- simtrace - lists.osmocom.org

WIP / RFC for pysim 'next generation;' aka pysim-shell
by Harald Welte 07 Apr '21

07 Apr '21

Dear Osmocom community, pySim-prog was nice when there were only 5 parameters on a SIM that we could program, and where the use case was pretty limited. Today, we have SIM/USIM/ISIM cards with hundreds of files and even more parameters to program. We cannot add a command line argument for each file to pySim-prog. Instead, this introduces an interactive command-line shell / REPL, in which one can navigate the file system of the card, read and update files both in raw format and in decoded/parsed format. The idea is primarily inspired by Henryk Ploetz' venerable cyberflex-shell, but implemented on a more modern basis using the cmd2 python module. You can see the very first prototype in the laforge/shell branch of pysim.git You can do things with it like this: ===> Start-up and authenticate with adm pin ---------------------------------------------------------------------- $ ./pysim-shell.py -p 0 Using PC/SC reader interface Autodetected card type: sysmoISIM-SJA2 AIDs on card: ['a0000000871002ffffffff8907090000', 'a0000000871004ffffffff8907090000'] Welcome to pySim-shell! pySIM-shell (3f00)> verify_adm 92990895 ---------------------------------------------------------------------- ===> interactive help ---------------------------------------------------------------------- pySIM-shell (3f00)> help Documented commands (use 'help -v' for verbose/'help <topic>' for details): ISO7816 Commands ================ read_binary select_adf select_file update_binary update_record verify_chv pySim Commands ============== intro verify_adm USIM Commands ============= read_ehplmn ust_service_activate ust_service_deactivate pySim-shell built-in commands ============================= alias help macro quit run_script shell edit history py run_pyscript set shortcuts ---------------------------------------------------------------------- ===> more interactive help ---------------------------------------------------------------------- pySIM-shell (3f00)> help read_binary usage: read_binary [-h] [--file-id FILE_ID] [--offset OFFSET] [--length LENGTH] [--record-nr RECORD_NR] Read binary data from a transparent EF optional arguments: -h, --help show this help message and exit --file-id FILE_ID File ID --offset OFFSET Byte offset for start of read --length LENGTH Number of bytes to read --record-nr RECORD_NR Number of record to read ---------------------------------------------------------------------- ===> navigating the FS and reading files ---------------------------------------------------------------------- pySIM-shell (3f00)> select_file 7f20 ['622c8202782183027f20a509800171830400018d088a01058b032f0601c60f90017083010183018183010a83010b'] pySIM-shell (3f00/7f20)> read_binary --file-id 6f07 089910070000400310 ---------------------------------------------------------------------- ===> interaction with local filesystem, i.e. I/O redirect + shell commands ---------------------------------------------------------------------- pySIM-shell (3f00)> select_adf a0000000871002 pySIM-shell (a0000000871002)> select_file 5f3b pySIM-shell (a0000000871002/5f3b)> read_binary --file-id 4f20 > /tmp/f pySIM-shell (a0000000871002/5f3b)> !cat /tmp/f ffffffffffffffff07 ---------------------------------------------------------------------- ===> piping output through shell tools like grep ---------------------------------------------------------------------- pySIM-shell (3f00)> read_ust | grep 86 Service 86 - Allowed CSG Lists and corresponding indications ---------------------------------------------------------------------- ===> enabling/disabling services ---------------------------------------------------------------------- pySIM-shell (3f00/7f20)> ust_service_activate 123 pySIM-shell (3f00/7f20)> ust_service_deactivate 123 ---------------------------------------------------------------------- It's a very first prototype, but it is really promising. The major tasks I see to make this go anywhere is: * have "File" class with encoder/decoder methods, which are registered automatically with a 'file system' layer that knows about the DF/ADF hierarchy ** this allows us to have a "read-decoded" command, which will call the decode method of the file, automatically resolved by the selected FID/path * automatic mapping of file-name -> FID and FID -> file name ** when printing (like in the path), use the human-readable names ** allow users to use human-readable names in SELECT * decode + display the TLVs / FCPs after a SELECT (like cyberflex-shell * ability to enable/disable APDU trace * dynamically register/deregster commands based on the path, i.e. offer USIM commands only when in ADF_USIM We have quite a bit of that infrastructure in the c-language libosmosim, (part of libosmocore.git), but unfortunately not in python :/ Let me know if anyone is interested in joining this effort. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

5 7

Osmocom Mailing List re-organization
by Harald Welte 03 Mar '21

03 Mar '21

Dear Osmocom community, This topic has been past due for way too many years by now: A re-organization of our major mailing lists. I would like to propose the following changes. Pleas let me know if you have any comments or feedback. I'm aware that renaming will mean people have to update their mail filter rules, but I think we're long past the point where the names of some of our lists started to confuse users. == openbsc(a)lists.osmocom.org == * openbsc doesn't exist anymore since OsmoNITB, which is also obsolete * does already cover anything "Osmocom CNI" related * Proposed new name: osmocom-cni(a)lists.osmocom.org == osmocom-net-gprs(a)lists.osmocom.org == This date back to when GPRS was a highly experimental add-on to our GSM code base. This list should simply be merged with openbsc@ as osmocom-cni(a)lists.osmocom.org == simtrace(a)lists.osmocom.org == Historically was created to cover only the simtrace project. We should rename this to osmocom-simcard(a)lists.osmocom.org or something along those lines. I would like to suggest it covers * SIMtrace / SIMtrace2 hardware + firmware * pySim and related tools for working with SIM/USIM/UICC cards * any other information / discussion related to SIM/USIM/UICC cards, like OTA, ARA-M, ... == osmodevcon(a)lists.osmocom.org == This has been a private list for people attending OsmoDevCon I would like to open up list membership to the general public, and ensure it also covers the new OsmoDevCall. We could then have discussions regarding feedback, topics, scheduling, etc. on that list. Maybe rename it to osmocom-events(a)lists.osmocom.org instead? To differentiate: osmocom-event-orga(a)lists.osmocom.org should remain a private list related to organizational / administrative topics of those involved with organizing future events. == nextepc(a)lists.osmocom.org == Should have been renamed to open5gs(a)lists.osmocom.org quite some time ago, I simply forgot about it. My apologies. -- - Harald Welte <laforge(a)osmocom.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

2 1

remsim: SIM inventory, mapping by IMSI
by merlin.chlosta+simtrace＠rub.de 06 Feb '21

06 Feb '21

Hi everybody, we try to use remsim for sharing SIMs across teams (multiple locations). We already set up the basic SIM sharing in a VPN. From a usability perspective, we’d like to have something like a SIM inventory and select SIMs by ICCID/IMSI rather than slots. We drafted some over-the-top service with a simple web application. pySim reads available cards, sends them to the service and generates a config for bankd. Kinda works, not really nice though. So before going much further, we’d like to ask: * is there something similar already? * are there similar features planned, like * automatically reading ICCID, IMSI and sharing them through remsim service directly? * mapping by card properties (IMSI/ICCID) instead of slot maps? We found it challenging to preserve the mappings across reboots, as PCSC indices change. We might just use remsim wrong, so any thoughts and feedback welcome. Besides, do you see any major blockers? Like… sharing across locations doesn’t really make sense if plugging-in-and-out is required, and we’re not sure if e.g. connection issues would require that. Happy for any thoughts! Merlin

2 1

simtrace2 Windows host
by Jérome Dufour 05 Jan '21

05 Jan '21

Hi all, Is there a Windows version of the simtrace2 host software? Regards, Jerome. ᐧ

3 2

Laser Cut SIMtrace Case
by Nick 29 Dec '20

29 Dec '20

Hi all, Had some free time this afternoon so I put together a laser cut case for the SIMtrace (photos attached), It's just cut out of 2mm perspex, with openings for the cards, flexible SIM adapter, USB and 2.5mm jack. They open up from the top for changing the flexible SIM adapters and accessing the buttons / flashing, The designs are attached for anyone who has got access to a makerspace or laser cutter wants to make one, - *SimTrace_2mm_box_version_7.dxf *is the DXF for the design, should work with any cutting software, file is in MM - *Simtrace_Final.rld *is the RDworks layout with the logo in it (most low end lasers use this software) and it has the nesting & logo baked in (DXF does not have the logo embedded) - *Osmocom_Logo_No_Gradient.jpg* is an adjusted version of the Osmocom logo as the laser CAM software doesn't deal with gradients I'm not sure where the best place to put the files are, so others can make their own - on the SIMtrace page on the Wiki or in the Repo itself? Cheers, Nick [image: image.png] [image: SIMtrace.png]

2 1

[PATCH] remsim: adding cli argument to set the atr
by Leonard Hübner 27 Oct '20

27 Oct '20

--- host/src/simtrace2-remsim.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/host/src/simtrace2-remsim.c b/host/src/simtrace2-remsim.c index 201ff71..48186d8 100644 --- a/host/src/simtrace2-remsim.c +++ b/host/src/simtrace2-remsim.c @@ -50,6 +50,8 @@ #include <osmocom/sim/class_tables.h> #include <osmocom/sim/sim.h> +#define ATR_MAX_LEN 33 + static void atr_update_csum(uint8_t *atr, unsigned int atr_len) { uint8_t csum = 0; @@ -181,6 +183,7 @@ static void print_help(void) "\t-h\t--help\n" "\t-i\t--gsmtap-ip\tA.B.C.D\n" "\t-a\t--skip-atr\n" + "\t-t\t--set-atr\tATR-STRING in HEX\n" "\t-k\t--keep-running\n" "\t-n\t--pcsc-reader-num\n" "\t-V\t--usb-vendor\tVENDOR_ID\n" @@ -199,6 +202,7 @@ static const struct option opts[] = { { "remote-udp-port", 1, 0, 'p' }, { "gsmtap-ip", 1, 0, 'i' }, { "skip-atr", 0, 0, 'a' }, + { "set-atr", 1, 0, 't' }, { "help", 0, 0, 'h' }, { "keep-running", 0, 0, 'k' }, { "pcsc-reader-num", 1, 0, 'n' }, @@ -283,6 +287,9 @@ int main(int argc, char **argv) int rc; int c, ret = 1; int skip_atr = 0; + char *atr = "3b00"; + uint8_t real_atr[ATR_MAX_LEN]; + int atr_len; int keep_running = 0; int remote_udp_port = 52342; int if_num = 0, vendor_id = -1, product_id = -1; @@ -298,7 +305,7 @@ int main(int argc, char **argv) while (1) { int option_index = 0; - c = getopt_long(argc, argv, "r:p:hi:V:P:C:I:S:A:H:akn:", opts, &option_index); + c = getopt_long(argc, argv, "r:p:hi:V:P:C:I:S:A:H:akn:t:", opts, &option_index); if (c == -1) break; switch (c) { @@ -318,6 +325,9 @@ int main(int argc, char **argv) case 'a': skip_atr = 1; break; + case 't': + atr = optarg; + break; case 'k': keep_running = 1; break; @@ -348,6 +358,12 @@ int main(int argc, char **argv) } } + atr_len = osmo_hexparse(atr,real_atr,ATR_MAX_LEN); + if(atr_len < 2) { + fprintf(stderr, "Invalid ATR - please omit a leading 0x and only use valid hex digits and whitespace. ATRs need to be between 2 and 33 bytes long.\n"); + goto do_exit; + } + if (!remote_udp_host && (vendor_id < 0 || product_id < 0)) { fprintf(stderr, "You have to specify the vendor and product ID\n"); goto do_exit; @@ -438,9 +454,8 @@ int main(int argc, char **argv) if (!skip_atr) { /* set the ATR */ - uint8_t real_atr[] = { 0x3B, 0x00 }; // the simplest ATR - atr_update_csum(real_atr, sizeof(real_atr)); - osmo_st2_cardem_request_set_atr(ci, real_atr, sizeof(real_atr)); + atr_update_csum(real_atr, atr_len); + osmo_st2_cardem_request_set_atr(ci, real_atr, atr_len); } /* select remote (forwarded) SIM */ -- 2.26.2

2 5

simtrace2-remsim set-atr flag - code offer
by Leonard Hübner 26 Oct '20

26 Oct '20

Hey there SIMTrace-Community! In the context of my current project I needed to set the ATR, which the SIMTrace2(cardem firmware) sends to the SIM-Terminal. To this end I added a cli flag (--set-atr) to the simtrace2-remsim host software which takes an ATR and signals to the cardem firmware to use this ATR. The later functionality is already present and therefore I only implemented the cli flag and the string to hex transformation (using osmo_hexparse). Would you be interested in this code? If you are, how can I contribute it? It currently lives inside a git branch on my machine. Thank you very much for making the code freely available! Leonard Hübner

2 2

OsmoDevCon / COVID-19
by Harald Welte 04 Sep '20

04 Sep '20

Dear fellow Osmocom developers, as you all know, we've sadly had to postpone OsmoDevCon 2020 back in April this year. At the time, we discussed to re-visit the situation in October 2020. While legally it is no problem at all to host an event with ~ 20 participants in Berlin/Germany (specific regulations really only start from 50+ participants) - I'm not entirely convinced it would be the smartest move. Legality and public health regulations are only one part of the equation - common sense and profound care for the key members of our community for sure are more relevant considerations to me. I'm not 100% in favour and not 100% against. Hence, I would like to get your input. Should we a) try to get an event organized on-site in Berlin? We'd have to move to a larger venue than IN-Berlin with proper ventilation and sufficient space so we can keep physical distance, but I think that's manageable for sysmocom as organizer. b) simply postpone to 2021? I'm convinced the situation will not change significantly (in a positive way) until late April 2021, so it's not really a "solution" as it will likely mean we have to think of late 2021 or 2022. c) plan some kind of online conference? To be honest, I think this model works fine for events where a single speaker wants to give lectures to hundreds or thousands of participants. But OsmoDevCon is much more interactive. We could record or live-stream some talks or screencasts from home, sure. But that only captures one part of the event. We could also try to set a date for a collaborative mumble, or the like - for the "hallway track". What are your thoughts? Let's avoid cross-posting the discussion to all of the mailing lists and simply have it on openbsc(a)lists.osmocom.org. Regards, Harald -- - Harald Welte <laforge(a)osmocom.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

trace location by my SIM CARD
by Stephen Edwards 24 Jul '20

24 Jul '20

How can I trace the location of an ACTIVE SIM that is NOT inserted into a device?

1 0

Osmocom scheduled outage on *2020-07-19 9am CEST*
by Harald Welte 19 Jul '20

19 Jul '20

There is an urgent need to migrate our most important public infrastructure to a new server, and I will be doing that on *Sunday, July 19 2020*, starting about 9am CEST. The migration involves redmine (main osmocom.org website), jenkins, gerrit, git, and cgit. In theory, the migration should be quick. I would expect (significantly) less than one hour of downtime. However, we all know Murphys law. Services not affected are mail (including mailman lists), ftp, dns. So in case of doubt, we can still use mailing lists to communicate. In case anyone urgently needs osmocom source code on Sunday morning during the downtime: There are public mirrors available on github. Regards, Harald -- - Harald Welte <laforge(a)osmocom.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 1

simtrace2 flash firmware images issue
by 雪碧 0xroot 16 Jun '20

16 Jun '20

Hi community: when i try to flash firmware images from https://ftp.osmocom.org/binaries/simtrace2/firmware/latest/simtrace-dfu-fla… simtrace2-sniff doesn't work. sudo bossac --port=/dev/ttyACM0 --usb-port=1 --erase --verify --boot=1 --write simtrace-dfu-flash-latest.bin Erase flash Done in 0.013 seconds Write 15880 bytes to flash (63 pages) [==============================] 100% (63/63 pages) Done in 0.604 seconds Verify 15880 bytes of flash [==============================] 100% (63/63 pages) Verify successful Done in 0.474 seconds Set boot flash true $ lsusb Bus 003 Device 030: ID 1d50:60e3 OpenMoko, Inc. $sudo ./simtrace2-list USB matches: 1 1d50:60e3 Addr=30, Path=3-2, Cfg=2, Intf=0, Alt=0: 255/255/0 (0.7.0.60-859f) $ sudo ./simtrace2-sniff simtrace2-sniff - Phone-SIM card communication sniffer (C) 2010-2017 by Harald Welte <laforge(a)gnumonks.org> (C) 2018 by Kevin Redon <kredon(a)sysmocom.de> No compatible USB devices found: Resource temporarily unavailable sudo dfu-util --list dfu-util 0.8 Copyright 2005-2009 Weston Schmidt, Harald Welte and OpenMoko Inc. Copyright 2010-2014 Tormod Volden and Stefan Schmidt This program is Free Software and has ABSOLUTELY NO WARRANTY Please report bugs to dfu-util(a)lists.gnumonks.org Found DFU: [1d50:60e3] ver=0000, devnum=30, cfg=1, intf=0, alt=2, name="not available", serial="51203120395134503230333139303033" Found DFU: [1d50:60e3] ver=0000, devnum=30, cfg=1, intf=0, alt=1, name="Flash (Application Partition)", serial="51203120395134503230333139303033" Found DFU: [1d50:60e3] ver=0000, devnum=30, cfg=1, intf=0, alt=0, name="RAM", serial="51203120395134503230333139303033" What should I do?

3 3

simtrace2 build failures on Ubuntu 16.04 (i586 + x86_64)
by Harald Welte 12 Dec '19

12 Dec '19

Hi! I currently haven't yet had time to investigate those. If anyone has clues as to what's going on there, I'd appreciate it. Regards, Harald -- - Harald Welte <laforge(a)osmocom.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

OsmoDevCon 2020 registration
by Harald Welte 01 Dec '19

01 Dec '19

Dear fellow Osmocom developers, I would like to invite all developers and contributors to Osmocom [sub]projects to register for OsmoDevCon 2020 (held on April 24th-27th, 2020 in Berlin). For details known so far, please check http://osmocom.org/projects/osmo-dev-con/wiki/OsmoDevCon2020 Please enter your name at https://osmocom.org/projects/osmo-dev-con/wiki/OsmoDevCon2020#Requested in case you would like to attend. Registering early allows proper planning. Thanks! Looking forward to meeting old and new Osmocom developers in April 2020. Regards, Harald -- - Harald Welte <laforge(a)osmocom.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Error while installing SIMtrace 2 host PC software
by Сергей Туб 22 Nov '19

22 Nov '19

Hello.I have Ubuntu 18.04 LTS on VirtualBox. And I need to install SIMtrace 2 host PC software. I use this instruction https://osmocom.org/progects/simtrace2/wiki *Preconditions* libosmocore, libpcsclite and libusb. to install those packages: sudo apt-get install libusb-1.0-0-dev libosmocore-dev libpcsclite-dev *Compiling it*: git clone git://git.osmocom.org/simtrace2.git cd simtrace2/host/ make ...and when I do *make* I get such mistake: cc -Wall -g pkg-config --cflags libusb-1.0 libosmocore -o simtrace2-remsim.o -c simtrace2-remsim.c simtrace2-remsim.c:51:10: fatal error: osmocom/sim/class_tables.h: No such file or directory #include ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ compilation terminated. Makefile:21: recipe for target 'simtrace2-remsim.o' failed make: *** [simtrace2-remsim.o] Error 1 Can you explaine me what went wrong? -- Best regards, Serjio. Kyiv, Ukraine

2 1

SIM trace
by Vineet 20 Nov '19

20 Nov '19

Hello team, I am looking to buy a SIM trace tool for my project. I am a freelancer. Could you please provide more details about this? Location: Singapore Also provide the details about the support. What all mobile phones could be supported and all. Also please provide the quotation for the same. Thanks! Vineet Saxena

1 0

Problem with QMOD, Telit Modem and ofono
by KageDS 15 Oct '19

15 Oct '19

Hello list, I seem to be hitting a strange problem trying to use a sysmoQMOD with Ofono and a Telit Modem (HE910) There seems to be a window of around 30 seconds after starting osmo-remsim-client-st2 whereby ofono cannot talk to the modem. There is no response to any AT commands on either the Modem or the Aux port. After about 30 to 40 secs AT commands start working again and I can enable the modem. It seems that switching from physical SIM to remote SIM causes the modem to lock-up for a while. Anyone else seeing a similar issue? I've upgraded the firmware to the latest (0.5.1.24-bb9b0) but it make no difference. Regards Alan Here is a debug log of the firmware with my notes: .... *Power on board* .... ============================================================================= SIMtrace2 firmware 0.5.1.24-bb9b0 (C) 2010-2016 by Harald Welte ============================================================================= -I- Chip ID: 0x28900960 (Ext 0x00000000) -I- Serial Nr. 51203120-39513450-32303031-32333037 -I- Reset Cause: general reset (first power-up reset) -I- Detected Quad-Modem ST12 -I- VERSION_DET ADC=3731 => 3003455 uVund -I- USB init... USBD_Init Std gDesc Dev Std sAddr SetAddr(16) Std gDesc Dev Std gDesc Qua -W- Sta 0x888A8. -I- calling init of config 1... -I- 536881924: CLK activateda work-around -I- Modem 0: physical SIM -I- 0: Use local/physical SIM -I- Modem 1: physical SIM -I- 1: Use local/physical SIM -I- entering main loop... -I- 0: Card Detect Status -1 -> 0 -I- 1: Card Detect Status -1 -> 0 -I- USB is now configured -I- 1: VCC activated -I- 1: CLK activated -I- 1: CLK deactivated -I- 1: VCC deactivated -I- 1: VCC activated -I- 1: CLK activated -I- 1: CLK deactivated -I- 1: VCC deactivated -I- 0: VCC activated -I- 0: CLK activated -I- 0: CLK deactivated -I- 0: VCC deactivated -I- 0: VCC activated -I- 0: CLK activated -I- 0: CLK deactivated -I- 0: VCC deactivated ... *AT commands working fine here* ... Start osmo-remsim-client-st2 ..... Std sInterface -W- Sta 0x88828 [0] -W- _ Std cFeat Hlt Std cFeat Hlt Std cFeat D -I- Modem 0: virtual SIM -I- 0: Use remote/emulated SIM -I- 0: ATR set: 3b 00 -I- 0: Asserting modem reset -I- 0: De-asserting modem reset -I- 0: RST released -I- 0: RST asserted -I- 0: VCC activated -I- 0: CLK activated -I- 0: RST released -I- 0: computed Fi(1) Di(1) ratio: 372 -I- 0: send_tpdu_header: 00 a4 00 0c 02 -I- 0: flush_rx_buffer (5) -I- 0: flush_rx_buffer (2) ... *AT commands no longer work, no response to AT[CR]* ... NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNd -I- 0: CLK deactivated -I- 0: VCC deactivated -I- 0: RST released -I- 0: RST asserted -I- 0: VCC activated -I- 0: CLK activated -I- 0: RST released -I- 0: computed Fi(1) Di(1) ratio: 372 -I- 0: send_tpdu_header: 00 a4 00 0c 02 -I- 0: flush_rx_buffer (5) -I- 0: flush_rx_buffer (2) ... *AT commands still not working* ... NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNd -I- 0: CLK deactivated -I- 0: VCC deactivated -I- 0: RST released -I- 0: RST asserted -I- 0: VCC activated -I- 0: CLK activated -I- 0: RST released -I- 0: computed Fi(1) Di(1) ratio: 372 -I- 0: send_tpdu_header: 00 a4 00 0c 02 -I- 0: flush_rx_buffer (5) ... *AT Commands start working again here* ... NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNd

2 3

Simtrace not responding
by super sad 07 Oct '19

07 Oct '19

Hello, We have simtrace v2. When we connect the device through USB to a laptop it does not respond. None of the lights turn on. It does not respond to any commands. ./simtrace2-lists shows Device = 0. Can you give us some suggestions on how to use the device and if this is the normal behavior? Thank you for your time.

2 2

osmo-remsim project
by Sam québec 05 Sep '19

05 Sep '19

Hi All, I'm interested by the osmo-remsim project. Please is there a tutorial/guidelines for making a demo of remote SIM based on SIMtrace2 board or other ARM Cortex M3 boards? Thank you for your time, Best regards, Sam

1 1

Issue compiling simtrace branch firmware for simtrace2
by hugh 25 Jul '19

25 Jul '19

Hi, Firstly - I am able to compile, flash and run the master branch of the software on my simtrace2 hardware without issues - thanks to all concerned. I wanted to try out the mitm and ccid with my simtrace2, and I *think* that the laforge/cleanup branch is the most recently worked on branch of developmental code, so I tried to compile that and ran into problems. So far I have noticed two issues: 1. Errors like this: error: implicit declaration of function 'board_exec_dbg_cmd'; (which can be changed to a warning by removing the -Werror-implicit-function-declaration in the Makefile) 2. This error: src_simtrace/main.c:81:40: error: 'PIN_PRTPWR_OVERRIDE' undeclared here ... (This error appears hard, as PIN_PRTPWR_OVERRIDE is only in include_board/qmod/board.h, and not in include_board/simtrace/board.h) I guess I am doing something silly - but I just cannot see it. Can someone help? By the way - am I correct in thinking that laforge/cleanup is the most recent/most worked on MITM code for the simtrace2? Cheers Hugh

2 1

IMEI filtering
by Emre Geckin 25 Jul '19

25 Jul '19

I would like to know How sim card is requesting IMEI from mobile device and is it protected only by CHV ? If so can I filter communication and change my mobile device IMEI number to something else ? Thanks.

3 2

simtrace2 just sits and does nothing : any suggestions?
by KageDS 13 Jun '19

13 Jun '19

Hello list, I've been playing with the sysmoQMOD board and I find that more often than not the remsim-client justs sits there waiting for something [1] when I list the modem using ofono/test/list-modem [2] it shows that there is no SIM present. I've tried a Telit modem and a Sierra Wireless modem and both do the same thing. Sometimes it works but more often than not it justs sits there. I've tried using the 'uhubctl' tool to power cycle the modem but this has no effect on the st2 client. It deletes the modem instance and cretes a new one in ofono. Anyone have any suggestion of what I can try to trigger the modem to do something? Or how I can get some debug info from the card? Thanks Alan --------------------------------- [1] sudo ./osmo-remsim-client-st2 -V 0x1d50 -P 0x4004 -c 0 -C 1 -I 0 -H 1-6.1 simtrace2-remsim-client - Remote SIM card client for SIMtrace (C) 2010-2017, Harald Welte <laforge(a)gnumonks.org> (C) 2018, sysmocom -s.f.m.c. GmbH, Author: Kevin Redon <kredon(a)sysmocom.de> <0000> fsm.c:299 RSPRO_CLIENT(server)[0x564613030760]{INIT}: Allocated <0000> fsm.c:299 BANKD_CONN(bankd)[0x5646130317c0]{INIT}: Allocated SIMtrace <- 01 05 00 00 00 00 09 00 01 SIMtrace <- 02 02 00 00 00 00 09 00 01 SIMtrace <= cardem_request_set_atr(3b 00 ) SIMtrace <- 01 02 00 00 00 00 0b 00 02 3b 00 SIMtrace <- 02 01 00 00 00 00 0b 00 02 2c 01 Entering main loop <0003> input/ipa.c:128 127.0.0.1:9998 connection done <0000> rspro_client_fsm.c:105 RSPRO_CLIENT(server)[0x564613030760]{INIT}: RSPRO link to 127.0.0.1:9998 UP <0000> rspro_client_fsm.c:107 RSPRO_CLIENT(server)[0x564613030760]{INIT}: Received Event SRVC_E_TCP_UP <0000> rspro_client_fsm.c:210 RSPRO_CLIENT(server)[0x564613030760]{INIT}: state_chg to ESTABLISHED <0000> rspro_client_fsm.c:78 RSPRO_CLIENT(server)[0x564613030760]{ESTABLISHED}: Tx RSPRO connectClientReq <0000> rspro_client_fsm.c:141 RSPRO_CLIENT(server)[0x564613030760]{ESTABLISHED}: Received RSPRO [L1]> 00 40 ee 07 [L2]> 30 3d 80 01 02 81 02 09 26 a2 34 a3 32 30 2d 0a 01 01 16 0a 66 69 78 6d 65 2d 6e 61 6d 65 80 0d 72 65 6d 73 69 6d 2d 73 65 72 76 65 72 81 0d 30 2e 31 2e 30 2e 31 32 2d 66 30 31 38 0a 01 00 <0000> simtrace2-remsim_client.c:669 RSPRO_CLIENT(server)[0x564613030760]{ESTABLISHED}: Received Event SRVC_E_CLIENT_CONN_RES <0000> rspro_client_fsm.c:254 RSPRO_CLIENT(server)[0x564613030760]{ESTABLISHED}: state_chg to CONNECTED <0000> rspro_client_fsm.c:141 RSPRO_CLIENT(server)[0x564613030760]{CONNECTED}: Received RSPRO [L1]> 00 21 ee 07 [L2]> 30 1e 80 01 02 81 01 00 a2 16 b1 14 30 06 02 01 01 02 01 00 30 0a 80 04 7f 00 00 01 02 02 27 0f <0000> simtrace2-remsim_client.c:687 BANKD_CONN(bankd)[0x5646130317c0]{INIT}: Received Event BDC_E_ESTABLISH <0000> bankd_client_fsm.c:195 BANKD_CONN(bankd)[0x5646130317c0]{INIT}: state_chg to REESTABLISH <0000> bankd_client_fsm.c:159 BANKD_CONN(bankd)[0x5646130317c0]{REESTABLISH}: Creating TCP connection to bankd at 127.0.0.1:9999 <0000> rspro_client_fsm.c:78 RSPRO_CLIENT(server)[0x564613030760]{CONNECTED}: Tx RSPRO configClientBankRes <0003> input/ipa.c:128 127.0.0.1:9999 connection done RSPRO link to 127.0.0.1:9999 UP <0000> bankd_client_fsm.c:47 BANKD_CONN(bankd)[0x5646130317c0]{REESTABLISH}: Received Event BDC_E_TCP_UP <0000> bankd_client_fsm.c:181 BANKD_CONN(bankd)[0x5646130317c0]{REESTABLISH}: state_chg to ESTABLISHED <0000> simtrace2-remsim_client.c:649 BANKD_CONN(bankd)[0x5646130317c0]{ESTABLISHED}: Received RSPRO [L1]> 00 45 ee 07 [L2]> 30 42 80 01 02 81 02 09 26 a2 39 a3 37 30 32 0a 01 02 16 0a 66 69 78 6d 65 2d 6e 61 6d 65 80 0c 72 65 6d 73 69 6d 2d 62 61 6e 6b 64 81 13 30 2e 31 2e 30 2e 31 32 2d 66 30 31 38 2d 64 69 72 74 79 0a 01 00 <0000> simtrace2-remsim_client.c:613 BANKD_CONN(bankd)[0x5646130317c0]{ESTABLISHED}: Received Event BDC_E_CLIENT_CONN_RES <0000> bankd_client_fsm.c:122 BANKD_CONN(bankd)[0x5646130317c0]{ESTABLISHED}: state_chg to CONNECTED <0000> simtrace2-remsim_client.c:649 BANKD_CONN(bankd)[0x5646130317c0]{CONNECTED}: Received RSPRO [L1]> 00 2c ee 07 [L2]> 30 29 80 01 02 81 01 00 a2 21 aa 1f 30 06 02 01 00 02 01 00 04 15 3b 9e 96 80 1f c7 80 31 e0 73 fe 21 1b 66 d0 02 17 8d 11 00 89 SIMtrace <= cardem_request_set_atr(3b 9e 96 80 1f c7 80 31 e0 73 fe 21 1b 66 d0 02 17 8d 11 00 89 ) SIMtrace <- 01 02 00 00 00 00 1e 00 15 3b 9e 96 80 1f c7 80 31 e0 73 fe 21 1b 66 d0 02 17 8d 11 00 89 <0000> bankd_client_fsm.c:58 BANKD_CONN(bankd)[0x5646130317c0]{CONNECTED}: Received Event BDC_E_RSPRO_TX -------------------------- [2] ~/ofono/test/list-modems [ /sierra_15 ] Powered = 1 Interfaces = org.ofono.SimManager org.ofono.LocationReporting org.ofono.VoiceCallManager Model = MC7304 Revision = SWI9X15C_05.05.58.00 r27038 carmd-fwbuild1 2015/03/04 21:30:23 Manufacturer = Sierra Wireless, Incorporated Serial = 356853054058773 Online = 0 SystemPath = /sys/devices/pci0000:00/0000:00:14.0/usb1/1-6/1-6.2 Features = sim gps Type = hardware Emergency = 0 Lockdown = 0 [ org.ofono.SimManager ] Present = 0 [ org.ofono.LocationReporting ] Enabled = 0 Type = nmea [ org.ofono.VoiceCallManager ] EmergencyNumbers = 08 000 999 110 112 911 118 119 --------------------------------

2 10

Beginner: Need guidence in setting up the simtracer 2
by Sunil Hebbur Srikantamurthy 16 May '19

16 May '19

Hello all, I have newly ordered the Simtracer 2. I have received the same today. I would like to have some guidence from you, how to proceed now. Should I load a firmware on the module?, which software should I use? how to track the message exchanges from the sim to mobile. There are several manuals, could u please tell which one to read? Could you please guide me on the same. Best regards, M.Sc. Sunil Hebbur Srikantamurthy Chair of Communication Networks Electrical Engineering and Information Technology Chemnitz University of Technology

4 7

Is the sysmoQMOD h/w available for purchase?
by KageDS 16 Apr '19

16 Apr '19

Hello list, Does anyone know if the SysmoQMOD h/w is available to purchase? (https://www.sysmocom.de/products/sysmoqmod/index.html) I looked on the sysmocom web shop but it doesn't appear to be listed. Thanks in advance Alan --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

3 2

Sim tracer with samsung galaxy S9 (nano sim)
by Sunil Hebbur Srikantamurthy 22 Feb '19

22 Feb '19

Hello, I am planning to use the nano sim based mobile phone. Could you please tell me if its possible to use the SIM TRACER for the same. For example samsung galaxy S9. By looking at the wiki I see the sim tracer would fit in for standard sim slot, will the end point of the flex PCB fit the nano sim holder of S9 ?. Could any one please guide me on the same. Best regards, Sunil

3 3

SimTrace2 hardware "Cannot read string:"
by Ken-Tristan Peterson 31 Jan '19

31 Jan '19

Hello Osmocom community, My hardware arrived and was exited to test it out. But I get an error message: "Cannot read string: Resource temporarily unavailable". This happens when I run commands "./simtrace2-list" and "./simtrace2-sniff". List command lists devices nicely. Sniff command enters main loop but no communication is sniffed. Have attached also a screenshot below. But it happens 50% of the time, other than that it might start without the warning message but does not track any communication from the SIM. The SIM works nicely through SimTrace2 hardware, but sniffing does not. I have made sure to follow the steps in Wiki and made sure that the permissions are granted. Help appreciated, Ken-Tristan Peterson IoT Hacker & Community Manager Mobile: +372 53 331 735 kentristan.peterson(a)1oT.mobi <https://1ot.mobi/>

1 0

OsmoDevCon 2019 registration
by Harald Welte 31 Dec '18

31 Dec '18

Dear fellow Osmocom developers, I'm a bit surprised to notice that not more people have signed up for OsmoDevCon 2019. I guess it was mostly an oversight when the date was originally announced, and not a lack of interest? ;) All details about the event are available at the related wiki page at: https://osmocom.org/projects/osmo-dev-con/wiki/OsmoDevCon2019 Please enter your name at https://osmocom.org/projects/osmo-dev-con/wiki/OsmoDevCon2019#Requested in case you would like to attend. Registering early allows proper planning. Thanks! Looking forward to meeting old and new Osmocom developers in April 2019. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

OsmoDevCon 2019 date poll
by Harald Welte 24 Oct '18

24 Oct '18

Dear all, I would like to get your input as to when we should schedule OsmoDevCon 2019. NOTE: OsmoDevCon is our "for developers by developers" event, not to be confused with OsmoCon, our public conference. If we want to stay with the usual "Friday through Monday in April" arrangement, we have the following options: April 05-08, 2019 April 12-15, 2019 April 26-29, 2019 The one missing weekend in the list above is the easter weekend, which is probably a good idea to exclude as flights and hotels are more expensive during that time, and people might have other plans during holidays. I would like to invite anyone planning to attend the Osmocom Developer Conference 2019 to participate in the poll at https://dudle.inf.tu-dresden.de/OsmoDevCon2019/ to state their availability/preference. The Dudle only shows the first day of the four days of OsmoDevCon. Looking forward to your feedback so we can settle on a date soon. Thanks! Kind regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Fwd: SIMtrace
by Александр Федоров 26 Sep '18

26 Sep '18

-- Fedorov Alexander Mobile: +7-908-212-98-05https://www.linkedin.com/in/wind3style/ <http://www.svyazcom.ru/en/>E-mail:wind3style@gmail.com <http://www.svyazcom.ru> ---------- Forwarded message --------- From: Александр Федоров <wind3style(a)gmail.com> Date: ср, 26 сент. 2018 г. в 17:59 Subject: SIMtrace To: <hwelte(a)hmw-consulting.de> Hello Harald! I am writing to you from far Siberia. I use SIMtrace v1 and I have some problem. Could you halp me? firmware v0.5 lose data and data in Wireshark isn't corrected: [image: image.png] Can I resolve my problem on V1 Simtrace or I have to buy SIMtrace V2? last version firmware from repository doesn't work correctly at all by looping this DEBUG text: [000001] (C) 2006-2011 by Harald Welte <hwelte(a)hmw-consulting.de> This software is FREE SOFTWARE licensed under GNU GPL [000002] Version 0.5.27-5a40-dirty compiled 20180926-170104 by xmobi@xmobi-B250M-DS3H [000003] DEBUG Interface: 0) Set Pull-up 1) Clear Pull-up 2) Toggle LED1 3) Toggle LED2 9) Reset [000004] RSTC_SR=0x00010200 [000005] LARGE req_ctx[00] initialized at 002055AC, Data: 00200A68 => 00200E28 [000006] LARGE req_ctx[01] initialized at 002055C0, Data: 00200E28 => 002011E8 [000007] LARGE req_ctx[02] initialized at 002055D4, Data: 002011E8 => 002015A8 [000008] LARGE req_ctx[03] initialized at 002055E8, Data: 002015A8 => 00201968 [000009] LARGE req_ctx[04] initialized at 002055FC, Data: 00201968 => 00201D28 [00000A] LARGE req_ctx[05] initialized at 00205610, Data: 00201D28 => 002020E8 [00000B] LARGE req_ctx[06] initialized at 00205624, Data: 002020E8 => 002024A8 [00000C] LARGE req_ctx[07] initialized at 00205638, Data: 002024A8 => 00202868 [00000D] LARGE req_ctx[08] initialized at 0020564C, Data: 00202868 => 00202C28 [00000E] LARGE req_ctx[09] initialized at 00205660, Data: 00202C28 => 00202FE8 [00000F] LARGE req_ctx[10] initialized at 00205674, Data: 00202FE8 => 002033A8 [000010] LARGE req_ctx[11] initialized at 00205688, Data: 002033A8 => 00203768 [000011] LARGE req_ctx[12] initialized at 0020569C, Data: 00203768 => 00203B28 [000012] LARGE req_ctx[13] initialized at 002056B0, Data: 00203B28 => 00203EE8 [000013] LARGE req_ctx[14] initialized at 002056C4, Data: 00203EE8 => 002042A8 [000014] LARGE req_ctx[15] initialized at 002056D8, Data: 002042A8 => 00204668 [000015] LARGE req_ctx[16] initialized at 002056EC, Data: 00204668 => 00204A28 [000016] LARGE req_ctx[17] initialized at 00205700, Data: 00204A28 => 00204DE8 [000017] LARGE req_ctx[18] initialized at 00205714, Data: 00204DE8 => 002051A8 [000018] LARGE req_ctx[19] initialized at 00205728, Data: 002051A8 => 00205568 [000019] Inititalizing usbcmd_gen_init [00001A] udp_open(440): entering [00001B] USART Initializing [00001C] pio_irq_register(109): registering handler 001079bc for PIOA 7 [00001D] RST [00001E] computed Fi(1) Di(1) ratio: 372 -- Fedorov Alexander Mobile: +7-908-212-98-05https://www.linkedin.com/in/wind3style/ <http://www.svyazcom.ru/en/>E-mail:wind3style@gmail.com <http://www.svyazcom.ru>

4 3

SIM trace.
by Александр Федоров 26 Sep '18

26 Sep '18

Hello I use SImtrace for developing and debugging Java SIM Applet. The device is pretty good, but there are some APDU errors while SIM sniffing. is it possible to fix APDU errors sniffing errors? I am attaching example dump with errors. Some times, simtrace stop receiving APDU and continue just after restart simtrace process. -- Fedorov Alexander Head of IT-solution department LLC "Svyazcom" Mobile: +7-908-212-98-05http://www.svyazcom.ru/en/E-mail:wind3style@gmail.com <http://www.svyazcom.ru>

2 1

AT91SAM3 Based simtracer and firmware
by Gerard Bakker 26 Sep '18

26 Sep '18

Dear Osmocom, I have a question about the latest build of the simtrace2 based on the AT91SAM3.. Currently we have assembled some boards based on the v1.5 design of the Simtracer received from the git repository git.osmocom.org/simtrace (branch v1.5) If have tried to compile the firmware of the repository git.osmocom.org/simtrace2 But I run in to some issue after the firmware is loaded. Also I am not able to find the simtrace2 tool to do simtracing after compilation in the host directory .. Is this firmware working already ? (The website @sysmocom says "SIMtrace 2" will be available from late March 2018) Or am I missing something ? Thanks in advance.. Met vriendelijke groet/С наилучшими пожеланиями/With kind regards, [V-Tell] Gerard Bakker | ICT / Voice Engineer V-Tell Netherlands Glotell Telecom B.V. NL-Office +31 63 513 51 23 Willem Dreeslaan 37 NL-Mobile +31 64 202 21 06 2729 ND Zoetermeer, NL RU-Mobile +7 958 964 19 98 www.v-tell.nl<http://www.v-tell.nl/> US-Mobile +1 202 370 70 38 gerard.bakker(a)v-tell.nl<mailto:gerard.bakker@v-tell.nl> This message contains confidential information and is intended only for the individual named. Its content may not be disclosed, copied or transferred to any (third) party in whole or in part without the prior written permission of Glotell B.V. Please notify the sender immediately if you have received this email by mistake and delete this email from your system. Please do not print this email unless it is necessary. It helps to keep the environment forested and litter-free.

2 1

Debian/Ubuntu packages for simtrace2
by Harald Welte 26 Aug '18

26 Aug '18

Dear all, I've just merged changes that will automatically build the latest (tagged version) packages and nightly packages for simtrace2.git for firmware and host utilities. The "latest" have already been triggered: https://build.opensuse.org/package/show/network:osmocom:latest/simtrace2 "nightly" will be available after the next automatic build (7:49 PM UTC) For more information about osmocom nightly and latest binary packages, see https://osmocom.org/projects/cellular-infrastructure/wiki/Binary_Packages Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

OsmoCon 2018 draft schedule announced
by Harald Welte 16 Aug '18

16 Aug '18

Dear Osmocom community, the first schedule of the 2018 incarnation of OsmoCon 2018 has been announced, see http://osmocom.org/news/99 for the announcment and https://pretalx.sysmocom.de/osmocon2018/schedule/ for the actual schedule. At OsmoCon, we are not targetting developers, but more the wider community and Osmocom users. It would be great to meet many of you and hear more about your relation to Osmocom. Tickets are available from https://pretix.sysmocom.de/sysmocom/osmocon2018/, and until August 31st the early bird discount still applies. For those with a community / "just for fun" background and no employer that would cover the ticket, we have a number of subsidized community discount vouchers available. See the OsmoCon 2018 wiki page at https://osmocom.org/projects/osmo-dev-con/wiki/OsmoCon2018 for more information. Looking forward to meeting as many of you as possible in roughly two months from now, Harald Welte -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

RemoteSIM on Simtrace2
by Gabriel K. Gegenhuber 03 Aug '18

03 Aug '18

Hi all, I've got my hands on a simtrace2 device - first of all thanks for your great work and thanks for making this project open source! So far I've tried out the sniffing functionality which is working flawlessly - however I struggle to get the remote-sim functionality working. I've built (make BOARD=simtrace APP=cardem) the cardemulation-firmware of the current master-branch (0.4.131-8f70) and flashed the resulting simtrace-cardem-dfu.bin using dfu-util. Furthermore I compiled the host binaries, triggered a reset on my simtrace2 device to make sure it's in runtime mode and then executed the remote-sim program (sudo ./simtrace2-remsim -V 1d50 -P 60e3 -C 1 -I 0 -A `sudo ./simtrace2-list | cut -d = -f 2 | cut -d , -f 1 | tail -1`). The simtrace2 device, as well as an USB-CCID compliant omnikey cardreader are attached to my linux computer as described in the QMOD manual. During runtime mode the red LED on the simtrace2 is blinking, while the green LED is off. I noticed that when the simtrace2-remsim program tries to send an ATR to the simtrace2 device via usb (cardem_request_set_atr), the libusb_bulk_transfer function is blocking, before returning LIBUSB_ERROR_TIMEOUT. The serial debugging-output I got on the simtrace2 doesn't show any futher information (last state is "-I- USB is now configured"). When I reset the usb-modem that is connected to the simtrace2 device I get the following messages on the debug-serial: -I- Changed to ISO 7816-3 state 1 reset de-asserted -I- WT updated to 9600 -I- Changed to ISO 7816-3 state 0 reset asserted -I- Changed to ISO 7816-3 state 1 reset de-asserted [...] while the simtrace2-remsim program is also receiving some garbage: URB: -> 03 00 00 00 00 00 0c 00 04 00 00 00 unknown simtrace msg type 0x00 URB: -> 03 00 00 00 00 00 0c 00 08 00 00 00 unknown simtrace msg type 0x00 URB: -> 03 00 00 00 00 00 0c 00 04 00 00 00 unknown simtrace msg type 0x00 [...] I've also tried several older versions/commits - however I didn't get any of them working properly. When using version 0.4.13-ba2a (from this commit: https://git.osmocom.org/simtrace2/commit/?id=ba2ad563cc0e389213a3f6f6ebe79d…) I was able to send the ATR to the simtrace and directly entered the main loop on the host program. The serial debugging-output (after a manual modem-reset) also looked somehow more promising, but didn't work either: -I- 0: VCC activated -I- 0: CLK activated -I- 0: RST released -I- 0: computed Fi(1) Di(1) ratio: 372 -I- 0: send_tpdu_header: 00 a4 00 04 02 -I- 0: VCC deactivated -I- 0: CLK deactivated -I- 0: VCC activated -I- 0: CLK activated -I- 0: VCC deactivated -I- 0: CLK deactivated [...] I've also tried a few different modems/dongles (Huawei, ZTE) which also didn't really change anything. Am I missing something? Is the remote-sim functionality supposed to work on the current master branch? If not, could anyone hint me to a version/commit that should work? Would love to get some feedback - thanks in advance and keep up the good work! Greetings from Vienna, Gabriel

2 1

Problem in accessing SIMTrace 2
by Andrei Mikhailov 30 Jul '18

30 Jul '18

Dears, I have received SIMTrace 2 just now and I tried to connect it to PC with the same parameter as for previous version of SIMTrace. But I found that USB VENDOR ID and USB PRODUCT ID were changed. For the previous version they were 0x16c0 and 0x0762 correspondingly. All host sources at git://git.osmocom.org/simtrace.git repository use this parameters. Now I can see that VENDOR ID is 0x1d50 and PRODUCT ID is 0x60e3. Could you please help me to find USB connectivity parameters for the SIMTrace device which I received? -- /Best regards, Andrei Mikhailov /

3 6

CLA
by tchen 01 Jul '18

01 Jul '18

I noticed the modem issued command with CLA 0 (usim) or a0 (gsm)... just wondering what cause it to use 0 or a0??? Or does it try different CLA automatically

2 1

RESET error counter (0x2c) or unblock chv
by Thomas Chen 30 Jun '18

30 Jun '18

i am getting somethin like 00 2c 00 01 00 00 20 00 01 00 00 2c 00 81 00 i see somewhere 0x20 is defined as "verify chv" and 0x2c is defined as "unblock chv" but i also see somewhere else saying 0x2c is "reset error counter" can someone point me to where these commands are defined, and what kind of response are expected from SIM ??? thanks tom --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

3 2

Migrating simtrace2.git to gerrit / build verification
by Harald Welte 29 Jun '18

29 Jun '18

Hi Kevin and wider SIMtrace community, I've finally managed to set up a build verification jobs for the simtrace2 firmware, and in the process migrate simtrace2.git to gerrit. * https://jenkins.osmocom.org/jenkins/job/master-simtrace2/ is automatically * building the master branch for all apps/boards, * building the master branch of the host software * executing actual unit tests (currently only cardem) in "firmware/test" * https://jenkins.osmocom.org/jenkins/job/gerrit-simtrace2/ is triggered by gerrit and will perform automatic verification of any patches submitted for review (using the above-mentioned tests) In case anyone hasn't worked with gerrit before, please see https://osmocom.org/projects/cellular-infrastructure/wiki/gerrit for detailed information on how to set it up. @Kevin: You don't appear to have a gerrit account yet, so I couldn't give you the proper credentials. Let me know once you created the account, so I can give you credentials so you can continue to push to kredon/simtrace or related branches. Write access to the git.osmocom.org/simtrace2.git repository has been removed, only gerrit will replicate to that repository. I've also pushed tons of Kevin's fixes to master, leaving mainly the work on the "trace" firmware in "kredon/simtrace". You can rebase your branch cleanly on top of master. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Save the Date: OsmoCon 2018 on October 18-19, 2018
by Harald Welte 11 Apr '18

11 Apr '18

== OsmoCon 2018 == OsmoCon (Osmocom Conference) 2018 is the technical conference for Osmocom users, operators and developers! We are happy to announce the date of OsmoCon 2018. It has been scheduled on October 18 + 19, 2018 and will happen in Berlin, Germany. For the second time, the Osmocom Conference brings together users, operators and developers of the Osmocom Open Source cellular infrastructure projects, such as OsmoBTS, OsmoBSC, OsmoSGSN, OpenGGSN and others. Join us for two days of presentations and discussions with the main developers behind Open Source Mobile Communications, as well as commercial and non-profit users of the Osmocom cellular infrastructure software. You can find some initial information in our wiki at http://osmocom.org/projects/osmo-dev-con/wiki/OsmoCon2018 which will be updated as more information becomes available. == Call for Participation == We're also at the same time announcing the Call for Participation and call on everyone with experiences to share around the Osmocom member projects to submit talks, workshops, discussions or other proposals. You can find the CfP at https://pretalx.sysmocom.de/osmocon2018/cfp We are particularly looking for contributions about: * updates on features/functionality/status of individual Osmocom projects * success stories on how Osmocom projects are deployed in practice * migration from OsmoNITB to the post-NITB architecture * tutorials / workshops on how to setup / analyze Osmocom projects * statistics, reporting, operations aspects of Osmocom projects * third-party open source utilities to be used with Osmocom projects Looking forward to meeting many existing and new Osmocom users at OsmCon this October! Regards, Harald Welte -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Compiling and running simtrace firmware with a recent toolchain
by Denis 'GNUtoo' Carikli 09 Mar '18

09 Mar '18

Hi, The simtrace firmware is in the OpenPCD git repository at: > git://git.osmocom.org/openpcd.git I used the last revision at the time of writing: > dc2983d firmware: Makefiles: enable changing toolchain With a fairly recent gcc version: > $ arm-none-eabi-gcc --version > arm-none-eabi-gcc (Arch Repository) 7.3.0 > Copyright (C) 2017 Free Software Foundation, Inc. > This is free software; see the source for copying conditions. There > is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A > PARTICULAR PURPOSE. Compiling the firmware the usual way works, with many warnings: > $ make BOARD=SIMTRACE DEBUG=1 TARGET=main_simtrace \ > CROSS_COMPILE=arm-none-eabi- [...] Installing that firmware went fine: > $ sudo dfu-util -d 16c0:0762 -a0 -D ./main_simtrace.bin -R > dfu-util 0.9 > > Copyright 2005-2009 Weston Schmidt, Harald Welte and OpenMoko Inc. > Copyright 2010-2016 Tormod Volden and Stefan Schmidt > This program is Free Software and has ABSOLUTELY NO WARRANTY > Please report bugs to http://sourceforge.net/p/dfu-util/tickets/ > > dfu-util: Invalid DFU suffix signature > dfu-util: A valid DFU suffix will be required in a future dfu-util > release!!! Opening DFU capable USB device... > ID 16c0:0762 > Run-time device DFU version 0100 > Claiming USB DFU Interface... > Setting Alternate Setting #0 ... > Determining device status: state = dfuIDLE, status = 0 > dfuIDLE, continuing > DFU mode device DFU version 0100 > Device returned transfer size 256 > Copying data from PC to DFU device > Download [=========================] 100% 23084 bytes > Download done. > state(7) = dfuMANIFEST, status(0) = No error condition is present > state(2) = dfuIDLE, status(0) = No error condition is present > Done! > dfu-util: can't detach > Resetting USB to switch back to runtime mode Unfortunately with the new compiler the device gets re-enumerated continuously: > usb 4-1: new full-speed USB device number 3 using uhci_hcd > usb 4-1: new full-speed USB device number 4 using uhci_hcd > usb 4-1: new full-speed USB device number 5 using uhci_hcd [...] Here's what I have on the serial port: > [000000] > [000001] (C) 2006-2011 by Harald Welte <hwelte(a)hmw-consulting.de> > This software is FREE SOFTWARE licensed under GNU GPL > [000002] Version 0.5.30-dc29 compiled 20180309-165435 by gnutoo@second-laptop > > [000003] > DEBUG Interface: > 0) Set Pull-up 1) Clear Pull-up 2) Toggle LED1 3) Toggle LED2 > 9) Reset > [000004] RSTC_SR=0x00010000 > [000005] LARGE req_ctx[00] initialized at 002055AC, Data: 00200A68 => 00200E28 > [000006] LARGE req_ctx[01] initialized at 002055C0, Data: 00200E28 => 002011E8 > [000007] LARGE req_ctx[02] initialized at 002055D4, Data: 002011E8 => 002015A8 > [000008] LARGE req_ctx[03] initialized at 002055E8, Data: 002015A8 => 00201968 > [000009] LARGE req_ctx[04] initialized at 002055FC, Data: 00201968 => 00201D28 > [00000A] LARGE req_ctx[05] initialized at 00205610, Data: 00201D28 => 002020E8 > [00000B] LARGE req_ctx[06] initialized at 00205624, Data: 002020E8 => 002024A8 > [00000C] LARGE req_ctx[07] initialized at 00205638, Data: 002024A8 => 00202868 > [00000D] LARGE req_ctx[08] initialized at 0020564C, Data: 00202868 => 00202C28 > [00000E] LARGE req_ctx[09] initialized at 00205660, Data: 00202C28 => 00202FE8 > [00000F] LARGE req_ctx[10] initialized at 00205674, Data: 00202FE8 => 002033A8 > [000010] LARGE req_ctx[11] initialized at 00205688, Data: 002033A8 => 00203768 > [000011] LARGE req_ctx[12] initialized at 0020569C, Data: 00203768 => 00203B28 > [000012] LARGE req_ctx[13] initialized at 002056B0, Data: 00203B28 => 00203EE8 > [000013] LARGE req_ctx[14] initialized at 002056C4, Data: 00203EE8 => 002042A8 > [000014] LARGE req_ctx[15] initialized at 002056D8, Data: 002042A8 => 00204668 > [000015] LARGE req_ctx[16] initialized at 002056EC, Data: 00204668 => 00204A28 > [000016] LARGE req_ctx[17] initialized at 00205700, Data: 00204A28 => 00204DE8 > [000017] LARGE req_ctx[18] initialized at 00205714, Data: 00204DE8 => 002051A8 > [000018] LARGE req_ctx[19] initialized at 00205728, Data: 002051A8 => 00205568 > [000019] Inititalizing usbcmd_gen_init > [00001A] udp_open(440): entering > [00001B] USART Initializing > [00001C] pio_irq_register(109): registering handler 001079bc for PIOA 7 > [00001D] RST > [00001E] computed Fi(1) Di(1) ratio: 372 > [000000] > [000001] (C) 2006-2011 by Harald Welte <hwelte(a)hmw-consulting.de> > This software is FREE SOFTWARE licensed under GNU GPL > [000002] Version 0.5.30-dc29 compiled 20180309-165435 by gnutoo@second-laptop > > [000003] > DEBUG Interface: > 0) Set Pull-up 1) Clear Pull-up 2) Toggle LED1 3) Toggle LED2 > 9) Reset > [000004] RSTC_SR=0x00010200 > [000005] LARGE req_ctx[00] initialized at 002055AC, Data: 00200A68 => 00200E28 > [000006] LARGE req_ctx[01] initialized at 002055C0, Data: 00200E28 => 002011E8 > [000007] LARGE req_ctx[02] initialized at 002055D4, Data: 002011E8 => 002015A8 > [000008] LARGE req_ctx[03] initialized at 002055E8, Data: 002015A8 => 00201968 > [000009] LARGE req_ctx[04] initialized at 002055FC, Data: 00201968 => 00201D28 > [00000A] LARGE req_ctx[05] initialized at 00205610, Data: 00201D28 => 002020E8 > [00000B] LARGE req_ctx[06] initialized at 00205624, Data: 002020E8 => 002024A8 > [00000C] LARGE req_ctx[07] initialized at 00205638, Data: 002024A8 => 00202868 > [00000D] LARGE req_ctx[08] initialized at 0020564C, Data: 00202868 => 00202C28 > [00000E] LARGE req_ctx[09] initialized at 00205660, Data: 00202C28 => 00202FE8 > [00000F] LARGE req_ctx[10] initialized at 00205674, Data: 00202FE8 => 002033A8 > [000010] LARGE req_ctx[11] initialized at 00205688, Data: 002033A8 => 00203768 > [000011] LARGE req_ctx[12] initialized at 0020569C, Data: 00203768 => 00203B28 > [000012] LARGE req_ctx[13] initialized at 002056B0, Data: 00203B28 => 00203EE8 > [000013] LARGE req_ctx[14] initialized at 002056C4, Data: 00203EE8 => 002042A8 > [000014] LARGE req_ctx[15] initialized at 002056D8, Data: 002042A8 => 00204668 > [000015] LARGE req_ctx[16] initialized at 002056EC, Data: 00204668 => 00204A28 > [000016] LARGE req_ctx[17] initialized at 00205700, Data: 00204A28 => 00204DE8 > [000017] LARGE req_ctx[18] initialized at 00205714, Data: 00204DE8 => 002051A8 > [000018] LARGE req_ctx[19] initialized at 00205728, Data: 002051A8 => 00205568 > [000019] Inititalizing usbcmd_gen_init > [00001A] udp_open(440): entering > [00001B] USART Initializing > [00001C] pio_irq_register(109): registering handler 001079bc for PIOA 7 > [00001D] RST > [00001E] computed Fi(1) Di(1) ratio: 372 > [000000] So it gets reset in a loop. I can get it to work with the following diff: --- a/firmware/src/simtrace/tc_etu.c +++ b/firmware/src/simtrace/tc_etu.c @@ -96,8 +96,8 @@ void tc_etu_init(void) ((unsigned int) 1 << AT91C_ID_TC0)); /* Connect TCLK0 to XC0 */ - tcb->TCB_BMR &= ~(AT91C_TCB_TC0XC0S); - tcb->TCB_BMR |= AT91C_TCB_TC0XC0S_TCLK0; +// tcb->TCB_BMR &= ~(AT91C_TCB_TC0XC0S); +// tcb->TCB_BMR |= AT91C_TCB_TC0XC0S_TCLK0; /* Register Interrupt handler */ AT91F_AIC_ConfigureIt(AT91C_BASE_AIC, AT91C_ID_TC0, @@ -124,5 +124,5 @@ void tc_etu_init(void) tcetu->TC_CCR = AT91C_TC_CLKEN; /* Reset to start timers */ - tcb->TCB_BCR = 1; +// tcb->TCB_BCR = 1; } With the diff I have the following on serial: > [000000] > [000001] (C) 2006-2011 by Harald Welte <hwelte(a)hmw-consulting.de> > This software is FREE SOFTWARE licensed under GNU GPL > [000002] Version 0.5.30-dc29-dirty compiled 20180309-165717 by gnutoo@second-laptop > > [000003] > DEBUG Interface: > 0) Set Pull-up 1) Clear Pull-up 2) Toggle LED1 3) Toggle LED2 > 9) Reset > [000004] RSTC_SR=0x00010000 > [000005] LARGE req_ctx[00] initialized at 00205630, Data: 00200AEC => 00200EAC > [000006] LARGE req_ctx[01] initialized at 00205644, Data: 00200EAC => 0020126C > [000007] LARGE req_ctx[02] initialized at 00205658, Data: 0020126C => 0020162C > [000008] LARGE req_ctx[03] initialized at 0020566C, Data: 0020162C => 002019EC > [000009] LARGE req_ctx[04] initialized at 00205680, Data: 002019EC => 00201DAC > [00000A] LARGE req_ctx[05] initialized at 00205694, Data: 00201DAC => 0020216C > [00000B] LARGE req_ctx[06] initialized at 002056A8, Data: 0020216C => 0020252C > [00000C] LARGE req_ctx[07] initialized at 002056BC, Data: 0020252C => 002028EC > [00000D] LARGE req_ctx[08] initialized at 002056D0, Data: 002028EC => 00202CAC > [00000E] LARGE req_ctx[09] initialized at 002056E4, Data: 00202CAC => 0020306C > [00000F] LARGE req_ctx[10] initialized at 002056F8, Data: 0020306C => 0020342C > [000010] LARGE req_ctx[11] initialized at 0020570C, Data: 0020342C => 002037EC > [000011] LARGE req_ctx[12] initialized at 00205720, Data: 002037EC => 00203BAC > [000012] LARGE req_ctx[13] initialized at 00205734, Data: 00203BAC => 00203F6C > [000013] LARGE req_ctx[14] initialized at 00205748, Data: 00203F6C => 0020432C > [000014] LARGE req_ctx[15] initialized at 0020575C, Data: 0020432C => 002046EC > [000015] LARGE req_ctx[16] initialized at 00205770, Data: 002046EC => 00204AAC > [000016] LARGE req_ctx[17] initialized at 00205784, Data: 00204AAC => 00204E6C > [000017] LARGE req_ctx[18] initialized at 00205798, Data: 00204E6C => 0020522C > [000018] LARGE req_ctx[19] initialized at 002057AC, Data: 0020522C => 002055EC > [000019] Inititalizing usbcmd_gen_init > [00001A] udp_open(440): entering > [00001B] USART Initializing > [00001C] pio_irq_register(109): registering handler 001079bc for PIOA 7 > [00001D] RST > [00001E] computed Fi(1) Di(1) ratio: 372 > [00001F] ISO_SW Initializing > [000020] pio_irq_register(109): registering handler 00107fb0 for PIOA 8 > [000021] pio_irq_register(109): registering handler 00107fdc for PIOA 25 > [000022] VCC_PHONE off > [000023] USART Entering Rx Mode > [000024] RST > [000025] computed Fi(1) Di(1) ratio: 372 > [000026] MODE: SNIFFER > > [000027] RST > [000028] computed Fi(1) Di(1) ratio: 372 > [000029] main(76): entering main (idle) loop > [00002A] Heart beat 00000000 > [00002B] Heart beat 00000001 > [00002C] Heart beat 00000002 > [00002D] Heart beat 00000003 > [00002E] Heart beat 00000004 > [00002F] Heart beat 00000005 And I could even get some packet trace from my Galaxy SIII (i9300): > GSM SIM 80 3 9f : 00d2 > GSM SIM 67 ISO/IEC 7816-4 SELECT File MF > GSM SIM 67 ISO/IEC 7816-4 SELECT /EF.ELP > GSM SIM 90 ISO/IEC 7816-4 GET RESPONSE > GSM SIM 75 ISO/IEC 7816-4 READ BINARY Offset=0 > GSM SIM 67 ISO/IEC 7816-4 SELECT File EF.ICCID > GSM SIM 90 ISO/IEC 7816-4 GET RESPONSE > GSM SIM 75 ISO/IEC 7816-4 READ BINARY Offset=0 > GSM SIM 85 ETSI TS 102.221 TERMINAL PROFILE > GSM SIM 67 ISO/IEC 7816-4 SELECT File EF.DIR > GSM SIM 93 ISO/IEC 7816-4 GET RESPONSE > GSM SIM 103 ISO/IEC 7816-4 READ RECORD RecordNr=1 > GSM SIM 81 ISO/IEC 7816-4 SELECT Application a0000000871002ff33ff018900000100 > GSM SIM 108 ISO/IEC 7816-4 GET RESPONSE > GSM SIM 67 ISO/IEC 7816-4 SELECT File MF Denis.

1 0

SIM select file (A4) command
by Thomas Chen 21 Feb '18

21 Feb '18

i noticed the GSM modem issued a couple SELECT (a4) commands that i cannot find the documentation for would any one be able to help identify these ??? thanks 00 a4 00 04 02 7f ff 00 a4 00 04 02 7f 66 --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

4 3

OsmoDevCon 2018 schedule planning
by Harald Welte 06 Dec '17

06 Dec '17

Dear Osmocom Community, [please respect the Reply-To and post all follow-up discussion to this to openbsc(a)lists.osmocom.org, so we avoid having long threads cross-posted to several mailing lists.] Like every year in early December, it is time to discuss as schedule for OsmoDevCon in the upcoming year. Note: Ths is about OsmoDevCon, the more private meeting of developers, *NOT* about OsmoCon, the public conference. == When, Who, Where == I propose the following date for OsmoDevCon 2018: April 20 - April 23rd, 2018 * Who: Active developers/contributors of Osmocom projects (as usual) * Where: IN-Berlin, Berlin (as usual) Please let me know ASAP if that proposed date works for everyone who'd want to attend. We can still change it now, but I would want to nail down the date pretty soon. == Format == After the experiment of reducing from 4 to 3 days last year (due to OsmoCon), we will again go for *four days* in 2018. However, we should clearly divide the days in a way that e.g. "GSM/3G" topics are on two days, while SDR+Other topics are on the other days, so people not interested in some topics can skip one or two days, as needed. We could even divide it further like: * 1 day 3GPP RAN (osmo-bts, osmo-bsc, osmo-pcu, virt_phy, fake_trx, ...) * 1 day 3GPP CN (osmo-msc, osmo-hlr, osmo-sip-connector, nextepc, etc.) * 2 days misc Regards, and looking forward to meeting you [again] in 2018, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 1

SAM3 DFU
by Thomas Chen 30 Nov '17

30 Nov '17

question about DFU... working with AT91SAM3 board, i tried, 1. use sam-ba to flash the DFU image (works fine) 2. try to use dfu-util to flash the APP, but it does not seem to write into flash (after reboot we still have the initial DFU image ??) (i am using the same argument as SAM7 -a0 -D filename -R is there any tips you can provide before i start digging ?

3 2

remote sim network delay
by Thomas Chen 27 Nov '17

27 Nov '17

i am not clear about how simtrace2, specifically libcommon/source/card_emu.c seems to handle the network delay for remote sim response however, i dont understand how that would help ??? my understand of the protocol is that ME => SIM (first 5 bytes of APDU) SIM <=== PROCEDURE (either INS as ack, or 0x60 to hold up the protocol) but that does not help remote sim, as remote SIM would need the susequent bytes which will not come until we send back INS, so just holding off ME with 0x60 does not alleviate the problem of network delay

4 6

Min Xu patches testing (Lukas Kuzmiak)
by Min Xu 03 Nov '17

03 Nov '17

Hi Lukas I saw your email to my @sanjole.com address but since this address is on the mailing list I'll just reply here so everyone can see. --- your email below --- Hi Min Xu, first of all thanks for all the work you put into simtrace. I’ve been testing your patches last couple days, they have not yet been in any release which I think is a shame, so I’d like to push the community to fix that so it can be even further tested (by testing, reporting back, fixing building the firmware with latest arm-none-eabi, etc.) I have found one bug for which I fail to identify the source .. The whole trace is fine except sometimes there are 4 bytes inside the data which seems to be the simtrace_hdr (first line is my debug): USB MSG: sh->cmd: 1, sh->flags: 0, sh->res[9, 5], payload: 00 a4 00 04 02 a4 6f 07 61 2a 00 c0 00 00 2a c0 62 28 82 02 41 21 83 02 6f 07 a5 0f 80 01 71 c0 01 00 91 04 7f 20 6f 07 92 01 00 8a 01 05 8b 03 6f 06 03 80 02 00 09 88 01 38 90 00 01 00 09 05 00 b0 00 00 09 b0 08 29 03 30 10 66 03 91 12 90 00 APDU: 00 a4 00 04 02 6f 07 61 2a APDU: 00 c0 00 00 2a 62 28 82 02 41 21 83 02 6f 07 a5 0f 80 01 71 c0 01 00 91 04 7f 20 6f 07 92 01 00 8a 01 05 8b 03 6f 06 03 80 02 00 09 88 01 38 90 00 APDU: 01 00 09 05 00 b0 00 APDU: 00 09 b0 08 29 03 30 APDU: 10 66 03 91 12 90 00 The 01 00 09 05 (which seems to be sh->cmd, sh->flags and Fi/Di (9/5) just randomly appear in APDU data every now and then. If those 4 bytes were not there apdu_split would split it fine .. like this it breaks this into nonsense pieces and breaks the trace. I’ve gone through your patches in the firmware, fiddled around with some of them but didn’t manage to find the root cause yet - seems like the simtrace_hdr is inserted in the middle (but that does not seem possible), so perhaps 2 USB messages somehow get merged into one? So I figured I’ll try to write you, maybe it will ring a bell - I have not fully verified the merge of your patches went correctly but from a fast compare it seems like it. If you’ll find a minute to give me a few tips I’ll appreciate that, in the meantime I’ll keep digging. PS: the version of FW I’m using is latest master in the git (https://git.osmocom.org/openpcd). Thanks! Lukas --- END --- I believe the reason for this is actually in an email I sent to the list on Sep 10, 2013. Basically, the ATMEL chip can break up the req_ctx ( the usb response ) and combine as it see fit (if there's a large burst etc). So you cannot rely on the "natural break" between the calls to transmit. Therefore, since it's a stream you'll get on receiving side, then a natural packet header that accounts of subsequent bytes must be added. So I added extra bytes into the simtrace_hdr header so that the actual data payload can be correctly accounted for. The changes are: struct simtrace_hdr { u_int8_t cmd; u_int8_t flags; u_int8_t res[2]; + u_int16_t seq_num; + u_int16_t offset; + u_int16_t tot_len; u_int8_t data[0]; } __attribute__ ((packed)); So the desktop client will have to have equivalent changes to account for these extra fields. Let me know if this answers your question. If not I can try send you the full code I have for the firmware and a sample of the desktop receiving / parsing code so you'll have a baseline.

2 2

Min Xu patches testing
by Lukas Kuzmiak 03 Nov '17

03 Nov '17

Hi again guys, I've been testing the latest firmware (git master) to see how patches from Min Xu made it better and tracing of fast sims (lost bytes, broken tracing, etc.) seems to be a lot improved. I have found one bug - somehow simtrace_hdr makes it into the APDU payloads, I've been trying to find the root cause of this but have not managed yet - seems like the FW sends 2 messages but they arrive as a single message into the host software thus the header is considered APDU payload. I've reported the issue here: https://osmocom.org/issues/2614 along with all the tracing/investigation I've performed so far - anybody got further ideas how this might happen? Other than this and the painful building of the firmware in today's world it seems tracing modern phones is not such a pain as it used to be, yay! Lukas

1 0

building simtrace FW nowdays
by Lukas Kuzmiak 03 Nov '17

03 Nov '17

Hi guys, after a long time I blew the dust off of mine SIMtrace 1.0p, went through the history of the mailing list archives and saw there were some nice fixes for fast sims but there is no released firmware that includes them (v0.5 is latest dated in 2012 - I still have some sync issues/lost bytes with v0.5 like i used to years ago). So I got to building and oh boy :-) Back in the day arm-elf was not obsolete and all went fine, today with arm-none-eabi however, not so much. After couple days of fiddling around with building custom toolchains, trying the ones from https://developer.arm.com/open-source/gnu-toolchain/gnu-rm/downloads <https://developer.arm.com/open-source/gnu-toolchain/gnu-rm/downloads> and other goodies I realized I keep running into the same issue over and over again. Some kind of a weird boot loop - see UART log attached. Weirdly enough the DFU compiles fine with the gcc-arm-none-eabi-6-2017-q2-update toolchain and works just fine, it seem main_simtrace also compiles, links and even starts initializing but then dies somewhere in the middle. I never got pass this "[00001E] computed Fi(1) Di(1) ratio: 372” to “ISO_SW Initializing” .. Have not managed to figure out why - any help appreciated on this. In the end I went all the way back to gcc-4.6.4, had to apply some patches do it’d compile on a recent Debian (9.2) .. and using arm-elf toolchain produces a working firmware (after reverting commit 373c172ab858102e1818c8476ab1a2b290685cda "convert from u_int*_t to uint*_t”). For anybody in this situation see the procedure below (for reference). Hopefully the issue can be collaboratively fixed - I’m happy to test around on 1.0p and 1.4p boards, different toolchains etc. but I don’t really know how to debug the bootloop - even a nudge in that is appreciated. Btw - is it possible to get write access to SIMtrace wiki? There’s a bunch of stuff that could be fixed :) eg. i had to dig sam7utils from archive.org <http://archive.org/> (openpcd.org <http://openpcd.org/> no longer has it) and some other misc stuff. IMHO if this can be fixed a v0.6 release could be made after (or even before) to bring those fast sim features to people in a simpler fashion? I have yet to test that functionality on my end - I can report back on how it seems to perform (not sure how widely tested it has been). Lukas GCC-4.6.4 (arm-elf) on Debian 9.2: - use the gnu-arm-build.3.sh script from https://osmocom.org/projects/baseband/wiki/GnuArmToolchain <https://osmocom.org/projects/baseband/wiki/GnuArmToolchain> - apply a patch below to the script, gcc.patch is https://gcc.gnu.org/ml/gcc-patches/2015-08/msg00375.html <https://gcc.gnu.org/ml/gcc-patches/2015-08/msg00375.html>, gcc.texi.patch is https://gcc.gnu.org/ml/gcc-patches/2013-09/msg02100.html <https://gcc.gnu.org/ml/gcc-patches/2013-09/msg02100.html> - voila, compile simtrace firmware (git revert —no-commit 373c172ab858102e1818c8476ab1a2b290685cda - if you’re using master). 8,9c8,9 < GCC_SRC=gcc-4.8.2.tar.bz2 < GCC_VERSION=4.8.2 --- > GCC_SRC=gcc-4.6.4.tar.bz2 > GCC_VERSION=4.6.4 20c20 < TARGET_TRIPLET=arm-none-eabi --- > TARGET_TRIPLET=arm-elf 69a70,78 > > # > # Stage 0: Patch the old gcc so it compiles on modern systems > # > ( > cd $SRCDIR/$GCC_DIR > patch -p1 < ../../gcc.patch > patch -p1 < ../../gcc.texi.patch > ) || exit 1

1 0

Want to do paid work on Osmocom? sysmocom is hiring
by Harald Welte 31 Oct '17

31 Oct '17

Dear Osmocom community, I would like to point out that at sysmocom, we're currently (again) hiring [1]. If you happen to have an interest in open source cellular communications and are fluent in C language development, we would love to hear from you. sysmocom probably doesn't need any introduction here, but just in case: The company was founded by Holger Freyther and Harald Welte, two of the leading OpenBSC and Osmocom developers from the very early days of the project. Today we are responsible for by far the largest number of commits to the Osmocom GSM/3G infrastructure related git repositories. Among our current priorities are automatic testing for the GPRS PCU, generalization of the OsmoMGW media gateway, support for load-based hand-over, inter-BSC hand-over as well as various improvements on the lower layers of the GPRS protocol stack. We're very dedicated to the cause in furthering the capabilities of open source cellular infrastructure from 2G to 4G. We believe in working upstream, no open core or dual licensing. If you have an interest working with an enthusiastic, strong technical and dedicated team of Osmocom hackers, please don't hesitate to let me know, best by e-mail to jobs(a)sysmocom.de Thanks, Harald p.s.: I hope this kind of message is not disturbing to anyone. I think it is important to the Osmocom project to have more paid people working on the stack, so it is justified. The positions we are seeking to fill will work [almost exclusively] on Osmocom, so it's not a random job ad but in the very interest of Osmocom, and hence on-topic for this list. [1] https://www.sysmocom.de/jobs/ -- - Harald Welte <hwelte(a)sysmocom.de> http://www.sysmocom.de/ ======================================================================= * sysmocom - systems for mobile communications GmbH * Alt-Moabit 93 * 10559 Berlin, Germany * Sitz / Registered office: Berlin, HRB 134158 B * Geschaeftsfuehrer / Managing Director: Harald Welte

1 0

new APDU command - how?
by Ale Ch 31 Oct '17

31 Oct '17

Hi! Tell me please, how to add new APDU command discription to see it in Wireshak log? Where in source code lay this command description? regards Alex

2 1

can't open USB device
by Ale Ch 26 Oct '17

26 Oct '17

Dear collegues, could you help me to start using SIMtrace board? I have bought SIMtrace board v1.4 from symocom shop. I have got sources from github but cannot (it is strange) built user manual on my ubuntu computer. BUT I am successfully built simtrace application but it cannot recognize the board. >user@lnkd149:~/OSMOCOM/simtrace/host$ ./simtrace >simtrace - GSM SIM and smartcard tracing >(C) 2010 by Harald Welte <laforge(a)gnumonks.org> > >can't open USB device that message I have received on my screen... Could you advise something? regards Alex

2 2

Planning for OsmoCon + OsmoDevCon
by Harald Welte 14 Oct '17

14 Oct '17

[cross-post to many lists, please follow-up-to openbsc(a)lists.osmocom.org] Dear all, time is flying, and I would like to start early with discussions and planning about OsmoCon and OsmoDevCon in 2018. It helps to start early. Side note: We have some pending issues about the events from last year at http://osmocom.org/projects/osmo-dev-con/issues - I've incorporated them in the text below. == OsmoDevCon == For OsmoDevCon, I think it's easy: We keep it as-is. Same procedure as every year, which means: * same venue, same catering options * same concept of 'anyone contributing to Osmocom can apply for registration until all seats are taken' * same idea of inviting some few speaker[s] doing other FOSS mobile communications work to join us The parts that we need to change, IMHO: * don't reduce from 4 to 3 days like last year. Have full 4 days again * sort topics per day / half-day, i.e. have "GSM/UMTS Cellular Infrastructure" days for BTS/BSC/NITB/MSC/HLR/SGSN/GGSN & Co, but then have other days for other projects. This would enable people not interested in the [continued evolvement] of the cellular projects be able to skip those days, or to simply meet in an adjacent room for parallel hacking sessions/discussions * try to be a bit more structured with the schedule in general. The existing approach works for people who attend all the event all day long, but not so well for people with other plans / limited time Any further change requests or topics to discuss? Please note that Pablo Neira has offered to kindly host an OsmoDevCon in Seville (Spain). I've attended a number of netfilter workshops he organized there, and he's doing a great job! However, given the large number of attendees from Berlin (and Germany in general), I think this would make things more complicated, and more expensive for most attendees. If you disagree with that assessment: I'm open for having the discussion, I just thought it's more practical/economic to do it in Berlin. === 10 year Anniversary Party === Given that 2018 marks the 10 year anniversary of Dieter and me hacking with the Siemens BS-11 in 2008, I think the 2018 incarnation deserves some special celebration of some form. I have no concrete idea yet, but for sure we should so something, and it should be at/around OsmoDevCon. And for sure we should have a BS-11 around :) == OsmoCon == The public OsmoCon was welcomed and was a success. However, let's start this discussion with a review of last years event. === Registration === * Registrations came in way too late. Two weeks ahead of the event, we were considering to cancel it. And then within the last few days, we had to turn people down due to limited seating capacity * To make planning more reliable, we see on other option but to significantly raise the registration fee combined with an equally significant discount for early booking === Duration === * Many people requested multiple days rather than just one, in order to make more out of (long distance) travels. This is obvious, but as we had no idea how many people would attend at all (or if we have to cancel due to lack of attendance), planning multiple days in the first incarnation would have been high risk and a multitude of work * I would suggest to expand to two or even three days this week, possibly one days with tutorials and the other day with tech talks * Slightly less crammed schedule due to multiple days === Venue === We recognize this yearso venue was not the best option, due to * Bad ventilation in the basemenet * Difficult to find * No space next to the conference room where people can meet / hang out in parallel to talks (not everyone attends every talk) I still like the "understatement" of the venue. I'd prefer any hostel / non-profit / hackerspace / university over luxurious hotels any time. Going to an expensive venue means more or less automatically more expensive ticket fees, which again is more likely to exclude pure community members without a commercial activity related to Osmocom. So any future venue would ideally: * be able to hold slightly more people than this year * have a second room or large lobby in which people can meet for extended coffee breaks in parallel to some talks, as needed * be slightly easier to find (and we have to put up some signs outside and in the lobby) * have better WiFi and/or wired connectivity === Programme / Format === * less crammed over multiple days * some more "interactive" formats were requested, for users to provide feedback to developers * there was some discussion about topics / speakers in redmine last year, but not too much participation [until it was too late]. * I'd suggest a more formal CfP process with a submission deadline that allows us to publish a preliminary schedule long ahead of the event === Video Recordings === I think they were a big success, and it was a very big surprise that the CCC Video Operations Center was volunteering to help such a small and niche-interest event like OsmoCon. We should make sure that we can repeat this for 2018. == Dates / Frequency == Having OsmoCon and OsmoDevCon back to back becomes somewhat long, if OsmoCon is 2-3 days and OsmoDevCon is 4 days. Basically we're looking at a full week for those of you who would like to attend both events. But then, I think the number of people attending both events is actually not all that big. Without checking the details, I think not more than half of the OsmoDevCon attendees were attending OsmoCon. I would expect that tendency to remain or even increase. I still think it's good to keep them back-to-back. In terms of frequency, I would actually suggest we move to a 6-month cycle rather than a 12-month cycle. There's a lot of development going on at all time. I understand that not everyone is able to attend two events just on Osmocom, especially if it's a spare time / hobby type activity. That's ok, I think there's no problem with attending either of the two only, and catching up by video recordings and/or mail on the other. The qeustion is: Should that second event be developer-oriented or user-oriented? Or again both? Any comments here? Ok, that was a somewhat lengthy e-mail. Please make sure to provide any feedback you may have as early as possible, to increase the chances of your feedback being reflected in the planning. Happy hacking, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

[PATCH] firmware: Makefiles: enable changing toolchain
by Denis 'GNUtoo' Carikli 05 Oct '17

05 Oct '17

Without that the user was expected to either patch the Makefiles or to get a toolchain with the arm-elf- prefix. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo(a)no-log.org> --- firmware/Makefile | 13 +++++++------ firmware/Makefile.dfu | 13 +++++++------ 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/firmware/Makefile b/firmware/Makefile index 350b0dc..1581a1f 100644 --- a/firmware/Makefile +++ b/firmware/Makefile @@ -352,12 +352,13 @@ LPC21ISP_CONTROL = -control # Define programs and commands. SHELL = sh -CC = arm-elf-gcc -CPP = arm-elf-g++ -OBJCOPY = arm-elf-objcopy -OBJDUMP = arm-elf-objdump -SIZE = arm-elf-size -NM = arm-elf-nm +CROSS_COMPILE ?= arm-elf- +CC = $(CROSS_COMPILE)gcc +CPP = $(CROSS_COMPILE)g++ +OBJCOPY = $(CROSS_COMPILE)objcopy +OBJDUMP = $(CROSS_COMPILE)objdump +SIZE = $(CROSS_COMPILE)size +NM = $(CROSS_COMPILE)nm REMOVE = rm -f COPY = cp diff --git a/firmware/Makefile.dfu b/firmware/Makefile.dfu index 3c797ef..1e9e71c 100644 --- a/firmware/Makefile.dfu +++ b/firmware/Makefile.dfu @@ -303,12 +303,13 @@ LPC21ISP_CONTROL = -control # Define programs and commands. SHELL = sh -CC = arm-elf-gcc -CPP = arm-elf-g++ -OBJCOPY = arm-elf-objcopy -OBJDUMP = arm-elf-objdump -SIZE = arm-elf-size -NM = arm-elf-nm +CROSS_COMPILE ?= arm-elf- +CC = $(CROSS_COMPILE)gcc +CPP = $(CROSS_COMPILE)g++ +OBJCOPY = $(CROSS_COMPILE)objcopy +OBJDUMP = $(CROSS_COMPILE)objdump +SIZE = $(CROSS_COMPILE)size +NM = $(CROSS_COMPILE)nm REMOVE = rm -f COPY = cp -- 2.14.1

2 1

simtrace as a remote sim solution
by pozsy＠uhulinux.hu 01 Oct '17

01 Oct '17

Hi All, Just found this project which seems to be quite interesting to me. Tried to read through all the information on the project page before asking, but not everything is clear yet :) So what I would like to achieve is basically the man-in-the-middle (mitm) mode. I do not actually need to modify any communication on its way, all I would like to do is to have: a) the sim card in a reader connected to host (A), while b) the gsm module is connected to an other host (B) and relaying their communication back and forth through some IP network. I guess I would need two pieces of simtrace hardware for that, as well as firmware and software modifications. Now the questions :) - Do you think this could work with the current hw/fw design? - Has anyone done something similar in the past? - What would be the maximum network delay allowed? - Do you know of any alternative solutions for my needs? Would be great to hear from you. Thanks, Balazs ps: I would also be willing to pay for professional consultancy services on this topic.

2 1

Baud rate
by Vishal Vaidhyanathan 17 Jul '17

17 Jul '17

Hi, What is the BAUD rate of the phone clock? You must know it for sniffing the communication between the phone and SIM card. And does Wireshark output all the communication between the phone and the SIM card? Please let me know. Thanks, Vishal

3 7

Simtrace
by Vishal Vaidhyanathan 13 Jul '17

13 Jul '17

Hi, We purchased the Simtrace HW kit from you guys and I tried to sniff the communication between the sim and an iPhone 6. After installing the firmware and running simtrace, I was able to view the results on Wireshark. Looking into the results, all the field’s like EF.ICCID, EF.IMSI and EF.Keys had the same number (APDU Payload). I got the numbers like ICCID and IMSI and it didn’t match them. Do you have any idea where the issue might be? Please let me know Regards, Vishal

2 1

simtrace/openpcd build problem
by Piotr Chytla 26 Jun '17

26 Jun '17

Hi, I've tried to build lastest HEAD of openpcd and building are failing on unkown uint8_t/16_t/32_t types ( on GCC 4.8.4) . Makefile/Makefile.dfu ggives the same errors. I've already tried to build this on debian 7.11 - gcc 4.5.2, and debian jessie 8.7 / gcc 4.8.4 ( arm-none-eabi) and it seems same . Reverting commit 373c172ab858102e1818c8476ab1a2b290685cda fixes problem . [..] GCC 4.5.2 -------- begin (mode: RUN_FROM_ROM) -------- arm-elf-gcc (GCC) 4.5.2 Copyright (C) 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. scripts/mkcompile_h > include/compile.h Compiling C (ARM-only): src/start/Cstartup_SAM7.c arm-elf-gcc -c -mcpu=arm7tdmi -I. -gdwarf-2 -DBOARD=SIMTRACE -DRUN_FROM_ROM -D__MS_types__ -D__LIBRFID__ -DSIMTRACE -D__AT91SAM7S128__ -Isrc/simtrace -Iinclude -Isrc -Os -Wall -Wextra -Wcast-align -Wimplicit -Wunused -Wpointer-arith -Wswitch -Wredundant-decls -Wreturn-type -Wshadow -Wbad-function-cast -Wsign-compare -Waggregate-return -Wa,-adhlns=src/start/Cstartup_SAM7.lst -MD -MP -MF .dep/Cstartup_SAM7.o.d -Wnested-externs -std=gnu99 src/start/Cstartup_SAM7.c -o src/start/Cstartup_SAM7.o Compiling C (ARM-only): lib/lib_AT91SAM7.c arm-elf-gcc -c -mcpu=arm7tdmi -I. -gdwarf-2 -DBOARD=SIMTRACE -DRUN_FROM_ROM -D__MS_types__ -D__LIBRFID__ -DSIMTRACE -D__AT91SAM7S128__ -Isrc/simtrace -Iinclude -Isrc -Os -Wall -Wextra -Wcast-align -Wimplicit -Wunused -Wpointer-arith -Wswitch -Wredundant-decls -Wreturn-type -Wshadow -Wbad-function-cast -Wsign-compare -Waggregate-return -Wa,-adhlns=lib/lib_AT91SAM7.lst -MD -MP -MF .dep/lib_AT91SAM7.o.d -Wnested-externs -std=gnu99 lib/lib_AT91SAM7.c -o lib/lib_AT91SAM7.o Compiling C (ARM-only): src/dfu/dfu.c arm-elf-gcc -c -mcpu=arm7tdmi -I. -gdwarf-2 -DBOARD=SIMTRACE -DRUN_FROM_ROM -D__MS_types__ -D__LIBRFID__ -DSIMTRACE -D__AT91SAM7S128__ -Isrc/simtrace -Iinclude -Isrc -Os -Wall -Wextra -Wcast-align -Wimplicit -Wunused -Wpointer-arith -Wswitch -Wredundant-decls -Wreturn-type -Wshadow -Wbad-function-cast -Wsign-compare -Waggregate-return -Wa,-adhlns=src/dfu/dfu.lst -MD -MP -MF .dep/dfu.o.d -Wnested-externs -std=gnu99 src/dfu/dfu.c -o src/dfu/dfu.o In file included from src/dfu/dfu.c:24:0: include/usb_ch9.h:122:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:172:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:181:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:234:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:257:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:271:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:289:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:320:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:337:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:351:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:363:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:381:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:394:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:406:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:423:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:434:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:442:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:473:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:495:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_ch9.h:511:2: error: expected specifier-qualifier-list before ‘uint8_t’ In file included from src/dfu/dfu.c:25:0: include/usb_dfu.h:18:2: error: expected specifier-qualifier-list before ‘uint8_t’ include/usb_dfu.h:44:2: error: expected specifier-qualifier-list before ‘uint8_t’ In file included from src/dfu/dfu.c:29:0: src/simtrace/usb_strings_dfu.h:11:2: error: expected specifier-qualifier-list before ‘uint16_t’ src/simtrace/usb_strings_dfu.h:14:3: error: unknown field ‘bLength’ specified in initializer src/simtrace/usb_strings_dfu.h:14:64: error: ‘uint16_t’ undeclared here (not in a function) [..] [..] GCC 4.8.4 -------- begin (mode: RUN_FROM_ROM) -------- arm-elf-gcc (4.8.4-1+11-1) 4.8.4 20141219 (release) Copyright (C) 2013 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. scripts/mkcompile_h > include/compile.h gcc scripts/usbstring.c -o scripts/usbstring cat src/picc/usb_strings_dfu.txt | ./scripts/usbstring > src/picc/usb_strings_dfu.h cat src/pcd/usb_strings_dfu.txt | ./scripts/usbstring > src/pcd/usb_strings_dfu.h cat src/simtrace/usb_strings_dfu.txt | ./scripts/usbstring > src/simtrace/usb_strings_dfu.h Compiling C (ARM-only): src/start/Cstartup_SAM7.c arm-elf-gcc -c -mcpu=arm7tdmi -I. -gdwarf-2 -DBOARD=SIMTRACE -DRUN_FROM_ROM -D__MS_types__ -D__LIBRFID__ -DSIMTRACE -D__AT91SAM7S128__ -Isrc/simtrace -Iinclude -Isrc -Os -Wall -Wextra -Wcast-align -Wimplicit -Wunused -Wpointer-arith -Wswitch -Wredundant-decls -Wreturn-type -Wshadow -Wbad-function-cast -Wsign-compare -Waggregate-return -Wa,-adhlns=src/start/Cstartup_SAM7.lst -MD -MP -MF .dep/Cstartup_SAM7.o.d -Wnested-externs -std=gnu99 src/start/Cstartup_SAM7.c -o src/start/Cstartup_SAM7.o Compiling C (ARM-only): lib/lib_AT91SAM7.c arm-elf-gcc -c -mcpu=arm7tdmi -I. -gdwarf-2 -DBOARD=SIMTRACE -DRUN_FROM_ROM -D__MS_types__ -D__LIBRFID__ -DSIMTRACE -D__AT91SAM7S128__ -Isrc/simtrace -Iinclude -Isrc -Os -Wall -Wextra -Wcast-align -Wimplicit -Wunused -Wpointer-arith -Wswitch -Wredundant-decls -Wreturn-type -Wshadow -Wbad-function-cast -Wsign-compare -Waggregate-return -Wa,-adhlns=lib/lib_AT91SAM7.lst -MD -MP -MF .dep/lib_AT91SAM7.o.d -Wnested-externs -std=gnu99 lib/lib_AT91SAM7.c -o lib/lib_AT91SAM7.o Compiling C (ARM-only): src/dfu/dfu.c arm-elf-gcc -c -mcpu=arm7tdmi -I. -gdwarf-2 -DBOARD=SIMTRACE -DRUN_FROM_ROM -D__MS_types__ -D__LIBRFID__ -DSIMTRACE -D__AT91SAM7S128__ -Isrc/simtrace -Iinclude -Isrc -Os -Wall -Wextra -Wcast-align -Wimplicit -Wunused -Wpointer-arith -Wswitch -Wredundant-decls -Wreturn-type -Wshadow -Wbad-function-cast -Wsign-compare -Waggregate-return -Wa,-adhlns=src/dfu/dfu.lst -MD -MP -MF .dep/dfu.o.d -Wnested-externs -std=gnu99 src/dfu/dfu.c -o src/dfu/dfu.o In file included from src/dfu/dfu.c:24:0: include/usb_ch9.h:122:2: error: unknown type name 'uint8_t' uint8_t bRequestType; ^ include/usb_ch9.h:123:2: error: unknown type name 'uint8_t' uint8_t bRequest; ^ include/usb_ch9.h:124:2: error: unknown type name 'uint16_t' uint16_t wValue; ^ include/usb_ch9.h:125:2: error: unknown type name 'uint16_t' uint16_t wIndex; ^ include/usb_ch9.h:126:2: error: unknown type name 'uint16_t' uint16_t wLength; ^ include/usb_ch9.h:172:2: error: unknown type name 'uint8_t' uint8_t bLength; ^ include/usb_ch9.h:173:2: error: unknown type name 'uint8_t' uint8_t bDescriptorType; ^ include/usb_ch9.h:181:2: error: unknown type name 'uint8_t' uint8_t bLength; ^ include/usb_ch9.h:182:2: error: unknown type name 'uint8_t' uint8_t bDescriptorType; ^ include/usb_ch9.h:184:2: error: unknown type name 'uint16_t' uint16_t bcdUSB; ^ include/usb_ch9.h:185:2: error: unknown type name 'uint8_t' uint8_t bDeviceClass; ^ include/usb_ch9.h:186:2: error: unknown type name 'uint8_t' uint8_t bDeviceSubClass; ^ include/usb_ch9.h:187:2: error: unknown type name 'uint8_t' uint8_t bDeviceProtocol; ^ include/usb_ch9.h:188:2: error: unknown type name 'uint8_t' uint8_t bMaxPacketSize0; ^ include/usb_ch9.h:189:2: error: unknown type name 'uint16_t' uint16_t idVendor; ^ include/usb_ch9.h:190:2: error: unknown type name 'uint16_t' uint16_t idProduct; ^ include/usb_ch9.h:191:2: error: unknown type name 'uint16_t' uint16_t bcdDevice; ^ include/usb_ch9.h:192:2: error: unknown type name 'uint8_t' uint8_t iManufacturer; ^ include/usb_ch9.h:193:2: error: unknown type name 'uint8_t' uint8_t iProduct; ^ include/usb_ch9.h:194:2: error: unknown type name 'uint8_t' uint8_t iSerialNumber; ^ include/usb_ch9.h:195:2: error: unknown type name 'uint8_t' uint8_t bNumConfigurations; ^ include/usb_ch9.h:234:2: error: unknown type name 'uint8_t' uint8_t bLength; ^ include/usb_ch9.h:235:2: error: unknown type name 'uint8_t' uint8_t bDescriptorType; ^ include/usb_ch9.h:237:2: error: unknown type name 'uint16_t' uint16_t wTotalLength; ^ include/usb_ch9.h:238:2: error: unknown type name 'uint8_t' uint8_t bNumInterfaces; ^ include/usb_ch9.h:239:2: error: unknown type name 'uint8_t' uint8_t bConfigurationValue; ^ include/usb_ch9.h:240:2: error: unknown type name 'uint8_t' uint8_t iConfiguration; ^ include/usb_ch9.h:241:2: error: unknown type name 'uint8_t' uint8_t bmAttributes; ^ include/usb_ch9.h:242:2: error: unknown type name 'uint8_t' uint8_t bMaxPower; ^ include/usb_ch9.h:257:2: error: unknown type name 'uint8_t' uint8_t bLength; ^ include/usb_ch9.h:258:2: error: unknown type name 'uint8_t' uint8_t bDescriptorType; ^ include/usb_ch9.h:260:2: error: unknown type name 'uint16_t' uint16_t wData[0]; /* UTF-16LE encoded */ ^ include/usb_ch9.h:271:2: error: unknown type name 'uint8_t' uint8_t bLength; ^ include/usb_ch9.h:272:2: error: unknown type name 'uint8_t' uint8_t bDescriptorType; ^ include/usb_ch9.h:274:2: error: unknown type name 'uint8_t' uint8_t bInterfaceNumber; ^ include/usb_ch9.h:275:2: error: unknown type name 'uint8_t' uint8_t bAlternateSetting; ^ include/usb_ch9.h:276:2: error: unknown type name 'uint8_t' uint8_t bNumEndpoints; ^ include/usb_ch9.h:277:2: error: unknown type name 'uint8_t' uint8_t bInterfaceClass; ^ include/usb_ch9.h:278:2: error: unknown type name 'uint8_t' uint8_t bInterfaceSubClass; ^ include/usb_ch9.h:279:2: error: unknown type name 'uint8_t' uint8_t bInterfaceProtocol; ^ include/usb_ch9.h:280:2: error: unknown type name 'uint8_t' uint8_t iInterface; ^ include/usb_ch9.h:289:2: error: unknown type name 'uint8_t' uint8_t bLength; ^ include/usb_ch9.h:290:2: error: unknown type name 'uint8_t' uint8_t bDescriptorType; ^ include/usb_ch9.h:292:2: error: unknown type name 'uint8_t' uint8_t bEndpointAddress; ^ include/usb_ch9.h:293:2: error: unknown type name 'uint8_t' uint8_t bmAttributes; ^ include/usb_ch9.h:294:2: error: unknown type name 'uint16_t' uint16_t wMaxPacketSize; ^ include/usb_ch9.h:295:2: error: unknown type name 'uint8_t' uint8_t bInterval; ^ include/usb_ch9.h:320:2: error: unknown type name 'uint8_t' uint8_t bLength; ^ include/usb_ch9.h:321:2: error: unknown type name 'uint8_t' uint8_t bDescriptorType; ^ include/usb_ch9.h:323:2: error: unknown type name 'uint16_t' uint16_t bcdUSB; ^ include/usb_ch9.h:324:2: error: unknown type name 'uint8_t' uint8_t bDeviceClass; ^ include/usb_ch9.h:325:2: error: unknown type name 'uint8_t' uint8_t bDeviceSubClass; ^ include/usb_ch9.h:326:2: error: unknown type name 'uint8_t' uint8_t bDeviceProtocol; ^ include/usb_ch9.h:327:2: error: unknown type name 'uint8_t' uint8_t bMaxPacketSize0; ^ include/usb_ch9.h:328:2: error: unknown type name 'uint8_t' uint8_t bNumConfigurations; ^ include/usb_ch9.h:329:2: error: unknown type name 'uint8_t' uint8_t bRESERVED; ^ include/usb_ch9.h:337:2: error: unknown type name 'uint8_t' /pch -- Piotr Chytla <pch(a)packetconsulting.pl>

1 0

Feature #1724: Extend wireshark dissector for SIM/USIM traces
by Gerard Lawrence Pinto 18 Jun '17

18 Jun '17

Greetings, I have been working with wireshark and SIMtrace. And decided to extended the dissector for 'GET RESPONSE' (mf/df/ef) and 'STATUS' - according to the ETSI 11.11 Section 9.2.1 Page 39 - 41 and Page 46 (Definitions and Codings for response params) Keeping update with latest wireshark commits. I would like to commit to their gerrit. Please could you let me know here - if the output is as expected. Let me know your views/comments on the output so I can change it before commit. Also code can be viewed here 'https://github.com/GerardPinto/wireshark' (properly forked and synced with upstream) or reviewed by wireshark gerrit (Once I get your views on the output). (1) Get Response MF/DF: GSM SIM 11.11 1010 .... = Class Coding: ISO/IEC 7816-4 unless stated otherwise (0xa) .... 00.. = Secure Messaging Indication: No SM used between terminal and card (0x0) .... ..00 = Logical Channel number: 0 Instruction: GET RESPONSE (0xc0) Length of Expected Response Data: 32 RFU: 0x00 Total amt of memory not allocated to any of the DFs or EFs under the selected dir: 0x00 File ID: DF.GSM (0x7f20) Type of File: DF (0x02) RFU: 0000000000 Length of following data: 19 GSM Specific Data File Characteristics: 0xb3, Clock Stopping Indication: Not Allowed - unless at low level, Frequency Required for ENVELOPE cmd /AUTH algo, CHV1 Status .... 00.1 = Clock Stopping Indication: Not Allowed - unless at low level (0x1) .... ..1. = Frequency Required for ENVELOPE cmd /AUTH algo: 13/4 Mhz .011 .... = RFU: 0x3 1... .... = CHV1 Status: Enabled DFs in Current Directory: 0 EFs in Current Directory: 41 Number of CHVs, UNBLOCK CHVs and administrative codes: 4 RFU: 0x00 CHV1 status: 0x83, Secret Code initialized .... 0011 = False presentations remaining ('0' means blocked): 3 .000 .... = RFU: 0x0 1... .... = Secret Code initialized: Yes UNBLOCK CHV1 Status: 0x8a, Secret Code initialized .... 1010 = False presentations remaining ('0' means blocked): 10 .000 .... = RFU: 0x0 1... .... = Secret Code initialized: Yes CHV2 Status: 0x8a, Secret Code initialized .... 1010 = False presentations remaining ('0' means blocked): 10 .000 .... = RFU: 0x0 1... .... = Secret Code initialized: Yes UNBLOCK CHV2 Status: 0x8a, Secret Code initialized .... 1010 = False presentations remaining ('0' means blocked): 10 .000 .... = RFU: 0x0 1... .... = Secret Code initialized: Yes RFU: 0x00 Reserved for the Administrative Management: 030000bbda00000000 Status Word: 9000 Normal ending of the command (2) Get Response EF: GSM SIM 11.11 1010 .... = Class Coding: ISO/IEC 7816-4 unless stated otherwise (0xa) .... 00.. = Secure Messaging Indication: No SM used between terminal and card (0x0) .... ..00 = Logical Channel number: 0 Instruction: GET RESPONSE (0xc0) Length of Expected Response Data: 15 RFU: 0x00 File Size: 11 File ID: EF.LOCI (0x6f7e) Type of File: EF (0x04) EF response Byte 8: RFU: 00 Access Condition Byte 9: 0x00, UPDATE: Always (ALW), READ/SEEK: Always (ALW) .... 0000 = UPDATE: Always (ALW) (0x0) 0000 .... = READ/SEEK: Always (ALW) (0x0) Access Condition Byte 10: 0x14, INCREASE: Administrative Authority (ADM), RFU: Card Holder Verification1 (CHV1) .... 0100 = INCREASE: Administrative Authority (ADM) (0x4) 0001 .... = RFU: Card Holder Verification1 (CHV1) (0x1) Access Condition Byte 11: 0x01, INVALIDATE: Card Holder Verification1 (CHV1), REHABILITATE: Always (ALW) .... 0001 = INVALIDATE: Card Holder Verification1 (CHV1) (0x1) 0000 .... = REHABILITATE: Always (ALW) (0x0) File Status: 0x01, Validation Status .... ...1 = Validation Status: Not invalidated .... ..0. = RFU: 0x0 .... .0.. = Read Update Status: Not readable or updatable when invalidated 0000 0... = RFU: 0x00 Length of following data: 2 File Structure: Transparent (0x00) Length of a record: 0 Status Word: 9000 Normal ending of the command (3) STATUS ( ETSI 11.11 Section 9.2.2) says - The response parameters/data are identical to the response parameters/data of the SELECT command in case of an MF or DF. Thanks, Gerard

1 0

Current status of the SIMtrace project
by E:V:A 21 Mar '17

21 Mar '17

Dear Osmocom, I have been following your SIMtrace project for some time and wanted to build and try a few things. However, it seem that the project is abandoned since it has not been updated on your Wiki for ages. I know you guys are very busy with your many other and more interesting projects and that this project is very old, but we would still appreciate if you could at least try to keep your own GIT repo updated with the stuff you are showing on the wiki. For example, I cloned the SIMtrace and opened the schematics in KiCad only to find that the schematic is several HW versions behind the currently shown one. So my questions are: 1. Have you abandoned the project? 2. Where can I find/download the latest Firmware, KiCad (Schematics and PCB) design files? 3. There is a related project on GitHub that are using SIMtrace. However, the firmware there seem different. What is the current status of the firmware? Are you involved in that development? https://github.com/kamwar/simlabTrace If your answer to (1) is a Yes, then perhaps it would be better to publish your project to GitHub instead, so that other people can help and take over the maintenance? This is actually a great idea, reagrdless as your Redmine/cgit based git repo is very slow and hard to navigate and the bug tracking of GH is superior in simplicity to anything else freely available. Kind Regards, E:V:A

3 6

New hardware support or replacement proposal
by E:V:A 21 Mar '17

21 Mar '17

Dear SIMtrace Developers, After having spent a few days reviewing your SIMtrace hardware and FW and its development, I would like to propose you to consider supporting the following project. Background: The current SIMtrace processor (AT91SAM7) is based on the 55 MHz ARMv4T uP, whereas the next generation SIMtrace2 is to use (AT91SAM3) which is based on a 96 MHz Cortex-M3. This is all great and dandy, but it does limit the hardware and software development to people who are already very familiar with that hardware. Why are these needed? They are needed so that we can have 2 SIM (USART) interfaces and that we can translate the signals found on those to/from a USB endpoint on the USB port. This is all done in the firmware, written in C + Assembly. Proposal: The new project would utilize a RaspberryPi-Zero-W in the external slave configuration or a RPi3 doubling as a host. The RPi-0 is a 1GHz ARM processor (ARM1176JZF-S) and could possibly also be used as a headless host via WiFi. (RPi0 has OTG USB, RPi3 doesn't.) The Rpi3 is a quad-core 64-bit Cortex-A53, that can be used as anything. Thus porting A53 to M3 might be more easy. Advantages: There are too many advantages to ignore... - The huge RPi developer community - The high clockspeed and 512+ Mb of RAM - All interfaces you can dream of, except JTAG - A huge reduction on the BOM. I've counted that we may remove about 50 components by using this solution instead of the current v1.3 one. - A huge reduction to about 1/3 of what is currently used of the PCB footprint. - A large reduction of production price due to above. - Easy to port drivers when understood - Provide a more attractive and useful product combo (RPi-0 + ST hat) than what is currently offered. Disadvantages: - Need porting of current FW drivers to RPi's - Possible proprietary limitation to the complete Broadcom datasheets - Need to CAD and manufacture a new PCB - New Rpi-0/3 drivers would need testing for use with 2 SIM IF's. Other: The RPi's only has one UART so to get a second, we need to use bit-banging of their GPIO,SPI or I2C. There are already solutions out there and the much higher clock-rate of both devices allow you to run up to 250 MHz on a single GPIO pin, so that would allow you to multiplex a number of virtual/emulated UARTs. (Perhaps similarly to what was already done when SIMtrace was using the FT232r?) The library used for this is the PGPIO from here: http://abyz.co.uk/rpi/pigpio/download.html and a Python based test-script can be found here: https://www.rs-online.com/designspark/raspberry-pi-2nd-uart-a-k-a-bit-bangi… Finally, please don't get me wrong. This is not at all a critique of what has already been done. The development of the ST is a great piece of work and obviously very flexible and cross platform compatible by using USB, but for compact embedded devices, such as RPi's etc, all that extra HW is redundant and expensive to produce and maintain. Even more so than combining the RPi + this add-on, while improving cross platform connectivity and IoT support. I would love to hear what the community and Osmocom think about this. Cheers, E:V:A

3 4

git.osmocom.org cgit improvements
by Harald Welte 20 Mar '17

20 Mar '17

Hi all, today I've deployed some cgit improvements on https://git.osmocom.org/, in the hope that it makes this tool even more useful: 1) syntax highlighting of source code (requested by Hoernchen) The source code is now highlighted by pygments. I don't really understand why somebody would want to look at source code a lot in a browser, but well, it was as easy as to enable the existing pygments based filter plugin. 2) rendering of "about" page from README.md As you might have noticed, I've introduced a README.md in a number of repositoires, and cgit is now rendering an about page for every repository, e.g. at http://git.osmocom.org/libosmo-abis/about/ 3) gerrit change-ID hyperlink generation All gerrit Change-IDs in commit messages are now automatically converted to hyperlinks to the respective gerrit change, see e.g. the below example: http://git.osmocom.org/openbsc/commit/?id=6dd0fc685b7149f67a5fe17a5bce55c44… Please note that this works for the "Change-Id" line of the actual change, but also for change-ids in the free text (e.g. "this depends on change-id ... in libosmocore") 4) Osmocom ticket/issue hyperlink generation Any Line that matches the "^((Relate|Close|Fixe)[ds]):" prefix is scanned for occurrences of "OS#(\d+)" which are then amended with hyperlinks to the respective issue on osmocom.org Please note the OS# prefix is mandatory, so things like "OS#1614, 1615" will not work, as can be seen at http://git.osmocom.org/osmo-pcu/commit/?id=0a8fae8d141c2cfa4387ffe9b35402d5… Please format your commit messages accordingly. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

3 3

Trying to use simtrace with 4FF NFC/SIM cards
by Pedro Cabrera 17 Mar '17

17 Mar '17

Hi all, I come to all of you as I'm trying to use simtrace to capture the UE-SIM traffic with a 4G+ SIM card, called "next gen SIM card" (the ones with NFC). The only thing I see is the ATR, and the mobile never detects the SIM card. I try also to read the SIM card plugin directly into the SCR3310 card reader, but the reader didn't recognize the SIM card (no led activity). At the beginning I thought this must be a new standard for the NFC/SIM cards, but reading 3GPP TS 31.101 V13.2.0 (2016-06), I understood only Class B and C operating conditions should be supported by 3G MEs (page 10 of the document), and using transmission protocols T=0 and T=1. So looks like nothing has change in the protocols/electrical conditions. I look for 3GPP specs folder searching for something related with this NFC/SIM (http://www.3gpp.org/DynaReport/31-series.htm), but nothing appear. Also searching in google about this simcards I just found Orange document describing the business strategy to use NFC services/wallet; "On February 21st 2011 many of the world’s leading mobile operators (15 in total) including Orange announced their collective commitment to SIM-based mobile NFC and intention to launch commercial mobile NFC services. In November 2011, the Chinese MNOs increased the momentum of support to SIM based NFC. In January, GSMA communicated that more than 60 MNOs now support these initiatives." Source: https://www.orange.com/en/content/download/12418/258640/version/1/file/Oran… But still didn't found any technical spec for this sim cards. Most strange for me is that plugging this SIM card in an old Samsung Galaxy S3 is working normally, so ask myself why plugging in SCR3310 reader or simtrace is not working. Can anyone help me with this SIM cards specifications? Does anyone been able to read with SIM readers? Best Regards, Pedro

2 4

Problem with firmware flashing
by Alexander Unger 27 Feb '17

27 Feb '17

Hi, our company bought two SIMtrace Hardware Kits. We want to use SIM forwarder <https://github.com/kamwar/simlabTrace/wiki/res/bin/sim_forwarder-simtrace-a…> firmware in our project. but have problem with flashing it to the board. in one way I installed toolchain as described at http://osmocom.org/projects/baseband/wiki/GnuArmToolchain and made forwarder firmware - success1. but any tries to flash it using dfu-util failed. tries was next: -------------------------- - from windows10 host using steps from https://github.com/kiibohd/controller/wiki/Loading-DFU-Firmware#windows - kii-dfu can`t flash it due to three dfu devices with NO serial numbers. Try using dfu-util with -a0 flag gives same result as later cases - DFU found, state idle, activate alternative=0 ... and nothing more. reruns not helps. reconnects with or w/o BOOTLOADER button gives same result - nothing. --------------------- - same win10 host with vmWare Ubuntu16.04 VM. tries to install using ubuntu. device shown on lsusb - dfu mode on. dfu-utils installed, toolchain too, firmware made OK. simtrace made too. BUG1 experiment with simtrace gives output with wrong parsing of commands - may be you have to open bug case to resolve it. same results with usb2 on vm and usb3. all tries to flash forwarder or reader to board failed on same place as before. tried with button at connect and using -ao and w/o button and using -i param (forgot number of interface for apps partition mb was -i1 ) - failed - pure ubuntu 16.04 host. all above with same results. using usb3 port and usb2 extender. -------------------------------- Now the time to tell about second way - SAM-BA . here is another problem: used http://osmocom.org/projects/simtrace/wiki/SIMtrace_Firmware installed GnuArmToolchain <http://osmocom.org/projects/baseband/wiki/GnuArmToolchain>. as described on toolchain <http://osmocom.org/projects/baseband/wiki/Toolchain> link, included to PATH. Trying to do: git clone git://git.osmocom.org/openpcd.git cd openpcd/firmware make -f Makefile.dfu BOARD=SIMTRACE make BOARD=SIMTRACE DEBUG=1 TARGET=main_simtrace cat dfu.bin main_simtrace.bin > main_simtrace.samba cd ../.. failed on 3rd string: make -f Makefile.dfu BOARD=SIMTRACE - arm-elf-gcc not found! tries to rename arm-none-eabi gcc to arm-elf-gcc was not successful. so I cant produce your dfu.bin to use samba (I made it with success) with cat dfu.bin my_forwarder.bin > my_forwarder.samba Also, at the string cat dfu.bin main_simtrace.bin > main_simtrace.samba we see dfu.bin which is possibly dfu-boot-loader with wrong name which crashes brain of google so we have a BUG2: - to rename produced dfu.bin filename to something relative i.e. dfu-boot-loader-arm-SAM7.bin - to place link to binary of loader(s) at your instructions. installed also crosstool-ng - but arm-elf-gcc not found too So, we have fails using dfu-util and unmaking state of firmware which gives use of SAM-BA impossible due to insufficient dfu-boot-loader-arm-SAM7.bin aka dfu-bin. This situation looks like failed "smoke test"... Please help me to solve these issues. Regards, Alexandr -- https://L-in-K.com/147a258u369

2 2

dfu-util and simtrace
by Tormod Volden 21 Feb '17

21 Feb '17

Hi, I looked through the archives of this list and saw that an issue with dfu-util and simtrace was discussed. Can anyone here do some simple debugging on it? Remote access would have been great, but I guess the device hangs and must be reset all the time during testing so it might not be so efficient. The issue was also reported in the dfu-util bug tracker, but the OP went silent, so please add any useful information there (or Cc me on your replies here). https://sourceforge.net/p/dfu-util/tickets/33/ Best regards, Tormod

1 1

Problem with firmware flashing using dfu-util
by Szymon Mielczarek 18 Feb '17

18 Feb '17

In a response to "Problem with firmware flashing" thread. I couldn't easily reply in the original thread so I am writing in a new one. Hi Alexander, As Holger mentioned, it seems that both dfu (the one provided with device and dfu-util) are not compatible with each other. I will try to debug this issue a little bit later. Anyway, I was able to flash the board using an older version of dfu-util on Windows 7. Here are my steps (on Windows): 1. Download and unpack dfu-util v0.6 (dfu-util-0.6-win32.zip.bz2) from: http://dfu-util.sourceforge.net/releases/ 2. Install USB drivers (http://zadig.akeo.ie/) 3. Enter DFU mode (the red LED should turn on) 4. Flash the device from cmd line dfu-util -d 16c0:0762 -R -a0 -D sim_forwarder-simtrace-at91sam7s128-flash_dfu.bin On Linux machine I am using the following configuration: - Ubuntu 14.04 (natively booted, not VM) - dfu-util v0.5 -- BR, Szymon

1 0

SIMTrace
by Mohammed Bashir 01 Feb '17

01 Feb '17

Dear Sir, Sir's, Good Day I want to order SIMTrace toolkit but I need to know something about this product 1- What is the package contents? 2- The software included this package ? 3- Does the Software operates in windows environment? 4- I order from Saudi Arabia is this product available in this region or in any region in middle east ? 5- How many day to deliver this product to my side? Thanks / Regards ____________________________________________________________ Mohammed Bashir Software Developer Golden Chip Company <mailto:www.goldenchip.com.sa> www.goldenchip.com.sa <mailto:m.bashir@goldenchip.com.sa> m.bashir(a)goldenchip.com.sa ____________________________________________________________

2 1

SIMTrace Software
by Mohammed Bashir 30 Jan '17

30 Jan '17

Dear Sir/Sir's Good Day I want to order this product and I have small question about this product (Osmocom SIMtrace) before ordering , Is the software for the product support windows environment (I can run it inside windows ??)?? Thanks/ Regards ____________________________________________________________ Mohammed Bashir Software Developer Golden Chip Company <mailto:www.goldenchip.com.sa> www.goldenchip.com.sa <mailto:m.bashir@goldenchip.com.sa> m.bashir(a)goldenchip.com.sa ____________________________________________________________

1 0

Driver for a S25FL032P
by Я 13 Jan '17

13 Jan '17

Hello, I would like to have my simtrace apdu wrote to the external flash memory, if you have a new Driver for a SST25VF040B / S25FL032P, or a complete solution for recording data APDU in the memory? ----------------------------------------------------------------------

2 1

Simtrace 2
by Я 13 Jan '17

13 Jan '17

Hi I am one of the buyers Simtraсe I really like your product. You said that you have a few boards using SAM3S, I am very interested in this processor, if there is the option of buying sam3s firmware for the processor or fully board, what is the price issue?

2 1

spansion fl032pif
by Я 26 Dec '16

26 Dec '16

Why in the circuit with simtrase used spansion fl032pif that is stored in it? --

1 0

Some Questions about Simtrace
by joranglequeen＠sina.com 14 Dec '16

14 Dec '16

Dear Sir or Madam: I've bought two simtrace development boards two months ago in order to research the communication between the SIM-card and the mobile phone. However, recently when I need to analyse the packet which contains CK and IK, I sadly found that the packet was not captured every time. Mostly it returns as a malformed packet in the wireshark, which blocks my future studying. I read the user manual and it says that for some high speed cards the firmware can lose bytes, and to solve that we can reduce the size of the buffer. So I'm writing to ask the specific steps to reduce the buffer and recompile the firmware, and I've tried by myself but I couldn't find a proper toolchain which includes a GCC but not an EABI. I'm looking forward to your reply. Best wishes! Yours, sincerely Luna-Qi

4 3

Basic questions
by Michael Kramer 13 Dec '16

13 Dec '16

Hello mailing list, I want to use the Simtrace for my master thesis on enhancing privacy in mobile networks. For this purpose I recently bought 2 Simtraces. However I have a few questions: Which firmware is on newly shipped Simtraces? The "buggy" v0.5 or the community enhanced version? Also I wanted to flash new firmware to the device (both from simlabtrace (https://github.com/kamwar/simlabTrace/wiki), as well as newly compiled firmware from git repository (git://git.osmocom.org/openpcd.git). I wasn't able to try the community fix since the url(http://lists.osmocom.org/pipermail/simtrace/attachments/20140624/a17d10… is down. The flashing process itself freezes after checking the connection state of the device. Even though the device is listed as idle the process does not continue. Any idea why? I'm working on a fresh and updated Kali Linux. If it's the OS do you have any suggestion for using another? If the support/development of the Simtrace is at an end can you recommend similar devices? Greetings, Michael Kramer

4 11

RFC: OsmoDevCon 2017 planning
by Harald Welte 10 Dec '16

10 Dec '16

Dear Osmocom Community, [please respect the Reply-To and post all follow-up discussion to this to openbsc(a)lists.osmocom.org, so we avoid having long threads cross-posted to several mailing lists.] >From 2012 to 2016 we were running a series of small, invitation-only Osmocom Developer Conferences. Access was intentionally restricted to those community members who have demonstrated an existing track record of contribution to any of the projects under the Osmocom umbrella. This format of a small, tightly knit group of about 20 people has been successful over the years, and I have received a lot of positive feedback from past participants. On the other hand, the Osmocom project has grown in scope and diversity, and some of those projects don't have all that much relationship to each other - except being started by people from within the same group. There's the cellular communications (GSM/GPRS/EDGE/UMTS and hopefully at some point LTE) protocols which is attracting a lot of professional users. And then there's pure community projects like rtl-sdr, OsmocomBB, OsmocomGMR and many other efforts. Particularly the cellular infrastructure projects (OsmoBTS, OsmoPCU, OsmoBTS, OsmoNITB, OsmoSGSN, OpenGGSN, OsmoIuh & co) are somehow "standing out" of the othe projects in the context of having a wider user bsae, and in that user base also primarily commercial users. So I'd like to start a discussion on how to possibly change the event format to accomodate the various interests and parties. I definitely don't want to loose the "annual meeting of old friends" atmosphere, while at the same time also opening up to other interested parties. One idea would be to keep OsmoDevCon as-is and have a separate event where non-contributing/developing users / sysadmins / system integrators could also be attending. Another idea would be to split into a 'user day' and 'developer days' format. This is something the netfilter developer workshops have been using for many years, and from my limited insight quite successfully so. The "user day" is more like a traditional tech conference, with a large auditorium and talks oriented towards users / sysadmins / integrators of the software. The "developer days" are the invitation-only part, for known contributing developers only, similar to what we have at OsmoDevCon. Having both events (or both parts of an event) back-to-back has the advantage that a large number of potential speakers for the 'user day' are already present, and they don't have to travel yet another time. One could even structure it further and say we have one user day, one public 'Osmocom cellular developer day' and then the closed 'OsmoDevCon classic', maybe reduced from 4 days to 3 or even 2 days only? What is the general opinion about this? Are there people lurking on this list who would be interested in attending a public 'user day' or even 'developer day' about the Osmocom cellular projects, with presentations and workshops around topics such as running Osmocom based cellular networks? In terms of when/where, I would suggest to keep the tradition of April in Berlin/Germany. But I'm of course very happy if somebody wants to host it some place else... Regards, and looking forward to meeting you [again] in 2017, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Very basic questions
by גל ברק 11 Nov '16

11 Nov '16

Hi everyone I can't get my simtrace into SAMBA (I don't have lights at all except when the TEST pins get short). I tried to hold the RESET button while booting - didn't work. I'm a hardware noob so... My question is - Where is the PA0 or the PA1? Thanks in advance! - Gal

2 1

simtrace let sim cards
by Serge Dupuis 10 Nov '16

10 Nov '16

I have simtrace working with a debian VM. It works consistently with 2G cards, but stop working with 3G let cards. Seems to boot and then stops. Has this been fixed? I read about reducing the buffer in the firmware, but this is a challenge creating a bin file as arm-elf is no longer supported and creating a cross compiling toolchain with modern compiler is posing problems. Do you have a bin firmware file with a reduced buffer that works with sim lte cards?

1 0

SIMtrace stopped booting
by גל ברק 25 Aug '16

25 Aug '16

Hi, I got the hardware kit of the SIMtrace. It booted successfully (I guess because I got the red light on the board). Then I connected the jumper to the test pin (I read the user manual so I act according to it). When it booted up, I got green and red lights. After I tried to power it on again without the jumper, I got nothing (no light) and no recognition with lsusb command. I tried to connect the board to other PC, and still no lights. How can I fix it? Thanks in advance! Bests, Gal

2 1

SIMtrace and fwupd
by Richard Hughes 22 Aug '16

22 Aug '16

Hi all, My name is Richard Hughes and I work for Red Hat. I'm the maintainer of fwupd, an open source firmware update system designed for Linux. We're updating thousands of devices every month safely and securely using the fwupd and the Linux Vendor Firmware Service. I'm also the guy behind the OpenHardware ColorHug device, so I'm particularly interested in making firmware updates easy to apply on open source and free software devices. I see SIMtrace is using DFU, and fwupd can already talk to DFU-using devices using the libdfu library so I don't think any actual additional code would be required in fwupd. For your device, it would just be creating a cabinet with the required metadata included. If this is interesting, please see http://www.fwupd.org/ or email me back for more details. I can create you a dummy account on the LVFS if you'd like to upload some test firmware. If your device doesn't have any firmware updates, and you don't plan of issuing any, please disregard this email. Thanks for reading! Richard.

1 0

hello sniffer test email
by MORENO Victor 29 Jun '16

29 Jun '16

hello team, sorry this is a test email. not sure if this email reach the list. I am just wondering on where to check if new version of simtrace is on the road map, or not... thanks so much for the great work!! Victor

1 0

quick question about your COMP suite
by Stephen Boyd 01 May '16

01 May '16

Hello -- Do you have a package for iPhone? Cheers, Stephen CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential, proprietary, and/or privileged information protected by law. If you are not the intended recipient, you may not use, copy, or distribute this e-mail message or its attachments. If you believe you have received this e-mail message in error, please contact the sender by reply e-mail and destroy all copies of the original message.

2 1

MitM implementation
by Kamil Wartanowicz 27 Apr '16

27 Apr '16

Hi, I want to share with you complete MitM solution. The project is based on at91work. The solution allows to specify which file or instruction you want to modify. You might also edit SIM files on the fly - apdu is not sent on the basic channel so communication with phone is not interrupted. Simtrace firmware has two variants: apdu forwarding and PC/SC reader. Detailed information can be found in https://github.com/kamwar/simlab/wiki https://github.com/kamwar/simlabTrace/wiki Best Regards, Kamil

1 0

Osmocom SIMtrace
by Corrado Guidobaldi 18 Apr '16

18 Apr '16

Hello, where can i buy an Osmocom SIMtrace hardware device? New or second hand many thanks Corrado

2 1

GSM SIM 11.11 ADPU Payload
by Винярский А.Ю. 16 Apr '16

16 Apr '16

Good day Is there ane way to decode GSM SIM 11.11 ADPU Payload with Wireshark or other software? Best regards, Alexander

3 2

OsmoDevCon 2016 date poll
by Harald Welte 28 Feb '16

28 Feb '16

Dear all, IN-Berlin has confirmed the dates in April where we could book the venue. Can those eligible + interested in attending please quickly indicate their preference at http://doodle.com/poll/if263cpxieavsqiq ? Thanks! Disclaimer: OsmoDevCon is an invitation-only event for developers with proven history of contributing to any of the Osmocom projects. The fact that there is a public poll about the scheduling of the event and/or your participation in that poll does not mean a particular applicant is invited. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option."

1 3

Re: Moving from trac to a single redmine
by Harald Welte 05 Feb '16

05 Feb '16

Hi Holger, On Thu, Feb 04, 2016 at 08:12:19AM +0100, Holger Freyther wrote: > I think some of us would like to move to redmine and start using > public tickets more frequently. So in case we move there are some > topics to be discussed and I would like to start with a couple of them > right now. Thanks for getting the public discussion about this started. To give some more background to the mailing list: * The trac installations at osmocom.org are pretty much underused/dormant. The only part that's used is the Wiki. * Osmocom started when a single project (OpenBSC) got a sister project (OsmocomBB) and has grown into many projects. Running a single trac instance for each project on a separate dns hostname is overkill. Also, as code is shifted around between libraries and programs, we'd appreciate some flexibility. * at sysmocom internally we have successfully used redmine for dozens of different projects. The project hierarchy can be changed as needed on the fly, and issues can relate to issues of other projects, shifted from project to project, etc. * Quite a bit of the work we do at sysmocom on the Osmocom software should have the issue tracker for bugs and features in the public, but as our internal redmine is so much easier than the public trac setup, we kept using the internal redmine. So my plan moving forward is to migrate all Osmocom projects (initially those related to GSM) to a public redmine, and then keep all issues updated there. This would give more visibility into the work we're doing, such as the EDGE PCU, the 3G NITB + SGSN, the HNB-GW, etc. > Redmine has a global linear sequence of ticket numbers. If we move > from many tracs to a single redmine we can either: > > * not import tickets > * only import from one project > * deal with changing ticket numbers I think not importing tickets or dealing wih changing numbers is the way to go. > In terms of installations the GMR trac is broken in regard to tickets, > there are some for SDR that are probably not being fixed anytime soon, > baseband might be relevant and OpenBSC is unlikely to be relevant. I > don't think we have ever used ticket reference in OpenBSC commit > messages so in terms of OpenBSC having changing ticket numbers would > not be a big deal. E.g. we could add a custom field with the old trac > number? If there is automatic import/conversion available, I'd prefer to import the OsmocomBB, SIMtrace, (non-spam) Security and OpenBSC tickets, even though most of them are probably stale and outdated for years. They're still part of the history. Changing the numbers doesn't matter, as we don't refer to them. > We have external references that should be redirected to the new > place. Is there any way besides maintaining a list in the > apache2/nginx configuration and making redirects as we find broken > references? Can we proactively manage this? Is anybody willing to come > up with a script and nginx configuration for doing this? I'm not aware of any tools that might be able to help here. Indeed, it would be great if anyone would volunteer to generate a script to generate the redirects. I guess the old format is e.g. http://openbsc.osmocom.org/trac/wiki/nanoBTS/Internals and the new URL would be something like http://projects.osmocom.org/redmine/openbsc/wiki/nanoBTS/Internals Or should we strip even the redmine from the URL? And should we have a rewrite for http://openbsc.osmocom.org/redmine to http://projects.osmocom.org/redmine/openbsc ? Any ideas? Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

2 1

view GPRS traffic
by jay see 27 Jan '16

27 Jan '16

Hello, With this application, can I view my own GPRS traffic? If not, what hardware would you suggest to do this? Thank you!

2 1

DEc 9, 8pm / Osmocom Berlin Meeting
by Harald Welte 09 Dec '15

09 Dec '15

Hi all! This is the announcement for the re-incarnation of our bi-weekly Osmocom Berlin Meeting. Dec 09, 8pm @ CCC Berlin, Marienstr. 11, 10117 Berlin There is no formal presentation this time, but * there will be SIMtrace equipment in case somebody wants to play with it there will be a sysmoBTS with OsmoBTS, OsmoPCU, OsmoNITB, OsmoSGSN and OpenGGSN if somebody wants to play with it * there will be Huawei Femtocells to play with The meeting is open to anyone interested in mobile communications. You do not have to be involved with the Osmocom projects in order to attend. Anyone interested in mobile communications protocols is welcome. If you are interested to show up, feel free to do so. The meeting is "free as in free beer", despite no actual free beer being around ;) More information can be found at http://openbsc.osmocom.org/trac/wiki/OsmocomMeeting/Berlin Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

2 2

Purchasing SIMTrace
by J. Félix Ontañon 25 Nov '15

25 Nov '15

Hi everybody! I'd be interested in knowing where to purchase a SIMTrace unit. In the recommended shop it appears to be out of stock: http://shop.sysmocom.de/products/simtrace Thanks. -- *J. Félix Ontañón*felix.ontanon(a)podsystem.com Direct UK: +44 (0) 1280 875 300 Direct USA: +1 415 666 2211 Direct Spain: +34 954 050 200Podsystem Ltd, WhiteLeaf Business Center, 11 Little Balmer, Buckingham Industrial Park, Buckingham, MK18 1TF, United Kingdom

2 3

Nov 11, 8pm / Osmocom Berlin Meeting
by Harald Welte 09 Nov '15

09 Nov '15

Hi all! This is the announcement for the re-incarnation of our bi-weekly Osmocom Berlin Meeting. Nov 11, 8pm @ CCC Berlin, Marienstr. 11, 10117 Berlin There is no formal presentation this time, but * there will be SDR equipment, antenna and a working/tested setup of a gnuradio based MPT1327 decoder * there will be SIMtrace equipment in case somebody wants to play with it there will be a sysmoBTS with OsmoBTS, OsmoPCU, OsmoNITB, OsmoSGSN and OpenGGSN if somebody wants to play with it * there will be Huawei Femtocells to play with * Harald would like to discuss OpenBSC website / documentation improvements The meeting is open to anyone interested in mobile communications. You do not have to be involved with the Osmocom projects in order to attend. Anyone interested in mobile communications protocols is welcome. If you are interested to show up, feel free to do so. The meeting is "free as in free beer", despite no actual free beer being around ;) More information can be found at http://openbsc.osmocom.org/trac/wiki/OsmocomMeeting/Berlin Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Oct 21, 8pm / Osmocom Berlin Meeting
by Harald Welte 19 Oct '15

19 Oct '15

Hi all! This is the announcement for the re-incarnation of our bi-weekly Osmocom Berlin Meeting. Oct 21, 8pm @ CCC Berlin, Marienstr. 11, 10117 Berlin There is no formal presentation this time, but * there will be SDR equipment in case more people are interested to have a look at MPT1327 and/or Tetrapol signals that can be received in Berlin * Harald would like to discuss OpenBSC website / documentation improvements The meeting is open to anyone interested in mobile communications. You do not have to be involved with the Osmocom projects in order to attend. Anyone interested in mobile communications protocols is welcome. If you are interested to show up, feel free to do so. The meeting is "free as in free beer", despite no actual free beer being around ;) More information can be found at http://openbsc.osmocom.org/trac/wiki/OsmocomMeeting/Berlin Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Oct 15, 8pm / OSMUG: "Running OpenAirInterface"
by Harald Welte 09 Oct '15

09 Oct '15

Hi all! This is an announcement for an "irregular" Berlin Osmocom User Group event. David Rupprecht of Ruhr-Uni Bochum has offered to give us a presentation sharing his experience in Running OpenAirInterface. OpenAirInterface (http://openairinterface.eurecom.fr/) is a project of the Eurecom research institute in Sofia Antipoils / France. For many years they have been working towards an open source SDR LTE implementation. The presentation will be held on Oct 15, 8pm @ IN-Berlin, Lehrter Str. 53, 10557 Berlin (yes, this is _NOT_ CCC Berlin where regular OSMUG meetings are held!) The meeting is open to anyone interested in mobile communications. You do not have to be involved with the Osmocom projects in order to attend. Anyone interested in mobile communications protocols is welcome. If you are interested to show up, feel free to do so. The meeting is "free as in free beer", despite no actual free beer being around ;) More information about the venue can be found at http://www.in-berlin.de/space/ The official event announcement website is http://openbsc.osmocom.org/trac/blog/david-rub-openair-20151015 Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 1

Oct 07, 8pm / Osmocom Berlin User Group meeting
by Harald Welte 03 Oct '15

03 Oct '15

Hi all! This is the announcement for the re-incarnated Osmocom Berlin meeting: Oct 7, 8pm @ CCC Berlin, Marienstr. 11, 10117 Berlin Harald will be presenting about the Iuh protocol stack of UMTS small cells / femtocells and his work towards implementing it as part of Osmocom. Agenda: 20:00h Welcome 20:15h Presentation about Iuh / osmo-iuh 21:00h Informal meeting / chatting The meeting is open to anyone interested in mobile communications. You do not have to be involved with the Osmocom projects in order to attend. Anyone interested in mobile communications protocols is welcome. If you are interested to show up, feel free to do so. There is no registration required. The meeting is free as in "free beer", despite no actual free beer being around. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Osmocom Berlin User Group revival?
by Harald Welte 09 Sep '15

09 Sep '15

Dear all, After two years of intermission, I'm currently pondering to revive the Osmocom Berlin User Group and would like to understand a) who would be interested in attending? b) which day(s) of the week would be preferred / not preferred? Instad of "just" hanging out, chatting about Osmocom related topics etc. I am interested in having actual topics for each of the meetings. There is no need for a formal presentation or anything like that, but at least let's try to stay focussed on the topic for the first hour or so, and then conclude with a more general chat towards the end. Some of the topics that I would like to start with ASAP: * sharing of knowledge regarding 3G and 4G protocol stacks (I'm looking a lot at this recently, and it is a good time to talk about what I've learned) * completing the work towards splitting osmo-nitb into osmo-bsc and osmo-mss - as a first stept towards adding RANAP/Iu to osmo-mss * attempting to decode/analyze BVG bus/tram radio (TETRAPOL) using tetrapol-kit from http://brmlab.cz/git/tetrapol-kit.git * are berlin S-Bahn trains actually still broadcasting their GPS position in MPT1327? * moving ahead with AT91SAM3S based SIMtrace2 with MITM support Let me know who is interested in joining. In terms of venue I would suggest to again use the CCCB, unless somebody objects. We could of course also ask our friends at IN-Berlin or C-Base. In terms of schedule, I would actually want to go for bi-weekly again. Happy hacking, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

2 2

simtrace problem
by Mark David 24 Aug '15

24 Aug '15

hi dear .. i have redhat 6.4 (64 bit) .. and i connect simtrace to laptop. and i work as in usermanual and when i applay chapter 6 ( Initial Firmware Programming ) , the all led off and when i write the command ./simtrace , the output is cannot find matching USB Device . Are you sure it is connected ? please .. h need solution for this problem thanks , mark

1 0

power consumption
by Suraev 07 Aug '15

07 Aug '15

Hi. I wonder if it's possible to measure how much power is consumed by the sim card using simtrace? After all it's the only source of power for the sim card anyway. cheers, Max.

3 2

simtrace splict ATR and APDU
by yue ma 30 Jun '15

30 Jun '15

Hi , I ordered a simtrace and found the problem written in know issue, the host can't split ATR and APDU but only report detect ATR. Could you please tell me where I can find the firmware and how to update it? Best Regards Ma Yue <para>For some cards the firmware does not send an USB message at57 <http://code.metager.de/source/xref/osmocom/simtrace/docs/chapters/using_sni…> the end of the ATR. The ATR and first APDU will be send in one message58 <http://code.metager.de/source/xref/osmocom/simtrace/docs/chapters/using_sni…> and the host utility fails to split APDUs and nothing will be traced.59 <http://code.metager.de/source/xref/osmocom/simtrace/docs/chapters/using_sni…> A band-aid for the firmware exists and can be found on the mailinglist.60 <http://code.metager.de/source/xref/osmocom/simtrace/docs/chapters/using_sni…> </para>

1 0

APDU traces
by Stephan Malric 27 May '15

27 May '15

Dear all, To anybody having some experience with SimTrace : which APDU are traced and displayable in WIreshark ? APDU from ME to SIM ? From SIM to ME ? or both ? Best regards Stephan

2 1

Contact-less tracer
by Jérome Dufour 02 May '15

02 May '15

Dear all, Would anyone know where to get a contact-less tracer? Regards,Jerome.

1 0

Issue building SIMtrace firmware from OpenPCD repository
by Nick Poczynek 29 Apr '15

29 Apr '15

Hello, I'm unable to build the SIMtrace firmware according to the instructions on the wiki at http://bb.osmocom.org/trac/wiki/SIMtrace/Firmware. The GCC 4.5.2 ARM cross compiler has been installed and added to my path. Here is the output when I run make: ~/repos/openpcd/firmware$ make -f Makefile.dfu BOARD=SIMTRACE -------- begin (mode: RUN_FROM_ROM) -------- arm-elf-gcc (GCC) 4.5.2 Copyright (C) 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Assembling (ARM-only): src/start/Cstartup.S arm-elf-gcc -c -mcpu=arm7tdmi -I. -x assembler-with-cpp -DRUN_FROM_ROM -D__AT91SAM7S256__ -Wa,-adhlns=src/start/Cstartup.lst,--gdwarf-2 -Iinclude/ -D__ASSEMBLY__ src/start/Cstartup.S -o src/start/Cstartup.o src/start/Cstartup.S:102:2: error: #error please define PIO_BOOTLDR for your board make: *** [src/start/Cstartup.o] Error 1 Has the SIMtrace target been removed from this repo? Looking through Makefile and Makefile.dfu, I don't see any references to the project. None of the checks on the $BOARD variable include a SIMTRACE option. Similarly, Cstartup.S only defines PIO_BOOTLDR for PCD, PICC, and OLIMEX boards. I'm still browsing through some other source files to see if I'm missing something obvious, but I'd appreciate any advice. Thanks, -Nick P.

1 0

APDU log
by de Miguel, Gorka 21 Apr '15

21 Apr '15

Dear friends, First of all, let me introduce myself. My name is Gorka De Miguel and I am working in my master´s thesis right now. On it, I am trying to do a man in the middle attack to my own cellphone and trying to obtain the data that reaches the SIM card. For that I am using a simtrace board. I have followed the user manual and the advises given in the web, but I am not able to make it work properly. Once I have simtrace executable created with the libosmocom and the rest of libraries in my computer in the way it is said in the web, I can execute it and some APDUs appear in the screen, but they seem to be not useful. Then I wanted to log them by using HTerm, to parse it and try to obtain the meaning of the APDUs. But the device is not recognized by the linux machine. I mean , it does not appear in the /dev directory. So it is imposible to reach to it and log the APDUs using a different program. I also tried to recognize the device using a windows machine, but it does not recognize it as there is not a simtrace driver for windows. Reached this point, my questions are the following ones; is there any way of logging de APDUS from the simtrace program? Is there any simtrace driver for windows? Do you know about anyone that was able to parse the APDUs and understand them well? Have anybody used HTerm? Is anybody able to understand the APDUs obtained? If yes, would it be possible to obtain his/her contact? Thank you in advance for all, every little advice will be really helpful for me, Regards Gorka De Miguel

2 1

Announcing OsmoDevCon 2015
by Harald Welte 13 Feb '15

13 Feb '15

Dear Osmocom.org project members, I'm happy to be able to announce the annual incarnation of OsmoDevCon. The Date is set for March 27 through 30. Venue: As usual, IN-Berlin e.V. in Berlin, Germany. Further details can be obtained from http://openbsc.osmocom.org/trac/wiki/OsmoDevCon2015 Attendance, as usual, is restricted to people with an active history in the Project by contributions in terms of code, patches, discussions, documentation or in other form. = Registration = If you have wiki access, please add yourself to the #Requested section. Alternatively, you can send me private e-mail about it. After review, your (nick)name will be listed in the #Confirmed section. Looking forward to meeting all of you again soon! -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Latest patches to build firmware 0.5.3-6ea9-dirty
by Petrus Du Toit 05 Dec '14

05 Dec '14

Hi, I have been trying to follow the steps in the post with subject "firmware 0.5.3-6ea9-dirty Ubuntu howto" on 2014-11-11 by pkix as I am having the same problem where simtrace just stops tracing some time after displaying garbage APDUs. None of attachement links in this post work (Error 404) so I cannot download the patches or the firmware. Please could someone tell me where to find the latest patches (unofficial, official) for the firmware and simtrace source. I have been trying to look on the mailing list but there are only archives for November 2014. Thank you in advance. Petrus Du Toit DISCLAIMER: The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful. Please immediately contact the sender if you have received this message in error. SWIFTNET and any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. Thank you.

1 0

Incomplete trace (due to high-speed SIM?)
by Min Xu 18 Nov '14

18 Nov '14

*Holger Hans Peter Freyther* holger at freyther.de <simtrace%40lists.osmocom.org?Subject=Re%3A%20Incomplete%20trace%20%28due%20to%20high-speed%20SIM%3F%29&In-Reply-To=%3C20130522102301.GP14728%40xiaoyu.lan%3E> *Wed May 22 12:23:01 CEST 2013* | On Tue, May 21, 2013 at 03:53:45PM +0200, Arthur Léna wrote: | >* I tried booting the iPhone using 2 different SIMs (this one from * | >* Free Mobile and another one) and the trace seems very short using | *>* the Free Mobile in comparison to the other one. By parsing the ATRs | *>* of both SIMs, I found out that the communication is done at 312500 | *>* bits/s with the Free Mobile SIM and only 78125 bits/s (for a clock | *>* running at 5MHz). Could this explain the loss of entire ADPUs by the * | >* tracer? If yes, is there a way to remedy to this problem (firmware * | >* update for example). *| Some people reported success by reducing the size of buffered bytes in the | firmware. | holger Holger There appears to be numerous references to "decrease the buffer in the firmware" to workaround the problem of losing bytes... but can you clarify which buffer to decrease, in which source file? I am guessing it's the req_ctx.c / req_ctx.h? Thanks

7 19

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

simtrace