This reminds me of being a kid in the 90s trying to sort through all the acronyms and cryptic messages trying to get Linux installed. Maybe 15 years from now we'll be able to click a couple of buttons on a slick website and have our own 3G network up and running.
Not if the FCC and other regulatory agencies have anything to say about it...
But telecoms standards are certainly extremely complex; mainly because they are truly designed by very large committees with plenty of bureaucratic process. I did briefly try to read through and comprehend all the 3GPP standards in order to understand the whole system end-to-end --- from the microphone of one mobile to the speaker of another --- but gave up pretty early, and I'd consider myself pretty knowledgeable about the Internet stack from HTML through HTTP, TLS, TCP, and IP, all the way down to the bits on an Ethernet cable or the signals an 802.11b/g transceiver emits.
If you've seen the 802.11 standard, that's about the limit of what I can still understand with a bit of effort. The 3GPP specs are in a similar style of thick standardese, but around 10x denser and more voluminous.
Then again, I don't think it's impossible --- maybe if I had a lot more free time and interest I could. After all, Fabrice Bellard wrote his own 4G base station:
Some people can explain all the details of what happens when someone visits a URL in their browser. Maybe Fabrice can explain all the details of what happens when someone turns on a mobile, associates with a network, and makes a call with it.
As related by others, LTE has a less complicated backhaul network than the 3G networks (My experience is with WCDMA and WiMAX). Part of this is that 3G networks generally consist of several "servers" (in an as abstract sense as possible") and LTE significantly reduces this number.
Another significant factor is that LTE does not do circuit switched data/voice data and is exclusively packet switched and IP based. Of course, Voice over LTE (VoLTE) and IP Multimedia Subsystem (IMS) augments this slightly, but the general case is still true.
And in addition to this: going from microphone to speaker is much more than just the network. Digital coding of voice data, as an example, has been intensively researched and every single bit is squeezed to out to improve network capacity. They do source coding, to model the human voice and then apply to prediction algorithms to further reduce the bit rate. Recently, I heard a figure of 6.7 kb/s for voice data.
3GPP set is easily among the worst standards I've ever read. I often thought that it was deliberately made so, in order lesser companies and individuals would not be able to make their own baseband. Not to mention references to proprietary documents.. I'm very impressed that somebody managed to make a working BS out of this. Still it's strange to choose 3g, 4g is much lighter technology.
re "strange to choose 3g": as some operators even phase out 3G completely, we can expect 3G base stations to be available cheaper than ever. That's only one of the reasons: Osmocom started out from the security analysis perspective; having 3G openly available is a benefit to the general public as well as small business in various ways.
(The opening lines of https://osmocom.org/news/30: "3G is dead, you may think. From the perspective of large scale operators, that may well be the case, but this is precisely the reason why Open Source support for 3G is becoming increasingly interesting: when the focus for earning money shifts towards LTE infrastructure, the threshold for setting up 3G networks is becoming easier to surpass for everyone else.")
3g operates on licensed frequencies (sold for billions in some countries[1]), so you won't be able to setup a functioning network anyway. Maybe in some 3rd world country, in the middle of nowhere or a tiny femtocell..
And this is the thing that cheeses me off the most.
Look at the economic activity created around a "junk" wireless band: 2.4GHz. It is junk because of absorption by water molecules, and that's why microwave ovens use it.
Despite how crappy it is, and how much interference it gets, it is so, so useful. WiFi, Bluetooth, and dozens of other protocols. We get so much use out of it.
If some other bands were opened up in the same way for unlicensed use (conforming to a TX power limit of course), we could create more and more applications, especially if it was a bit lower in frequency to allow longer range communication with reasonable power consumption.
But there's no space worldwide for that, because it has all been sold off or otherwise provisioned. It is such a shame.
True and the German government was very "wise" to auction every last arfcn of their spectrum so no one will attempt to do teaching or R&D in Germany.
But not every country tried that hard, e.g. in the Netherlands one can broadcast with low power (e.g. have your own indoor/campus wide network) or in the US spectrum can be licensed for smaller regions.
Functioning can mean a lot of things. A security researcher trying to downgrade a device from 4G to 3G and then to 2G will be quite happy with a single eNodeB/nodeB/BTS set-up and is glad about low output power. A company to provide coverage on their campus can be quite happy too.
As someone who doesn't follow the cellular scene as much as I probably should, the immediate question I ask is: what is the impact of this development work from the security standpoint of (potentially stealth) voice/data interception on ordinary telco-provisioned cellular devices?
I realize GSM implements horribly broken authentication schemes, that almost all cellular devices out there implement GSM (and GSM fallback) in order to be implementationally complete, and that it's subsequently trivially possible to (near-transparently) take over arbitrary devices using reasonably inexpensive hardware and a bunch of open software if you can jam the 2.5G, 3G and 4G bands.
I'm just curious what the hurdles are to do this for 3G (and beyond), from an academic security standpoint. There are obviously whole swaths of layered encryption and so forth that would need to be dealt with, I expect that; and I admit my total ignorance - and curiosity! - as to what that is.
I vaguely recall obtuse rumors that suggest the existence of privately-owned 3G implementation(s) out there that do what I'm describing. I'm curious if this open-source work is lowering the barrier to the accessibility for this sort of thing.
This is an important question - I recall reading at least one story (I think from here) about the questionable legality of unsolicited cellular wiretapping operations (done via GSM) that have been noted by the news media.
(As an aside, I think that open-source GSM implementations exist is kind of neat - if you're ever in the middle of nowhere (or an equivalent setting) and you can setup base stations, old GSM phones are hundreds of times cheaper than CB radios.)
> what is the impact of this development work from the security standpoint of (potentially stealth) voice/data interception
I think those things already exist, the Stingray is just the most-publicized of its ilk. Big price tags provide plenty of incentive for closed-source implementations, or possibly just licensing something already made.
The open-source versions often serve to democratize or to remind, of the possibilities that've existed for some time. I think it'll enable some small-fish to do bad things that the big-fish have been doing for years.
The main site doesn't have this info either from what I could find: https://osmocom.org. Is there a better site?
You say it's been around a long time,but how is that relevant? They are actively asking for support so it's good to get their ideas known.
Your response about 3g doesn't inform much. To the lay person 3g is old tech so it's a natural question to want to know how it will help people. Undeveloped areas without a lot of investment capital maybe? Why should we guess?
Note that 3G is still current-ish around the world, and is often what you'll pick up in rural areas many places. In my country, it's pretty much just major city centres that have 4G, and many phones still exist which don't support it. In my city, it's often incredibly difficult to pick up 4G because of granite buildings.
Osmocom's goal is to create an open source implementation of mobile telecom standards. An open source implementation would allow people and companies to build non-encumbered mobile devices and telecom networks. This is important if you think free software is generally an important thing.
Osmocom run a GSM network at CCC each year, allowing people to place calls and send text messages to each other for free.
Not really. This is tech to create your own 3G phone basis station and network, for a twilio clone you want something that connects to the existing phone networks, and probably over some kind of internet protocol and not wirelessly ;)
As does using certain wireless spectrum. It _is_ easier to write a Twilio clone (as in, it can be done with sufficient time and resources); you just need to call bandwidth.com with your checkbook open and ask them to interconnect.
If you don't know most of the things mentioned, but are interested what all of it means...:
I recommend some of the talks of Harald which consist (by neccessity, he's a great speaker) mostly of acronyms, and he's explaining most of it (within the limits of time imposed by the talk).
