Misc DECT hacks

Millenia after deDECTed and about a decade after the now abandoned OsmocomDECT project, a group of people in and around Osmocom started to play with DECT again towards the end of 2022. There's no big plan, or no specific goal, other than getting more hands-on hack value with consumer DECT hardware, at its lowest levels.

It started with some innocent ringtone-hacking on a Gigaset C430 by manawyrm, followed by a much appreciated fix for the long-standing bug of Gigaset DECT phones radically over-charging (and eventually killing) their NiMH batteries (see Gigaset_C430_Hacking).

Initially, this required un-soldering and re-programming the SPI flash. After the debug UART was identified on the two test pads accessible from the battery compartment, manawyrm and tobleminer have figured out how to load code into the processor (see also ChipsUsed). Some initial related tools have been created and collected in the repository. Using this you can execute your own code on the Gigaset C430, C300 and likely many other DECT phones using the Sitel (formerly NatSemi, now Renesas SC14xxx chipset family. Those who have had an eye on DECT for a longer time will recognize that this family of chips was also used in both the deDECTed as well as the OsmocomDECT CoA driver. It is also used in the Aastra/Mitel RFP base stations (see this talk on RFP base stations and #mifail talk).

It's yet unclear where this will lead to. But it definitely is nice to see some people excited about playing with DECT devices again. If you want to follow developments in real-time, join us on the #osmocom IRC channel on

further wiki pages

This is just a random collection of various bits and pieces related to DECT

Files (0)

Updated by laforge about 1 year ago ยท 2 revisions

Add picture from clipboard (Maximum size: 48.8 MB)