Project

General

Profile

ProjectRationale » History » Version 2

laforge, 02/19/2016 10:48 PM
more rationale

1 1 laforge
= Project Rationale =
2
3
== Why? ==
4
Why on earth would somebody want (to write) an open source GSM stack for a GSM baseband chip?
5
6
There's many answers to this question.  The first and obvious: Because we can.  However,
7
looking more deeper, there are many good reasons for an Open Source GSM baseband firmware:
8
9
=== Security of an always-connected device in a public network ===
10
Every mobile device that is connected to a cellular network runs some kind of baseband
11
processor with highly proprietary and closed-source firmware.
12
13
Any reasonably complex software has bugs, and a number of them will be security relevant
14
and might get exploited.
15
16
As we know from more than a decade of security nightmares on the Internet: Open Source
17
projects provide a much higher level of security, as more eyes review the code and
18
security related bugs get fixed almost immediately. An update is released, and that
19
particular security issue is closed.
20
21
Most people understand that connecting an unprotected PC to a public network like
22
the internet is dangerous.  People use personal or dedicated firewalls, application
23
level gateways, virus scanners and other technology to protect their PC.
24
25
But what about the mobile phone, particularly the baseband processor?  It is permanently
26
attached to a public network, in most cases there is no proper incident response management
27
and not even a clean way how bugs in that software can be updated quickly, as device
28
manufacturers rarely release firmware update, publish security advisories or any of
29
that sort.
30
31
The security situation becomes even worse when looking at the software architecture in
32
those baseband chips.  They often run the entire software stack in supervisor mode,
33
without any software protection.  There are no non-executable pages, there's no
34
stack protection, etc.  The UI and the protocol stack run in one shared address
35
space with no privilege separation.
36
37
The only companies who have access to the baesband firmware source code have no
38
interest in improving this situation.  So the logical conclusion is to form an
39
Open Source project that can try to improve the situation
40 2 laforge
41
=== Education ===
42
43
Despite GSM being a public standard maintained by the ETSI, there are very few
44
people outside a small group of GSM baseband chip makers who really understand
45
the details of operation in a GSM mobile phone.
46
47
Existing books and other publications focus on "user" or "system administrator"
48
topics such as network deployment.  Or they are scientific literature about
49
the signal processing involved in GSM and optimizations thereof.  Other books
50
explain the layer 3 protocol very well, but only from a theoretical point of
51
view.
52
53
Designing and implementing the software that runs in the digital baseband of
54
a GSM mobile phone covers many areas that are currently not publicized much.
55
56
One such topic is the layer 1 stack operating synchronous to the TDMA frame
57
clock of the GSM network.  Another important practical issue is what software
58
can do for power efficiency, as this directly translates to longer battery life.
59
60
Digital Baseband ASICs and their corresponding software are present in
61
billions of mobile phones, but the detailed knowledge on how they work is so
62
far restricted to a small elite of engineers working for the industry.
63
64
Compare that with the knowledge of the Internet protocols such as Ethernet, IP,
65
TCP, HTTP, SMTP and others.  Virtually every IT professional around the world
66
understands them, the knowledge is wide spread.  One of the major reason for
67
that is the existance of no Free Software or Open Source software implementations.
68
69
=== Research ===
70
71
Any practical research into GSM, especially GSM security needs both theoretical
72
knowledge on the protocols as well as well-documented/published/accessible
73
implementation, such as a Free Software / Open Source implementation.
74
75
It is quite conceivable that the cellular industry itself has no interest in any
76
research that could harm their market position.  Therefore, it is doing as much
77
as it can to close and hide the operation of their DBB hardware and software from
78
the general public.
79
80
Based on knowledge of the GSM protocols and the general availability of an
81
Open Source implementation that this project is working on, a great many more people
82
are enabled to doresearch into GSM protcols.
83
84
Such research no longer requires a close alignment with the cellular industry
85
to get access to key technology - which in turn results in freedom and independence
86
about the topics of research and the publication of any results thereof.
Add picture from clipboard (Maximum size: 48.8 MB)