30 Sep
2011
30 Sep
'11
12:32 p.m.
Hi Bogdan,
I've used all types of phones and
different networks - same result. If I capture the uplink then every time after a
few seconds I get "segmentation fault". My guess is that in a
controlled environment it's going to work, but with a live one, where you have a
lot of arfcn (on a quick scan I get about 50 on my location) it's unlikely to work.
well, the success could depends from many things:
- wich cable are you using: FTDI or CP2102;
- which phone you have tried: sometimes the jack on C1xx could be not so clean or used and
it could create problems of communication at high baudrates.
- the environment that you are using: public network, as i saw from my tests, is quite
horrible to make tests (eg. arfcn hopping).
Using a DP-L10 and modifying the AFC value, seems to work well on public netwroks, even
if, sometimes it get stuck: problem related with channel hopping/sync IIRC.
I used a Blackberry Test Field to disable EDGE and identify which ARFCN that doesn't
hop on GPRS: ( eg. this one is hopping, others may not [1] )
Obviously a private and controlled environment could give you the full percentage of
success.
Regards,
Luca
[1] http://tinyurl.com/gprs-hopping
30 Sep
30 Sep
12:57 p.m.
New subject: R: Layer23 missing
Luca,
On Fri, Sep 30, 2011 at 16:32, Luca Bongiorni
<luca.bongiorni1(a)studenti.unimi.it> wrote:
I used a Blackberry Test Field to disable EDGE and
identify which ARFCN that doesn't hop on GPRS: ( eg. this one is hopping, others may
not [1] )
Could you clarify how did you do this?
Following your recommendation I recently got a BlackBerry too, but
after a quick look into its engineering menu I didn't find how to
disable EDGE.
And a related question. It requires a code to enter to the engineering
menu. Do you have any script for calculating it offline?
(I'm sorry for off-topic, but I think this may be interesting for
other people too, because BlackBerry engineering menu is really that
good)
--
Regards,
Alexander Chemeris.
1:15 p.m.
New subject: R: Layer23 missing
Hello,
Luca thanks for your reply. Regarding the phone I used, there were a few smartphones which
I put them in EDGE mode, but also some older like Nokia 6310i which only knows GPRS. The
cable is FTDI. However I haven't got any luck - only a few times I get somthing that
can be decrypted but there are only 2-3 malformed packets.
There is also the problem with large bursts - every time (downlink or uplink, doesn't
matter) the capture stops.
Cheers,
Bogdan
________________________________
From: Alexander Chemeris <alexander.chemeris(a)gmail.com>
To: Luca Bongiorni <luca.bongiorni1(a)studenti.unimi.it>
Cc: Bogdan Alecu <b.alecu(a)yahoo.com>om>; "baseband-devel(a)lists.osmocom.org"
<baseband-devel(a)lists.osmocom.org>
Sent: Friday, September 30, 2011 3:57 PM
Subject: Re: Re: R: Layer23 missing
Luca,
On Fri, Sep 30, 2011 at 16:32, Luca Bongiorni
<luca.bongiorni1(a)studenti.unimi.it> wrote:
I used a Blackberry Test Field to disable EDGE and
identify which ARFCN that doesn't hop on GPRS: ( eg. this one is hopping, others may
not [1] )
Could you clarify how did you do this?
Following your recommendation I recently got a BlackBerry too, but
after a quick look into its engineering menu I didn't find how to
disable EDGE.
And a related question. It requires a code to enter to the engineering
menu. Do you have any script for calculating it offline?
(I'm sorry for off-topic, but I think this may be interesting for
other people too, because BlackBerry engineering menu is really that
good)
--
Regards,
Alexander Chemeris.
1:26 p.m.
New subject: R: Re: Re: R: Layer23 missing
Bogdan,
There is also the problem with large bursts - every
time (downlink or uplink, doesn't matter) the capture stops.
That is another issue that i verified and i didn't still find a solution.
If i dump a "short" session (eg. using the field test, by sending icmp pings
from the blackberry to google's ip) i got the entire packets, instead, if i try to
dump a "bigger" session the DP-L10 sutck.
Btw, someone has some hints where could i look about this issue?
Regards,
Luca
1:20 p.m.
New subject: Blackberry Field Test Mode
Hi Alexander,
here it is the script to enable the blackberry field test mode:
http://www.webalice.it/zibri/escr.html
Just download the page and you will be able to use it offline. (For instructions [1])
About, how to disable EDGE, you need to disable 8PSK modulation: with public networks,
using this option, the bb doesn't use EDGE. [2]
P.S: About finding a non-hopping GRPS arfcn... http://tinyurl.com/5vzx5jp
[1] http://www.zibri.org/2009/08/hidden-things-are-usually-best.html
[2] http://tinyurl.com/edge-disabled
Regards,
Luca
1:29 p.m.
New subject: Blackberry Field Test Mode
Luca, thank you!
I'll try when I get to our Blackberry next time.
On Fri, Sep 30, 2011 at 17:20, Luca Bongiorni
<luca.bongiorni1(a)studenti.unimi.it> wrote:
Hi Alexander,
here it is the script to enable the blackberry field test mode:
http://www.webalice.it/zibri/escr.html
Just download the page and you will be able to use it offline. (For instructions [1])
About, how to disable EDGE, you need to disable 8PSK modulation: with public networks,
using this option, the bb doesn't use EDGE. [2]
P.S: About finding a non-hopping GRPS arfcn... http://tinyurl.com/5vzx5jp
[1] http://www.zibri.org/2009/08/hidden-things-are-usually-best.html
[2] http://tinyurl.com/edge-disabled
Regards,
Luca
--
Regards,
Alexander Chemeris.
5059
days inactive
5059
days old
baseband-devel@lists.osmocom.org
5 comments
3 participants
participants (3)
-
Alexander Chemeris -
Bogdan Alecu -
Luca Bongiorni