort Reyk reversed engineered it. The new ath driver in OpenBSD began with merging Sam's original efforts with Reyk's reverse engineered binary object, although work is currently being done to simplify the whole thing, possible now that the binary object has been reverse engineered.
Like the RT2500 chipset, the Atheros chipsets also do not utilize a firmware. Chipsets that require most of the work being done by the driver are often referred to as software defined radios, or SDRs. Reyk notes, "this offers a lot of possibilities and great flexibility, but on the other hand it's not that easy to implement." As for functionality, Reyk explained that the new driver "will support basic IEEE 802.11 operation in station-, hostap- and monitor- mode. We're not supporting anything like IEEE 802.11i, WPA or 802.11e (QoS) and I don't plan to implement it in the near future."
Theo de Raadt stressed the importance of simply having drivers that work. "Rather than focusing on all the 802.11foo extensions that everyone else is, we are focusing on what really matters most: BASIC operation. If you have no basic operation with a chipset, you are 100% fucked. If at least you have basic operation, we can build further than that." It is much because of this philosophy that users of the upcoming OpenBSD 3.7 will find such wide range of functional, newly supported wireless hardware.
A lot of effort has been put into improving 802.11 support in OpenBSD 3.7. Reyk explained that additional functionality has been added to the ifconfig [20] command, describing it as now being "very easy to use and well documented in the manual page." He pointed out that this deprecates most special non-standard tools for the drivers, such as wicontrol [21]. Underneath, meticulous effort is being made to develop and maintain a generic 802.11 layer commonly used by all drivers.
Firmware Licensing
There are only two 802.11 drivers included in OpenBSD 3.7 that don't include everything required to properly function. Specifically, the ipw [22] and iwi [23] drivers for Intel hardware both require that you first obtain and properly install firmware files. As explained in their respective man pages, "these firmware files are not free because Intel refuses to grant distribution rights without contractual obligations. As a result, even though OpenBSD includes the driver, the firmware files cannot be included and users have to find these files on their own." The man pages go on to provide Peter Engelbrecht's email address and phone number, the contact within Intel that Theo describes as "the person who works with the team who can change their policy." Exactly what files need to be obtained and where they need to be installed is not entirely clear. "Why should we make it easy?" Theo asks. "The someone who can make it easy is INTEL. THEY can give us permission, and it will become easy."
When asked why they even bother to include these two drivers, Theo explained, "well, because someone wrote those two drivers. By including them, he has now become a part of our development group. Yes, there is a firmware that people do not have. A couple of files. But we tried. At least someone can now get them." While not being as easy to use as the other 10 drivers, the option does exist. However Theo cautions, "not having those files, and not clearly documenting exactly where to get them (like why should we include URLs, when URL's change all the time, and then the man pages suck)... we make it clear that those chipsets are definitely SECOND TIER. Not as well supported. Not our problem. We have done our best."
As noted earlier, everything included in the OpenBSD distribution is freely available under the BSD license. It is not possible to include the Intel firmware because Intel requires a "contractual agreement" that is incompatible with the BSD license and the OpenBSD project's belief in freedom. The belief that the binary firmware should be freely distributable has nothing to do with whether or not it is open source, a distinction that is frequently confused.
Damien Bergamini, author of both of these Intel drivers, described how companies requiring non-free agreements be made to distribute the firmware required to use their hardware, and the fact that other supposedly free operating systems willingly do so as, "a sad situation." Referring to the OpenBSD project's unsuccessful efforts to convince Intel and other companies to change their policies he added, "unfortunately, only OpenBSD has actually complained about this situation. I think we could have gotten better results if the Linux community joined us in our efforts to free these firmwares, but the ipw2100 and ipw2200 drivers from Intel are about to get incorporated in netdev and nobody seems to really care about these license issues anymore."
Damien pointed out that the problem is more than with just distribution. He described the current companies as using a "'half-open' model" in which the firmware's functionalities aren't even documented. He explains, "it is basically impossible for someone to improve Intel's drivers without this documentation. For instance, there will be no monitor or HostAP support for ipw2200 in Linux (or OpenBSD) until Intel decides so because it requires a special firmware that nobody except Intel can write."
Intel is not the only manufacturer of wireless chipsets that is refusing to work with the free software movement. Texas Instruments officially ignored over 6,000 emails and over 100 phone calls from concerned customers (potentially ex-customers, now) asking them to allow the free distribution of their firmwares [story [24]]. A once optimistic discussion between OpenBSD and Conextant recently stalled. And Broadcom, the manufacturer of the hardware used by Apple, is also on the list. Regarding Broadcom, Theo de Raadt had some harsh words, describing their hardware as "bug-ridden", and their policies as "horridly closed". He stated flatly, "Broadcom and Apple are the antithesis of free disclosure of information."
Theo summarized the responses to OpenBSD's recent efforts to get all wireless manufacturers to open their chipsets, "the American companies said no, but companies in the rest of the world are being good about being open. And the American companies are losing market rapidly now for reasons other than open and closed, and I have absolutely no reason not to support the Taiwanese or European companies who actually think this through." Indeed, the chipsets created by companies willing to work with OpenBSD include quality products in wide use. For example, Damien Bergamini described the Ralink chipsets as "very cheap and efficient (in terms of speed and power consumption)", noting that they are used by many major vendors [25] including D-Link, Linksys, Surecom and Asus. Reyk Floeter noted that some of the Atheros chipsets, namely the ar5211 and ar5212, are found in several popular notebooks including the new IBM Thinkpads, and the Sony VAIOs. Theo further explained, "we work with the vendors, to make the small and weaker ones stronger, and thereby, make the strong ones weaker."
There is still hope that one of the remaining closed vendors will open up. And if this happens, Theo explains, "if we get a few to open up, it puts more pressure on the others to open up." However this will likely take a combined effort that includes other projects beyond OpenBSD. "The really dismal part," Theo reflected, "is that the FSF and the Linux community mocked us, rather than mocking the closed vendors. That is the sad thing. The big players in those communities may talk about freedom, but it is all show, because when something of importance like this does come up they do not act."
Conclusion
The OpenBSD project takes freedom seriously. The dozen wireless drivers that will be found in OpenBSD 3.7 are a significant accomplishment. Distributed under the BSD license, they are all completely free of patents, NDAs and other contractual agreements. Ten of them work as is, and are actively maintained by one or more developers. The core 802.11 networking functionality is fully supported on each, with additional features being added.
As long as the remaining companies that refuse to work with OpenBSD and other free and open source projects continue to hear from concerned customers, the chance remains that they will eventually change their policies. Purchasing products from companies who willingly work with the free and open source communities rewards them for their actions. What happens next is largely up to you and I, the consumers.