Project

General

Profile

ProjectRationale » History » Version 5

laforge, 02/20/2022 09:14 PM

1 1 laforge
2 4 laforge
h1. Project Rationale
3
4
5
6
h2. Why?
7
8 1 laforge
Why on earth would somebody want (to write) an open source GSM stack for a GSM baseband chip?
9
10
There's many answers to this question.  The first and obvious: Because we can.  However,
11
looking more deeper, there are many good reasons for an Open Source GSM baseband firmware:
12
13 4 laforge
14
h3. Security of an always-connected device in a public network
15
16 3 laforge
Every mobile device that is connected to a cellular network runs on some kind of baseband
17 1 laforge
processor with highly proprietary and closed-source firmware.
18
19
Any reasonably complex software has bugs, and a number of them will be security relevant
20
and might get exploited.
21
22
As we know from more than a decade of security nightmares on the Internet: Open Source
23
projects provide a much higher level of security, as more eyes review the code and
24
security related bugs get fixed almost immediately. An update is released, and that
25
particular security issue is closed.
26
27
Most people understand that connecting an unprotected PC to a public network like
28
the internet is dangerous.  People use personal or dedicated firewalls, application
29
level gateways, virus scanners and other technology to protect their PC.
30
31
But what about the mobile phone, particularly the baseband processor?  It is permanently
32
attached to a public network, in most cases there is no proper incident response management
33
and not even a clean way how bugs in that software can be updated quickly, as device
34
manufacturers rarely release firmware update, publish security advisories or any of
35
that sort.
36
37
The security situation becomes even worse when looking at the software architecture in
38
those baseband chips.  They often run the entire software stack in supervisor mode,
39
without any software protection.  There are no non-executable pages, there's no
40
stack protection, etc.  The UI and the protocol stack run in one shared address
41
space with no privilege separation.
42 3 laforge
43 1 laforge
The only companies that have access to the baseband firmware source code have no
44
interest in improving this situation.  So the logical conclusion is to form an
45
Open Source project that can try to improve the situation
46
47
48 4 laforge
h3. Education
49
50
51 2 laforge
Despite GSM being a public standard maintained by the ETSI, there are very few
52
people outside a small group of GSM baseband chip makers who really understand
53
the details of operation in a GSM mobile phone.
54
55
Existing books and other publications focus on "user" or "system administrator"
56
topics such as network deployment.  Or they are scientific literature about
57
the signal processing involved in GSM and optimizations thereof.  Other books
58
explain the layer 3 protocol very well, but only from a theoretical point of
59
view.
60
61
Designing and implementing the software that runs in the digital baseband of
62
a GSM mobile phone covers many areas that are currently not publicized much.
63
64
One such topic is the layer 1 stack operating synchronous to the TDMA frame
65
clock of the GSM network.  Another important practical issue is what software
66
can do for power efficiency, as this directly translates to longer battery life.
67
68
Digital Baseband ASICs and their corresponding software are present in
69
billions of mobile phones, but the detailed knowledge on how they work is so
70
far restricted to a small elite of engineers working for the industry.
71
72 1 laforge
Compare that with the knowledge of the Internet protocols such as Ethernet, IP,
73
TCP, HTTP, SMTP and others.  Virtually every IT professional around the world
74
understands them, the knowledge is wide spread.  One of the major reason for
75 2 laforge
that is the existence of no Free Software or Open Source software implementations.
76
77 4 laforge
78
h3. Research
79
80 2 laforge
81
Any practical research into GSM, especially GSM security needs both theoretical
82
knowledge on the protocols as well as well-documented/published/accessible
83
implementation, such as a Free Software / Open Source implementation.
84
85
It is quite conceivable that the cellular industry itself has no interest in any
86
research that could harm their market position.  Therefore, it is doing as much
87
as it can to close and hide the operation of their DBB hardware and software from
88
the general public.
89
90
Based on knowledge of the GSM protocols and the general availability of an
91
Open Source implementation that this project is working on, a great many more people
92 3 laforge
are enabled to perform research on GSM protocols.
93 2 laforge
94
Such research no longer requires a close alignment with the cellular industry
95
to get access to key technology - which in turn results in freedom and independence
96
about the topics of research and the publication of any results thereof.
Add picture from clipboard (Maximum size: 48.8 MB)