Modular cellphone kits for makers

[Read the post]


Good for them for publishing all the schematic and PCB artwork source files! Although they need to pay their web developer a bit more to NOT force one to scroll through a cute animation to get to the good part of the homepage. A few words and block diagrams wold be very useful too.

The modules seem like they would be useful for some embedded GSM phone applications, although it would be silly to make this stuff into an actual telephone, unless your goal was to build the telephone into a Western Electric 500 handset.


Important note; the GSM module in the kit is 2G only, which in many areas is getting phased out.

1 Like

I’ve got their basic kit but haven’t decided what to do with it yet.

1 Like

All (legally distributed) phones have proprietary firmware in the GSM baseband modules. There is essentially no such thing as an open source phone…yet.

…Unless you do the RMS hair-splitting routine and say there’s a difference between “free/libre” and “Open Source.” … Which there is, and Cory appears to have respected this.


Two words: hipster market!

…also, there’s that possibility of building a secure phone out of it… maybe something along the line of STU-III, updated for modern times?

Important, indeed. The question is, how likely it is that the kit will be updated with a drop-in replacement?

Is there some software-defined radio implementation? I know about OpenBTS…

Also, there are some alternative firmwares from Osmocom…

1 Like

This is over my educational level so I apologize in advance. :frowning: Didn’t the OP claim that the components are open source hardware, with full schematics and sourcecode? I thought that meant that the control codes, specs and all of it are freely shared?

We could try this

I imagine even if you don’t trust the baseband, you could build something on the SoC to encrypt over the untrusted channel; you don’t need to trust the baseband itself, as long as you know that your code is running on something you can trust…

1 Like

Yes. The entire untrusted part has to be segregated, and its communication protocol well-vetted and restricted enough to keep the thing as bug-free as possible. No unencrypted data should touch that area. Nothing the device could ever send, even if under full control of the adversary, should be able to compromise the secure part.

See also:

…if you want to go hardcore, you may also like to shield the red zone well, power it from separate battery than the black comm module or heavily filter the power bus in between, and have EMI filters on the data lines or maybe optoisolators with a shield layer to avoid crosstalking red data into black zone, where they could cause parasitic modulations of the broadcasted signal long-range (or short-range broadcast themselves from the wiring).

Beware that a strong transmitter signal can be absorbed and reradiated (or, reflected) by conductors - in the process the reflected RF signal can be modulated by the signal present on the conductors and carry away your secrets. I think that it is the TEAPOT, or another sister concept to purely passive TEMPEST.

1 Like

And finally, wrap the entire lot in tin foil! :smile:

That would be kind of counterproductive if you want to maintain the wireless communication functionality. :stuck_out_tongue:

Copper foil for the red part, though, definitely. Possibly together with permalloy sheets, and don’t forget to anneal them after the mechanical work on them so they would regain their magnetic properties deformations wreak havoc with.


a communication device for misanthropes. I like it!

1 Like

What you say is all true and useful, the one deeply obnoxious complication in cellphone land is that, regardless of how well segregated, the baseband tends to have (architecturally necessary) access to certain data and capabilities that you really don’t want a probable-traitor to have.

With ye olde dial-up model, life was less harrowing: a PCI ‘win modem’ was potentially scary(in addition to being annoying) because it had a blob of driver in your kernel and probably DMA access to your entire address space. A nice hardware modem just had a serial connection, so as long as there wasn’t a usable exploit in the process that listened on that port, you were golden. Ma Bell already knew who owned a given phone line, and your ISP could tell that it was you because you provided a username and password on login.

With a cell modem, you are still safer if it is less tightly coupled to your SoC(since, depending on implementation, one too closely coupled might well basically let your telco or anyone with a good stingray scribble directly on your RAM); but even if it is nice and segregated, it still has access to fairly useful location data, control over which tower it associates with, the option to quietly fall back to one of the dangerously antique link layer encryption algorithms, and so on. You do have a decent shot of preserving the privacy of an encrypted data channel running from the SoC to somewhere on the Internet; but cell basebands have to know a fair amount about their environment; and be able to talk about it, in order to function, so it is hard to segregate them from all the secrets you would prefer cooperation in keeping.


This topic was automatically closed after 5 days. New replies are no longer allowed.