This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Harald Welte laforge at gnumonks.orgHi Zecke,
On Thu, Apr 15, 2010 at 02:53:02AM +0200, Holger Freyther wrote:
> > They are both doing security analysis and want to achieve a clean way
> > how an external application can get access to a more or less transparent
> > communication channel to the phone.
> >
> > The purpose of this is to be able to send intentionally malformed
> > packets to the mobile phone GSM stack at various different levels within
> > the stack.
>
> Let me answer to your question from the bottom. If our only goal is to send
> malformed packets to the MS I think this interface is way too low level and
> for now all requirements can be handled by basic GSM08.08 messages.
what do you mean by 'low level'? Their intent really is to send
arbitrary L3 messages in L2, even on strange SAPIs or on an unexpected
logical channel (SACCH vs. SDCCH).
> > 1) Ability to establish a SDCCH or TCH channel by paging the phone
> > As of now, the 'silent call' feature from the VTY already does this.
>
> GSM08.08 Paging Request which will be answered with a GSM08.08 Complete Layer3
> Information (a new connection)
true.
> > 2) Ability to send arbitrary layer3 protocol messages to the phone
> > Adding this is relatively easy (use rsl_sendmsg on the lchan from the
> > silent call)
>
> GSM08.08 DTAP
true.
> > 3) Ability to receive responses from the phone, as well as error
> > conditions such as 'readio link failure'. We don't have a solution
> > for this yet, and we also have no clean way to identify what might
> > be a response from the phone to the external app, and what might
> > be a message from the phone to the normal network code in OpenBSC
>
> GSM08.08 DTAP and GSM08.08 Cleanup Request (Error Cause Radio Link Failure)
true.
However, the MSC talks GSM 08.08 to the BSC. So are you proposing of
having a 08.08 interface between APP and MSC, or to have a BSC with
multiple 08.08 interfaces? After all, in almost all the use cases we
still want the regular MSC around for things like location updating,
authentication, etc.
The other question then is: Why 08.08? Wouldn't the logical consequence
be to implement actual MAP (like the E interface between MSC and MSC in
a real gsm network)?
Regards,
Harald
--
- Harald Welte <laforge at gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)