NLUUG autumn conference / Embedded Linux Conference Europe

I've been invited to be the keynote speaker of the joint NLUUG autumn conference and Embedded Linux Conference Europe.

It is a great honor to me to be the keynote speaker, and I will certainly use this chance to provide some of my insights into Embedded Linux. I feel confident to have a thorough understanding about the market (and it's many problems) due to

• having a strong, 14 year FOSS community developer background
• knowing how hard it is to do FOSS-only embedded hardware development (for OpenPCD, OpenBeacon, Openmoko, ...) in todays secretive hardware industry
• having seen a wider range of embedded Linux products than most other people by reverse engineering hundreds of devices for gpl-violations.org
• and now even knowing the chip maker perspective, after becoming VIA's Open Source Liaison

So I'm trying to point out the various problems I see in the Embedded Linux world, and how they can be addressed.

If I know you and you're planning to attend the conference: Please drop me an e-mail in advance so we can meet up, chat, have drinks, meet for dinner or the like.

Extending range of GSM cells by using only 4 channels

Today, while reading IT mainstream magazine "c't", I stumbled across an article about GSM deployments (and popularity) all over Africa.

One of the interesting things in that article was that one Operator had modified their network in a way to only use four timeslots (out of the eight available timeslots) per frequency in order to extend the range of a single cell to something like 70 kilometers.

For those who are not as familiar with the GSM Um air interface: It uses TDMA (multiple devices each get one timeslot on a given frequency). So let's assume we have eight timeslots on one frequency, all the transmitters (handsets) need to be synchronized with regard to that timeslot. Radio travels at speed of light and not with infinite speed. Therefore, since the handsets can be at a lot of distance to the receiver (base station), they might send in the correct timeslot, but the signal arrives out of the timeslot. GSM uses what's called "timing advance" in order to compensate for that effect. The base station tells the handset how much time earlier than the actual timeslot it needs to transmit to ensure arrival within the timeslot.

Now in that African GSM network in question, it seems like even the maximum timing advance is not sufficient. The frame still arrives late, i.e. in the next timeslot. By allocating only every second timeslot, there cannot be any clash and thus the range of a single cell can be extended. This is actually a very cool idea, I would almost call it a "hack", and it is possible within the GSM spec without requiring any change to existing mobile phones!

I only wonder how much of such cool hacks we would see if GSM base stations were more open and available. If there was a full FOSS stack that many people could use on off-the-shelf hardware, it would lead to a lot more innovative experiments and thus innovation. There would suddenly be more than a handful of GSM experts with access to proprietary technology looking at what kind of good, useful, cool and/or creative things one can do...

Hackcontest at OpenExpo 2008

I've had the honor to join other experienced FOSS hackers on the Jury for the Hackontest. The idea was to let the community collect a number of work-items for teams (of 3 developers) working on a particular project, then pick some of those work items and see how far each team gets within 24 hours.

I think it was a very interesting concept. Something that at least I have not yet seen anywhere else before. The organizers did a great job with the preparation. Setting up the website for project proposals, collecting community votes on the individual tasks, putting together the jury.

The participants of the contest then were placed into a container (yes, the kind of containers used for international shipping) with a fridge, beer, snacks, Internet, power, a projector and some other gear. They had vnc running on all of their systems, to enable a large public screen at the trade show where people would be able to follow whatever happens on-screen right now on a system of a random developer participating in the context. 'reality-tv for hackers' ;)

The results and the progress were quite different between the individual projects. I don't want to reveal the internal discussions we had in the jury, but one thing that basically everyone agreed to was the improper use of revision control systems. None of the teams was setting a good example on how to use them. Either the granularity of the commits, or the changelog texts, or the time when they committed was wrong. You shouldn't commit unrelated changes, never do cosmetic and functional changes in one commit, etc. This is what makes your work reproducible, readable and understandable to others, like the jury and particularly your own user and developer community. It is one aspect that affects a lot how easy it is for others to contribute to your project or to contribute to it.

A Free software 3G protocol implementation: Wireless3G4Free

For quite some time there has been a project called Wireless3G4Free. I suspect it is little known outside a certain academic community. So what is it all about? Creating a FOSS based test platform for wireless 3G systems. Yes, this is the so-called baseband side. The parts that are usually very carefully locked away in the proprietary stack of cellular handsets and other equipments

Even though the project, funded by the European union and implemented at EURECOM in France, is 'finished', it is not as easy as to just use that software and get UMTS connectivity.

First of all, it implements the 3.84MChip/s TDD variant of the physical layer (layer 1), whereas most commercially deployed UMTS systems for cellular access use the FDD variant. For those not as familiar with 3G technology: There's three different layer 1 options: the 3.84MChip/s TDD, the low-chip-rate Chinese TDD variant, and the FDD variant. The layer 1 is separated in two parts, one that is TDD/FDD independent, and the other part that is shared.

Secondly, the Wireless3G4Free project uses IP on the layer 3, as opposed to the actual layer 3 protocol of UMTS (which borrows a lot from the layer 3 protocol for GSM, which in turn borrows a lot from Q.931 / Euro-ISDN).

So if one was to make that code interoperate with UMTS cellular networks, the lower half of layer 1 need to be rewritten for FDD, and layer 3 needs to be implemented.

What is exciting about 3G compared to GSM: GSM uses proprietary ciphers (A5/1, A5/2) for the actual air interface. Those ciphers have leaked quite some time ago, and they're no longer secret (and thus the GSM security is no longer existing), but still people are not supposed to know how it works.

In the 3G world, the corresponding cipher is public. This means that in theory, it should be possible to implement everything in Free Software based on publicly known information. Yes, it is a lot of work. But it definitely can be done.

Before actually using this on any official network, it would obviously need to be certified. Certification for this kind of protocol is a time-consuming and expensive process. It requires development cycles of going to a certified test lab, obtaining test results, going back to actually fixing the problems, re-running the test lab tests, and so on. Nevertheless, Free Software has already proven that this can be done. The isdn4linux project did a full EDSS1 certification some 10 years ago. ELSA, a maker of passive ISDN cards, sponsored that effort. And if you used an unmodified code version, then you were certified. As soon as the source code was changed, you were running an uncertified version. I don't see any big problem why the same scheme should not work for a 3G baseband software stack.

One important question though, is the question of hardware. None of the existing commercial vendors of 3G chipsets will ever provide you with the hardware documentation that you would need or want to run that kind of code on their hardware. It is their business to sell their proprietary 3G stack along with their chip, so they would only loose money if there was any FOSS implementation in competition.

Sure, you can use something like the USRP or USRP2 or any other software defined radio platform. But while that would be ok for a proof-of-concept, it is too large, expensive and power-consuming to be used or 'ported' to any actual handset-type product.

So any possible real-world plan of making this happen would probably go as far as to implement everything based on the USRP, then have a proof-of-concept prototype and then do a modem design based on existing, openly documented RF components and ADC as well as DSP+Processor combination that is suitable for low-power operation.

Sure, I'm just daydreaming. But sometimes you have to dare to dream in order to make things happen. Anyone wanting to turn this idea into a business, let me know ;)

Swisscom Research is evaluating Openmoko

At OpenExpo, Swisscom Research had it's own small stand (wouldn't call it a booth) to demonstrate thei research and evaluation work based on Openmoko. This is definitely exciting news, first of all since it is the research department of an established carrier, i.e. Openmoko is considered seriously even by them.

Secondly, they have many interesting ideas, some of which they have implemented. They have created a much more simplified UI, as well as an interesting input method based on gesture recognition. They've also been working on some crypto and security related bits.

I can now also disclose the fact that both Rasterman and myself have been (and stilll are) providing a bit of consulting and R&D services for Swisscom.

Things I learned about GSM, STK revisited.

During the least couple of days I've had some pretty intense conversations with a number of people on various aspects of GSM, leading me to [re]reading some of the interesting bits of its specification.

There are a number of observations that I don't want to talk about right now, and which will likely be part of my work during the next couple of months.

One thing that ever so often gives me the creeps is STK (Sim Toolkit). To those people involved with GSM, it is no news that with STK an operator can basically remote-control your phone. He can, among other things

• make your phone send SMS
• initiate outgoing calls without your interaction
• initiate outgoing calls and terminate any existing call
• open data connections (GPRS/EDGE)
• launch a browser to any URL
• play tones on your speaker
• access and modify any information (contact, SMS, dial history, even IMSI) stored on the SIM

And the worst thing of it all: You don't even know which of those features your phone implements (most likely all of them). I'm happy to still use a SIM that predates the GSM11.14 (STK) specification.

Now in the advent of projects like OpenBTS, where we can emulate a GSM network side, and in combination with either supplying your own SIM card (or emulating it using a PC), we will finally see a faint possibility of actually testing (and demoing) the never-ending security nightmares caused by this evil monstrosity.

Just arrived in Winterthur for OpenExpo Zurich 2008

I've just arrived in Winterthur (Switzerland) for OpenExpo where I will present on the various reasons and implications of the fact that 99.9% of the makers of commercial embedded Linux products have not understood the slightest bit about Embedded Linux or rather, embedded FOSS in general.

Those people who've ever tried to exercise their freedom to create and run modified versions of an embedded product with pre-installed Linux will definitely know what I'm talking about.

Adding support for SD/MMC cards to parted

Today I've posted some patches that add SD/MMC card support to GNU parted, including libparted. It's actually just support for auto-detecting the /dev/mmcblk* devices, since the actual partitioning and block layer access of SD storage cards is exactly the same like on any other disk.

This has been fun, as I always like to read source code of programs that I've only been using so far ;). Luckily, the architecture is nice and abstract so the feature was easy to implement.

After the copyright assignment to the FSF has been done, the code will get merged. Once libparted has support for this, debian-installer should more or less automatically offer those devices as installation targets.

Now I just have to find out what the other distributions use for this purpose, with some luck they also rely on libparted and I don't have to implement this feature 5 times.

Installing Linux on systems that boot from SD card

It seems like boot-from-SD is about to become as standard in the x86 world as boot-from-USB currently is. This is generally good news. Also, the need for OS integration is minimal, as it just uses the usual BIOS ABI on doing disk reads.

However, the initrd's shipped by all distributions don't contain the SDHCI driver, and all the installers that I've seen don't support installation on /dev/mmcblk*

I've now filed bugs for all the major distributions about this issue, and you can find more information at this wiki page on installing Linux on a bootable SD card. Let's hope that the distro's consider this feature important enough to add support to it to their next releases to make sure at the time the users buy this kind of hardware they can install the then-existing versions of those distributions.

Updates to VIA HDA Codec driver

The last two days I was busy preparing a patchset with various updates against the linux-2.6/sound/pci/hda/patch_via.c driver for HDA Codecs.

The resulting patchset has now been posted at alsa-devel and I'm waiting for the fallout from that.

The other bit that I'm currently playing is boot-from-SDcard support, apparently a feature that major BIOS vendors have in their new releases and which will become more common with upcoming mainboards and laptop devices, just like boot-from-USB in the past.

FAQs to the VIA open source driver

There have been numerous questions regarding the recent open source release of VIA's 2D Xorg driver.

Why did VIA publish yet another driver, rather than improving any of the existing Xorg/openchrome/unichrome drivers?
Because this driver is all but new! It was the base for all the binary-only driver releases that VIA has made (and is still making) for select Linux distributions. So rather than having written a new driver, this is just the disclosure of an existing driver.

One of the commonly asked questions is _why_ not the complete source, including codec acceleration, TV out and 3D was published. I cannot disclose the particular reasons for VIA, sorry. But I can comment on the general reasons on why companies cannot disclose certain source code. As you may have noticed, the situation with regard to the ATI driver e.g. shows certain similarities.... Usually there are some parts of the code, particularly for the 3D driver, which cannot be disclosed due to either

• parts of the source code are under a proprietary license from a 3rd party
• parts of the source code refer to technologies (e.g. macrovision) which are subject to very strong NDA's by the licensor, which in turn prohibit the open documentation or distribution in source code form

Will VIA learn to build a community around that new driver? Will there be mailing lists and a public revision control system?
As of now, this is unlikely. Not because VIA doesn't believe in the community, but rather because the disclose of VIA's source now enables everyone involved to look at all the available drivers. Some consensus has to be found on which driver is best to be used as a base for a future Xorg mainline driver, and then the community and VIA can work together on merging bits from other drivers into that base. Creating VIA's own mailing lists (and community) would lead to more fragmentation, rather than unification.