What I criticize is that the GSM modem on the Arduino GSM shield (Quectel M10) comes with no open firmware for this baseband processor - thus it's owned by your mobile network provider since he can update the firmware silently. See https://news.ycombinator.com/item?id=6722292 for a more detailed discussion about that topic from about two weeks ago.
If someone would sell / kickstart a completely open GSM (or what cell phones use nowadays) module, I would be tempted to buy it. Not that I have much use for it ;-)
It shouldn't be that hard. A million dollars, a few people who know about RF hardware, and the (possibly leaked) GSM specs should be enough.
There might be some trouble with encryption / carrier's private keys, but I think that shouldn't be an issue, since a multiband GSM phone works with every strange operator in every remote country, as long as the frequency is supported.
Some cool applications for a really free GSM from the top of my head:
- Virtual SIMS, you only use the data from the SIM, not the physical card to login. (Might be tricky because the SIM protects its information. If you don't want to resort to attacks ala chip shaving and electron microscopes to get the keys, you might just setup a simless private network with a DIY SIM tower (that already exist, AFAIK), as a kind of proof-of-concept.)
- You can see when you recieve a silent SMS ("type 0"), that authorities use to ping your phone to trace you. You can also send them.
- You can record audio from and play it to the phone, which is not possible in most consumer phones
- You can implement hardware encryption (which is tricky for voice, since GSM uses psychoaccoustical compression techniques that might not work on a encrypted stream - nevertheless this is a solved problem and there should be papers on this)
- You would find a bunch of security holes in the network, since its been relying on obscurity and trusted devices for so long.
- You could have a phone that's bottom to top trusted and open-source.
One problem is that there simply arn't anyone creating baseband chips which are "open". The closest thing is osmocom-bb, avaalable only for one (very old) chipset(which they had to reverse-engineered, with a big thanks to leaked documents on dodgy chinese websites).
Another other issue is the carriers want the baseband chisets and protocol stacks certified before allowing it on their network.
Would a mobile network provider allow an open firmware to connect to their network?
Personally, I think it could be OK as long as the processor is contained (i.e., no open access to the main memory, reliable mechanism for fully shutting it down, etc).
it's owned by your mobile network provider since he can update the firmware silently
Hardly unprecedented. Cable modems work the same way. It seems to make good sense to me; the provider is responsible for the performance of the network, and the client interface is a part of that network.
I saw David speak at OHS, and this project was more about building something cool and differently than trying to be open source and part of the Free/Libre movement.
If all of the phone components/hardware came in a ready to build box, I would definitely follow the instructions and give this a shot. Otherwise, looks like a lot of overhead just trying to gather all the parts together. Cool nonetheless.
I've tried to source the components using as few vendors as possible (currently DigiKey, SparkFun, and Arduino, plus ordering the PCB) but it's definitely more work than just buying a kit. I'm working on a better solution but it's probably a ways off.
I went to a workshop where David Mellis provided the components and walked everyone through constructing this (he works in the MIT Media Lab, so the laser cut wood was also done using their equipment).
The interesting thing was that several other people at the workshop were very gung-ho about how building their own phone in this way makes them in some way free from oppressive phone manufacturers. This didn't really strike me as quite correct given this is mostly just assembling parts from similar manufacturers.
1. In a sea of people carrying iPhones and/or other various touchscreen smart phones, the minority of people using any kind of alternative seem to possess minscule flip phones with full-color displays. I haven't seen a candy bar phone in ages, unless it happens to be some venerable variety of nigh-defunct BlackBerry. I can't imagine this kit being resized down to a scale that would ever fit into what might be regarded as "common", especially since DIY kits need to be produced with parts big enough to man-handle, lest they risk total obscurity. No DIY kit will ever be successful if the parts involved are small enough to warrant a jewler's or watch maker's precision. Would you sell the kit with a loupe and tweezers?
2. Why should an unorthodox handset be suspicious? I guess it depends on the country one might live in? Also passing through customs and airport security, I guess?
In fact, I switched from Verizon to T-Mobile after a decade just so I could have a GSM phone. Haven't gotten the pieces together yet, but I'm so down with this because I totally want a wooden phone.
[+] [-] wolfgke|12 years ago|reply
[+] [-] captainmuon|12 years ago|reply
It shouldn't be that hard. A million dollars, a few people who know about RF hardware, and the (possibly leaked) GSM specs should be enough.
There might be some trouble with encryption / carrier's private keys, but I think that shouldn't be an issue, since a multiband GSM phone works with every strange operator in every remote country, as long as the frequency is supported.
Some cool applications for a really free GSM from the top of my head:
- Virtual SIMS, you only use the data from the SIM, not the physical card to login. (Might be tricky because the SIM protects its information. If you don't want to resort to attacks ala chip shaving and electron microscopes to get the keys, you might just setup a simless private network with a DIY SIM tower (that already exist, AFAIK), as a kind of proof-of-concept.)
- You can see when you recieve a silent SMS ("type 0"), that authorities use to ping your phone to trace you. You can also send them.
- You can record audio from and play it to the phone, which is not possible in most consumer phones
- You can implement hardware encryption (which is tricky for voice, since GSM uses psychoaccoustical compression techniques that might not work on a encrypted stream - nevertheless this is a solved problem and there should be papers on this)
- You would find a bunch of security holes in the network, since its been relying on obscurity and trusted devices for so long.
- You could have a phone that's bottom to top trusted and open-source.
[+] [-] noselasd|12 years ago|reply
Another other issue is the carriers want the baseband chisets and protocol stacks certified before allowing it on their network.
[+] [-] icebraining|12 years ago|reply
Personally, I think it could be OK as long as the processor is contained (i.e., no open access to the main memory, reliable mechanism for fully shutting it down, etc).
[+] [-] sliverstorm|12 years ago|reply
Hardly unprecedented. Cable modems work the same way. It seems to make good sense to me; the provider is responsible for the performance of the network, and the client interface is a part of that network.
[+] [-] thechut|12 years ago|reply
[+] [-] antonius|12 years ago|reply
[+] [-] mellis|12 years ago|reply
[+] [-] esrauch|12 years ago|reply
The interesting thing was that several other people at the workshop were very gung-ho about how building their own phone in this way makes them in some way free from oppressive phone manufacturers. This didn't really strike me as quite correct given this is mostly just assembling parts from similar manufacturers.
[+] [-] zebra|12 years ago|reply
Edit: sorry, wolfgke informed us that still we can't have the cake.
[+] [-] OMGjavascript|12 years ago|reply
1. In a sea of people carrying iPhones and/or other various touchscreen smart phones, the minority of people using any kind of alternative seem to possess minscule flip phones with full-color displays. I haven't seen a candy bar phone in ages, unless it happens to be some venerable variety of nigh-defunct BlackBerry. I can't imagine this kit being resized down to a scale that would ever fit into what might be regarded as "common", especially since DIY kits need to be produced with parts big enough to man-handle, lest they risk total obscurity. No DIY kit will ever be successful if the parts involved are small enough to warrant a jewler's or watch maker's precision. Would you sell the kit with a loupe and tweezers?
2. Why should an unorthodox handset be suspicious? I guess it depends on the country one might live in? Also passing through customs and airport security, I guess?
[+] [-] fosap|12 years ago|reply
[+] [-] dangayle|12 years ago|reply
In fact, I switched from Verizon to T-Mobile after a decade just so I could have a GSM phone. Haven't gotten the pieces together yet, but I'm so down with this because I totally want a wooden phone.
And all the hipsters will squeal with jealousy.
[+] [-] imahboob|12 years ago|reply