[Community] OsmocomBB

Dr. H. Nikolaus Schaller hns at goldelico.com
Tue Mar 25 19:53:25 CET 2014 

Am 25.03.2014 um 18:41 schrieb Ryan de Laplante (personal):

> On 25/03/14 01:01 PM, Dr. H. Nikolaus Schaller wrote:
>> 
>> Am 25.03.2014 um 16:20 schrieb "Ryan de Laplante (personal)" <ryan at ryandelaplante.com>:
>> 
>>> When you say it will be monitored on the Neo900, will the monitoring be
>>> done in software? If yes, will the monitoring also be implemented in
>>> ReplicantOS? And how does the monitor work?
>> 
>> It will be implemented by a hardware/software combination. This means
>> as long as the CPU and OS are not compromised the modem can't hide from
>> being monitored (and can't be designed for doing it).
> 
> Will the software part of this monitoring be available for Neo900 users
> who choose ReplicantOS?

That depends on those people who want to write software for it. Maybe it will be a kernel driver.

> 
> What I was trying to ask is what the monitoring accomplishes and how. Is
> is watching every bit passing through the modem's I/O channels and
> inspecting it for something in particular?

No, not at all. Because that are already AT commands and data streams (PPPoE)
so any software can check that by whatever mechanisms people invent.

> I can't imagine what kind of
> monitoring would be performed by software or hardware.  I don't think
> that keeping the modem chip separate from CPU and memory is
> "monitoring", and so you must be talking about something else.

The "monitoring" is a chip that measures the energy demand of the modem. So that
you will get notified if it shows activities that have not been enabled. E.g. some
over-the-air firmware upgrade which makes the device transmit confirmations.

Please note that there is one piece of information that can neither be monitored
by hardware nor by software: the network protocols running between the modem
and the network. They reveal a lot of information about you to the network:

* your IMEI (device)
* your IMSI (sim card)
* your SMS messages (plain text)
* the phone number you call or are called from
* voice data stream
* 3G data connection set up and tear down
* 3G raw packets
* your rough position (base station ID)

If you don't want to reveal any of these things you have to turn the modem off.

But that is where the hardware monitor gives additional confidence: you can
verify that the modem is really off if instructed to be - even without removing
it from the hardware.

BR,
Nikolaus

More information about the Community mailing list