Why FOSS mobile communication matters

What exactly is FOSS mobile communication and why should you care? In the early 2000s I was fascinated by battery powered handheld devices like the Agenda VR3 and later a lead developer of the OPIE project. Once when I crafted an extra battery pack to make my mobile handheld device with a WiFi compact flash (CF) card last more than 30 minutes when using the brand new WiFi at our University campus, it was obvious to me that mobile data and cellular technology would be integrated on touch based systems.

But in contrast to generations that learned networking by running a coaxial cable through the house/flat of the parents/at friends and then looking at how Ethernet/IP/TCP would behave, cellular technology is a blackbox powered by magic. The specifications were guarded behind a pay wall, the cellular modem devices exposed its service through an archaic interface that doesn’t necessarily reflect what happened in the air and the infrastructure was so expensive private entities couldn’t afford to run their network, leave alone the regulatory requirement to have an individual permission to broadcast on frequencies used by cellular technology.

Ten years ago we started to change that, when the OpenBSC project was born. ETSI released the specifications to the general public, we were curious on how the technology works and as FreeSoftware developers we wanted to share our findings, enable others to understand the technology and make people go beyond. Our timing was good, as part of the 3G/UMTS deployment old GSM BaseTransceiverStations (BTS) were decommissioned and sold on a second market. Harald Welte bought a Siemens BS11 on ebay (and later more to prevent prices going up and turning his living room into a stock).

Our work made GSM more accessible. It enabled a great amount of security research, e.g. to build and test the A5/1 rainbow tables, work on recovering the identity of subscribers, decrypting phone calls, receiving SMS that were meant for someone else, testing how your device will handle fuzzed SMS, illustrating how silent calls and silent sms can be used to track people. As time passed we also moved to the core network resulting in the publication of SS7 attacks. Some Chipset vendors started to build new security teams to respond to security incidents and improve the quality of the implementation, commercial entities used our BSC because it provides greater flexibility for non-standard (e.g. through high latency satellite links) deployments and what personally makes me the most happy is Rhizomatica that brings mobile communication to populations that are left behind by commercial operators.

The last 10 years we played catch up with an old technology. It became obvious that a FOSS solution is superior to a single vendor solution. A commercial entity might stop improving the software of an old but still sold product, use the engineering time of your support contract to disable the logging and debug interface to hide that there are severe memory leaks. In contrast a FOSS project is moving forward, ad-hoc solutions get replaced with better implementations. Others are able to fix issues if the original authors lose interest.

As a result of the SS7/GSM MAP security research, seeing how slowly fixes are rolled out world wide and looking at how RADIUS turned into DIAMETER and re-introducing some of the conceptual flaws from SS7/GSM MAP, it is necessary that for 5G or 6G core networks we need to take over the standardization from big corporations and put people first. With your help and support we can get there.