Search Mailing List Archives
[liberationtech] hardware options for a computer phone, not a mobile phone...
case at SDF.ORG
Sun Sep 30 08:24:45 PDT 2012
I'm interested in finally responding in some ways to the vulnerabilities
and privacy implications of the mobile phone and its networks. For my own
comms, that is.
In addition to the problems with privacy and tracking, I am also worried
about problems at lower layers - like rogue BTS abusing my radio to
exploit the phone. We first saw real evidence of this at defcon 2-3 years
ago when there was a rogue BTS attempting android exploits (see coderman
posting to cypherpunks around that time).
I think there are two broad strategies to pursue here. The first is the
obvious one - a totally open, free software firm, from layer 1 all the way
up. The major problem with this strategy is that it is a long way off
from existing - osmocombb still barely has a working model of a phone that
can place an actual call, and this is ONLY on a very limited chipset that
is 2G only, and voice only. It appears that osmocom is moving forward in
a lot of ways, but they are not graduating to other, or better chipsets
(ie., to 3G, and to fast data) - and even if they were, we're years and
But there's another strategy that has all of the components already in
existence, and that is to use a handheld computer that *happens* to
contain a GSM or CDMA *module* (or both) in addition to WIFI. With this
setup, you can behave as a SIP device (using WIFI as much as possible) for
all calls - you never make a call, or perform any action using the phone
network directly. All phone activity is tunneled through SIP/VOIP to your
own server at a fixed datacenter, where you have either a hosted SIM in a
pci card, or you have a POTS uplink.
This is very appealing because it means that most of the time (depending
on where you live) you are just using WIFI. When you are forced to
failover to (for instance) GSM, you are using a very, very simple, modular
modem that you can easily control (ifconfig xx0 down) and that caontains
an anonymous, prepaid SIM. You don't care about the number, or the ID, or
about any of the contraints of prepaid SIMs, since you just need network
>From the outside world, all calls come from the same fixed point, no
matter where you are in the world. Further, if you have colocation, you
control that fixed point. Finally, while you don't have total layer 1
control over the GSM modem, you do have *some* control over it - you can
ifconfig it down, you can disable it, you can *physically remove* it, and
presumably you can interact with it in much more profound ways, since its
a modular modem inside of a unix system you control (your handset).
So the question ... what is the handset ?
If a handheld linux computer (archos ? old compaq ipaq ?) wasn't designed
as a mobile phone, it won't have speaker at the ear and mic at the mouth
as you would expect, so that's difficult. OTOH, if you use a handheld
computer that was designed as a phone, you have a problem with the tight
integration of the mobile modem with the device, and you lose some control
over the modem and its attack vectors (although if you are running a
completely open OS, perhaps not ?)
I am looking at some of the later HP Ipaq models, like the HP Ipaq 910c,
which has GSM built in (it's a phone) ... honestly, I'm at a loss - I know
all about modern phones like nexus, etc., which will not fit here, and I
know all about modern android-based handheld devices like nook and kindle
fire and so on ... but who makes a handheld, phone sized (not tablet
sized) linux capable computer that I can easily insert one or more mobile
modems into ?
Since all we need is a linux computer, perhaps other devices, like a mp3
player (as long as it has a SD card for a modem) would work ?
Comments / advice appreciated ...
More information about the liberationtech