Osmocom presentation at KNF 2017
After Width: | Height: | Size: 2.7 MiB |
After Width: | Height: | Size: 1.4 MiB |
After Width: | Height: | Size: 669 KiB |
After Width: | Height: | Size: 178 KiB |
After Width: | Height: | Size: 48 KiB |
After Width: | Height: | Size: 9.8 KiB |
After Width: | Height: | Size: 154 KiB |
After Width: | Height: | Size: 45 KiB |
After Width: | Height: | Size: 132 KiB |
|
@ -0,0 +1,631 @@
|
|||
% $Header: /cvsroot/latex-beamer/latex-beamer/solutions/conference-talks/conference-ornate-20min.en.tex,v 1.7 2007/01/28 20:48:23 tantau Exp $
|
||||
|
||||
\documentclass{beamer}
|
||||
|
||||
\usepackage{url}
|
||||
\makeatletter
|
||||
\def\url@leostyle{%
|
||||
\@ifundefined{selectfont}{\def\UrlFont{\sf}}{\def\UrlFont{\tiny\ttfamily}}}
|
||||
\makeatother
|
||||
%% Now actually use the newly defined style.
|
||||
\urlstyle{leo}
|
||||
|
||||
|
||||
% This file is a solution template for:
|
||||
|
||||
% - Talk at a conference/colloquium.
|
||||
% - Talk length is about 20min.
|
||||
% - Style is ornate.
|
||||
|
||||
|
||||
|
||||
% Copyright 2004 by Till Tantau <tantau@users.sourceforge.net>.
|
||||
%
|
||||
% In principle, this file can be redistributed and/or modified under
|
||||
% the terms of the GNU Public License, version 2.
|
||||
%
|
||||
% However, this file is supposed to be a template to be modified
|
||||
% for your own needs. For this reason, if you use this file as a
|
||||
% template and not specifically distribute it as part of a another
|
||||
% package/program, I grant the extra permission to freely copy and
|
||||
% modify this file as you see fit and even to delete this copyright
|
||||
% notice.
|
||||
|
||||
|
||||
\mode<presentation>
|
||||
{
|
||||
\usetheme{Warsaw}
|
||||
% or ...
|
||||
|
||||
\setbeamercovered{transparent}
|
||||
% or whatever (possibly just delete it)
|
||||
}
|
||||
|
||||
|
||||
\usepackage[english]{babel}
|
||||
% or whatever
|
||||
|
||||
%\usepackage[latin1]{inputenc}
|
||||
% or whatever
|
||||
|
||||
\usepackage{times}
|
||||
\usepackage[T1]{fontenc}
|
||||
% Or whatever. Note that the encoding and the font should match. If T1
|
||||
% does not look nice, try deleting the line with the fontenc.
|
||||
|
||||
|
||||
\title{osmocom.org - FOSS for mobile comms}
|
||||
|
||||
\subtitle
|
||||
{community based Free / Open Source Software for communications}
|
||||
|
||||
\author{Harald Welte <laforge@gnumonks.org>}
|
||||
|
||||
\institute
|
||||
{gnumonks.org\\hmw-consulting.de\\sysmocom GmbH}
|
||||
% - Use the \inst command only if there are several affiliations.
|
||||
% - Keep it simple, no one is interested in your street address.
|
||||
|
||||
\date[] % (optional, should be abbreviation of conference name)
|
||||
{June 16, 2014, DORS/CLUC, Zagreb}
|
||||
% - Either use conference name or its abbreviation.
|
||||
% - Not really informative to the audience, more for people (including
|
||||
% yourself) who are reading the slides online
|
||||
|
||||
\subject{Communications}
|
||||
% This is only inserted into the PDF information catalog. Can be left
|
||||
% out.
|
||||
|
||||
|
||||
|
||||
% If you have a file called "university-logo-filename.xxx", where xxx
|
||||
% is a graphic format that can be processed by latex or pdflatex,
|
||||
% resp., then you can add a logo as follows:
|
||||
|
||||
% \pgfdeclareimage[height=0.5cm]{university-logo}{university-logo-filename}
|
||||
% \logo{\pgfuseimage{university-logo}}
|
||||
|
||||
|
||||
|
||||
% Delete this, if you do not want the table of contents to pop up at
|
||||
% the beginning of each subsection:
|
||||
%\AtBeginSubsection[]
|
||||
%{
|
||||
% \begin{frame}<beamer>{Outline}
|
||||
% \tableofcontents[currentsection,currentsubsection]
|
||||
% \end{frame}
|
||||
%}
|
||||
|
||||
|
||||
% If you wish to uncover everything in a step-wise fashion, uncomment
|
||||
% the following command:
|
||||
|
||||
%\beamerdefaultoverlayspecification{<+->}
|
||||
|
||||
|
||||
\begin{document}
|
||||
|
||||
\begin{frame}
|
||||
\titlepage
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Outline}
|
||||
\tableofcontents[hideallsubsections]
|
||||
% You might wish to add the option [pausesections]
|
||||
\end{frame}
|
||||
|
||||
|
||||
% Structuring a talk is a difficult task and the following structure
|
||||
% may not be suitable. Here are some rules that apply for this
|
||||
% solution:
|
||||
|
||||
% - Exactly two or three sections (other than the summary).
|
||||
% - At *most* three subsections per section.
|
||||
% - Talk about 30s to 2min per frame. So there should be between about
|
||||
% 15 and 30 frames, all told.
|
||||
|
||||
% - A conference audience is likely to know very little of what you
|
||||
% are going to talk about. So *simplify*!
|
||||
% - In a 20min talk, getting the main ideas across is hard
|
||||
% enough. Leave out details, even if it means being less precise than
|
||||
% you think necessary.
|
||||
% - If you omit details that are vital to the proof/implementation,
|
||||
% just say so once. Everybody will be happy with that.
|
||||
|
||||
\begin{frame}{About the speaker}
|
||||
\begin{itemize}
|
||||
\item Using + toying with Linux since 1994
|
||||
\item Kernel / bootloader / driver / firmware development since 1999
|
||||
\item IT security expert, focus on network protocol security
|
||||
\item Former core developer of Linux packet filter netfilter/iptables
|
||||
\item Board-level Electrical Engineering
|
||||
\item Always looking for interesting protocols (RFID, DECT, GSM)
|
||||
\item OpenEXZ, OpenPCD, Openmoko, OpenBSC, OsmocomBB, OsmoSGSN
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\section{Researching communications systems}
|
||||
|
||||
\subsection{The Rolle of FOSS}
|
||||
|
||||
\begin{frame}{What this talk is about}
|
||||
\begin{itemize}
|
||||
\item Implementing GSM/GPRS/3G network elements as FOSS
|
||||
\item Applied Protocol Archaeology
|
||||
\item Doing all of that on top of Linux (in userspace)
|
||||
\item From two nerds with a BTS off e-bay to a community project, several companies and real-world deployments around the globe
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}{Research in TCP/IP/Ethernet}
|
||||
Assume you want to do some research in the TCP/IP/Ethernet
|
||||
communications area,
|
||||
\begin{itemize}
|
||||
\item you use off-the-shelf hardware (x86, Ethernet card)
|
||||
\item you start with the Linux / *BSD stack
|
||||
\item you add the instrumentation you need
|
||||
\item you make your proposed modifications
|
||||
\item you do some testing
|
||||
\item you write your paper and publish the results
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Research in (mobile) communications}
|
||||
Assume it is 2008 (before Osmocom) and you want to do some research in mobile comms
|
||||
\begin{itemize}
|
||||
\item there is no FOSS implementation of any of the protocols or
|
||||
functional entities
|
||||
\item almost no university has a test lab with the required
|
||||
equipment. And if they do, it is black boxes that you
|
||||
cannot modify according to your research requirements
|
||||
\item you turn away at that point, or you cannot work on really
|
||||
exciting stuff
|
||||
\item only chance is to partner with commercial company, who
|
||||
puts you under NDAs and who wants to profit from your
|
||||
research
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Running small (mobile) networks}
|
||||
Assume it is 2008 (before Osmocom) and you want to run a small cellular network for research,
|
||||
education, testing. You
|
||||
\begin{itemize}
|
||||
\item go to Ericsson/Huawei/ZTE/Nokia/Alcatel/...
|
||||
\item spend lots of time convincing them that you’re an eligible customer
|
||||
\item spend a six-digit figure for even the most basic full network
|
||||
\item end up with black boxes that you can neither study or improve
|
||||
\begin{itemize}
|
||||
\item WTF?
|
||||
\item I used FOSS protocol stacks for the Internet since 1994 and hacked on them since 1999. I knew a better world.
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{GSM/3G vs. Internet}
|
||||
\begin{itemize}
|
||||
\item Observation
|
||||
\begin{itemize}
|
||||
\item Both GSM/3G and TCP/IP protocol specs are publicly available
|
||||
\item The Internet protocol stack (Ethernet/Wifi/TCP/IP) receives lots of scrutiny
|
||||
\item GSM networks are as widely deployed as the Internet
|
||||
\item Yet, GSM/3G protocols receive no such scrutiny!
|
||||
\end{itemize}
|
||||
\item There are reasons for that:
|
||||
\begin{itemize}
|
||||
\item GSM industry is extremely closed (and closed-minded)
|
||||
\item Only about 4 closed-source protocol stack implementations
|
||||
\item GSM chipset makers never release any hardware documentation
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{GSM is more than phone calls}
|
||||
Listening to phone calls is boring...
|
||||
\begin{itemize}
|
||||
\item Machine-to-Machine (M2M) communication
|
||||
\begin{itemize}
|
||||
\item BMW can unlock/open your car via GSM
|
||||
\item Alarm systems often report via GSM
|
||||
\item Smart Metering (Utility companies)
|
||||
\item GSM-R / European Train Control System
|
||||
\item Vending machines report that their cash box is full
|
||||
\item Control if wind-mills supply power into the grid
|
||||
\item Transaction numbers for electronic banking
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\section{The Osmocom project}
|
||||
|
||||
\begin{frame}{Enter Osmocom}
|
||||
In 2008, two crazy Germans (Dieter Spaar + yours truly) started to write FOSS for GSM.
|
||||
\begin{itemize}
|
||||
\item to boldly go where no FOSS hacker has gone before
|
||||
\item where protocol stacks are deep
|
||||
\item and acronyms are plentiful
|
||||
\item we went from {\tt bs11-abis} to {\tt bsc\_hack} to OpenBSC to OsmoNITB + OsmoBSC
|
||||
\item many other projects were created
|
||||
\item finally leading to the {\em Osmocom} umbrella project
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Siemens BS-11 via ebay}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=50mm]{BS11_BTS.jpg}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}{Simplifying the GSM Network}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=99mm]{gsm-digraph-box.png}
|
||||
\end{figure}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=60mm]{gsm-digraph-nitb.png}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Osmocom / osmocom.org}
|
||||
\begin{itemize}
|
||||
\item Osmocom == Open Soruce Mobile Communications
|
||||
\item Classic collaborative, community-driven FOSS project
|
||||
\item Gathers creative people who want to explore this
|
||||
industry-dominated closed mobile communications world
|
||||
\item communication via mailing lists, IRC
|
||||
\item soure code in git, information in trac/wiki
|
||||
\item http://osmocom.org/
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\subsection{Osmocom sub-projects}
|
||||
|
||||
\begin{frame}{OpenBSC}
|
||||
\begin{itemize}
|
||||
\item first Osmocom project
|
||||
\item Implements GSM A-bis interface towards BTS
|
||||
\item Primarily supports sysmoBTS and ip.access nanoBTS
|
||||
\item Limited support for some Siemens, Ericsson and Nokia BTS models
|
||||
\item can implement only BSC function (osmo-bsc) or a fully
|
||||
autonomous self-contained GSM network (osmo-nitb) that
|
||||
requires no external MSC/VLR/AUC/HLR/EIR
|
||||
\item deployed in (at least) > 300 installations world-wide, commercial and research
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{First OpenBSC test installation (HAR 2009)}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=60mm]{bts_tree_full.jpg}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Osmocom Cellular Network use cases}
|
||||
\begin{itemize}
|
||||
\item can be used either as pure BSC (A-over-IP)
|
||||
\begin{itemize}
|
||||
\item suitable for operators with existing core (MSC/VLR/HLR/AUC)
|
||||
\item easy integration into existing infrastructure
|
||||
\end{itemize}
|
||||
\item or together with OsmoMSC, OsmoHLR to form a Network In The Box
|
||||
\begin{itemize}
|
||||
\item suitable for private / autonomous small networks (PBX style)
|
||||
\item no dependency on any other external component
|
||||
\item connect to the outside via ISDN or VoIP (using
|
||||
linux call router, osmo-sip-connector)
|
||||
\item off-shore drilling rigs, underground mining, alternative to PMR
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}{OsmoPCU / OsmoSGSN / OsmoGGSN}
|
||||
\begin{itemize}
|
||||
\item extends the Osmocom based network from GSM to GPRS/EDGE by
|
||||
implementing the classic PCU, SGSN and GGSN functional
|
||||
entities
|
||||
\item OsmoGGSN based on pre-existing OpenGGSN code that was abandoned by original
|
||||
author
|
||||
\item Works only with BTSs that provides Gb interface, like
|
||||
sysmoBTS or nanoBTS
|
||||
\item Suitable for research only, not production ready
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmoSGSN / OsmoGGSN use cases}
|
||||
\begin{itemize}
|
||||
\item Testing of M2M devices using your own BTS+SGSN+GGSN
|
||||
\item Mobile malware research (analyze cellular data traffic of
|
||||
apps)
|
||||
\item Any type of GPRS related research
|
||||
\item Teaching, training on mobile data protocols/interfaces
|
||||
(RLC, MAC, LLC, SNDCP, BSSGP, NS, GTP, etc.)
|
||||
\item 3G / 3.5G support since 2016 by means of IuPS interface
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmoBTS}
|
||||
\begin{itemize}
|
||||
\item OpenBSC/OsmoNITB takes care of BTS and higher elements
|
||||
\item OsmoBTS implements a BTS with A-bis/IP back-haul to OpenBSC
|
||||
\item Developed primarily for sysmoBTS hardware
|
||||
\item Ported to various other hardware, even by some BTS vendors!
|
||||
\end{itemize}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=99mm]{osmobts-hardware.png}
|
||||
\end{figure}
|
||||
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Osmocom 3G}
|
||||
\begin{itemize}
|
||||
\item Osmo{BTS,PCU,BSC,MSC,HLR,SGSN,GGSN} developed for 2G/2.5G/2.75G
|
||||
\item in 2015/2016, we added 3G/3.5G support
|
||||
\item OsmoMSC got IuCS interface
|
||||
\item OsmoSGSN got IuPS interface
|
||||
\item OsmoHLR got support for 3G mutual authentication
|
||||
\item OsmoHNBGW for talking Iuh to femtocells
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Osmocom Cellular Network in 2017}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=110mm]{osmocom-cellnet-topology.png}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmocomBB}
|
||||
\begin{itemize}
|
||||
\item Full baseband processor firmware implementation of a mobile phone (MS)
|
||||
\item We re-use existing phone hardware and re-wrote the L1, L2,
|
||||
L3 and higher level logic
|
||||
\item Higher layers reuse code from OpenBSC wherever possible
|
||||
\item Used in a number of universities and other research contexts
|
||||
\end{itemize}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=50mm]{c123_pcb.jpg}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmocomBB use cases}
|
||||
\begin{itemize}
|
||||
\item Applied security research on Infrastructure
|
||||
\begin{itemize}
|
||||
\item Fuzzing / exploiting of protocol parsers on network side
|
||||
\item RACH denial of service
|
||||
\item Check if networks use random padding
|
||||
\item Detect IMSI catchers or other fals base stations
|
||||
\item Assess GSM network (operator) security level
|
||||
\end{itemize}
|
||||
\item Study + learn how a GSM stack / phone work
|
||||
\item Protocol tracing of your own transactions with the network
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}{OsmocomTETRA}
|
||||
\begin{itemize}
|
||||
\item SDR implementation of a TETRA radio-modem (PHY/MAC)
|
||||
\item Rx is fully implemented, Tx only partial
|
||||
\item Can be used for air interface interception
|
||||
\item Accompanied by wireshark dissectors for the TETRA protocol
|
||||
stack
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmocomTETRA use cases}
|
||||
\begin{itemize}
|
||||
\item Analysis/assessment of TETRA network security
|
||||
\item Learn how TETRA works on teh lowest levels (L1, MAC, L3)
|
||||
\item Protocol analysis / sniffing / intercepting unencrypted networks
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmocomGMR}
|
||||
\begin{itemize}
|
||||
\item ETSI GMR (Geo Mobile Radio) is "GSM for satellites"
|
||||
\item GMR-1 used by Thuraya satellite network
|
||||
\item OsmocomGMR implements SDR based radiomodem + PHY/MAC (Rx)
|
||||
\item Partial wireshark dissectors for the protocol stack
|
||||
\item Reverse engineered implementation of GMR-A5 crypto
|
||||
\item Speech codec is proprietary, still needs reverse engineering
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmocomGMR use cases}
|
||||
\begin{itemize}
|
||||
\item Analysis/assessment of GMR/Thuraya security (there is none)
|
||||
\item Learn and understnad how satellite telephony L1 and protocol work
|
||||
\item Actual interception of SMS + data
|
||||
\item Voice still difficult due to proprietary undocumented codec
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmocomDECT}
|
||||
\begin{itemize}
|
||||
\item ETSI DECT (Digital European Cordless Telephony) is used in
|
||||
millions of cordless phones
|
||||
\item deDECTed.org project started with open source protocol
|
||||
analyzers and demonstrated many vulnerabilities
|
||||
\item OsmocomDECT is an implementation of the DECT hardware
|
||||
drivers and protocols for the Linux kernel
|
||||
\item Integrates with Asterisk
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmocomOP25}
|
||||
\begin{itemize}
|
||||
\item APCO25 is Professional PMR system used in the US
|
||||
\item Can be compared to TETRA in Europe
|
||||
\item OsmocomOP25 is again SDR receiver + protocol analyzer
|
||||
\item Use cases like OsmocomTETRA
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmoSDR}
|
||||
\begin{itemize}
|
||||
\item small, low-power / low-cost USB SDR hardware
|
||||
\item higher bandwidth than FunCubeDonglePro
|
||||
\item much lower cost than USRP
|
||||
\item Open Hardware
|
||||
\item Developer units available
|
||||
\end{itemize}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=70mm]{osmosdr.jpg}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{rtl-sdr}
|
||||
\begin{itemize}
|
||||
\item re-purpose a USD 20 DVB-T USB dongle based on Realtek chipset
|
||||
\item deactivate/bypass DVB-T demodulator / MPEG decoder
|
||||
\item pass baseband samples via high-speed USB into PC
|
||||
\item no open hardware, but Free Software
|
||||
\end{itemize}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=70mm]{ezcap_top.jpg}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{OsmocomSIMTRACE}
|
||||
\begin{itemize}
|
||||
\item Hardware protocol tracer for SIM - phone interface
|
||||
\item Wireshark protocol dissector for SIM-ME protocol (TS 11.11)
|
||||
\item Can be used for SIM Application development / analysis
|
||||
\item Also capable of SIM card emulation and man-in-the-middle attacks
|
||||
\end{itemize}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=60mm]{simtrace_and_phone.jpg}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{osmo\_ss7, osmo\_map, signerl}
|
||||
\begin{itemize}
|
||||
\item Erlang-language SS7 implementation (MTP3, SCCP, TCAP, MAP)
|
||||
\item SIGTRAN variants (M2PA, M2UA, M3UA and SUA)
|
||||
\item Enables us to interface with GSM/UMTS inter-operator core network
|
||||
\item Already used in production in some really nasty
|
||||
special-purpose protocol translators (think of NAT for
|
||||
SS7)
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{osmo\_ss7, osmo\_map, signerl use cases}
|
||||
\begin{itemize}
|
||||
\item Implement GSM/3G core network elements (HLR, SCF, etc.)
|
||||
\item Applications that interact with GSM/3G core network
|
||||
elements
|
||||
\item Mostly useful for small MVNOs or other operators who have
|
||||
requirements that cannot be fulfilled with off-the-shelf
|
||||
proprietary equipment.
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{More Osmocom projects}
|
||||
\begin{itemize}
|
||||
\item Have a look at http://git.osmcoom.org/
|
||||
\item ~ 100 public git repositories / projects at this point
|
||||
\item way too many to cover here in this talk
|
||||
\item Often RTFS, no manual/docs
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\section{Non-osmocom projects}
|
||||
|
||||
\begin{frame}{The OpenBTS Um - SIP bridge}
|
||||
\begin{itemize}
|
||||
\item OpenBTS is a SDR implementation of GSM Um radio interface
|
||||
\item directly bridges to SIP/RTP, no A-bis/BSC/A/MSC
|
||||
\item suitable for research on air interface, but very different
|
||||
from traditional GSM networks
|
||||
\item work is being done to make it interoperable with OpenBSC
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{airprobe.org}
|
||||
\begin{itemize}
|
||||
\item SDR implementation of Um sniffer
|
||||
\item suitable for receiving GSM Um downlink and uplink
|
||||
\item predates all of the other projects
|
||||
\item more or less abandoned at this point
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{xgoldmon}
|
||||
\begin{itemize}
|
||||
\item extract all GSM/GPRS and even 3G protocol messages from
|
||||
your Samsung Galaxy 2, Galaxy 3, Note 2, Nexus phone via USB
|
||||
\item feed them into your PC running xgoldmon
|
||||
\item forward them from xgoldmon via GSMTAP into wireshark
|
||||
\item https://github.com/2b-as/xgoldmon
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{sysmocom GmbH}{systems for mobile communications}
|
||||
\begin{itemize}
|
||||
\item small company, started by two Osmocom developers in Berlin
|
||||
\item provides commercial R\&d and support for professional
|
||||
users of Osmocom software
|
||||
\item develops + sells products like sysmoBTS (inexpensive,
|
||||
small-form-factor, OpenBSC compatible BTS)
|
||||
\item runs a small webshop for Osmocom related hardware items
|
||||
like SIMtrace
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\subsection{Future projects}
|
||||
|
||||
\begin{frame}{Where do we go from here?}
|
||||
\begin{itemize}
|
||||
\item Now that we have GSM, GPRS, EGPRS, UMTS: LTE, of course
|
||||
\item Re-using femtocells in creative ways
|
||||
\item Proprietary PMR systems
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Call for contributions}
|
||||
\begin{itemize}
|
||||
\item Don't you agree that classic Internet/TCP/IP is boring and
|
||||
has been researched to death?
|
||||
\item There are many more communications systems out there
|
||||
\item Never trust the industry, they only care about selling
|
||||
their stuff
|
||||
\item Lets democratize access to those communication systems
|
||||
\item Become a contributor or developer today!
|
||||
\item Join our mailing lists, use/improve our code
|
||||
\item for OsmocomBB you only need a EUR 20 phone to start
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Thanks}
|
||||
I'd like to thank the many Osmocom developers and contributors, especially
|
||||
\begin{itemize}
|
||||
\item Dieter Spaar
|
||||
\item Holger Freyther
|
||||
\item Andreas Eversberg
|
||||
\item Sylvain Munaut
|
||||
\item Neels Hofmeyr
|
||||
\end{itemize}
|
||||
Also, thanks to CEPT for permitting the GSM specs to be written in English (not French, the official Language of the international postal system)
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}{Thanks}
|
||||
Thanks for your attention. I hope we have time for Q\&A.
|
||||
|
||||
EOF.
|
||||
\end{frame}
|
||||
|
||||
|
||||
\end{document}
|
After Width: | Height: | Size: 173 KiB |
After Width: | Height: | Size: 72 KiB |