What if I told you that an Intel 7260 dual-band dual-stream (marketing value 1200Mbit/s) 802.11ac mPCIe card with Bluetooth 4.0 costs just $26.50 including shipping and with just 5 to 15 minutes of your own work, you should be able to ditch the sub-par 802.11n single-band single-stream cards that many laptop manufacturers fit as standard equipment? Sounds like a great deal, but hang on … as I and many others have discovered, things are not so simple.
A Wireless Upgrade – Why it Makes Sense
Throughout the different iterations of wireless technology, the speeds and coverage have always improved from generation to generation. Even if you might be happy with your Wi-Fi today, it can make good sense to upgrade your card now.
For one, if you have a faster dual-band card, you are able to move off the crowded interference-prone 2.4Ghz network to a quieter and often much-faster 5Ghz network. If you already have the infrastructure, this is a pretty good move as it will free up the more limited and contented 2.4Ghz band for the few devices that require it.
If you have a faster dual or triple-stream card, you will be able to “talk faster” on the same band within the same bandwidth. As the air-time is shared amongst all wireless clients, having more streams at both ends will allow supporting clients to use less air-time for the same amount of throughput, or gain more throughput for the same amount of RF bandwidth. This in effect, leaves more air-time for other clients and co-channel networks to use.
Finally, by upgrading your card to the later, or latest standards, you can improve network performance as backwards compatibility with legacy 802.11a, b and g clients have significant overheads and disable some of the throughput enhancement functionality in 802.11n. By ridding your network of such legacy clients, you can run 802.11n ONLY modes in 2.4Ghz and 802.11ac ONLY modes in 5Ghz and receive much better quality of service.
But it’s not all about you either. If you ever use shared infrastructure Wi-Fi, say at a university or free Wi-Fi hotspot, by upgrading to the latest technology, you can get better service, while helping their networks perform optimally by de-congesting 2.4Ghz and operating in very-high throughput modes in 5Ghz freeing up air-time for other users on the same AP. Considering this doesn’t cost an arm and a leg, a good citizen should strongly consider this. A malicious user, however, might just try to get their 802.11b card joined on …
In the past, such upgrades were rare because internal wireless cards were not easily available, and often had high costs, especially for leading edge cards which featured the latest enhancements. Interestingly, it seems, this is no longer the case and even dual-band dual-stream wireless 802.11ac cards are affordable. Triple-stream wireless 802.11ac cards still cost a lot, and similarly to how triple-stream wireless 802.11n works, typically offers limited benefits when vendors are mixed. At this relatively affordable price, it would even make sense to buy cards for a future standard, say 802.11ac if you are only running 802.11n at home as you will be able to utilize the capabilities in the future without paying much more.
In the case where a dual-band dual-stream wireless N card is already installed, it is simply a matter of exchanging the cards which normally means undoing two antenna connectors, one or two screws, levering the card out, pushing the new one in, screwing it down and re-attaching the antennas.
See? The hardware side of things is hardly difficult. Most computers come with two antennas installed already, although I did meet one with just a single antenna. It wasn’t a hassle to shoehorn a second antenna into the chassis somewhere else, and glue it in place. If your computer is relatively older, it may have a full-length card, in which case a low-cost metal bracket adapter from eBay should fix that up.
If you only have antennas for single band 2.4Ghz, then operation at 5Ghz will be sub-optimal and could result in higher VSWRs resulting in shorter range and greater losses. However, with the low power, it’s unlikely the card will be damaged.
Rather excited, I ordered a total of four cards to upgrade various machines that I owned, so as to help free up the 2.4Ghz band for the many devices that can only operate there, and improve the quality of service and throughput to those clients.
The Plan Falls Apart
I was feeling relatively good about this, because I had upgraded my refurbished Asus laptop with no trouble, and I did do this in the past when wireless A became a little bit popular, and I wanted some of my most used wireless G clients to have a chance to use 5Ghz A, so I started hoarding Intel PRO/Wireless 3945ABG cards.
But alas, it seems things had changed in-between some time, and my fairly well-used HP Probook 4525s complained about the card.
The system stood there, unhappy, refusing to go forth until either the slot was completely vacated or the original card was re-inserted. That’s one laptop which won’t see the sweetness of dual-band 802.11ac.
I then tried to do the same to my HP dm1-4xxxAU, which … also didn’t like the card. It stood its ground, with a slightly different message.
As it turns out, this phenomenon is known as whitelisting, and is where the system vendor (HP in this case) decides to limit the system through the BIOS software to only certain approved wireless card product and vendor IDs. As a result, only approved wireless cards with the correct part numbers, sourced from the vendor can be used.
The Whitelist Conspiracy
It seems that this whole whitelist issue has had limited media coverage, but has been met by many relatively technical people and may be one of the reasons mPCI/mPCIe wireless cards aren’t more widely available and upgrades are not often done.
At this time, it is known that some recent Lenovo, Toshiba, Dell, HP and Compaq follow this whitelisting practice. From my experience, it appears that Asus, Acer, and MSI don’t.
From what we known, it seems the whole whitelisting initiative has to do with making the system compliant to FCC standards, so that the unit as a combination can be passed. But unfortunately, such a reasoning doesn’t really wash with me for several reasons:
- The FCC certifies the combination as compliant, but if any change to configuration occurs, then the new combination isn’t technically compliant, even if by using other FCC compliant devices. This may mean that a laptop and charger is FCC compliance tested, but there is no way to guarantee that plugging in an FCC approved USB wireless adapter won’t void it.
- The manufacturer doesn’t really have any requirement to ensure the product remains compliant once an owner deals with it. For example, you can upgrade the RAM or hard drive and that could easily immediately void the FCC compliancy – so why not the wireless adapter?
- Other manufacturers are able to sell into the US market, and thus would be required to meet FCC requirements, but do so without the use of whitelisting.
- Identical wireless card hardware is sold with the same model numbers and approvals but do not work as the whitelisting is often based on custom vendor-based VID/PID combinations.
- The concept of FCC compliancy doesn’t apply outside of the US. Products outside of the US are to be certified to different local standards, and I don’t believe that those preclude the change of hardware by end users.
- Laptop users are known to roam the world, say, for business – having wireless cards with incorrect country code settings are likely to be an even bigger issue than having an upgraded wireless card, which in itself is FCC approved …
In the end, this is just another form of DRM and is really not welcome. Just like any other DRM, it has been shown to cause inconvenience to users:
- In some cases, it was proved that the cards that are on the whitelist are not actually coded into the BIOS and ordering these part numbers will still run into issues.
- In other cases, it is shown that the parts were sold at a huge mark-up compared to the non-whitelisted part despite containing the same hardware.
- It causes inbuilt obsolescence – should you wish to move to an 802.11ac-only network for the best performance, you have a choice of either staying on the (very slow) 802.11n 2.4Ghz band, or use an inconvenient USB external adapter with some performance and convenience penalties.
- By shipping many SKUs with the bare minimum wireless technologies (i.e. “align” 1×1 2.4Ghz Wireless N “150Mbit/s” cards), they are contributing to wireless spectrum congestion by making their computers consume more air-time for the same amount of data transferred. They are also reducing user satisfaction by making their laptops use the more congested and interference-prone band. Considering wireless-spectrum is a shared “public” property, this is very inefficient and prolongs the use of older wireless technologies which mean that higher throughput modes are unable to take full advantage of their abilities when operating in mixed (protected) modes.
- Users of other operating systems, for example, Linux may have to contend with the fact the adapter supplied may be poorly supported without any option to change to a better supported adapter.
- This fact is not communicated to end users when purchasing the laptop, and such whitelisting is known to extend to WWAN and GPU cards.
- Moving countries with a laptop with a WWAN card, there may be no possibility to change the WWAN card to one that supports local bands or standards.
In all cases, this is not a hardware limitation and there is no hardware reason why the cards are not compatible. The incompatibility stems from the software in the BIOS. It’s gotten some people quite angry to the point of having a petition online, but we all know that these things don’t really get really far.
Evade the Block? Oh no you don’t!
When the issues were first reported, several evasion methods have been reported. Reports of taping up certain pins, modifying the EEPROM of the wireless cards to have a different VID/PID have been made, although they can be quite difficult to achieve. Modifying the EEPROM will have other effects, such as causing the incorrect drivers to install, and making installation of the correct drivers more difficult.
Most of these are generally unsuccessful against modern machines or come with significant caveats with the exception of a modified BIOS. Unfortunately, such modified BIOSes come with no warranties and are mostly the work of community BIOS hackers with limited time and resources. With the vendors changing their BIOSes periodically, keeping up with the latest BIOSes is an issue.
For older HP laptops, some BIOSes are available if you do a search. However, with my laptops, I couldn’t find any. I did find one for a similar HP dm1-3xxx but flashing that one bricked the laptop until I recovered it manually.
HP laptops currently use an Insyde BIOS. There have been instructions (here, and here) to remove the whitelists from these BIOSes, but I think they really only apply to the older 1Mb size BIOS. Both my laptops are 2Mb size.
Both instructions are similar in that they are changing the opcode for a conditional jump that closes an infinite loop after test al,al with an unconditional jump.
The first step was to use the Universal BIOS Backup Toolkit to extract the BIOS from my HP laptops. This is because the BIOS in the flasher is generally encrypted and compressed to prevent direct tampering. Following the instructions, I used the Phoenix/Dell/EFI SLIC Mod Toolkit to decompress the BIOS image and extract the DXE Core and analyze it in WinHex to find the relevant module with the error message.
In the HP dm1-4xxxAU F.19 BIOS, it was found in the StartUpMenu module.
In my HP Probook 4525s F.21 BIOS, it was found in the ErrorLog module.
Analyzing the modules in IDA Pro, I could not find test al,al, nor could I find any calls to subroutines with an obvious infinite loop “trap”. In fact, the only looping structure in the whole module I could see was this one, which was present with subtle differences between the two BIOSes. This one seems to have a possibility of exiting, so it probably has a meaningful purpose, although the line test rdi, rdi is not test al,al … and the condition at the end of that block is a jz not a jnz as the instructions alude.
It’s really not a good idea to make changes without a good idea what is being done, and my understanding of x86 opcodes is almost non-existent, and I haven’t the faintest clue on how to trace the execution properly. My assumption is that the locking method has changed in the Insyde 2Mb BIOSes, and as a result, very few hacked/patched BIOSes are available. The locking may be taking place in another module altogether.
This took me a whole afternoon of playing around – which led to me learning a little more about how complex modern BIOSes are, but alas, no success.
Whitelisting is a software-based practice which limits the usable wireless cards in a system to those which have been pre-approved by the vendor. There appears to be no hardware-based reason for this, and it seems this form of DRM produces an inbuilt obsolescence and financial benefit for the vendor while providing no benefit to the end consumer.
If the vendors wanted to care for their end users, they would release an unencumbered version of their BIOS. Even if it’s marked “beta” or “warranty voiding”, I would not care because I know that’s what I want. It’s my hardware, it should be my choice. By making their BIOSes needlessly complex, and involving code signing, even community-driven BIOS modification is not able to keep up with the variety of locking methods that exist. Unfortunately, I don’t have sufficient skills to contribute either.
I think that those who care should vote with their feet and avoid the vendors that whitelist so as to keep their options open in the future. However, the majority of users probably won’t ever see or understand the message … and this will probably continue into the future.
As a result, of the cards that I had ordered, many of them went into less-frequently-used old netbooks, rather than the much more modern systems which see more use.
Almost two years later (24/07/2016), with thanks to information supplied by a reader, the Probook 4525s has been liberated. Read here to find out more.