Open Source GSM Network At Dutch Hacker Convention

solevita writes "Harald Welte, who's been interviewed previously by Slashdot, has written on his blog about operating an Open Source GSM network at the recent HAR2009 conference. Photographs and a description of the setup, run under license of the Dutch regulatory authority, are provided; essentially the setup consisted of a pair of BTS' (Base Transceiver Stations) running at 100mW transmit power each and tied to a tree. In turn these provided access to the Base Station Controller (BSC), in this case a Linux server in a tent running OpenBSC. The system authenticated users with a token sent via SMS; in total 391 users subscribed to the service and were able to use their phones as if they were on any other network. Independent researchers are increasingly examining GSM networks and equipment, Welte's work proves that GSM is in the realm of the hackers now and that this realm of mobile networking could be set for a few surprises in the future."

What are the costs?

[bogaboga]

Can someone put a figure on the cost of equipment involved? This would be very useful for folks on large farms where radio (read Walkie-talkies) do not cut it.

Re:What are the costs?

[MBCook]

I'm not surprised that little walkie-talkies might not work over long distances. FRS radios (which may not be legal for commercial purposes) are limited to 1/2 watt.

Amateur Radio would certainly work, with handhelds easily available that do 5W (such as the Yaesu VX-7R) or you could get models designed for cars that do much more.

The only problem with ham radio is you aren't allowed to use it for business purposes, so for anything other than chatting between farm hands you couldn't use it.

The only real problem I've seen with little radios like the VX-7R tend to be that the interfaces are horrible. They come from the "here is 20 buttons and 3 function keys, plus holding means something" school of interface design. I don't know if there are any with better interfaces.

Ooh! I know what you need. GMRS radios can be up to 50 watts and used for commercial purposes (I'm pretty sure). You need a license, but there is no test, just a fee (according to Wikipedia).

Re:What are the costs?

[TheRaven64]

And the legal issues. I was under the impression that the GSM frequencies were licensed and could only be used with permission of whoever bought that slice of the frequency. Are there any special exemptions for very low power transmitters?

Re:What are the costs?

[Cyberax]

Depends on country. For example, in Russia it's legal to use licensed frequencies for low-power transmissions for indoor use. It's illegal to interfere with licensed devices, though.

Re:What are the costs?

[multisync]

I was under the impression that the GSM frequencies were licensed and could only be used with permission of whoever bought that slice of the frequency

Isn't that what the summary was referring to when it stated: "run under license of the Dutch regulatory authority"?

Re:What are the costs?

[multisync]

Oh. You meant legal issues for the cowboy, not the hackers.

Never mind.

Re:What are the costs?

[bushing]

Can someone put a figure on the cost of equipment involved? This would be very useful for folks on large farms where radio (read Walkie-talkies) do not cut it.

The setup seems to be:

• two BTS with two TRX each - Each BTS is a surplus Siemens BS-11, which they are selling for 300 Euro. (I almost bought one at 25C3, until I realized they were almost 46 Kg each)
• two antennas -- included in the purchase price of the BS11
• E1-to-PCI interface card - 350 EUR

So, I'd call that about 1000 EUR, not including the Linux PC driving the whole setup.

Re:What are the costs?

That kinda thing happens only in civillized regions of the world anyway.

This article is merely masturbatory material for Slashdotting Americans who wish that their government wasn't the sixth Reich. While we're at it, we'd like ponies. captcha: unrest

-- Ethanol-fueled

Re:What are the costs?

Really? I thought in Soviet Russia, frequency licenses you!

Re:What are the costs?

[DarthBart]

Yes, my father and I ran a GMRS radio system with a phone patch many many years ago. The primary customer was my uncle with his well drilling & service company, along with a few realtors.

There was a 50 watt repeater on the top of a hill, running on the 450Mhz band.

Re:What are the costs?

[socsoc]

How large are the farms, did CB not work out? Have you tried radios that aren't consumer branded, but require permits? I've seen the latter work very well in mountainous areas over quite a distance.

Re:What are the costs?

Well, GMRS is one option, but MURS might be better, as no license is needed, and there are many less users (bubble-pack pirates operating on GMRS frequencies tends to keep channels pretty busy).

Now I don't know what counts as a big farm where you are; if it's big enough (something like 5 miles) you may want to use a repeater, making GMRS the only obvious option, but if it's small enough to get by with simplex, I'd go for MURS. You can find old HT1000s and such for $30 or so, just make sure they're programmed for the 5 MURS channels, and you're good.

Re:What are the costs?

[obi]

Another option might be a DECT cordless phone network - I vaguely remember it being used in Italian city centres as an alternative to cell phones.

Re:What are the costs?

GMRS cannot be licensed for businesses in the US. There are some business users who were grandfathered in when the rules changed. GMRS is licensed to individuals for their and their immediate family's use. This could include business activity though. Also you're not licensed a set frequency, rather a collection of frequencies which make up the GMRS service.

http://wireless.fcc.gov/services/index.htm?job=service_home&id=general_mobile

However, you can acquire a license for your business and depending on your needs, even your own frequency.

http://wireless.fcc.gov/services/index.htm?job=service_home&id=industrial_business

There's also MURS which may be used for any purpose and is license free. However it's only five VHF channels and power is limited to 2 watts, also there's a serious lack of certified equipment for this band. Most users are using grandfathered in part-90 certified radios on MURS.

http://wireless.fcc.gov/services/index.htm?job=service_home&id=multi_use

Re:What are the costs?

I agree. When everything is decided then the government turns to the most silly things you can possibly imagine. (Living in the Netherlands)

Re:What are the costs?

[EelcoV]

If there is spectrum available, and if licensed spectrum users are not harmed in their rights, and if there is a bona fide reason for running an experiment, then an experimental license can be granted, with limitations on transmission power and duration. The fee will be cost based, unlike the commercial GSM licenses, which were auctioned.

Re:What are the costs?

you got it wrong, in soviet russia, it is legal for licenced frequencies to use you!

Re:What are the costs?

[Gordonjcp]

I'm not surprised that little walkie-talkies might not work over long distances. FRS radios (which may not be legal for commercial purposes) are limited to 1/2 watt.

That's why you can buy commercial radios, which output up to about 5W, or more for vehicle installations. Of course, you need a licence for those (at least in the UK, and I don't see why it would be different anywhere else). Typically what you'd do is program them to work split (ie. transmit 6.5MHz above the receive frequency) and mount a base station in a nice high spot on your farm. Okay, so you'd effectively only have a single channel, but again depending on your licence you may be able to program the radios to work on the same frequency so people near each other (the guy driving the mower and the guy driving the silage trailer) can talk to each other, without bothering people on the rest of the site.

It all costs money though ;-)

Re:What are the costs?

All your bubble-pack are belong to us. Harr!

Re:What are the costs?

[Lennie]

What is also interresting, a lot of commercial licences will run out in a few years and as everything seems to be moving to newer sutff like 3G (and a lot of people seem to get a new phone every few years), their might be a slight chance the operaters don't want to extended the existing licences. This will mean existing channels might start to free-up. And it might be a lot cheaper to get such a license ? But we'll have to see if that will really happen.

Re:What are the costs?

[rvw]

Another option might be a DECT cordless phone network - I vaguely remember it being used in Italian city centres as an alternative to cell phones.

In Italy you can use the Washing Line communication protocol. Just have a big mamma on each side holding the line, and some tin can from the pasta sauce ready and there you go! This is ideal for passing news around. It spread like you've never seen. The Internet is nothing compared to this.

Re:What are the costs?

[mcvos]

Another option might be a DECT cordless phone network - I vaguely remember it being used in Italian city centres as an alternative to cell phones.

DECT phones are also popular on HAR2009 and similar events. This time we had two alternative phone networks to choose from.

Re:What are the costs?

[suntac]

Some information is given on the costs during the talk, you can find links to the video archive of the talks at https://wiki.har2009.org/page/Media

some of the pages are currently down I think because the event network is down however servers should be on the move back to the datacenter. Some of the links are currenlty working so you can already have a peak.

Regards,
Johan Louwers.

Re:What are the costs?

[lewko]

Nyet.

In Soviet Russia, Licensed devices interfere with you.

Re:What are the costs?

The rules may have been different at that point, but for the GP's benefit, I'll point out that patches aren't allowed on GMRS.

Re:What are the costs?

GMRS can only be used for commercial purposes between members of the same immediate family. It is a personal radio service not really intended for commercial purposes. Instead, consider using MURS.

Re:What are the costs?

My understanding is that the lower frequency GSM bands along with the top end of the analog TV frequencies are going to be re-licensed for LTE as 2600MHz which is likely to be licensed initially doesn't penetrate buildings well enough.

Re:What are the costs?

[petermgreen]

There are still new phones being sold though that are GSM* only. Hell even the expensive iphone only got 3G in it's second iteration.

And while heavy/rich users may change thier phones every couple of years lighter users often don't.

Given these factors I don't see GSM going away any time soon.

*In GSM I include GSM packet data extentions like GRPS and EDGE.

Re:What are the costs?

[gr8dude]

FYI, when a Russian says "no" they say "net", not "nyet".

I have no idea where this comes from, but I've seen many non-Russian speakers (even those whose native language has a word that sounds exactly like "net") write and say it that way.

Must be some sort of a meme...

Re:What are the costs?

[Vastad]

I hope you come and check your post Mr A.C. because if you call the post-Cold War Internet-Age US the 6th Reich, I'd like to know what the 4th and 5th were, in your humble definition.

Last I checked we stopped at 3.

Actually...what were the 1st and 2nd?

Re:What are the costs?

[zby]

The point of using the 'nyet' transcription is that it suggests that the 'n' sound is 'softened' while 'net' does not.

This might be something good

[Whuffo]

My home telephone is a SIP phone and I don't have to play the AT&T game anymore. So how long until cell phone service is dirt cheap?

OpenBTS?

Why not use this?

http://openbts.sourceforge.net/

Re:OpenBTS?

[zeromorph]

Because they are running Siemens base stations and for that Harald started OpenBSC. Both projects are under GPL and are in close contact as far as I know.

Harald had a talk at 25C3 about their project, and were running a small setup there in the basement. AFAIK, because all frequencies are sold in Germany - there should be at least one for independent testing, but they sold all to the telcos - maybe that's why they are running the larger test in the Netherlands now.

what it means

[phantomfive]

Welte's work proves that GSM is in the realm of the hackers now and that this realm of mobile networking could be set for a few surprises in the future

What this means by 'surprises' is people hacking the network and getting free phone calls. It's a whole new generation of phone phreaking, except it's not as cool because phone calls around the world are super cheap now anyway (or free using skype), and we can do conference calls with as many people as we want easily. So now it's probably not worth the effort. If you can rerout numbers, that might still be cool.

I know for a fact that there are vulnerabilities in the CDMA network, and I don't know as much about GSM, but I have no reason to believe there wouldn't be vulnerabilities in those networks.

Or maybe someone else can think of a use for this, that isn't covered by CB radio already? Besides being cool, I mean.

Re:what it means

[bhtooefr]

CB is rather bandwidth inefficient, though, and can't handle multiple users well. Then again, allowing average Joe to throw up a cell tower isn't the greatest of ideas for spectrum utilization, either.

Re:what it means

What type of vulnerabilities? DOS? Remote exploit?

Re:what it means

[OrangeCatholic]

I know for a fact that there are vulnerabilities in the CDMA network, and I don't know as much about GSM, but I have no reason to believe there wouldn't be vulnerabilities in those networks.

Vulnerabilities? You make it sound like there is some level of security. There is none.

First of all, you have no idea what software is on your phone. Somebody from the phone company could remotely access your phone and you would have no idea. A third party could potentially access your phone as well.

Second, it's wireless, so a snooper can pick up your packets in the air.

Third, it's digital, so anywhere along the network, somebody from the phone company can collect your packets and listen to your phone calls.

Fourth, if anyone is spying on the person you're talking to, then they're also spying on you.

Fifth, cellphones are required to broadcast your physical location (E911). You can't turn it off, you can't access the data, and you actually pay for it on your bill.

Re:what it means

[socsoc]

can't handle multiple users well

It can handle it just as well as any other multiparty radio system

Re:what it means

[phantomfive]

Mainly ways to get free phone calls

Re:what it means

[phantomfive]

That's all pretty much the same as with regular phone calls over copper. When I said security issues, the only additional thing I was thinking about was now it won't be long before people start making free phone calls.

Re:what it means

Fifth, cellphones are required to broadcast your physical location (E911). You can't turn it off, you can't access the data,

How? Unless it has GPS, your cellphone doesn't know anything about your physical location. It can be determined by the relative signal strengths received by each tower as your phone stays on the network, but whining about that is like saying "your computer is broadcasting an IP address!!!!!!!"

and you actually pay for it on your bill.

I'm in Europe and have a prepaid SIM, which is renewed for about 18 months every time I add a bit of money. And of course there's no charge for incoming calls/texts. I don't pay for jack.

Re:what it means

[rwwyatt]

I am going to speak in regards to GSM and UMTS networks as I know the protocol

There are security messages in Wireless Networks. There is Authentication and Ciphering in GSM/GPRS/EDGE/WCDMA/HSPA/HSPA+. In addition, there is integrity protection of signalling messages in WCDMA/HSPA,HSPA+ networks. There are a few messages which can not be ciphered/integrity protected for obvious reasons such as the initial Location Update Request/Attach Request. Yes, certain authentication algorithms have been compromised GSM A5/2. It has been superceeded by A5/3.

It is true that malware has made it onto cellular devices (Blackberry in UAE and Symbian come to mind). It is almost impossible for someone to remotely access the phone without such software existing on the device for voice frames.

Yes, the redirecting of packets/frames is a legal requirement in many jurisdictions. It usually has to be accompanied with a warrant from a relevant law enforcement agency otherwise the specific phone company employee faces criminal charges. The usual redirection is done in the MSC or SGSN and I have never seen a case where it was done at the basestation.

Re:what it means

[Jared555]

The possibility of setting up 'free/cheap cell phone access points' so people can bypass att, verizon, etc.?

Re:what it means

[maxume]

Is there anywhere on the planet where spectrum utilization is demonstrably worse than it is in the United States?

I don't think the FCC does a terrible job, or even a bad job, but people are, in general terms, pragmatic and lazy, so I wonder just how tragic this particular commons would be in the long term.

Re:what it means

[marcansoft]

I'd be more worried about 'surprises' involving A5/1 cracking and the privacy implications. As they put it in the HAR talk, TCP/IP services have been analyzed all the way and back because anyone can get an Ethernet card, put it in promiscuous mode, and start sniffing/injecting packets. This hasn't been the case for GSM until recently. Nevermind that GSM is designed such that mobile equipment (cellphones) are authenticated, but networks aren't - you can set up a rogue network and any cell will happily connect to it automatically!

A5/1 has been shown to be vulnerable many years ago. There is now an A5/1 cracking project. If you have the resources (Nvidia CUDA graphics card) you should help them build rainbow tables, or just mirror the site and SVN in case bad things happen again like they have in the past (there's more than one government that would like to shut down such a project). A public demonstration of A5/1 cracking would do a lot towards debunking the myth of GSM security.

Free phone calls? I doubt people are *that* interested in them, nevermind that any issues people find are probably easily fixable at the operator's side anyway However, another issue that might arise is DoS attacks against cell networks. Apparently a lot of GSM expects the terminals to "play nice". Deliberately doing things outside the spec can cause an entire cell to deny service to all the other users.

Basically, GSM is a very large part security through obscurity these days, and its end security-wise is looming closer. Let's hope the newer standards (3G) have done things better.

Re:what it means

[Rich0]

You seem to know what you're talking about, and I have to confess that I don't know much about GSM/CDMA in general, although I can theorize some attacks. How does the network defend against the following attacks:

1. Passive listener intercepts the credentials necessary to make calls as a phone transmitting nearby. (I assume they're encrypted, but is it strong, is everything encrypted, and is it secure against replay attacks?). This is easily defeated using encryption if done right.

2. Active transmitter broadcasts GSM service (as a base station), allows a phone to connect, and then when that phone places a call the fake base station records its credentials. Optionally then impersonate the phone to a real base station and perform a MITM. Possible defenses against this include having phones only talk to stations that present a trusted certificate and pass a challenge/response, or by having the phone pass a challenge/response rather than simply transmitting a static identifier.

3. Cell phone company employee or maybe even a shopper copies down the numbers on the outside of a phone's box and uses that to clone the phone. I'm not sure if those numbers are sufficient to impersonate the phone, or if it has some private key of some kind hidden inside.

Basically, to be secure the system has to use some kind of challenge/response system (RSA/etc) and not simply broadcast passwords/etc. The old analog phones worked in this way and cloning was a big problem with them. The question is whether they truly fixed these vulnerabilities or if they simply relied on the fact that the cost of intercepting a spread-spectrum transmission is so high that most thieves would be halted (kind of like the way that CDs were effectively protected back in the 80s by the high cost of writers).

Re:what it means

[dyshexic]

gsm is crackable but only with lots of data (multi-terabytes) and an array of FPGA see CCC 2007 discussion, their may have been a follow up at HAR BTW this is not about phreaking. its about OPEN GSM. It was licensed !!! Not only was there a GSM network, dectphone ran their DECT network backbone based on GAP (posted from a tent, field E, Har 2009 @ 4.30am We still need Volunteers!!!!

Re:what it means

[SaDan]

You are in Europe, which may explain why you don't know this bit about all cell phones sold in the US: All phones are required to have GPS or have the capability for triangulation for E911 purposes as of a few years ago. http://en.wikipedia.org/wiki/Enhanced_911

Re:what it means

[tlhIngan]

The possibility of setting up 'free/cheap cell phone access points' so people can bypass att, verizon, etc.?

Not necessarily bypass, but femtocells are poised to be the next mobile revolution. These are tiny little "cell towers" that backhaul over your broadband. Depending on the femtocell, you can have an air interface of special wifi, wimax, or even regular cell signalling. The latter designed so the carrier can reserve those channels as low-power cell tower sites.

The benefit for you, the owner, is free airtime (you're paying for the backhaul), signal if your area has poor coverage, and free 3G data connectivity. The carriers benefit by having spot signal coverage in poor areas. Businesses will be the main benefactor, besides offering customers cheap cell calls/cheap data coverage, they can push benefits to those in the local area (e.g., coupons, deals, etc). It's just like wifi service at coffeeshops - except instead of the laptop-toting crowd, you can offer it to the majority holding cellphones.

Re:what it means

That's all very interesting what you say,

I just want to make one point where you say that you think people aren't that interested in free phone calls, and I disagree. Free phone calls don't just take you from what would be a cheap call to being a no-cost call, they also mean you don't have to pay, which means you don't have to prove who you are, which means you have greater anonymity, and this is the true value in "free" calls. So there will be people who are *very* interested.

Carry on, fascinating intelligent discussion people, this is my only observation, posted AC, it's only right.

Re:what it means

1. By using a different cryptographic challenge the next time, the previous response from the phone (the one that was recorded) is useless.

2. There is no way to protect yourself against this within the GSM standard. The solution is to use a more recent standard, like UMTS.

3. I don't know about this one, it was after lunch when the course came to this item, and I was a bit sleepy.

Re:what it means

[burkmat]

Disclaimer: I could be totally wrong ;D

All your attacks depends on being able to steal credentials and be able to impersonate the phone at a later stage, but the way I've been told it works is that after the initial Location Update, the phone never talks to the network as itself. That is, after the initial connection, the phone is handed a set of temporary IDs (one time pad-style), so each subsequent page is to a different number that only the phone and the network is supposed to know. Once the phone is running low on these temporary IDs it retrieves a set of new ones.

#2 is the most blatant flaw in terms of interception: GSM never authenticates who it's talking to, if there's a network in range it is assumed to be friendly.

Re:what it means

"First of all, you have no idea what software is on your phone."
          This is true..

"Second, it's wireless, so a snooper can pick up your packets in the air."
        This is VERY difficult with CDMA -- without knowing the specific phone's spreading codes, the signal just appears to be noise and is not decodable.

"Third, it's digital, so anywhere along the network, somebody from the phone company can collect your packets and listen to your phone calls. "
          Well, they could be doing that if it were analog too.

"Fourth, if anyone is spying on the person you're talking to, then they're also spying on you. "
          Goes without saying. In fact, this old Dragnet episode, the guy's like "Hey, you can't tap my phone!" "We didn't, we put a tape recorder in your office". (They only got his end of the conversation but that was plenty to incriminate him. The recorder really burned through tape, it was quite high inches-per-second, it almost looked like it was fast-forwarding.)

"Fifth, cellphones are required to broadcast your physical location (E911). You can't turn it off, you can't access the data, and you actually pay for it on your bill."
          Well, this goes back to point 1 you make (trusting the software), but Verizon's phones ALL have an option to only allow any GPS access for 911 calls, so I can turn it off. Also, I can access this data -- I set the E911 menu to "Allow all" (then there's a second app that still blocks GPS access accept to apps you allow). I tell *that* app to allow VZNavigator access, and run VZNavigator. GPS info. Or I get the info out of the phone debug screen.

          Replying to the AC a few posts below....
          "How? Unless it has GPS, your cellphone doesn't know anything about your physical location. It can be determined by the relative signal strengths received by each tower as your phone stays on the network"

          Most phones *do* have GPS. The CDMA phones here use AGPS ("Assisted" GPS ... it's GPS where the phone gets GPS ephemeris data off the cellular network instead of off the GPS satellites, to get a GPS lock faster). For other phones, they don't use signal *strength* but time -- GSM networks use TDOA (Time Difference of Arrival), which measures the time difference for the phone's signal to reach neighboring cell sites. A-GPS is more accurate, but TDOA is still accurate to about 50 feet unless you're "in the sticks" and not in range of enough sites for accurate triangulation.

"I'm in Europe and have a prepaid SIM, which is renewed for about 18 months every time I add a bit of money. And of course there's no charge for incoming calls/texts. I don't pay for jack."
          The E911 fee here isn't some cell company-imposed fee, it's a ~1% tax put onto the bill. It's intention is to upgrade 911 call centers to handle the GPS location info, so if you make an emergency call from your phone, and either don't know your exact location or can't speak, they will know where to send emergency response. (It also helps direct calls to the right call center -- for instance, in California all cellular 911 calls used to go to California Highway Patrol, now if you're for instance in the middle of Los Angeles it'd route to LAPD instead.) Most likely it'll just be a cash cow, once all the 911 call centers are upgraded I'm SURE they'll forget to drop this tax. But that's how our gov't is.

Re:what it means

[fractoid]

The possibility of setting up 'free/cheap cell phone access points' so people can bypass att, verizon, etc.?

Wouldn't one then be kind of worried about impostor access points? You could set up one of these and do whatever you wished with the data going through it, complete with MITM attacks on any encryption going on. It'd be fairly hard to detect if done well, even for people who know the GSM system pretty well. For the rest of us who don't know anything beyond signal strength and the tower's broadcast name, it'd be well-nigh undetectable.

Re:what it means

[MrZilla]

My GSM/CDMA knowledge is a bit rusty, but i think it's something like this:

1. The encryption is based on the phones IMSI number, which is never transmitted in the open. The BSC/RNC will issue a temporary IMSI (TMSI) which is used for all unsafe communication (and I think even all encrypted communication). The TMSI is used in combination with some public key crypto system to guard against replay attacks.

2. I think this could work if you manage to pull it off (getting your fake BST/RBS to overpower the real one), but I can't quite remember what it is that makes your phone recognize one network as the one belonging to your provider, but should be possible to fake nonetheless.

3. To clone a GSM phone you need the IMSI number, which is linked to your SIM card, and can not be obtained from the phone before the card is in place. For UMTS phones, you can acquire the ESN and clone it, but that number should never be printed where it can be easily accessed (it's usually found inside the battery compartment.)

Re:what it means

[vlad+valis]

It's inevitable. Years from now when cheap community GSM towers are commonplace, this software project will be seen as a milestone in telecommunications. There are plenty of rural areas all over the world that could some day take advantage of this. And by the way, when we've got ubiquitous cheap GSM, what would we need 802.11 for? Great idea, awesome project! Someone give those guys money!

Re:what it means

[WillKemp]

3. Cell phone company employee or maybe even a shopper copies down the numbers on the outside of a phone's box and uses that to clone the phone. I'm not sure if those numbers are sufficient to impersonate the phone, or if it has some private key of some kind hidden inside.

If the "numbers" you're talking about are the IMEI (International Mobile Eqipment Identifier), then yes, that's all you need to impersonate a phone. I'm not sure about anywhere else, but in Australia it's illegal to change a phone's IMEI - but it's trivial to do it with most (all?) phones.

Re:what it means

The question is whether they truly fixed these vulnerabilities or if they simply relied on the fact that the cost of intercepting a spread-spectrum transmission is so high that most thieves would be halted (kind of like the way that CDs were effectively protected back in the 80s by the high cost of writers).

I seem to remember a novel device from back in those days which was used to copy music from compact disk to a thing called a "compact cassette."

You may have heard of those, they were actually very popular.
--
DK

Re:what it means

Yeah, we can technically call around the world for free with Skype... except that they don't release their software on all platforms (2.x.x for Linux?! Give me a break!), and that the sound quality is worse than a low-power radio.

Re:what it means

#2 is the usual attack, which is in use and working well

Re:what it means

[grrrl]

don't Verizon or someone have a box that has a small GSM network that routes your mobile calls over the internet when you're at home? (I only recall hearing about it, not living in the US I didn't pay that much attention)...

Re:what it means

[stupid_is]

Well, Vodafone do, so I wouldn't be surprised if Verizon do given that Vod own a large chunk of VZW

Re:what it means

[bhtooefr]

Very true, but my point was more that the GSM protocol is specifically designed to handle quite a lot of users on one tower, and to keep them from stomping on each other or on other towers by keeping power down, whereas CB users usually blast full power (or even illegally high power.)

A modified GSM (or CDMA, or even AMPS) system would be interesting to see in amateur radio, where one should only use the minimum amount of power necessary to make the contact. Modified because you'd want to remove all billing, you'd want to use callsigns instead of phone numbers (dedicated equipment would be a must, because you'd have to run on amateur frequencies, so changing stuff like that wouldn't be a big issue,) and you'd want to remove the GSM encryption (amateur radio doesn't allow for encryption.)

Re:what it means

So we can call around the world with any of dozens of other VoIP services, most of which use open standards instead. The point remains.

Re:what it means

[amorsen]

In Europe we simply let the network do the triangulation. Any phone will work. The Wiki page doesn't seem to specify whether the US system is handset-based or network-based.

Re:what it means

[Blazarov]

True, but the IMEI only identifies the phone (the handset), not the user itself. The user is identified by the IMSI (International Mobile Subscriber Identity), which, after the initial login to the network, is replaced by the temporary valid TMSI. The IMSI itself is stored in the SIM card, along with the symmetric encryption key. In order to participate on any network, you need to provide both valid IMEI and IMSI. The GSM operators should maintain records of the IMEIs used in the network. There are also so called black lists, where banned IMEIs are stored. In theory, if your phone is stolen and you report it, the operator can ban it from being used on the network (and the black lists are supposedly exchanged between operators). However, in my experience, most operators don't care - probably due to the mentioned before easy IMEI change on most handsets.

Re:what it means

[stupid_is]

In the UK this is done centrally, not by the operators individually. Consequently, most nicked handsets get shipped abroad...

Re:what it means

[Tony+Hoyle]

Vodafone do, but they charge *you* for the privilege of them using your own bandwidth to transfer traffic.

I wouldn't be surprised if that's true of the others.. mobile phone companies never miss a chance to rake in more cash.

Re:what it means

[rwwyatt]

1. In GSM/UMTS, The encryption keys are stored on the SIM/USIM and never transmitted over the air. There are two parameters passed to the MS/UE which calculates and returns a value to the network. If the two values don't match, the authentication process fails.

2.) Again, There is the issue of knowing the keys. The IMSI/TMSI/PTMSI is not enough information to successfully intercept a call. I can setup an entirely fake network for Mobile to Mobile calls, and if both mobiles are on my network, I can turn off authentication and ciphering and have complete access to the call.

3.) Private Keys are stored on the SIM/USIM

Don't get me wrong, A number of security issues still remain with Wireless Networks, but they do have a few security measures.

Re:what it means

[TheRaven64]

While the idea is good, I'm not sure why you'd want to use GSM for this. When I am in my house, my mobile phone connects to my WiFi access point and uses SIP for outgoing calls (and would for incoming calls if I told anyone my SIP number).

Re:what it means

[Otto]

It varies depending on the phone, the carrier, etc.

Most carriers have the ability to use the time difference of arrival on multiple towers to determine a general position, and this data is sent along to the call centers when a 911 call is made. This works with any phone. Problem is that it's pretty inaccurate. You can only narrow it down to a block or two, at best. Advanced methods of this can be more precise, but it's not something easy to automate for E911 purposes.

If the phone itself has GPS capabilities (or more commonly, Assisted GPS so that it'll work indoors too), then the phone itself sends the location data along with the 911 call. All phones with GPS systems do this.

To the emergency call handler, this is all more or less transparent; they get the callers name, number, and general location (or specific location for outdoors GPS signals).

Re:what it means

Jackpoint!

Re:what it means

[hey!]

What this means by 'surprises' is people hacking the network and getting free phone calls.

You say that like it's a bad thing ...

Seriously though, being attractive to hackers, black and white hat, really is a good thing, because it means a system is open and flexible. Naturally, you want the black hats' efforts to be thwarted, but a system that isn't attractive to a hacker probably isn't going to be attractive to a user.

I remember being excited when GSM was first put forward, but the US government decided that competition between *standards* would result in a better network. That's going to be an economic case study for future generations, because while each system in use in the US has its advantages, the bottom line is that carriers used that freedom to *evade* competition, to tie users to their networks and make switching as inconvenient as possible. You can't get the phone you want on the network you want, and if they had their way they'd tie *content* to their network too. The exciting thing about GSM is that it is built on the assumption that wireless networking is a commodity and that networks would have to compete with each other with *no* barrier to users switching.

Why in the world would I want to buy music from the company that provides me with *network access*? It's a profoundly stupid idea, one that only exists because consumers don't have the freedom to choose the devices and networking services they want a la carte.

Re:what it means

[Sloppy]

Wouldn't one then be kind of worried about impostor access points?

Yes. So: worry. A little bit.

Fortunately, something could be done about it (and from a technical perspective, it's ridiculously easy). Most of the people I talk to on my phone, I have met in real life (and keep meeting, frequently). We should be using OTPs end-to-end. For the ones I see seldomly, we should be using securely-exchanged PKs. For everyone else, PK through the WoT.

Phone networks are just becoming like anything else on the internet. Assume it's insecure, and then secure your tunnel.

Wait, did I say "becoming?" CALEA passed a decade and a half ago! So maybe this is a good thing. Phones weren't secure, but people didn't worry about whose attacks (government's) the network is designed to be vulnerable to. Add imposter access points to the list of threats, and maybe that finally creates sufficient incentive to fix the problem.

Re:what it means

    1. In GSM/UMTS, The encryption keys are stored on the SIM/USIM and never transmitted over the air. There are two parameters passed to the MS/UE which calculates and returns a value to the network. If the two values don't match, the authentication process fails.

  2.) Again, There is the issue of knowing the keys. The IMSI/TMSI/PTMSI is not enough information to successfully intercept a call. I can setup an entirely fake network for Mobile to Mobile calls, and if both mobiles are on my network, I can turn off authentication and ciphering and have complete access to the call.

    3.) Private Keys are stored on the SIM/USIM

    Don't get me wrong, A number of security issues still remain with Wireless Networks, but they do have a few security measures.

Sounds similar to SRP6 (http://srp.stanford.edu/).

Re:what it means

what would we need 802.11 for?
Speeds faster than diualup, maybe?

Re:what it means

[FireFly9]

Let's ask "Cap'n Crunch" everyone!!!

Re:what it means

[sjames]

I'm not so sure about the free phone calls. Go to any forum discussing hacking DirecTV and Dish network and you'll see a great many people happily spending double what the service costs in order to get it for "free". It's not a one time cost since they keep spending at about the same rate to keep ahead of the new security measures. They seem oblivious to how much they could save by just signing up.

I have no doubt people will happily spend a dollar per minute to get the warm fuzzy feeling of sticking it to the man.

Re:what it means

[marcansoft]

There's a big difference between broadcast networks and GSM. With GSM, networks can no doubt fix any loopholes soon after they are discovered.

Sure, of course people are interested in free phone calls, but what I mean is that I don't think it will be easy enough with GSM to make it worth their while.

GSM? Future? WTF?

Independent researchers are increasingly examining GSM networks and equipment, Welte's work proves that GSM is in the realm of the hackers now and that this realm of mobile networking could be set for a few surprises in the future.

Interesting. And here I thought that at least where I live, operators would love nothing more than to get rid of the old GSM networks in favor of newer technologies.

They can't do that quite yet but constantly larger part of data transfers utilize 3rd generation technologies... GSM will probably be around 5 years from now, I doubt it will be 10 years from now.

GSM and future just don't mix. Hackers should have looked at it a decade ago.

Re:GSM? Future? WTF?

[imroy]

Oh dear, someone clearly has a new 3G phone and thinks everyone should dump that old stuff. Because it's old. Nobody likes old technology! It has to be new and flash!

I suggest you educate yourself before criticising a technology that has served the world (as well as the U.S.) for a good several decades. Apart from video calls and high-speed internet access, GSM does everything that 3G does. For many people, voice calls and text messaging is still what they use a mobile phone for. Mobile phone use is taking off in poorer parts of the world because it's cheaper and simpler to set up towers that can serve hundreds (thousands?) of people across a large area than run telephone lines to every single house ("leapfrogging"). This software (OpenBSC) could certainly be of use in these parts of the world.

UMTS, a 3G technology, uses GSM's Mobile Access Part (MAP) and voice codecs. It's basically GSM with a new air interface. Handsets using UMTS can also use 'old' GSM when there's no 3G coverage.

So this development effort will not be for naught in the 3G world. They'll just have to find some new hardware that does UMTS and will continue working.

Re:GSM? Future? WTF?

[VoltageX]

They should also work on the stability of their software: "OpenBSC has proven to work quite stable. We have the occasional segfault every 3-4 hours, but I'm at it, debugging. " Yes! Stable!

Re:GSM? Future? WTF?

[Grieviant]

I suggest you educate yourself before criticising a technology that has served the world (as well as the U.S.) for a good several decades.

UMTS, a 3G technology, uses GSM's Mobile Access Part (MAP) and voice codecs. It's basically GSM with a new air interface. Handsets using UMTS can also use 'old' GSM when there's no 3G coverage.

Actually, you should educate yourself beyond skimming Wiki articles.

GSM has been around only since the early 90s (less than 2 decades).

Saying UMTS is "basically GMTS with a new air interface" is completely misleading. GSM is an FDMA / TDMA hybrid, meaning the channels are allocated across frequency but each channel can support multiple time-multiplexed voice streams. UMTS is most commonly CDMA direct sequence spread spectrym, which is an entirely different multiple access method than FDMA / TDMA. All users communicate over the entire spectrum simultaneously, where a unique spreading code provides interference mitigation (processing gain) at the receiver. In addition to different access methods, GSM and UMTS also use different modulation methods (GSM is a spectrally efficient MSK, UMTS is QPSK I believe.

In short, they are entirely different from a telecom standpoint. Multi-mode phones can support both standards only because the RF frequencies are sufficiently close and they have completely separate processing algorithms for each built-in, not because there's a wealth of technical similarities between the two standards. Adoption of the same voice codec is a trivial similarity.

Re:GSM? Future? WTF?

[imroy]

GSM has been around only since the early 90s (less than 2 decades).

OK, I stand corrected.

Saying UMTS is "basically GMTS with a new air interface" is completely misleading. GSM is an FDMA / TDMA hybrid... UMTS is most commonly CDMA...

Uh, that's what I meant when I said "air interface". Yes, the modulation/multiplexing techniques are completely different. But the protocol(s) used between the tower and phone, and between towers, are (from what I understand) essentially the same. And that's what this OpenBSC project is handling.

Multi-mode phones can support both standards only because the RF frequencies are sufficiently close and they have completely separate processing algorithms for each built-in, not because there's a wealth of technical similarities between the two standards.

No, they support both standards (with two modems) because they both use the same underlying protocols. To put it in Internet terms, you're arguing that my desktop using wired Ethernet is using completely different Internet protocols than your laptop using Wi-Fi. We're simply talking about different layers.

Re:GSM? Future? WTF?

[DarthBart]

Funny, Inmarsat just pumped a metric assload of money into GSM technology. Their entire BGAN satellite terminal network is based on GSM, just tweaked a bit for the extra latency and a few other satellite specific things, and then transported over geosynchronous satellite instead of terrestrial cellular sites.

Re:GSM? Future? WTF?

Apart from video calls and high-speed internet access, GSM does everything that 3G does

Also GSM uses less power than UMTS so in some ways GSM is still better!

Re:GSM? Future? WTF?

[stupid_is]

Interesting. And here I thought that at least where I live, operators would love nothing more than to get rid of the old GSM networks in favor of newer technologies.

They can't do that quite yet but constantly larger part of data transfers utilize 3rd generation technologies... GSM will probably be around 5 years from now, I doubt it will be 10 years from now.

GSM and future just don't mix. Hackers should have looked at it a decade ago.

Laughable.

So you think that half the population of the planet are going to buy a new phone to get the latest whizzy l33t LTE/HSPA/UMTS gadgets? That idea is part of what provoked the inflation of the 3G auction prices back in 2000 - everybody thought UMTS was the Next Big Thing, but no-one thought to examine the true cost of installing it. Each one of those boxes at the bottom of the masts costs between $5K and $20K (depending on size & time at which you bought it - early kit was knocking on around the $20K/box mark) and a national network has thousands of them (except the one in Andorra, which I think has around 50!). So, mucho dinero to just buy the kit. Then you've got to install it (also lots of $$) and connect it into a decent backbone (UMTS promised data rates of up to 2Mbps (haha - most folks don't see more than 384kbps on vanilla 3G)), so you need a chunk of data bandwidth to the site (which in some countries is either/both of exorbitant and flaky). The upgrade to HSPA and its' enhancements promises 3-14Mbps, so even more bandwidth required. So all these companies who thought they'd make a bundle on a mobile data offering with no killer application lost out.

Now we're starting off the whole shebang again with LTE - marketing promises 100Mbps (reality maxes out at around 70, though, and no individual subscriber is likely to see that). Do we see droves of folks ditching their trusty GSM phone to get the latest mobile data gadget? Nope - not in the slightest. The GSM market is still growing - although the hardware vendors are being encouraged to make their kit as upgrade-to-UMTS/LTE-friendly as possible. There are over 3 billion GSM phones out there - they will still mostly be out there in ten years time. UMTS is only just kicking off due to the recent uptake in data dongles that you can stick into a USB port on your netbook. Nobody (or at least only the iPhone fanbois) is buying 3G phones to make video calls as nobody wants that. A phone call is still just a phone call, and GSM is very good at delivering that so no-one wants to change from GSM.

At best, you're going to see a data-friendly tech (UMTS/HSPA/LTE) overlay on top of GSM for most of the world for a long time.

Re:GSM? Future? WTF?

Oh dear, someone clearly has a new 3G phone and thinks everyone should dump that old stuff. Because it's old. Nobody likes old technology! It has to be new and flash!

Yeah. Try to attack me with the good old "That guy thinks that old is worse than new and is thus an idiot!!" attack as if that would have been what I said. It occasionally works in front of the /. audience. But honestly, how about you stop being so arrogant dick and actually stop to think about it for a moment? Let's try that for a while.

A new and shiny 3G phone? Yeah, my phone is only about a year old as my previous phone got broken after years of use. But honestly... Every phone you can buy these days is a 3G phone. Maybe you can find one or two extremely cheap models that aren't but I feel confident to say that it won't be the case in three years.

I suggest you educate yourself before criticising a technology that has served the world (as well as the U.S.) for a good several decades.

And more arrogance with more "facts".

Apart from video calls and high-speed internet access, GSM does everything that 3G does. For many people, voice calls and text messaging is still what they use a mobile phone for.

Well, same could be said about any new technology. Hell, e-mail is just like regular mail apart from faster speed. But the networks aren't just for phones either. With the coming of netbooks and other cheap laptops, Kindle and such devices, mobile internet access is getting more and more important in addition to video calls and such. It is a great improvement and GSM simply can't give us that.

So we get to the point that operators will have (and in a lot of places, they already do) both GSM and 3G systems in place. It certainly isn't in their interest to support two technologies simultaneously unless they really have to. And at the point where practically all phones in use are 3G compliant anyways (I predicted this to be 5-10 years away), they won't have to. Of course they'll want to drop one of the technologies.

Mobile phone use is taking off in poorer parts of the world because it's cheaper and simpler to set up towers that can serve hundreds (thousands?) of people across a large area than run telephone lines to every single house ("leapfrogging"). This software (OpenBSC) could certainly be of use in these parts of the world.

I completely agree. Wireless is better in such places. The question is simply... What kind of wireless will it be. 3G offers all the same things and much more than 2G so unless 3G is significantly costlier to deploy, it will prevail. And I doubt that after building the towers, etc. necessary, there will be any significant cost difference when choosing between 2G and 3G. Especially some years from now.

UMTS, a 3G technology, uses GSM's Mobile Access Part (MAP) and voice codecs. It's basically GSM with a new air interface. Handsets using UMTS can also use 'old' GSM when there's no 3G coverage.

So this development effort will not be for naught in the 3G world. They'll just have to find some new hardware that does UMTS and will continue working.

If your post had simply consisted of those lines, it would have been pretty good.

Re:GSM? Future? WTF?

[stupid_is]

Mildly pedantic here, but GSM started in 1982, even if it took 9 years to actually get to a point where a call was made on a network :-)

But, imroy is reasonably correct. UMTS is ostensibly an "upgrade" of LTE in that the network protocols are augmented to allow UMTS calls over the newer radio layer (which has its own adjusted control protocols). You can even interject GPRS & EDGE as intermediate steps between GSM and UMTS. Similarly, LTE is an "enhancement" of UMTS (HSPA has an even closer relationship with UMTS, too).

Re:GSM? Future? WTF?

[stupid_is]

Yeah. Try to attack me with the good old "That guy thinks that old is worse than new and is thus an idiot!!" attack as if that would have been what I said. It occasionally works in front of the /. audience. But honestly, how about you stop being so arrogant dick and actually stop to think about it for a moment? Let's try that for a while.

A new and shiny 3G phone? Yeah, my phone is only about a year old as my previous phone got broken after years of use. But honestly... Every phone you can buy these days is a 3G phone. Maybe you can find one or two extremely cheap models that aren't but I feel confident to say that it won't be the case in three years.

Aye - but how many folks are buying new phones? Even then, how many are actively using the 3G side of it? Handset churn is way down on what it was 5-10 years ago, as lots of folks are switching to PAYG-style contracts due to cost. I've got 2 handsets, and they're both 2G only - for example. The UMTS data usage is being driven by dongles and the iPhone - and the iPhone is mainly a contributor because of the high contract cost associated with it encouraging folks to use up their data allowances (in the UK it's £75/mo to get one of these, compared to a more normal contract cost of £15-30/mo).

Apart from video calls and high-speed internet access, GSM does everything that 3G does. For many people, voice calls and text messaging is still what they use a mobile phone for.

Well, same could be said about any new technology. Hell, e-mail is just like regular mail apart from faster speed. But the networks aren't just for phones either. With the coming of netbooks and other cheap laptops, Kindle and such devices, mobile internet access is getting more and more important in addition to video calls and such. It is a great improvement and GSM simply can't give us that.

So we get to the point that operators will have (and in a lot of places, they already do) both GSM and 3G systems in place. It certainly isn't in their interest to support two technologies simultaneously unless they really have to. And at the point where practically all phones in use are 3G compliant anyways (I predicted this to be 5-10 years away), they won't have to. Of course they'll want to drop one of the technologies.

To some extent I agree, but in some places, the frequencies allocated are tied to a technology. There is work ongoing to release that tie, but some of the frequency allocations are rather fragmented, so it involves shuffling around a lot in some places - and operators are loath to do that as it is a very complicated procedure. In general, I agree that the operators want to migrate to a single platform that is configurable to serve the balance of their subscribers technology subscriptions - current tenders are making much of software definable radio, but this is quite a new thing for the vendors to offer. Current best practice is to have different hardware radio modules for each tech, all sitting on the same chassis.

Mobile phone use is taking off in poorer parts of the world because it's cheaper and simpler to set up towers that can serve hundreds (thousands?) of people across a large area than run telephone lines to every single house ("leapfrogging"). This software (OpenBSC) could certainly be of use in these parts of the world.

I completely agree. Wireless is better in such places. The question is simply... What kind of wireless will it be. 3G offers all the same things and much more than 2G so unless 3G is significantly costlier to deploy, it will prevail. And I doubt that after building the towers, etc. necessary, there will be any significant cost difference when choosing between 2G and 3G. Especially some years from now.

A lot depends on frequencies that you are allowed to use - a lot of UMTS out there i

Re:GSM? Future? WTF?

[TheRaven64]

Apart from video calls and high-speed internet access, GSM does everything that 3G does

...and uses more spectrum doing it. The networks want to drop GSM and run everything over UMTS/HSPA/LTE because each of these lets you transmit more data for the same frequency allocation, which means more users per cell (if they're doing constant-bandwidth things like making voice / video calls) or more data per user if they're using other services. GSM is a really old protocol - it's almost three decades since it was first proposed - and a vast number of improvements in multiplexing technology have occurred since then.

Oh, and 'shiny new 3G handset?' What part of the world do you live in where 3G is 'shiny and new?' 3G technologies are established, widely-deployed, and slowly being replaced with newer protocols. The spectrum used for GSM is due to have its license expire in the next few years in a lot of the world, and then the networks are going to need to pay a lot of money if they want old GSM handsets to work.

At to 'leapfrogging' maybe you should take a look at what sorts of networks are being deployed in rural India. They're often UMTS with no GSM fall-back because they don't have a legacy installed base of GSM phones.

Re:GSM? Future? WTF?

[blackest_k]

You said nobody wants to make video phone calls, I'm not so sure about that.
Plenty of people are making video calls with Skype just not paying extra for the service.

My own setup is a bit obscure but i use a pay as you go sim card in a USB Hspda modem my ubuntu server forwards to a router running Tomato firmware. (ethernet card to wan port) and thats distributed to the rest of us theres a 2nd identical router linked wirelessly to increase the range.

It's not perfect by any means mobile isn't anywhere near as reliable as cable or adsl and if the server didn't have other roles (cctv for one) but it costs about 8 a month each and yes we have video calls.

People still think in an old fashioned way about telecoms, landlines are pretty much obsolete, why do people still pay for this? 3 has made things even more interesting by including skype on mobiles for free.

People are still tied to the traditional phone system and really its way past time we all broke free.

Re:GSM? Future? WTF?

As technology moves forward, you will find hackers that claim the bleeding edge, and those who claim the discarded technology. Since both are viable and less regulated than the mainstream, there is no reason to ignore something of value because of its age.

Re:GSM? Future? WTF?

[stupid_is]

Video calls on Skype are all very well sitting in front of a computer at a desk, stick it on a handset and it's a whole different thing - the form-factor of holding a phone shaped object up to your ear is hard to beat, and video doesn't sit well with that. In particular, do you really want to be staring at a tiny screen to see the video feed for a call while moving about? Normally folks like to look where they're going, so a video call would interfere with that, hence video calls on a mobile device doesn't fly high as a service.

Yep - there'll be those few that do make video calls, but they are a long way from getting to a significant minority of the subscriber base.

3's forage into "free Skype for life" is interesting - particularly when the license for Skype is revoked - I'm watching that one carefully

Data usage is on the up greatly (so says the Orange Digital Media Index (UK specific), and the Cisco global mobile data forecast: "Visual Networking Index"), but it's still got a long way to go to beat voice as a killer app

Re:GSM? Future? WTF?

[autocracy]

3G shiny and new? Try the US. As far as AT&T is concerned, most of Maine still operates only on EDGE. We had no 3G at all in the state a year ago. I think Metro Boston's roll-out is pretty recent too.

Re:GSM? Future? WTF?

[petermgreen]

And I doubt that after building the towers, etc. necessary, there will be any significant cost difference when choosing between 2G and 3G.
IMO the real question in poorer and/or more rural areas is range. The longer the range you can go with one cell site the less cell sites you need to cover low density areas. A cell site costs quite a bit to setup and maintain (high speed data line, cell equipment, backup power system etc etc).

Does anyone know how the range of UMTS compares to the range of GSM?

Re:GSM? Future? WTF?

[petermgreen]

So all these companies who thought they'd make a bundle on a mobile data offering with no killer application lost out.
IMO the real problem was they priced themselves out of the market with tarrifs that made even simple stuff like web browsing and staying connected to IM networks prohibitively expensive.

Finally in the last few years we have started to see mobile data that is actually affordable though often still with extremely high overage rates.

Re:GSM? Future? WTF?

[dburgess00]

We are mostly rich-world people with pretty toys. I count myself in that group, but when I pull my head out of my backside and get a little perspective I see this: GSM will be with us always. Even unto the end of the Earth.

(1) As GSM systems get decommissioned in the US and Europe they show up in places like South America, Africa and the high steppes of central Asia. Used 2.5G networks will still be a big upgrade for a lot of people.

(2) There are at least 3 billion people out there who are poor and live in areas with population densities too low to allow WCDMA networks to be profitable. They don't need mobile YouTube. They need a cheap, reliable telephone with modest power requirements. GSM still does that better than any other air interface technology out there.

(3) The point of UMTS was to allow carriers to upgrade their air interfaces while keeping most of their core networks intact. The problem is that the typical site backhaul is a DS1, so if a lot of subscribers actually try to *use* that air interface bandwidth, the core network is going to choke. AT&T learned that the hard way when the iPhone started to catch on.

(4) Don't even mention wi-max for mobile telephony outside of major urban centers. You just make yourself look silly.

In summary: Just because GSM isn't *your* future, doesn't mean it's not *a* future.

Re:GSM? Future? WTF?

"Now we're starting off the whole shebang again with LTE - marketing promises 100Mbps (reality maxes out at around 70, though, and no individual subscriber is likely to see that). Do we see droves of folks ditching their trusty GSM phone to get the latest mobile data gadget?"

A latest mobile gadget, that's actually available and has a network to run on, would have been a better example. We don't see droves of folks ditching their phones for non-existant devices designed for non-existant networks, surprise, surprise.

Re:GSM? Future? WTF?

[stupid_is]

They didn't have much choice - at the time, backhaul was hugely expensive in most of Europe, and the data rates being promised were incompatible with a viable pricing model. Yes, that's changed now, and folks like 3 are offering quite cheap data packages - and we're seeing a consequent rise in data usage. But still no killer app that the y2k dot com boom was promising.

Re:GSM? Future? WTF?

[stupid_is]

Well, LTE has been deployed commercially in Sweden (albeit with very few sites) even though mobiles are not really available yet, however a lot of operators are considering not bothering with UMTS in favour of jumping straight from 2G to 4G. UMTS was quite expensive to deploy, so in some cases it makes for more sense to jump in to LTE as it becomes available late this year or early next year. The pricing structure on the hardware is more favourable, and it's more IP-backhaul friendly.

Gadgets are all very well, but the "latest and greatest" is always a high end device with limited uptake

You have to build the network before anyone will consider buying a phone that runs on it, after all...

I wonder if GNU Radio is ready to join the party..

[fuzzyfuzzyfungus]

It's a pretty cool setup; but the notion of depending on decade old EOLed RF hardware, because it is all you can get for a reasonable price, makes one a touch nervous.

I wonder how difficult it would be to get a GNU Radio unit, or other software defined radio hardware, to stand in place of the BTS?

Re:I wonder if GNU Radio is ready to join the part

already done.

http://openbts.sourceforge.net/

For NSA...

[cbraescu1]

Trust me, for NSA all our GSM is already Open Source ;-)

The Dutch!

[denmarkw00t]

Oh, go stick your cellphone in a dike!

Re:The Dutch!

I did, she loved the "vibrate" feature.

Re:I wonder if GNU Radio is ready to join the part

[walshy007]

if you can think of it, gnu radio can do it, with enough cpu power to accurately model the waveforms of course.

biggest thing with gnu radio is it's cost of entry, the good hardware is expensive

How does it connect to rest of network ?

[Libro]

Perhaps this is a dumb question, but does anybody know what the connection is between the Linux machine and the telephone network (so that external lines can be accessed) ? And what the cost of this connection might be ?

Re:How does it connect to rest of network ?

[marcansoft]

It doesn't. The network at HAR is isolated and only allowed internal calls (this is a requirement per the development license that was issued to them). However, I imagine you could do it through a VoIP provider given the right amount of code.

Re:How does it connect to rest of network ?

[dyshexic]

speakup the dutch telco was supplying dial in and out to eventphone, so it should have been possible. I wonder if it would have broken the development licence if their had been a GSM to DECT bridge/router? It certainly would have aided comms

Re:How does it connect to rest of network ?

[green1]

allowing outgoing connections would be a snap, all you need is a few phone lines.
Incoming connections are the problem, and I bet that unless you get the government and a large team of lawyers involved, that connection is simply not available.

Re:How does it connect to rest of network ?

[marcansoft]

I believe their license specified that the test network may not be connected to any public network (without regard for the method used, I assume).

Re:How does it connect to rest of network ?

[mcvos]

Exactly, and that's why I didn't use it, despite the utterly useless T-Mobile reception of my iPhone.

Quite often I had no reception whatsoever. How the hell can my reception be that bad when I'm in Netherland on a big camping ground right next to an (inhabited) village? It's not like I'm in the middle of a desert or out at sea or anything. I'm completely disgusted by the crappy service from T-Mobile. I hear a new HTC Android phone uses KPN, which has far better coverage, so that's what I'm switching to as soon as my subscription ends. Apple will lose customers if they make exclusive deals with a network that has such lousy coverage.

What does that have to do with the open GSM network at HAR? Hopefully nothing, although for a moment I thought that they somehow blocked or interfered with my T-Mobile reception. I don't think that was it, though. Still losing my regular phone numer was just not acceptable to me, so I don't join this open network.

Re:How does it connect to rest of network ?

[St.Creed]

T-mobile's bad coverage and lack of ability to provide service in busy areas (they underdimension their capactity) is notorious. The likeliest reason Apple tied itself to T-Mobile is that if you want just one provider to deal with, all over Europe, you don't have much in the way of options. But it is certainly not the best provider locally, except maybe in Germany and Austria where they provided good coverage.

Re:How does it connect to rest of network ?

[petermgreen]

Apple tied itself to T-Mobile is that if you want just one provider to deal with, all over Europe, you don't have much in the way of options.
Though they didn't go with T-Mobile in the UK.

Re:How does it connect to rest of network ? E1 !

[Libro]

Just re-read and saw the reference to E1 link. I'm still interested it what it costs to run though.

Re:How does it connect to rest of network ? E1 !

[marcansoft]

The E1 link is between the BTSes and the Linux box, not between the Linux box and the rest of the PSTN (there is no such link).

Re:I wonder if GNU Radio is ready to join the part

[Rich0]

Can frequency-hopping technologies like GSM/CDMA be effectively handled by GNU Radio? How much of the hopping needs to be implemented in the hardware vs being able to just have the hardware capture a broad range of frequencies and have the software figure out what the do with it?

I've been following the project a little over the years and it certainly looks interesting (but expensive as you point out). Once upon a time I did study up to get an amateur license, but never followed through with it (never really got up to 5WPM in code which was required back then - must not be genetic since my father was able to transmit ~60wpm from his car back in those days).

Will their be a GSM DECT bridge for CCC 2011?

[dyshexic]

Being to busy being a Herald, I didn't notice the network till late in the day! I assume work on this will continue. Will their be a bridge/router into eventphone.de DECT network (the camp phone network)? With speakup providing In and out connections onto the landline backbone, this will be very interesting. Having said that GSM is power hungry, most of us have been running our GAP compatible DECT units for the whole camp without worrying about recharging Posted from the green tent, On the TOOL/lockpickers village firelane, Field E, HAR 2009 USE MORE BANDWIDTH!!!!

Re:I wonder if GNU Radio is ready to join the part

If you are interested in using gnuradio, you might want to check OpenBTS - it uses a USRP and the gnuradio driver to talk to it, instead of the BS-11 (it isn't any cheaper, about the same price, 700$ for the USRP, plus a few hundred for the daughter boards to transmit/receive on the appropriate band).

OpenBTS @ Burning Man 2009

There is a similar project which focuses on another part of GSM, "OpenBTS".

Its founders plan to deploy a similar experimental network in the Burning Man festival, in less than a month:
http://openbts.blogspot.com/2009/08/man-burns-in-27-days.html

It seems that they went one step further: they're going to offer real, routable telephone numbers :)

(it's also worth mentioning that, apparently, they're cooperating on various levels with Harald Welte and the rest of the OpenBSC hackers)

Exciting times!

Personal 3G Hotspot

[Doc+Ruby]

I don't get cell reception in my neighborhood near NYC. I need a "3G hotspot" that will let my GSM phone work on my 1 acre property, but is connected to a Asterisk phone server in my home office wired to the PSTN. Where do I get the 3G hotspot?

Re:Personal 3G Hotspot

[DarthBart]

You don't. The best you can do is get a femtocell that will plug into your IP pipe and let you transport your phone calls across the internet to your carrier's switch.

AT&T has one, I think T-Mobile has one.

Re:Personal 3G Hotspot

[TheRaven64]

Why bother? 1 acre outside is well within the range of a single WiFi base station, and may be inside if you don't have too many walls. Just get a phone that supports WiFi and SIP and use that for calls.

Re:Personal 3G Hotspot

[Doc+Ruby]

Will a single femtocell like that installed at my house make not just my own phone, but my neighbors phones also work? How do I get them to pay me for my service to them? Can I selectively lock out phones that don't please me?

License question

[cheros]

As soon as you become a formal carrier, a whole lot of extra rules kick in, such as the requirement to provide legal intercept (if you search long enough you'll find that in any telco license, globally).

I don't think they're quite ready to set up a full telco..

Uhhhhh... I smell trouble

[Opportunist]

Let's see what we got here...

1) Companies with a lot of money and a lot of influence in Washington.
2) Companies that invested little if anything into securing their systems, deeming it inherently secure because nobody could break into it anyway.
3) Companies whose very business model relies on an oligopol, if not monopol in certain areas, on the service they provide.

I smell terrorist laws concerning "private" GSM networks any time soon.

p2p

[muckracer]

Is it, even just theoretically, possible for a direct (cell) phone2phone voice connections without a base station in between?

Another neat thing would be SMS transmitted directly...Fido-net style. Basically the message just moves itself to another phone within reach until it reaches the recipient (maybe never :-)).

Re:p2p

[suntac]

Fido-net style....... aha,.... yes we are on the same page again. Had to go back in memory for that one. :-) however yes you could do this. It would mean building a lot of things however nothing is holding you back from building such a thing. You will have to maybe even create your own handsets (or new software for it) however it can be done with enough time (and $). ;-) tell me when you are done :-)

Re:p2p

[EdgeyEdgey]

There is TerraNet
"Mr Carlius said he hopes that it will eventually be a feature available on all phones, like Bluetooth."
"The system can also be used to make calls to other TerraNet mesh networks via a net-connected PC fitted with an inexpensive USB dongle. "

You may find some more here http://hardware.slashdot.org/article.pl?sid=05/11/04/1343221

Re:p2p

[muckracer]

> There is TerraNet

Very interesting...mod up! Thank you for making me aware of it.

private GSM network + cheap SIP = cheap mobile!

[Aadaam]

I'm wondering if I'd set up such a network at home, possibly with a normal GSM modem which would act as my "phone" to the outside carrier... So, for example,
- I'm at Vodafone outside the street,
- I go home -> my phone swithces to MyOwnNetwork
- If I call anyone around the house (neighbours, family, etc), it's free
- If I call a landline -> goes through cheap SIP
- If I call a cellphone -> the system would "roaming" me, but for cheap - it would make vodafone believe it's my phone!

How does this smell?:)

Re:private GSM network + cheap SIP = cheap mobile!

Smells fine, provided you license the spectrum. Of course, that probably kills the cheap aspect of it; the only way this could possibly be "cheap" is if you could get an area-local license on some atypical GSM frequencies -- either European frequencies here in the US, or US frequencies in Europe. Because they're not in high demand (for mobile service, anyway) they might be affordable, but because they are regularly deployed GSM freqs, your phone still supports them out-of-the-box. Of course, they may also be in use for something else such that you can't get a license at all; I haven't looked into the allocations...

Technically, there's only one obvious problem, and that's the need to reprogram your phone to consider your network as a home network, but I believe you can typically do this through the phone. It will keep your network from being casually usable by visitors, though.

The really interesting thing (provided you keep clear of pecuniary interest and profanity) would be to find phones whose radio can be coaxed to operate out-of-band; the 33cm ham band just might be close enough to work, and then you'd be completely legal, and pay nothing. I suppose GSM encryption might be a problem, too, though.

Re:private GSM network + cheap SIP = cheap mobile!

[TheRaven64]

Sounds like the setup I have at home, except my phone uses WiFi when I'm at home so I didn't need to pay a huge amount to license the GSM spectrum. It's a relatively old Nokia model, and will automatically route calls through WiFi/SIP when I'm within range of the base station so my calls are cheaper.

Re:I wonder if GNU Radio is ready to join the part

[walshy007]

software captures the broad range of frequencies, and a little googling shows it has been done before, with a 1ghz p3 laptop decoding it in real time.

So it was possible

[atilla+filiz]

For a couple of years, I was curious if this was possible(like if a nuclear armageddon happens and somehow I get my hands on some gsm equipment).

Re:I wonder if GNU Radio is ready to join the part

CDMA doesn't frequency hop; it's direct-sequence spread spectrum. GSM supports frequency hopping but it is not mandatory. I do not think that OpenBTS+GNURadio currently supports frequency hopping, but it does support standard GSM.

Re:I wonder if GNU Radio is ready to join the part

[dburgess00]

If you are the BTS, hopping is optional in GSM. And you should be able to pull enough BW, even over USB2, to hop in software.

As for the cost, the BOM for the USRP is only about $250 if anyone wants to make their own. It is an open source design, after all.

ROLEX-swiss rolex eta 2824-2:CHINESE rolex sea dwe

patek philippe rolex, tag heuer rolex, rolex submariner ,rolex replica watch
rolex oyster perpetual date, rolex sea dweller, rolex replica eta ,rolex watches swiss

ROLEX-swiss rolex eta 2824-2:CHINESE rolex sea dweller vs submariner used:replica knock off rolex,FAKE rolex oyster perpetual datejust

SWISS ROLEX SEE DWELLER gmt must ii:FAKE diamond rolex submariner paypal:ROLEX yacht master eta 7750-replica rolex oyster perpetual datejust swiss eta 2824-2:men's gold rolex daytona stainless:fake rolex day date datejust II:rolex air king watch,rolex daytona datejust replica online shop.