David Burgess, a software/radio engineer formerly employed in building GSM-tapping equipment, has turned his efforts to publicly implementing the GSM standards in free software under GPLv3. He hopes to provide low-cost GSM communication service to billions in underserved regions of the world. He also hopes to demystify the cellular networks for a generation of hackers. His OpenBTS software builds on the GNU Radio framework and the USRP computer/radio interfaces to implement a fully functional GSM network base station, making voice and SMS calls with ordinary GSM handsets, and back-hauling via VoIP networks. Early code was tested at Burning Man last year, and he hopes to provide free communcation service to BM participants this year (as well as doing some testing in field conditions under serious load). His understanding of the GSM protocols comes from reading the published standards documents, which are written in bureaucratese but can be decrypted without a secret key. However, a former customer of his has been suing him for alleged disclosure of trade secrets, claiming that either the GSM protocol or perhaps the way to wiretap a GSM phone is secret (the published court documents make vague allegations, as usual). David's blog, "The OpenBTS Chronicles" has a variety of interesting posts, one of which links to a German patent on an IMSI-catcher which lets wiretappers force a phone to identify itself, and to a UK High Court decision that upholds it (and also reveals a Nokia patent on how to do a man-in-the-middle attack on a GSM phone). Clearly the things revealed in these documents are not trade secrets. But they may be of interest to this list. I also found that David's posting on "The Value of Knowing How Stuff Works" struck a chord with me. http://openbts.blogspot.com/ http://openbts.blogspot.com/2009/04/some-comments-on-imsi- catchers.html http://openbts.blogspot.com/2009/05/value-of-knowing-how-stuff-works.html http://en.wikipedia.org/wiki/OpenBTS http://www.gnuradio.org/trac/wiki/OpenBTS http://openbts.sourceforge.net/ John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com