[Replicant] OT: Open source GSM board

H. Nikolaus Schaller hns at goldelico.com
Fri Oct 28 12:27:08 UTC 2016


> Am 28.10.2016 um 13:33 schrieb Paul van der Vlis <paul at vandervlis.nl>:
> 
> Op 28-10-16 om 12:29 schreef Bob Ham:
>> On Fri, 2016-10-28 at 11:45 +0200, Paul van der Vlis wrote:
>> 
>>> Those people
>>> have working GSM firmware what compiles using GCC, without blobs
>> 
>> Unfortuantely, that firmware isn't legal to use in most jurisdictions.
>> The source code came from a leak and carries a proprietary license.  The
>> people distributing it are violating copyright law.
> 
> You are right. But phones with Replicant are using a modem with closed
> source firmware. Both is "bad".

Why? FSF treats encapsulated firmware in some UART or USB connected modem
to be "hardware".

> 
> It's really difficult to create FOSS GSM firmware without examples,

Why? There are GSM protocol testers, there are text books. There is Osmocomm.
So a unit test driven software development process seems possible without
any knowledge about leaked source codes.

> Michaela is bringing us examples. What Snowden did is very illigal too,
> but his information is very interesting.

Of course it is "interesting" to look into the source codes. Like it is
"interesting" to listen to your private communication...

So why should one be "good" (if you are looking into someone else's source
codes) and the other is "bad" (if someone else, like NSA, is looking
into your communication)?

Anyways, there are even two aspects of "legal" in this case.

One is about the source code license and openness.

The other is that the frequency bands are not assigned for general purpose,
but only available to devices which pass a big set of rules. This process
is called certification. You just have to go through the certification
process and then it is no longer illegal to use it. You do not need this
if you operate in a lab and with a dummy load.

In both cases it is just a matter of efforts and money to contact the
right people and offer to pay for properly licensed source codes or write
your own from scratch (there is enough public information available how
the GSM protocols work). And then go officially through the certification
process. If you pay you will not be rejected just because you are a small
project. You will be rejected if the device does not conform to the
certification requirements.

So this is completely different to Snowden's case. He has published information
that we should know about in a democracy, but where there was no possibility
to make it legal by enough money or efforts. Hence I think it is a different
category that leaked source codes.

Contrary to that, with GSM modems it is just that we (the public community)
do not collect enough money to fund the legal path - which exists.

BR,
Nikolaus


More information about the Replicant mailing list