Osmocombb: A Tool For Gsm Protocol Level Security Analysis Of Gsm Networks presented at hashdays 2010

by Harald Welte,

Tags: Mobile Security Security Others

Summary : The OsmocomBB project is a Free Software implementation of the GSM protocol stack running on a mobile phone. For decades, the cellular industry comprised by cellphone chipset makers and network operators keep their hardware and system-level software as well as GSM protocol stack implementations closed. As a result, it was never possible to send arbitrary data at the lower levels of the GSM protocol stack. Existing phones only allow application-level data to be specified, such as SMS messages, IP over GPRS or circuit-switched data (CSD). Using OsmocomBB, the security researcher finally has a tool equivalent to an Ethernet card in the TCP/IP protocol world: A simple transceiver that will send arbitrary protocol messages to a GSM network. Well-known and established techniques like protocol fuzzing can finally be used in GSM networks and reveal how reliable and fault tolerant the equipment used in the GSM networks really is.

Harald Welte: Harald Welte is a freelancer, consultant, enthusiast, freedom fighter and hacker who is working with Free Software (and particularly the Linux kernel) since 1995. His first major code contribution to the kernel was within the netfilter/iptables packet filter. He has started a number of other Free Software and Free Hardware projects mainly related to RFID such as librfid, OpenMRTD, OpenBeacon, OpenPCD, OpenPICC. During 2006 and 2007 Harald became the co-founder of OpenMoko, where he served as Lead System Architect for the worlds first 100% Open Free Software based mobile phone. Aside from his technical contributions, Harald has been pioneering the legal enforcement of the GNU GPL license as part of his gpl-violations.org project. More than 150 inappropriate use of GPL licensed code by commercial companies have been resolved as part of this effort, both in court and out of court. He has received the 2007 "FSF Award for the Advancement of Free Software" and the "2008 Google/O'Reilly Open Source award: Defender of Rights". In 2008, Harald started to work on Free Software on the GSM protocol side, both for passive sniffing and protocol analysis, as well as an actual network-side GSM stack implementation called OpenBSC. After working on the network side, he has started to implement the GSM phone-side protocol stack. He continues to operate his consulting business hmw-consulting.