Fun with IMEI (was testing the free calypso software)
Norayr Chilingarian wrote:
> Does anyone know what will happen in a cellular network where there is
> more than one device has the same IMEI. In other words, if we all
> could change our IMEI numbers, and use one imaginary number, are there
> technical reasons for network to not work.
joerg Reisenweber responded:
: no technical but organizational. Usually that IMEI gets an instant ban, and
: a fat bold red alarm logline in carrier's network logs.
Yup, if all of us were to use the same IMEI number, it would be far
too easy for our enemies to ban that one single number.
> I mean, MAC address is used on a physical layer, so if two network
> cards connected to the same switch have same MAC adresses, network
> won't work. I guess switch will down both ports connected to those
> devices.
The analogy between IMEIs and Ethernet MAC addresses is a good one
from a manufacturing/management perspective, but not in terms of
network protocol usage. Unlike MAC addresses, IMEIs are not used for
any kind of addressing or routing anywhere in the network, only as a
"management" identifier that is unnecessary in the strict technical
sense.
But from the perspective of a device manufacturer (which I will become
soon, hopefully), IMEIs are just like Ethernet MAC addresses: the
nominal requirement is that each be world-unique for all time (a rule
that gets broken in reality with both MAC addresses and IMEIs), a
manufacturer has to buy a range (supposedly "fresh" and unused) from a
central registry, and then number individual produced units out of
that range.
> But I don't know how IMEI's work. Are they technically necessary so
> that 3G/gsm network can be operational, or they are only used to
> identify (and track) customers by devices?
The latter.
Before everyone starts changing their IMEIs just for the heck of it,
let's analyze *rationally* how tracking works - or rather, what is the
total set of data elements available to carriers (and their gov't
partners etc) for tracking users, and how these data elements inter-
relate.
If you like maintaining a long-term-constant phone number at which
your family and friends can reach you (i.e., the whole purpose for
having a cellphone, at least for me), and you have a long-term-stable
SIM card associated with that long-term-constant phone number, then it
doesn't really matter if your IMEI is also constant or if you send the
output of a PRNG (or even a TRNG) to the network as your IMEISV every
time your phone/modem fw does the "register" operation. The constant
SIM card with its IMSI, as well as the associated MSISDN (phone number
for your family and friends to call you at), is what tells the network
that "you" are still the same "you", no matter what device you use or
what IMEISV it transmits. Yes, you can deregister from the network,
then re-register with a different IMEI, making it look like you turned
your phone off, moved your SIM card to another phone, then came back
online with the latter - but what would be the point?
Instead, there are only two scenarios I can think of in which it would
make sense to change the IMEI of a GSM device:
1. If you really want to "disappear w/o trace", such that you discard
your old SIM, get a new SIM (prepaid, presumably) with a different
phone number (and deliberately make yourself unreachable at your
old one), and you want to make it look like the user of the new SIM
is a different person from the user of the old SIM - in this case
the same IMEI would indeed give you away, so you might want to
change it in this case.
If the above applies to you (and it does *not* apply to me, as changing
phone numbers constantly would defeat the whole purpose of a cellphone
for me), then you need to be careful to change your IMEI *at exactly
the same time* when you change your SIM - if there is any time skew
between these two changes, such that a network sees {old IMEI, new SIM}
or {new IMEI, old SIM} at any time, even just once, your anonymity
effort will be instantly brought to naught! If you want to do this, I
would recommend pulling your old SIM out first, throwing it away, then
doing the IMEI changing operation on the SIM-less modem, and then
finally inserting your new SIM.
2. Changing one's IMEI may be necessary if your "legitimate" IMEI from
the manufacturer of your GSM device has been wrongfully banned or
blocked by some GSM network you wish to use, and you need to use
some non-blocked IMEI in order to get on the network.
The wrongful ban scenario is particularly frightening when applied to
whole classes of devices, rather than individual units. The first 8
digits of the IMEI comprise the Type Allocation Code (TAC), which is
supposed to be allocated per each device type. Hence if all
manufacturers involved played by the rules (of which I have no
knowledge), then every IMEI beginning with 35278901 is supposed to be
a Pirelli DP-L10, every IMEI beginning with 35465101 is supposed to be
an Openmoko GTA02, and so
Calypso/audio interaction
David Matthews wrote:
> Making a general purpose distro such as Qtmoko loadtools capable is likely to
> be a non starter.
I agree in general, but see below for some finer points.
> it's likely to be advisable to rip out all the audio stuff also.
That's where I need to provide some clarification. The issue here is
that (as David discovered experimentally) the combination of
{Neo FR loudspeaker enabled} + {headset jack Calypso access enabled}
is rather unkind on the loudspeaker, and on the operator's ears.
(Look at the audio circuits in the public GTA02 schematics to see why.)
However, the take-away should NOT be "all audio is bad when doing any
Calypso hacking" - instead it can be fine-grained:
1. One needs to ensure that the loudspeaker amplifier is off when
using loadtools via the external serial cable method. But the
state of the audio subsystem absolutely doesn't matter if you are
running loadtools from the AP and are *not* enabling the "download"
channel via /sys dingling.
2. In some advanced debug scenarios (and I do mean advanced, as in you
actually digging in / debugging the guts of the GSM protocol stack,
and not just flashing prebuilt images from my FTP site) it can
actually be quite useful to have the headset jack Calypso access
channel enabled (with the cable going to the FC developer's laptop
running rvtdump/rvinterf/fc-tmsh etc) while the modem is running
"normally", even during a phone call.
If you need to debug the Calypso via TI's RVT/ETM interface (presented
on the 2nd UART wired to the headset jack on the Neo) *while the modem
is making a phone call*, it is possible to have this "download" (or
debug) serial channel enabled while audio is also enabled at the same
time. The trick is that in this scenario, the audio must be routed to
the earpiece speaker, and *not* to the loudspeaker, and most certainly
not in the "analog headset" mode.
This latter scenario is where FreeCalypso tools do need to play nicely
with Qtmoko/SHR/etc - it would be very useful to observe the RVT/L1/G23
debug output from the modem on the external serial port (or to send
active ETM commands to it via the same interface) while it is being
driven "normally" by Qtmoko/SHR/etc.
> Better idea - use the "special distro" (I used Qtmoko as a starting point)
> with or without the cable - or else build your own single purpose
> boot_and_run_from_sdcard system.
>
> http://winterveldt.co.za/leo2moko-p2.html
Yes, for loadtools operations (saving FFS dumps, flashing different
firmwares, coming-soon "in vivo" FFS/IMEI editing kit) David's offering
seems like a better choice.
VLR,
SF
___
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community
Re: X and navit on qtmoko v58
Hi, I ran into that before. I will repeat it here: Hi all, I was looking into bringing navit to work. 1st - libcrypto >libcrypto.so.9.8 is included in libssl0.9.8, which was shipped with >squeeze, but not with wheezy. The current package is libssl1.0.0, that >means, you need to rebuild navit. I solved this quick and dirty by storing the libcrypto.so.0.9.8 out of the squeeze package into a private directory and making a symlink to it in /usr/lib/arm-linux-gnueabi. Navit now does not complain anymore. The function of the crypto-related stuff will probably not work, but I by myself did not find something where this would be necessary. 2nd - gpsd navit complains at start: >navit:plugin_load:can't load >'/opt/qtmoko/lib/navit/vehicle/libvehicle_gpsd.so', Error >'libgps.so.19: cannot open shared object file: No such file or >directory' navit:vehicle_new:invalid source 'gpsd://localhost': unknown >type 'gpsd' I solved this by changing the way navit expects the GPS data. The line >source="gpsd://localhost" gpsd_query="w+xj"> I changed to >active="1" source="pipe:/usr/bin/gpspipe -l -r"> >and it works fine. Matthias On Montag, 3. Februar 2014, Radek Polak wrote: > On Monday, February 03, 2014 12:09:28 PM J.Schröder wrote: > > Hi Radek, > > > > Am Montag, 3. Februar 2014 schrieb Radek Polak: > > > On Friday, January 31, 2014 07:07:04 AM J.Schröder wrote: > > > > Now I am stuck at getting navit up and running; there are various > > > > ways out there, and none seems to work for me; I can't even get X up > > > > and running using the built-in functionality (starting xterm for the > > > > first time and then choosing xglamo). > > > > > > > > Can you give us a short setup description for X and navit? > > > > > > Hi, > > > hmm i have only used the native navit version: > > > > > > http://qtmoko.sourceforge.net/apps/qtmoko-navit.html > > > > > > I think i have tried Xglamo on v58 and it worked. Maybe you can try > > > from ssh shell if Xglamo launches correctly. > > > > thanks for your feedback, Xglamo now worked after removing all X-related > > packages and selecting it again from the dialog; I now saw that navit > > wouldn't start after installation because of missing libssl file > > libcrypto.so.0.9.8 . > > > > There is only libssl1.0.0 available from the repo, so I still need help, > > but am not sure if this would be your topic, Radek :-) > > I am just guessing, but maybe symlink could solve this (unless there was > some API change that's not backward compatible). > > BR > > Radek ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: testing the free calypso software
On Mon 03 February 2014 21:42:38 Norayr Chilingarian wrote: > Does anyone know what will happen in a cellular network where there is > more than one device has the same IMEI. In other words, if we all > could change our IMEI numbers, and use one imaginary number, are there > technical reasons for network to not work. no technical but organizational. Usually that IMEI gets an instant ban, and a fat bold red alarm logline in carrier's network logs. cheers jOERG -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments (alas the above page got scrapped due to resignation(!!), so here some supplementary links:) http://www.georgedillon.com/web/html_email_is_evil.shtml http://www.nonhtmlmail.org/campaign.html http://www.georgedillon.com/web/html_email_is_evil_still.shtml http://www.gerstbach.at/2004/ascii/ (German) signature.asc Description: This is a digitally signed message part. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: testing the free calypso software
Does anyone know what will happen in a cellular network where there is more than one device has the same IMEI. In other words, if we all could change our IMEI numbers, and use one imaginary number, are there technical reasons for network to not work. I mean, MAC address is used on a physical layer, so if two network cards connected to the same switch have same MAC adresses, network won't work. I guess switch will down both ports connected to those devices. But I don't know how IMEI's work. Are they technically necessary so that 3G/gsm network can be operational, or they are only used to identify (and track) customers by devices? I am just curious. 01/29/14 12:39 -ում, Michael Spacefalcon-ը գրել է: > And yes, there is that file named /pcm/IMEI in there, with quite > obvious content. Use cat -h as it's a binary file, two IMEI > digits per byte, using the least significant nibble first - so it > looks counter-intuitive in a hex dump. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
[no subject]
Hi >It looks like you will need to convince the maintainer of Qtmoko to >tell you (and the rest of us) how to get his popular distro working >with FreeCalypso tools. Or you could try the special distro which >David Matthews put together - the 2nd version which works without the >special cable. Making a general purpose distro such as Qtmoko loadtools capable is likely to be a non starter. As well as stopping everything that's accessing the modem - which will likely be the problem Giacomo reported - it's likely to be advisable to rip out all the audio stuff also. hehe - So prepare your qtmoko (by ripping it to shreds), run loadtools to flash your calypso, then reinstall and recover your data from backups :-) Better idea - use the "special distro" (I used Qtmoko as a starting point) with or without the cable - or else build your own single purpose boot_and_run_from_sdcard system. http://winterveldt.co.za/leo2moko-p2.html -- David Matthews m...@dmatthews.org ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: TIFFS in vitro analyzer tool released
Giacomo 'giotti' Mariani wrote: > Hi Comrade, > I can't find the FreeCalypso directory at > > $ ftp ifctfvax.Harhan.ORG For a moment I was wondering "why are people going to that old FTP site and not the new one at ftp.ifctf.org?", but then I realized that I posted a bogus URL for loadtools-r2.tar.bz2... My apologies for that mistake. > Well... I found the directory and the two files I was looking for: > > wget ftp://ftp.ifctf.org/pub/GSM/FreeCalypso/loadtools-r2.tar.bz2 > wget ftp://ftp.ifctf.org/pub/GSM/FreeCalypso/tiffs-iva-r1.tar.bz2 Yes, these are the correct URLs for the correct FreeCalypso FTP site; sorry about my earlier mistake. > Everything looks fine, but it does not work: > > # fc-loadtool -h gta02 /dev/ttySAC0 > Sending beacons to /dev/ttySAC0 > Toggling /sys/bus/platform/devices/gta02-pm-gsm.0/power_on > Got beacon response, attempting download > Sending image payload > Block #0: No response to # The above looks like an effect of some other process competing with fc-loadtool for the /dev/ttySAC0 serial channel to the modem, or maybe even for the modem power control. Did you say you are running Qtmoko? Do you know how to stop whatever processes normally access the modem in that distro? (I certainly don't, as I've never used any of the "normal" distros on my FR, only the minimal Buildroot environment I hacked together for playing with the modem.) It looks like you will need to convince the maintainer of Qtmoko to tell you (and the rest of us) how to get his popular distro working with FreeCalypso tools. Or you could try the special distro which David Matthews put together - the 2nd version which works without the special cable. VLR, SF ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: TIFFS in vitro analyzer tool released
Hello everyone, following http://norayr.arnet.am/log/?p=113 I managed to compile loadtools-r2 and tiffs-iva-r1 packages in a chroot (Debian 7) directory mounted in my phone (running QtMoko v58) via nfs from my laptop. After that I installed the tools from the phone OS (not chroot) with a simple "make install" in /mountPoint/pathTo/loadtools-r2 and /mountPoint/pathTo/tiffs-iva-r1 Everything looks fine, but it does not work: # fc-loadtool -h gta02 /dev/ttySAC0 Sending beacons to /dev/ttySAC0 Toggling /sys/bus/platform/devices/gta02-pm-gsm.0/power_on Got beacon response, attempting download http://lists.openmoko.org/mailman/listinfo/community
Re: TIFFS in vitro analyzer tool released
On 02/03/2014 11:55 AM, Giacomo 'giotti' Mariani wrote: > Hi Comrade, >I can't find the FreeCalypso directory at > > $ ftp ifctfvax.Harhan.ORG > Well... I found the directory and the two files I was looking for: wget ftp://ftp.ifctf.org/pub/GSM/FreeCalypso/loadtools-r2.tar.bz2 wget ftp://ftp.ifctf.org/pub/GSM/FreeCalypso/tiffs-iva-r1.tar.bz2 Sorry for the mess :-) Giacomo -- ## giacomo 'giotti' mariani gpg --keyserver pool.sks-keyservers.net --recv-key 0x99bfa859 O< ASCII ribbon campaign: stop HTML mail www.asciiribbon.org ## ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: X and navit on qtmoko v58
On Monday, February 03, 2014 12:09:28 PM J.Schröder wrote: > Hi Radek, > > Am Montag, 3. Februar 2014 schrieb Radek Polak: > > On Friday, January 31, 2014 07:07:04 AM J.Schröder wrote: > > > Now I am stuck at getting navit up and running; there are various ways > > > out there, and none seems to work for me; I can't even get X up and > > > running using the built-in functionality (starting xterm for the first > > > time and then choosing xglamo). > > > > > > Can you give us a short setup description for X and navit? > > > > Hi, > > hmm i have only used the native navit version: > > > > http://qtmoko.sourceforge.net/apps/qtmoko-navit.html > > > > I think i have tried Xglamo on v58 and it worked. Maybe you can try from > > ssh shell if Xglamo launches correctly. > > thanks for your feedback, Xglamo now worked after removing all X-related > packages and selecting it again from the dialog; I now saw that navit > wouldn't start after installation because of missing libssl file > libcrypto.so.0.9.8 . > > There is only libssl1.0.0 available from the repo, so I still need help, > but am not sure if this would be your topic, Radek :-) I am just guessing, but maybe symlink could solve this (unless there was some API change that's not backward compatible). BR Radek ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: TIFFS in vitro analyzer tool released
Hi Comrade, I can't find the FreeCalypso directory at $ ftp ifctfvax.Harhan.ORG Connected to ifctfvax.Harhan.ORG. 220 ifctfvax.Harhan.ORG FTP server (Version 5.24 April 16, 2011 00:35:58) ready. Name (ifctfvax.Harhan.ORG:jack): anonymous 331 Guest login ok, send ident as password. Password: 230 Guest login ok, access restrictions apply. Am I doing something wrong? Thanks a lot, Giacomo > Hello project followers, > > The tool for examining flash file system images read out of TI-based > GSM devices (which include Openmoko GTA0x modems) has just been > released: > > ftp://ftp.ifctf.org/pub/FreeCalypso/tiffs-iva-r1.tar.bz2 > > Aside from the naming and packaging change, the main functional > difference between the current tool and the offering I put out last > summer (mpffs-tools-r1.tar.bz2 in the same directory) is the addition > of the lsino and catino commands, which enable "forensic" examination > of FFS change history and the old content of deleted/overwritten files. > > For some examples of what one can do with this tool, see my previous > post: > > http://lists.openmoko.org/pipermail/community/2014-January/069265.html > > VLR, > SF > > ___ > Openmoko community mailing list > community@lists.openmoko.org > http://lists.openmoko.org/mailman/listinfo/community -- ## giacomo 'giotti' mariani gpg --keyserver pool.sks-keyservers.net --recv-key 0x99bfa859 O< ASCII ribbon campaign: stop HTML mail www.asciiribbon.org ## ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
