Request for review: GSM phone hardware introduction

willem itsme at
Wed Apr 14 10:34:36 UTC 2010

On 2010-04-13 21:07:08, Harald Welte wrote:
> Hi Jake (and others),
> On Tue, Apr 13, 2010 at 10:09:52AM -0700, Jacob Appelbaum wrote:
>>> I've written an introductory text on GSM mobile phone architecture,
>>> and before officially posting/announcing it, I thought I'd invite 
>>> the members of this list to do some review and give feedback!
>> Do you have the latex available? It's hard to edit and send a diff of a
>> pdf...

did you omit qualcomm in your list of baseband manufacturers
intentionaly? because it produces mostly cdma and 3g chipsets, and not gsm?

i have several additions to your document:

== in the list in subsection{MCU peripherals}
\item Audio routing, selecting how audio is routed in the phone, between
AP, BB, carspeaker,headset, mediaspeaker, phonespeaker and microphone

== addition to \subsection{The Digital Baseband (DBB)}

The baseband MCU usually runs a realtime operating system(RTOS), like
vxworks, or l4k.

== a subsection in section{Miscellaneous Topics}

\subsection{Security features}

There are several things that need protection against tampering in a gsm
phone, the
Ki ( the secret key which identifies the subscriber to the network ), the
IMEI ( the hardware id of the phone ), and various restrictions set by
your cellular provider
(commonly known as 'the simlock').  The Ki is stored in the SIM, and is
never handled by the baseband software directly, it cannot be read from
the SIM.
The IMEI on the other hand is just an arbitrary string stored in flash,
obfuscated in some way, to make it more difficult to change. But there is no
special hardware ( like a SIM ) involved in protecting it.


More information about the baseband-devel mailing list