Patrick McHardy explains his Linux DECT stack at Linux Kongress 2010

At linux kongress 2010, Patrick McHardy has just started to give his presentation on the Linux DECT stack he has been working on in the last 1.5 years.

He looked at the deDECTed.org code and found it very limiting, mainly targeted to passively listen into DECT conversations, showing the weaknesses of DSC, DSAA and its implementations. His new DECT stack is meant as a full and generic implementation for receive and transmit.

I'm especially happy to announce that this project will now be hosted under the Osmocom umbrella project at dect.osmocom.org. Right now it only has a README file and the git repository. However, a trac site will be up and running soon.

Job Offer: GSM baseband security research in Berlin/Germany

If you're following my blog because you have an interest in GSM security related topics, there is currently a very interesting job offer by Frank from GSMK. It is about a job doing research into over-the-air attacks against baseband firmware in real-world GSM/UMTS telephones. Whoever gets the job will likely use/extend OpenBTS, OpenBSC or other GSM foss projects.

So if you're familiar with the GSM/3G protocol specs, have an interest in software security / exploiting and may even have existing exposure to OpenBSC, OpenBTS or OsmocomBB: Please send Frank a message and apply for what I personally consider one of the most exciting opportunities in the IT security industry today.

Linux Kongress 2010 in Nuremberg / Germany

Yesterday night I took the train down to Nuremberg, where Linux Kongress 2010 is taking place. It's always nice to meet old friends and colleagues there, including Arnaldo Carvalho de Melo, Patrick McHardy, Lars Marowsky-Bree, Jon Corbet, Jos Vos, Heinz Mauelshagen, Dhaval Giani, Lennart Poettering and many more...

Being on the programme committee might make me biased, but I really think that there is a very impressive talk schedule. What makes me a bit sad is the relatively small audience. I don't know the numbers, but it definitely feels like the lecture halls could hold many more attendees.

Dell finally releases sources of GPL licensed software on the Streak

Today I have received news that Dell has released the source code of the GPL licensed software on the Dell Streak at http://opensource.dell.com/releases/streak. This includes, among other things, the source code to the Linux kernel they are using on the Qualcomm Snapdragon processor.

This is good news! However, I have not yet checked if that source code release can be considered complete and corresponding as demanded by the GPL. At least it includes a small README file explaining how to build the sources.

I'm not very much into the Android world, but I have heard that Dell is already shipping different Android versions for the Streak. If this is true, then there should be multiple source code releases, one for each binary release they have. If you know more about available firmware versions for the streak, feel free to contact me privately.

Overall, it is great to see this release. On the other hand, it is pretty sad that we've had to do go down the gpl-violations.org enforcement route. Ever since the Streak released in the US months ago, customers are claiming to have contacted Dell forums, emailed Dell Support, asked in the Dell live web-chat and asked via twitter - without the source code being released.

Also, if you are under the impression that the Dell GPL source code as it has been released is incomplete, please let me know the exact technical details of what you think is missing, or why that source code is not matching what is running on your device. Thanks in advance.

Motorola announces "Ming" phone with Android

For those who don't know: The Motorola Ming was the A1200, a commercially very successful Linux-based phone in China and other parts of Asia, using the EZX software platform, i.e. the kind of hardware that we once built the OpenEZX software.

Motorola has recently announced that they will follow-up with some android based ming phones. It is my suspicion that apart from some mechanical design aspects, those phones will not resemble the ming in any way, neither on the baseband hardware side, nor on the application processor side, and particularly not on the software side.

So it's probably nothing than a marketing coup, trying to connect to successes of the past. Not interesting from the OpenEZX point of view, I guess.

More GPL enforcement work again.. and a very surreal but important case

In recent days and weeks, I'm doing a bit more work on the gpl-violations.org project than during the last months and years. I wouldn't say that I'm happy about that, but well, somebody has to do it :/

Right now I'm facing what I'd consider the most outrageous case that I've been involved so far: A manufacturer of Linux-based embedded devices (no, I will not name the company) really has the guts to go in front of court and sue another company for modifying the firmware on those devices. More specifically, the only modifications to program code are on the GPL licensed parts of the software. None of the proprietary userspace programs are touched! None of the proprietary programs are ever distributed either.

If that manufacturer would succeed with such a lawsuit, it would create some very nasty precedent and jeopardize the freedom of users of Linux-based embedded devices. It would be a direct blow against projects that provide "homebrew" software for embedded devices, such as OpenWRT and many others.

I've seen many weird claims and legal strategies when it comes to companies trying to deprive developers of their freedom to modify and run modified versions of Free Software. But this is definitely so weird that I still feel like I'm in a bad dream. This can't be real. It feels to surreal.

It's a pity that I cannot speak up more about the specific company in question right now. I'm desperately looking forward to the point in time where I can speak up and speak out about what has been happening behind the scenes.