[Community] OsmocomBB

Dr. H. Nikolaus Schaller hns at goldelico.com
Tue Mar 25 18:01:04 CET 2014

Am 25.03.2014 um 16:20 schrieb "Ryan de Laplante (personal)" <ryan at ryandelaplante.com>:

> On 25/03/14 10:33 AM, Sebastian Krzyszkowiak wrote:
>> People should end shouting about open basebands and point out the
>> constantly progressing integration of the modem with main RAM on the
>> modern smartphones instead. This, combined with closed baseband, is a
>> real threat to our freedom, not the closed baseband alone. When it's
>> properly separated and monitored, like it will be on Neo900, it
>> becomes a non-issue. Which is lucky, cause otherwise we wouldn't be
>> able to do anything with it - the development of free, modern baseband
>> is far out of our reach.
> Thank you Sebastian for the detailed reply.  I'm very new to this
> community and just learned about OsmocomBB today.  I agree that
> separation of the modem from the main ram and CPU is very important, and
> what you say makes sense to me.
> When you say it will be monitored on the Neo900, will the monitoring be
> done in software? If yes, will the monitoring also be implemented in
> ReplicantOS? And how does the monitor work?

It will be implemented by a hardware/software combination. This means
as long as the CPU and OS are not compromised the modem can't hide from
being monitored (and can't be designed for doing it).

Well, what you can't protect from is an attack that installs some fraudulent
firmware that normally works perfectly - except if you download some
new software through the net. And then it tries to manipulate that software
package which contains a trojan horse to disable the monitor.

To do that the firmware must be
* installed over the air (without being noticed)
* be able to analyse the traffic going over TCP/IP over PPPoE over USB (which is impossible if you encrypt all downloads)
* detect that it is an installer for the OS you have on your device (there are severe choices so it can't be a general solution)
* attach the correct signatures (e.g. Debian files are cryptographically protected against manipulations)
* know how the monitoring firmware works (well, that will be open source)

IMHO it is quite unlikely that someone sees the Neo900 as an attractive
target to develop such a complex threat - if it is possible at all.


More information about the Community mailing list