Lack of good Free / Open Source ASN.1 tools detrimental to FOSS in Telecom sphere

For years, I've been working with the GSM specifications by now. My contributions to wireshark, airprobe and most of all the creation of OpenBSC about one year ago further forced me to become very intimate with the various GSM related protocols.

Over the last month or so, I've been looking into some 3G/UMTS specific protocols such as RANAP, as well as more recently at various LTE protocols. It seems like they're more or less all specified in ASN.1 and use a variety of encodings, e.g. PER aligned and unaligned.

Not having useful tools like a code generator for parsing and formatting messages as per those ASN.1 specifications is a major turn-off for starting any Free Software or Open Source project in this area.

It's like having to start from designing tires if you want to build a car. asn1c is a start, but it does not support all the required encodings and even ASN.1 syntax that is used in the 3GPP specs.

I really see a big demand here, otherwise Free and Open Source software development in this area will be severely hampered by the lack of required tools for even more time.

If anyone is interested in helping out to change this, please contact me!

Netgear trying to fool their users with "Open Source Router"

Two days ago, Netgear has announced the so-called "Open Source" WNR3500L router, together with an equally "Open Source" MyOpenRouter community.

The problem with this Open Source router is: It ships with binary-only kernel modules. Not only is this extremely Closed Source, but it also

  • has very practical security implications: You can never update your Linux kernel to get the latest security fixes, but have to run vulnerable old kernel versions
  • is a very questionable legal practise. Netgear as the vendor is simply relying on the fact that none of the authors who have written parts of the kernel against which their binary-only module links will ever make copyright claims against them

One would have hoped that Netgear did thoroughly study the Open Source market that they're trying to address. Apparently they either did not do that, or they chose to ignore the values/rules by which this community works, or they had somebody with limited understanding to advise them on this.

If anyone has a relationship with Netgear and contacts to the product manager responsible for this product, I would like to ask them for an introduction to that product manager. I would be very happy to help them understand the embarrassment and PR impact that they are putting themselves into by releasing an "Open Source" product that is in fact legally questionable and proprietary.

There are people in the various communities (like OpenWRT or OpenMoko) who have a very clear understanding of what it takes to create a true Open Source product to address the Open Source market. Why are they not asking those experts?

Netgear, you can do much better than that!

Palm has noticed their mistakes

As has been described at TechCrunch, Palm has announced to fix their most prominent issues that many bloggers, including myself, palm has realized that they need to fix some issues with the way they are trying to over-control webOs development.

According to the TechCrunch article, Palm will allow people to write and distribute their own applications (though still you need some kind of URL forward from Palm), and there will be no registration or other fees for people who write open source software for webOs.

This is definitely good news. Let's hope the respective changes will be implemented soon.

Palm gives us a demonstration how they have _not_ understood Open Source

As you can see in this post by Jamie Zawinski, Palm is doing as much as they can to prevent any Free / Open Source application development on their WebOS.

One really has to ask himself whether they have completely lost their mind. This very Free Software and Open Source development model has created the kernel, libc and many other components of their software stack. So Palm can clearly see and experience the benefit this model has to them.

Yet they chose to deprive all third party developers and their users from that very same freedom by

  • Not providing a way to install applications from third party websites or even physical storage media, thus
  • forcing all application programmers to use their application store, and
  • requiring that those application programmers do not disclose the software source or object code on any other website

This is so screwed, I literally want to bang my head on the wall for this level of stupidity. Can somebody please get some sense into Palm? They seem to have not only forgotten what has made their old PalmOS so successful (thousands of 3rd party apps that anyone could write + distribute), but also seem to lack any understanding of Free and Open Source software.

Migrating from Panasonic CF-R5 to CF-R8

I've just received my new laptop, a Panasonic CF-R8. As you may remember, some time ago I ranted about the lack of reasonably small laptops with decent number of pixel lines in the LCM. Since I was not able to find any other product that really qualified according to my requirements, I had decided to buy the CF-R8, the successor of my 3 year old CF-R5.

The specific configuration of this unit is:

  • Intel Core 2 Duo CPU U9400 (1.4GHz, 3MB Cache)
  • 4GB of RAM
  • 320GB 7200RPM SATA drive (Hitachi HTS72323)
  • Intel 82567LM Gigabit Ethernet
  • Intel ICH9 chipset
  • Full black color case / keyboard / everything

It's a nice device, the dual-core CPU and much faster/bigger hard disk as well as the 4GB RAM make a real difference. At the same time I still have the same 4:3 aspect ratio display, and the same keyboard layout, i.e. I don't need to get used to different location of function keys or the like.

Comparing it with the CF-R5, I think the following main differences have to be noted:

  • the case design is more modern and looks more ruggedized
  • on first sight, it seems a bit thicker than the old model, but careful comparison reveals that this is just an 'optical trick' and in reality the height is the same
  • The battery form factor has been changed completely. This means that the display can be folded further back than it used to be the case. Great!
  • There is no need for the pcc_acpi/panasonic-laptop ACPI driver in the kernel anymore, display backlight and function keys are just controlled using regular/standard ACPI methods.
  • They did actually add a very small fan to the back of the device. However, it is so silent that it's actually hard to notice during normal operation.
  • The new hard disk is even more silent than the CF-R5 one
  • The power switch has been moved to the inside, i.e. under the LCM. This prevents accidental power-on/off while shoving the device into a notebook bag/sleeve. Again, a very useful modification.
  • The old 100-Base-T Ethernet has been replaced by 1000-Base-T. 100MBps was pretty embarrassing for the CF-R5 even 3 years ago, considering my 3 years older powerbook G4 already had Gigabit Ethernet...

One week visit with Ben Dooks at Samsung System LSI

I have just spent one week with Ben Dooks (the mainline Linux kernel maintainer for the Samsung s3c24xx and s3c64xx system-on-a-chip devices) in Korea, meeting extensively with Samsung System LSI and discussing future cooperation and a way to get support for all Samsung SoCs into mainline.

This is a remarkable step, considering that in the past, Samsung was working on their own Linux kernel ports, done in a typical semiconductor-vendor style and not very mainline-compatible - while Ben Dooks was writing his own independent code, accepting contributions from various individuals and companies.

Now everybody was on one table, discussing and defining a strategy and workflow how we can achieve complete support for all Samsung SoCs in the mainline kernel. It was a very constructive discussion, and hopefully we can follow quickly with a just as constructive and productive integration.

I'll report back to this blog once there is some visible result in terms of 'show me the code'.

Flying with KLM: Feeling like time-travel to the past

Today I found myself on my way back to Korea. This time not on the Finnair flight that I'd used before, but on a KLM flight. What was a big surprise and almost a shock to me is that KLM operates airplanes on long-haul intercontinental routes (Amsterdam - Seoul/Incheon) which do not have a personal in-flight entertainment system in economy class.

I think the last time I have experienced this must have been 6 or 7 years ago. And actually, now that I'm thinking of it, even while I was working in Brazil in 2001 many planes already featured this.

How on earth does KLM think they can compete with that level of service? I mean, European airlines suck as opposed to Asian airlines, I have realized this... but even among European airlines I have not seen something like this for a long time.

It's not so much that I absolutely need the personal entertainment system. It is more a shock about how KLM can risk looking that old-fashioned against all of their competition.

Today, many of the planes on the EU-Asia routes that I frequently use already have the second generation of in-flight entertainment with the 7" or bigger wide screen displays, or even have 110V power outlets for laptop power supplies in every seat...

LiMo foundation analysis explains business value to merge changes upstream

The LiMo foundation has released an economic analysis that (among other things) explains business and economic reasons for 'deforking', i.e. contributing vendor-specific changes back into the upstream projects.

If you don't want to read the full paper, skip to Chapter 4.3 (Page 20) where they say things like: It is important that mobile industry platform providers engage with the open source communities as early as possible so that platform maintenance strategy is fully aligned with the upstream development agenda of these communities, which is far more cost efficient than managing the entire maintenance burden in-house.

I'm looking for Ericsson BTS (RBS) A-bis OML traces

After supporting Siemens (BS-11) and ip.access (nanoBTS) from OpenBSC, I'd like to add support for Ericsson BTS's (RBS).

What is needed to do that is to implement those 1% of A-bis that are typically vendor-dependent. And in order to do that, I'd need protocol traces of the A-bis OML (organization and maintenance layer) while an Ericsson BTS (RBS) is brought up. The data format doesn't matter, and the RBS model doesn't matter. My biggest interest would be in the RBS 2308, though - as this is what I can actually test with real hardware.

So if anyone is able to provide that kind of trace, it would help OpenBSC to grow more hardware support. Thanks in advance.

Cancelling my trip to Linux plumbers conference

I might have told some of you that I'd be visiting Linux Plumbers conference this year, but unfortunately I'm not able to make it, despite earlier planning. There's simply too much work at the moment :(

So to everyone who will be there: Have fun.

My personal conference schedule for the remaining year 2009 is something like this:

ST-Ericsson Open Source Community Workshop 2009

ST-Ericsson is the maker of an ARM based SoC family called Nomadik. Over the last couple of months they have been working with members of the community to get their support into mainline Linux and u-boot.

They have recently announced the ST-Ericsson Community Workshop 2009, a small event limited to only 25 seats, where members of the community, together with ST-Ericsson present on the development of GNU/Linux on their Nomadik SoC platform.

The workshop registration fee is 200 EUR, but it includes a full NHK-15 development kit for the Nomadik platform!

I really think ST-Ericsson is doing the right thing, reaching out to the community, actively trying to get their code mainline, plus providing subsidized development boards at a to interested community members.

If you're interested, make sure you register soon, seats are limited... turning from Linux/FOSS only event into more general hacker conference

As can be seen from the "Omelette Post", in addition to the regular schedule until 5pm every day, there will be additional hacker talks until 10.30pm, which might not necessarily be directly connected with FOSS.

Since I'm personally a member of both the hacker community (in the very specific sense of working and uncovering weaknesses in communication systems) as well as a 100% Free and Open Source person, I obviously like this kind of combination. To me, both go hand in hand - even though I know not everyone will have the same opinion.

In the end, learning about and playing freely with technology is what both communities want to do.

I'm looking forward to see the CfP...

Wide-screen sucks for heavy terminal users

I've always been complaining loudly about wide-screen displays. 4:3 is much better for those of us who mainly work with xterms of 80 characters width (due to e.g. kernel coding style and e-mail conventions). The additional width is typically not enough for having three terminal windows next to each other, but the lacking height means way less visible lines of code.

This is why I'm still using my Panasonic CF-R5 (10.2" 1024x768 sub-notebook) from 2006. Despite it almost falling apart on all sides after three years of most intensive daily use, despite it feeling slower than any Atom based netbook that I've used.

So despite having tried an ideapad S9e, a HP mininote 2133, I can only deem them unusable for any serious without an external display.

Right now I'm desperately looking for a device that can be the successor for the CF-R5. I don't need much computing power, a Atom N270 would be the minimum but would work. I am happy with narrow keyboards as I'm using one for 3 years every day. I don't need tons of memory as I'm not using any bloated graphical desktop (just ion+uxterm). All I care about is Intel integrated graphics, a small device, ideally 10", with at least 768 pixels height.

It seems there are now 1366x768 based 10" netbooks, but all you can find is nVidia based Samsung devices, which are obviously completely unsuitable for, considering nVidia treats the FOSS community like crap.

I've spent half the day in Seoul's Yeoksam Electronics Market. The only thing that would remotely resemble my requirements is the ASUS eeePC 1101HA. But it's 11.6" wide screen, which makes the device considerably wider/larger than the CF-R5. Plus, the maximum memory configuration is 2G.

The other options is to buy a CF-R8. Still 4:3 ratio, almost the same size as the CF-R5. If only Panasonic was selling them outside the US. Yes, I know you can mail order them. But I'd love to have a look and try it before spending at least 1500 EUR on it.

So the Notebook industry still fails to impress me. Noisy (with fan) devices with ever wider screens. Apparently ignoring the fact that there are people who can imagine more interesting things to do with their computer than to play movies.

The reason for my trip to Korea: Samsung and mainline Linux

Some weeks ago, I wrote that I'll be again in Korea without mentioning any details. As you can see from this and this mailing list posting to linux-arm-kernel, I have the pleasure of assisting the Linux kernel team at Samsung System LSI with adopting a development model that follows (and contributes to) mainline Linux.

Despite all the enthusiasm this might now create among users of the various Samsung ARM SoC's, I would like to keep the expectations low for now. After all, "talk is cheap, show me the code", I will only blog again about this once we see the first code submissions coming from the Samsung team.

I'd like to thank Samsung System LSI for their warm welcome and their willingness to change. I hope the community will understand what a big step it is for an organization like this, and will take it easy in case the first code submissions still have some glitches here and there. After all, everyone of us has started at some point.

3G and: I hate ASN.1

I've recently spent quite a bit of time looking at 3G protocol traces and I already hate them. Why do they have to use ASN.1 PER everywhere? The 2G / 2.5G protocols are much easier to understand. You can look at the hexdump and decode it in your head. You can read the spec and understand what they do. You can implement them without thinking too much. But 3G with all its ASN.1 crap, sometimes even unaligned PER encoded? Simply impossible.

Why do people want to save a couple of bits, especially on the back-haul interfaces in the core network that shouldn't matter - at least not if you can reduce the computational complexity for the involved network entities _and_ lower the R&D cost due to easier debugging for everyone who ever implements or deploys such protocols.

Learning Hangul characters

Since I'm in Korea currently, and I'm expected to come back a number of times during the next months, I thought it might be a good idea to start learning Hangul, the Korean alphabet.

It really is surprisingly easy, there are only 24 basic glyphs that are combined in sets to form syllables. So it actually is less complex than the western alphabet, especially if you consider upper and lowercase glyphs (which Hangul doesn't have).

Of course being able to read the alphabet only allows me to convert from written to spoken language and back. Without any vocabulary, there's no way to make any meaning of the words - which is fine for me now. At least I can start to memorize names of locations/restaurants/shops this way. There really is almost no English writing anywhere - at least much less than I'm used to from my extensive time in Taiwan.

What I found particularly funny are the borrowed words from English. Things like Like "laserprinter" or even the names of the various fast food items at KFC really sound funny once you read them in Hangul and pronounce them (or hear them pronounced) ;)

GPL case in Denmark potentially involving NDS Viasat A/S and/or Samsung

As you can at this website, somebody has discovered what seems very clear GPL violations in a device called "Samsung DSB-H670N". At the moment it is not clear who is the actual cause of the GPL violation.

However, what is outstanding about this case is that an individual on its own tries to bring the respective companies into compliance. I think it serves as a great example what somebody can do even if he is not one of the clear copyright holders and just keeps insisting enough and communicating with the companies involved.

I'm definitely looking forward to see how this turns out. gpl-violations was not involved in any sort. We're continuing with many cases at any time, so don't worry. I just thought this particular action is worth mentioning to the interested reader. Maybe some other people get inspired by it and also stand up for their rights to the source code of GPL licensed programs.

HAR2009 is over

Running our own GSM network at HAR 2009 has kept me too busy to actually attend any lectures myself - apart from the A5/1 lecture in the GSM track just after my own presentations on OpenBSC and airprobe. So I'm hoping for the recordings to be available in some non-proprietary format soon. Apparently all they have now is some website with flash videos, something I'd almost call an abomination.

In any case, thanks once again to the HAR Organizers for obtaining the GSM test license. Thanks to the Agenschap Telecom for actually granting us such a license. And thanks to the many helping hands from the OpenBSC community, as well as the several hundreds of people who have tested the GSM network 204-42.

We shut down our operations at 2009-08-16 at 16:00 CEST. There were no complaints of either the regulatory authority nor the commercial network operators during the event.

We have complete debug logs of OpenBSC, as well as pcap files of all signalling data. In the weeks to come, we'll be working on extensive statistics on network usage / load, as well as relationship graphs i.e. who called/texted whom.

After a 7 hour car ride to my home in Berlin, and an 8 hour stop-over to pack my suitcases, I'm now currently in Helsinki enroute to Seoul, Korea. Following-up to my last trip in January, I'm happy to be able to visit the country at a time of much more pleasant weather (26-30 centigrade) this time.

I'm very excited about my work there in the coming months. As soon as there's anything I can state publicly about it, I'll keep you posted :)

GSM Security Workshop at DeepSec, Vienna

As David Burgess has been posting, we'll be running a joint two-day GSM Security workshop at the DeepSec security conference on November 17 and 18 in Vienna/Austria.

This will be an excellent opportunity to provide a comprehensive and in-depth view on GSM protocol-level security and its flaws, both in design as well as implementation. I don't think anything like this has ever been done before in the free/open world, i.e. outside GSM equipment vendor, operator or intelligence crowds.

So if you've always been looking for a deep tour into the subject, presented by people with IT security background who have actually implemented the GSM protocols themselves: Go ahead and register for the workshop.

OpenBSC powered GSM network live at HAR2009

Here at the amazing HAR2009 hacker conference + camp, I have the pleasure of operating a camp-wide GSM network.

Under license of the Dutch regulatory authority, we operate two BTS with two TRX each, forming the network 204-42. The BTS are positioned on the top of a hill, with the antennas mounted back to back on a tree, each covering about half of the HAR2009 camp site. Every transceiver runs at 100mW transmit power, which is the maximum output as per our license.

From that tree, we run AC power and a single E1 line down to the GSM tent, where it runs into the Linux PC that runs our OpenBSC software.

If you register first to the network, your phone will receive a single SMS and then get kicked off the network. Inside the SMS we send your IMSI and an authentication token, which you have to use on the HAR2009 GSM registry. After registering at this website, the SIM will be permitted onto our network for regular voice call and SMS service.

Right now, as you can see on our phone book, we have 391 authorized subscribers (out of a total of 1029 different IMSI's that ever tried to log onto our network)

The coverage of the network is good, we have only very few spots without signal reception.

OpenBSC has proven to work quite stable. We have the occasional segfault every 3-4 hours, but I'm at it, debugging.

Thanks to everyone who helped to make this a success, especially Stichting Hxx for obtaining the license and Daniel, Stefan and Jan for helping me with operation and debugging of the network.

FZ6 Fazer is beyond reasonable repair

As it seems, the cost of spare parts and labor to fix the engine of my recently bust FZ6 engine are well beyond EUR 4000, so there's no point in repairing it.

As it further turns out, the previous owner of the bike (I bought it in April last year) had forged some signatures in the service booklet, i.e. the motorbike has likely not seen the regular inspection and service like it should. Haven't yet decided whether to file any claims against that previous owner or not.

Now I've decided to buy a new one of the same model, and keep the old one for spare parts. At some point next week I should be the proud owner of a brand-new FZ6 Fazer. With three full years of Yamaha warranty. Hopefully this one will live longer than 17,000 kilometers.

Embedded Projects Journal

As it seems, for about one year there has been a new Embedded Projects Journal (in German). This magazine focuses entirely on FOSS embedded projects and open hardware. The idea is to have a magazine written by the community for the community. Plus, the magazine and all its articles are freely redistributable.

It's a pity that I've only noticed about this now. Let's hope more people learn about it, now that I'm mentioning it here.

If you want to contribute, feel free to contact the journal's makers.

Linux-Kongress date change - now longer collides with Linux Plumbers

As I have just received today, Linux Kongress 2009 has shifted its dates to October 27 through October 30 (and changed the Location from Hamburg to Dresden).

This is good news, since it no longer collides with Linux Plumbers Conference 2009 on September 23rd through 25th. I guess that many speakers and some attendees would otherwise have ran into scheduling problems - with many preferring Linux Plumbers.

Also, the Call for Papers is out, it runs until August 31st, i.e. you (yes you, the reader!) have more than four weeks of time to decide what kind of topic you want to talk about :)

OpenBSC talk at HAR2009

My talk about OpenBSC has been accepted at HAR2009 quite some time ago, I just thought I'd mention it here since the schedule now is public/online.

It's a pity though that HAR2009 is already sold out - but then better an early sold-out than an event where only half the available tickets are sold.

I'm looking forward to meeting up with other GSM hackers for improving the various projects such as OpenBSC, or other not-yet-public projects related to Free Software and GSM.

Playing with the new GSM receiver

Within the community, Piotr has recently a new GSM receiver codebase that he has developed. It seems like the reception/decoding quality is significantly better than gsm-tvoid, at least from my experience. But it might just be me using gsm-tvoid in a suboptimal way.

Today, Piotr has managed to fix some of the bugs regarding certain BSIC configurations, and I can also decode Um traces that were captured from a nanoBTS running with OpenBSC.

Piotr also has already integrated my old gsmtap code that I was hacking on during As I've also received in e-mail today: The pcap data link type for the GSMTAP header has been assigned.

I'm spending a bit more time testing the entire stack, but I'm confident the GSMTAP wireshark dissector can be submitted soon - closing yet another gap for GSM protocol analysis.

However, there still remains a lot of work to do for I am willing to put in some time to help the gsm-receiver along, particularly for the layer2/layer3 decoding, which will then feed the channel configuration and CCCH configuration back into the upper half of layer 1 that takes care of generating MAC blocks from the actual GSM bursts.