osmocom org foss for mobile comms
play

osmocom.org - FOSS for mobile comms community based Free / Open - PowerPoint PPT Presentation

Feb 09, 2024 •582 likes •959 views

Researching communications systems Bootstrapping Osmocom The Osmocom project osmocom.org - FOSS for mobile comms community based Free / Open Source Software for communications Harald Welte <laforge@gnumonks.org> gnumonks.org

  1. Researching communications systems Bootstrapping Osmocom The Osmocom project osmocom.org - FOSS for mobile comms community based Free / Open Source Software for communications Harald Welte <laforge@gnumonks.org> gnumonks.org hmw-consulting.de sysmocom GmbH 22nd February, Brno / Czech Republic Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  2. Researching communications systems Bootstrapping Osmocom The Osmocom project Outline Researching communications systems 1 Bootstrapping Osmocom 2 The Osmocom project 3 Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  3. Researching communications systems Bootstrapping Osmocom The Osmocom project About the speaker Using + toying with Linux since 1994 Kernel / bootloader / driver / firmware development since 1999 IT security expert, focus on network protocol security Former core developer of Linux packet filter netfilter/iptables Board-level Electrical Engineering Always looking for interesting protocols (RFID, DECT, GSM) OpenEXZ, OpenPCD, Openmoko, OpenBSC, OsmocomBB, OsmoSGSN Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  4. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications Research in TCP/IP/Ethernet Assume you want to do some research in the TCP/IP/Ethernet communications area, you use off-the-shelf hardware (x86, Ethernet card) you start with the Linux / *BSD stack you add the instrumentation you need you make your proposed modifications you do some testing you write your paper and publish the results Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  5. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications Research in (mobile) communications Assume it is before 2009 (before Osmocom) and you want to do some research in mobile comms there is no FOSS implementation of any of the protocols or functional entities almost no university has a test lab with the required equipment. And if they do, it is black boxes that you cannot modify according to your research requirements you turn away at that point, or you cannot work on really exciting stuff only chance is to partner with commercial company, who puts you under NDAs and who wants to profit from your research Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  6. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications GSM/3G vs. Internet Observation Both GSM/3G and TCP/IP protocol specs are publicly available The Internet protocol stack (Ethernet/Wifi/TCP/IP) receives lots of scrutiny GSM networks are as widely deployed as the Internet Yet, GSM/3G protocols receive no such scrutiny! There are reasons for that: GSM industry is extremely closed (and closed-minded) Only about 4 closed-source protocol stack implementations GSM chipset makers never release any hardware documentation Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  7. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications The closed GSM industry Handset manufacturing side Only very few companies build GSM/3.5G baseband chips today Those companies buy the operating system kernel and the protocol stack from third parties Only very few handset makers are large enough to become a customer Even they only get limited access to hardware documentation Even they never really get access to the firmware source Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  8. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications The closed GSM industry Network manufacturing side Only very few companies build GSM network equipment Basically only Ericsson, Nokia-Siemens, Alcatel-Lucent and Huawei Exception: Small equipment manufacturers for picocell / nanocell / femtocells / measurement devices and law enforcement equipment Only operators buy equipment from them Since the quantities are low, the prices are extremely high e.g. for a BTS, easily 10-40k EUR Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  9. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications The closed GSM industry Operator side Operators are mainly banks today Typical operator outsources Network planning / deployment / servicing Even Billing! Operator just knows the closed equipment as shipped by manufacturer Very few people at an operator have knowledge of the protocol beyond what’s needed for operations and maintenance Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  10. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications GSM is more than phone calls Listening to phone calls is boring... Machine-to-Machine (M2M) communication BMW can unlock/open your car via GSM Alarm systems often report via GSM Smart Metering (Utility companies) GSM-R / European Train Control System Vending machines report that their cash box is full Control if wind-mills supply power into the grid Transaction numbers for electronic banking Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  11. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications The closed GSM industry Security implications The security implications of the closed GSM industry are: Almost no people who have detailed technical knowledge outside the protocol stack or GSM network equipment manufacturers No independent research on protocol-level security If there’s security research at all, then only theoretical (like the A5/2 and A5/1 cryptanalysis) Or on application level (e.g. mobile malware) No open source protocol implementations which are key for making more people learn about the protocols which enable quick prototyping/testing by modifying existing code Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  12. Researching communications systems The Rolle of FOSS Bootstrapping Osmocom The closed GSM industry The Osmocom project Security implications The closed GSM industry My self-proclaimed mission Mission: Bring TCP/IP/Internet security knowledge to GSM Create tools to enable independent/public IT Security community to examine GSM Try to close the estimated 10 year gap between the state of security technology on the Internet vs. GSM networks Industry thinks in terms of walled garden and phones behaving like specified No proper incident response strategies! No packet filters, firewalls, intrusion detection on GSM protocol level General public assumes GSM networks are safer than Internet Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  13. Researching communications systems Bootstrapping Osmocom The Osmocom project To actually do research on GSM, we need detailed knowledge on the architecture and protocol stack suitable hardware (there’s no PHY/MAC only device like Ethernet MAC) a Free / Open Source Software implementation of at least parts of the protocol stack Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  14. Researching communications systems Bootstrapping Osmocom The Osmocom project Bootstrapping GSM Research How would you get started? If you were to start with GSM protocol level security analysis, where and how would you start? On the handset side? Difficult since GSM firmware and protocol stacks are closed and proprietary Even if you want to write your own protocol stack, the layer 1 hardware and signal processing is closed and undocumented, too Publicly known attempts The TSM30 project as part of the THC GSM project mados, an alternative OS for Nokia DTC3 phones none of those projects successful so far Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  15. Researching communications systems Bootstrapping Osmocom The Osmocom project Bootstrapping GSM research How would you get started? If you were to start with GSM protocol level security analysis, where and how would you start? On the network side? Difficult since equipment is not easily available and normally extremely expensive However, network is very modular and has many standardized/documented interfaces Thus, if BTS equipment is available, much easier/faster progress Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

  16. Researching communications systems Bootstrapping Osmocom The Osmocom project Bootstrapping GSM research The bootstrapping process Read GSM specs (> 1000 PDF documents, each hundreds of pages) Gradually grow knowledge about the protocols Obtain actual GSM network equipment (BTS) Try to get actual protocol traces as examples Start a complete protocol stack implementation from scratch Finally, go and play with GSM protocol security Harald Welte <laforge@gnumonks.org> osmocom.org - FOSS for mobile comms

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

osmocom.org - FOSS for mobile comms community based Free / Open Source Software for

osmocom.org - FOSS for mobile comms community based Free / Open Source Software for

Researching communications systems The Osmocom project Non-osmocom projects osmocom.org - FOSS for mobile comms community based Free / Open Source Software for communications Harald Welte &lt;laforge@gnumonks.org&gt; gnumonks.org

1.15k views • 43 slides
osmocom.org - FOSS for mobile networks community based Free / Open Source Software for

osmocom.org - FOSS for mobile networks community based Free / Open Source Software for

Researching communications systems Bootstrapping Osmocom The Osmocom project osmocom.org - FOSS for mobile networks community based Free / Open Source Software for communications Harald Welte &lt;hwelte@sysmocom.de&gt; gnumonks.org

782 views • 36 slides
FOSS In FOSS In Animation Industry Animation Industry About me Hello, my name is Frank

FOSS In FOSS In Animation Industry Animation Industry About me Hello, my name is Frank

FOSS In FOSS In Animation Industry Animation Industry About me Hello, my name is Frank Rousseau FOSS Entrepreneur (CEO at CGWire, Ex-CTO at Cozy) FOSS Side-projects (Newebe, request-json) FOSS Contributor (Open Food Facts, Diaspora) 15

379 views • 24 slides
The Phone Co-op Limited The mobile industry time for re-regulation Comms Provider 16 October

The Phone Co-op Limited The mobile industry time for re-regulation Comms Provider 16 October

The Phone Co-op Limited The mobile industry time for re-regulation Comms Provider 16 October 2008 Vivian Woodell Chief Executive The Phone Co-op 1 Ofcoms review is timely The mobile and fixed line industries work in quite

439 views • 24 slides
1 CBi-electric Nashua Reutech NSN Investment Circuit breakers Copiers Radio comms Mobile

1 CBi-electric Nashua Reutech NSN Investment Circuit breakers Copiers Radio comms Mobile

For the six months ended 31 March 2008 14 May 2008 1 CBi-electric Nashua Reutech NSN Investment Circuit breakers Copiers Radio comms Mobile &amp; fixed wire Automation Printers Electronic Fuzes telecommunications Motor Control

289 views • 13 slides
Osmocom TTCN-3 Test Suites Harald Welte &lt;laforge@gnumonks.org&gt; Osmocom TTCN-3 Test Suites

Osmocom TTCN-3 Test Suites Harald Welte &lt;laforge@gnumonks.org&gt; Osmocom TTCN-3 Test Suites

Osmocom TTCN-3 Test Suites Harald Welte &lt;laforge@gnumonks.org&gt; Osmocom TTCN-3 Test Suites developed in 2017+2018 compiled using Eclipse TITAN uses just a command-line compiler + Makefiles no IDE needed at all, dont let Eclipse fool you

805 views • 21 slides
Osmocom SIMtrace SIM card protocol tracing - why and how Harald Welte Harald Welte Osmocom

Osmocom SIMtrace SIM card protocol tracing - why and how Harald Welte Harald Welte Osmocom

Osmocom SIMtrace SIM card protocol tracing - why and how Harald Welte Harald Welte Osmocom SIMtrace November 2014 1 / 30 SIM Cards Smart Card Basics Terminology SIM Subscriber Identity Module USIM Universal Subscriber Identity Mdoule

682 views • 31 slides
More than just press releases Comms &amp; Digi who we are and what we do! What Well

More than just press releases Comms &amp; Digi who we are and what we do! What Well

More than just press releases Comms &amp; Digi who we are and what we do! What Well Cover Today How communications has changed The role of Comms and Digi at Dogs Trust What we do and how you can help! Once Upon a Time.

200 views • 18 slides
Choosing a License foss-north pod foss-north foss-north Choosing a License Things to consider

Choosing a License foss-north pod foss-north foss-north Choosing a License Things to consider

Choosing a License foss-north pod foss-north foss-north Choosing a License Things to consider Is this code? Permissive or Copyleft Patents or not Legal aspects foss-north Choosing a License Is this code? We only talk

185 views • 7 slides
Andy Carr, FOSS UK &amp; Ireland 1 The top 100 companies More than 40,000 in food and

Andy Carr, FOSS UK &amp; Ireland 1 The top 100 companies More than 40,000 in food and

Andy Carr, FOSS UK &amp; Ireland 1 The top 100 companies More than 40,000 in food and agriculture use customers world-wide FOSS solutions 80% of grain traded on the world market is analysed with a FOSS solution More than 30,000

896 views • 23 slides
osmocom: Overview of our SDR projects rtl-sdr, gr-osmosdr, osmo-tetra, osmo-gmr, gr-fosphor and

osmocom: Overview of our SDR projects rtl-sdr, gr-osmosdr, osmo-tetra, osmo-gmr, gr-fosphor and

Introduction Radio frontends Signal browsing Protocols The End osmocom: Overview of our SDR projects rtl-sdr, gr-osmosdr, osmo-tetra, osmo-gmr, gr-fosphor and more ! Sylvain Munaut FOSDEM 2014, February 2nd, 2014 Sylvain Munaut osmocom:

314 views • 18 slides
Year 2017 Osmocom retrospective Harald Welte &lt;laforge@gnumonks.org&gt; 2017 - a year of change

Year 2017 Osmocom retrospective Harald Welte &lt;laforge@gnumonks.org&gt; 2017 - a year of change

Year 2017 Osmocom retrospective Harald Welte &lt;laforge@gnumonks.org&gt; 2017 - a year of change Osmocom CNI (Cellular Network Infrastructure) has changed a lot: software changes team / developer changes sysmocom company focus changes 2017 -

342 views • 20 slides
Innovation Hacking FOSS FOSS is the philosophy and suite of technologies that make innovation

Innovation Hacking FOSS FOSS is the philosophy and suite of technologies that make innovation

Innovation Hacking FOSS FOSS is the philosophy and suite of technologies that make innovation and liberty possible. WHAT! WHY ? Events in Blue Wing BUILD YOUR OWN PC ARDUINO BASICS RASPBERRY PI W/BLUETOOTH Visual Touch w/Arduino PLAYING

1.59k views • 113 slides
KDE Kerala The story of FOSS &amp; KDE in Kerala Subin Siby 2020-01-18 subinsb.com/s/cki2020 1

KDE Kerala The story of FOSS &amp; KDE in Kerala Subin Siby 2020-01-18 subinsb.com/s/cki2020 1

KDE Kerala The story of FOSS &amp; KDE in Kerala Subin Siby 2020-01-18 subinsb.com/s/cki2020 1 Outline History of FOSS In Kerala FOSS In Education Localization 2 History of FOSS In Kerala Kerala Made by Filpro, CC-BY-SA 4.0 Language:

741 views • 30 slides
Communications for Union Activists CFNU Biennial Convention 2019 1 2019-05-16 CFNU Comms

Communications for Union Activists CFNU Biennial Convention 2019 1 2019-05-16 CFNU Comms

Communications for Union Activists CFNU Biennial Convention 2019 1 2019-05-16 CFNU Comms Presentation - May 27, 2019 Todays schedule First 1.5 hours - Introduction to Communications Planning Second 1.5 hours - Creating mobile video

441 views • 29 slides
FOSS MADE US DO IT! How switching to open source tools enabled video innovation Gustav Grusell

FOSS MADE US DO IT! How switching to open source tools enabled video innovation Gustav Grusell

FOSS MADE US DO IT! How switching to open source tools enabled video innovation Gustav Grusell Olof Lindman AGENDA ANNOUNCEMENT OF GREAT SUCCESS WITH FOSS! FOSS AT SVT INTRODUCTION TO VIDEO STREAMING MOVING OUR VOD PIPELINE FROM

1.17k views • 64 slides
Colloque IPv6 Colloque IPv6 Colloque IPv6 Colloque IPv6 Caen, 13 Juin 2013 Strat Strat Strat

Colloque IPv6 Colloque IPv6 Colloque IPv6 Colloque IPv6 Caen, 13 Juin 2013 Strat Strat Strat

Colloque IPv6 Colloque IPv6 Colloque IPv6 Colloque IPv6 Caen, 13 Juin 2013 Strat Strat Strat Strat gie de d gie de d gie de d gie de d ploiement ploiement ploiement ploiement d d d d IPv6

396 views • 15 slides
IPv4 address exhaustion and IPv6 Glen Turner 2008-12-09 AARNet staff meeting aar net

IPv4 address exhaustion and IPv6 Glen Turner 2008-12-09 AARNet staff meeting aar net

IPv4 address exhaustion and IPv6 Glen Turner 2008-12-09 AARNet staff meeting aar net Australia's Academic and Research Network IPv6 policy Going forward, we seek to support IPv6 to the same extent as we support IPv4. Exceptions require

631 views • 52 slides
Intro to iOS Development Patrick Linskey @plinskey You Enterprise Java iOS development Me

Intro to iOS Development Patrick Linskey @plinskey You Enterprise Java iOS development Me

Intro to iOS Development Patrick Linskey @plinskey You Enterprise Java iOS development Me Patrick Linskey @plinskey http://versly.com Objective C Primer Object-oriented extension of C Smalltalk-like syntax Full C

654 views • 49 slides
How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr

How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr

How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr &lt;jbonofre@apache.org&gt; @jbonofre | http://blog.nanthrax.net Fellow /Software Architect at Talend Member of the Apache Software Foundation (started in 2004)

821 views • 45 slides
Childhood Accidents Accidents are the most common cause of death among children aged 1 to 14

Childhood Accidents Accidents are the most common cause of death among children aged 1 to 14

Dr. K.M. Abul Hasan, M.S., M.Ch., Childhood Accidents Accidents are the most common cause of death among children aged 1 to 14 years. Accidents cause a third of deaths of children aged between 10 and 14 years. Accidents result in

878 views • 53 slides
Wallet Secure Data Distribution and Management 2008 Update Russ Allbery May 13, 2008 Russ

Wallet Secure Data Distribution and Management 2008 Update Russ Allbery May 13, 2008 Russ

Stanford University May 13, 2008 1 Wallet Secure Data Distribution and Management 2008 Update Russ Allbery May 13, 2008 Russ Allbery (rra@stanford.edu) Stanford University May 13, 2008 2 Contents What is the Wallet? The Goal

236 views • 10 slides
Wallet Secure Data Distribution and Management Russ Allbery June 6, 2006 Russ Allbery

Wallet Secure Data Distribution and Management Russ Allbery June 6, 2006 Russ Allbery

Stanford University June 6, 2006 1 Wallet Secure Data Distribution and Management Russ Allbery June 6, 2006 Russ Allbery (rra@stanford.edu) Stanford University June 6, 2006 2 Contents The Starting Point Overview and Goal

160 views • 11 slides
x = 15 coord = 3*(x-2.7) x , = , 15 , , coord , = , 3, *, (, x , - , 2.7, ) ...

x = 15 coord = 3*(x-2.7) x , = , 15 , , coord , = , 3, *, (, x , - , 2.7, ) ...

x = 15 coord = 3*(x-2.7) x , = , 15 , , coord , = , 3, *, (, x , - , 2.7, ) ... = = * x 15 coord 3 = x 15 x 2.7 LOAD_CONST 0 # load the literal (constant) at loc. 0 x = 5 y = 7 z = x + y LOAD_CONST LOAD_NAME

595 views • 46 slides

More recommend