33C3: Dissecting 3G/4G Phone Modems

[LaForge] and [Holger] have been hacking around on cell phones for quite a while now, and this led to them working on the open cellphone at OpenMoko and developing the OsmocomBB GSM SDR software. Now, they are turning their sights on 3G and 4G modems, mostly because they would like to use them inside their own devices, but would also like to make them accessible to the broader hacker community. In this talk at the 33rd Chaos Communications Congress (33C3), they discuss their progress in making this darkest part of the modern smartphone useful for the rest of us.

This talk isn’t about the plug-and-play usage of a modern cell-phone modem, though, it’s about reprogramming it. They pick a Qualcomm chipset because it has a useful DIAG protocol, and in particular choose the Quectel EC20 modem that’s used in the iPhone5, because it makes the DIAG stream easily available.

Our story begins with a firmware upgrade from the manufacturer. They unzipped the files, and were pleasantly surprised to find that it’s actually running Linux, undocumented and without the source code being available. Now, [LaForge] just happens to be the founder of gpl-violations.org and knows a thing or two about getting code from vendors who use Linux without following the terms and conditions. The legal story is long and convoluted, and still ongoing, but they got a lot of code from Quectel, and it looks like they’re trying to make good.

Qualcomm, on the other hand, makes the Linux kernel source code available, if not documented. (This is the source on which Quectel’s code is based.) [LaForge] took over the task of documenting it, and then developing some tools for it — there is more going on than we can cover. All of the results of their work are available on the wiki site, if you’re getting ready to dig in.

Continue reading “33C3: Dissecting 3G/4G Phone Modems”

Live Counter Revives Old Nokia Phone’s Utility

Old hardware you may have on hand cannot only inspire projects in their own right, but can facilitate the realization of any ideas you have been planning. Using a Nokia N900, [MakerMan] concocted a light-up sign with a live subscriber and view count of his videos.

[MakerMan] milled out the logo used on the sign with his DIY CNC machine — built from rotary bearings and recycled stepper motors off industrial Xerox printers. The meticulous application of a jigsaw, rotary tool, and grinder resulted in a sturdy frame for the sign while a few strips of RGB LEDs imbue it with an inspiring glow. All that was left was to mount the phone in place and tape it for good measure.

Continue reading “Live Counter Revives Old Nokia Phone’s Utility”

Shmoocon 2017: Dig Out Your Old Brick Phone

The 90s were a wonderful time for portable communications devices. Cell phones had mass, real buttons, and thick batteries – everything you want in next year’s flagship phone. Unfortunately, Zach Morris’ phone hasn’t been able to find a tower for the last decade, but that doesn’t mean these phones are dead. This weekend at Shmoocon, [Brandon Creighton] brought these phones back to life. The Motorola DynaTAC lives again.

[Brandon] has a history of building ad-hoc cell phone networks. A few years ago, he was part of Ninja Tel, the group that set up their own cell phone network at DEF CON. That was a GSM network, and brickphones are so much cooler, so for the last few months he’s set his sights on building out a 1G network. All the code is up on GitHub, and the hardware requirements for building a 1G tower are pretty light; you can roll your own 1G network for about $400.

The first step in building a 1G network, properly referred to as an AMPS network, is simply reading the documentation. The entire spec is only 136 pages, it’s simple enough for a single person to wrap their head around, and the concept of a ‘call’ really doesn’t exist. AMPS looks more like a trunking system, and the voice channels are just FM. All of this info was translated into GNU Radio blocks, and [Brandon] could place a call to an old Motorola flip phone.

As far as hardware is concerned, AMPS is pretty lightweight when compared to the capabilities of modern SDR hardware. The live demo setup used an Ettus Research USRP N210, but this is overkill. These phones operate around 824-849 MHz with minimal bandwidth, so a base station could easily be assembled from a single HackRF and an RTL-SDR dongle.

Yes, the phones are old, but there is one great bonus concerning AMPS. Nobody is really using these frequencies anymore in the US. That’s not to say building your own unlicensed 1G tower in the US is legally permissible, but if nobody reports you, you can probably get away with it.

Rotary Cell Phone: Blast from a Past that Never Was

The 1970s called and they want their rotary dial cell phone back.

Looking for all the world like something assembled from the Radio Shack parts department – remember when Radio Shack sold parts? – [Mr_Volt]’s build is a celebration of the look and feel of a hobbyist build from way back when. Looking a little like a homebrew DynaTAC 8000X, the brushed aluminum and 3D-printed ABS case sports an unusual front panel feature – a working rotary dial. Smaller than even the Trimline phone’s rotating finger stop dial and best operated with a stylus, the dial translates rotary action to DTMF tones for the Feather FONA board inside. Far from a one-trick pony, the phone sports memory dialing, SMS messaging, and even an FM receiver. But most impressive and mysterious is the dial mechanism, visible through a window in the wood-grain back. Did [Mr_Volt] fabricate those gears and the governor? We’d love to hear the backstory on that.

This isn’t the first rotary cell phone hybrid we’ve featured, of course. There was this GSM addition to an old rotary phone and this cell phone that lets you slam the receiver down. But for our money a rotary dial cell phone built from the ground up wins the retro cool prize of the bunch.

Continue reading “Rotary Cell Phone: Blast from a Past that Never Was”

Ghetto Ribbon Connector

[Marcel] was trying to shoehorn a few new parts into his trusty Nexus 5 phone. If you’ve ever opened one of these little marvels up, you know that there’s not much room under the hood to work with. Pulling out some unnecessary parts (like the headphone jack) buys some space, but then how to wire it all up?

[Marcel] needed a multi-wire connector that’s as thin as possible, but he wasn’t going to go the order-Kapton-flex route. Oh no! He built one himself from masking tape and the strands from a stranded wire. Watch the video how-to if that alone isn’t enough instruction.

Continue reading “Ghetto Ribbon Connector”

Hackaday Prize Entry: Catch The IMSI Catchers

An IMSI catcher is an illicit mobile phone base station designed to intercept the traffic from nearby mobile phones by persuading them to connect to it rather than the real phone company  tower. The IMSI in the name stands for International Mobile Subscriber Identity, a unique global identifier that all mobile phones have. IMSI catchers are typically used by government agencies to detect and track people at particular locations, and are thus the subject of some controversy.

As is so often the case when a  piece of surveillance technology is used in a controversial manner there is a counter-effort against it. The IMSI catchers have spawned the subject of this post, an IMSI catcher detector app for Android. It’s a work-in-progress at the moment with code posted in its GitHub repository, but it is still an interesting look into this rather shadowy world.

How them you might ask, does this app hope to detect the fake base stations? In the first case, it will check the identity of the station it is connected to against a database of known cell towers. Then it will try to identify any unusual behaviour from the base station by analysing its traffic and signal strength. Finally it will endeavour to spot anomalies in the implementation of the cell phone protocols that might differentiate the fake from the real tower.

They have made some progress but stress that the app is in alpha stage at the moment, and needs a lot more work. They’re thus inviting Android developers to join the project. Still, working on projects is what the Hackaday Prize is all about.

Fractals Among Us

Think not of what you see, but what it took to produce what you see

Benoit Mandelbrot

Randomness is all around you…or so you think. Consider the various shapes of the morning clouds, the jagged points of Colorado’s Rocky Mountains, the twists and turns of England’s coastline and the forks of a lightning bolt streaking through a dark, stormy sky. Such irregularity is commonplace throughout our natural world. One can also find similar irregular structures in biology. The branch-like structures in your lungs called Bronchi, for instance, fork out in irregular patterns that eerily mirror the way rivers bifurcate into smaller streams. It turns out that these irregular structures are not as irregular and random as one might think. They’re self-similar, meaning the overall structure remains the same as you zoom in or out.

The mathematics that describes these irregular shapes and patterns would not be fully understood until the 1970s with the advent of the computer. In 1982, a renegade mathematician by the name of Benoit Mandelbrot published a book entitled “The Fractal Geometry of Nature”.  It was a revision of his previous work, “Fractals: Form, Chance and Dimension” which was published a few years before. Today, they are regarded as one of the ten most influential scientific essays of the 20th century.

Mandelbrot coined the term “Fractal,” which is derived from the Latin word fractus, which means irregular or broken. He called himself a “fractalist,” and often referred to his work as “the study of roughness.” In this article, we’re going to describe what fractals are and explore areas where fractals are used in modern technology, while saving the more technical aspects for a later article.

Continue reading “Fractals Among Us”