Kabouik_ has joined #neo900
Kabouik has quit [Ping timeout: 268 seconds]
_whitelogger has joined #neo900
unclouded_ has joined #neo900
unclouded has joined #neo900
unclouded__ has joined #neo900
unclouded_ has quit [Remote host closed the connection]
unclouded has quit [Remote host closed the connection]
unclouded__ has quit [Remote host closed the connection]
knttl has quit [Ping timeout: 255 seconds]
knttl has joined #neo900
infobot has quit [Ping timeout: 255 seconds]
ArturSha1 has joined #neo900
illwieckz has quit [Ping timeout: 260 seconds]
illwieckz has joined #neo900
illwieckz has joined #neo900
illwieckz has quit [Changing host]
louisdk has joined #neo900
jonsger has joined #neo900
arnaudj has joined #neo900
Kabouik_ has quit [Ping timeout: 255 seconds]
Kabouik has joined #neo900
illwieckz_ has joined #neo900
illwieckz has quit [Ping timeout: 255 seconds]
<enyc> I never quete got answer how big the layout-job for protov2 is
<sn0wmonster> enyc, big enough to hire a company to do it :D
* sn0wmonster doesn't have that info, sorry :X
<Joerg-Neo900> I don't know how to answer that
<enyc> especially, how long does that kind of ithng take ?? what major steps does it take??
<enyc> not entirely sture whats' vene involved
<Joerg-Neo900> I can't even figure a possible answer, please give an example
<enyc> e.g. "involves firstl fixing all the previous component/pad definitions,, rebuilding the connection diagram in new tool, running layout engine on existing physical size definitions, gothrough connectiv verification ... they claim it could take anyhtnig from 2 to 4 weeks to complete and verify ...
<Joerg-Neo900> it can take from a week when a big company assigns multiple employees to it, to 'forever' when one guy with no clue tries it. For "what major steps does it take" please see http://kicad-pcb.org/discover/pcbnew/
<enyc> ooooooooooooooooh can take a look further at main machine
<Joerg-Neo900> we provide the schematics and further details like PCB shape, footprints, requirements, and Esa will provide a ready made layout file
<Joerg-Neo900> made in pcbnew, kicad's pcb layout suite
<Joerg-Neo900> the footprints are supposed to be already done, thanks to Nikolaus, Werner, ceene
<Joerg-Neo900> tbh I don't even know what are the canonical procedures involved in making a layout, I only did that on an amateur level so far, or did supervise others doing it
<Joerg-Neo900> maybe each layouter has their very own workflow
<Joerg-Neo900> compare making a layout to writing a book maybe. Both tasks are similar
<Joerg-Neo900> the footprints are equivalent to the character fontsets, and pcbnew equivalent to the edtor, heck it even is called 'layout' for desktop publishing as well
<enyc> i see
<enyc> i've been pasting long document together myself and fun to tie-it-a-ll-together !!!!
<Joerg-Neo900> is your question answered?
illwieckz_ has quit [Read error: Connection timed out]
<enyc> Joerg-Neo900: more-or-less yes =) i will want to reread it when i cana also see said video....
<enyc> I generally see overview, its a well skilled-task/workflow/process
<enyc> I definitely wonder if there is a ''time vs risk'' aspect -- can take longer on the layout and less chance of a mistake that makes the resulting board unusable.
<enyc> Joerg-Neo900: thankyou for comments nonetheless, makes more sense and will make more sense when i read again later =)
<Joerg-Neo900> such risk/time always applies it seems
<jonsger> sn0wmonster: thx for the news :)
<sn0wmonster> all of this Neo900 talk has made me go from casual observer to https://cdn0.iconfinder.com/data/icons/iconshock-windows7-icons/256/secure_search_config.png
<Joerg-Neo900> compare the nifty semi-additive: https://en.wikipedia.org/wiki/Printed_circuit_board#Subtractive.2C_additive_and_semi-additive_processes
<Joerg-Neo900> oops wrong channel
ctag has joined #neo900
louisdk has quit [Ping timeout: 240 seconds]
louisdk has joined #neo900
louisdk has quit [Remote host closed the connection]
dos1 has quit [Read error: Connection reset by peer]
dos1 has joined #neo900
qwazix has quit [Ping timeout: 246 seconds]
qwazix has joined #neo900
Kabouik has quit [Read error: Connection reset by peer]
Kabouik has joined #neo900
qwazix has quit [Ping timeout: 260 seconds]
qwazix has joined #neo900
qwazix has quit [Changing host]
qwazix has joined #neo900
qwazix has quit [Read error: Connection timed out]
qwazix has joined #neo900
Kabouik has quit [Ping timeout: 240 seconds]
Kabouik has joined #neo900
Kabouik_ has joined #neo900
Kabouik has quit [Ping timeout: 240 seconds]
qwazix has quit [Ping timeout: 240 seconds]
qwazix has joined #neo900
qwazix has quit [Ping timeout: 240 seconds]
err0r3o3_ has joined #neo900
err0r3o3 has quit [Ping timeout: 248 seconds]
<DocScrutinizer05> not that it matters much to Neo900
<pigeons> no, of course not. I just thought there might be some folks here with overlapping interests
<DocScrutinizer05> that radio stack is largely copied sources from TI's calypso support software, and even if it was "free" as in FOSS, it's for one terribly obsolete chipset only, and it's illegal to use since it doesn't have any approval
<pigeons> thanks
<DocScrutinizer05> it's for sure interesting for educational and scientific purposes. Just make sure you don't get caught using it
<DocScrutinizer05> which is not as simple as it might sound, since every mobile equipment that has a cell radio is registering to the BTS and those have means to spot the devices that don't comply with a rileset
<DocScrutinizer05> ruleset*
<DocScrutinizer05> so odds are the alarms might yell at provider's end as soon as you power up that stuff
<DocScrutinizer05> just depends on whether it appeared on their radar already, or not
<DocScrutinizer05> technically it's no big issue to track down the devices that use this radiostack
<DocScrutinizer05> automatically
<DocScrutinizer05> particularly when Flaconia applied some changes to the code, compared to what been in TI's original stuff
<jonsger> DocScrutinizer05: but if there are just a few users who use this "phone". I think the telcos don't care
<DocScrutinizer05> depends
<DocScrutinizer05> when they don't cause issues on the network, odds are they never show up "on radar"
<pigeons> play in the desert with your own bts
<DocScrutinizer05> when they however don't comply to all technical parameters then they will trigger automatic alarms, more or less
<DocScrutinizer05> providers run constant compliance tests to ensure network quality of service. E.g. a cloned SIM would get detected instantly when the same IMSI is used concurrently on two devices in same network
<DocScrutinizer05> same goes for IMEI
<DocScrutinizer05> and I guess they also check a lot of other technical parameters
<DocScrutinizer05> e.g. compliance with timing advance and power level control
illwieckz has joined #neo900
<DocScrutinizer05> just some completely OT warning: plastic is dangerous to plastic! http://maemo.cloud-7.de/share-service/DSCF2624.JPG The Soft plastic sleeves on the clips at end caused that http://maemo.cloud-7.de/share-service/DSCF2625.JPG on my Rigol scope, during a few weeks of contact (thanks to wpwrak for contributing:) http://downloads.qi-hardware.com/people/werner/tmp/dissolvent.jpg
illwieckz has quit [Quit: Ça va couper chérie…]
illwieckz has joined #neo900
illwieckz has quit [Remote host closed the connection]
<DocScrutinizer05> (radio stack compliance) the nasty detail aspect in all this: when you learn about your device causing issues and thus triggering alarms, it's likely the time when some police together with some technicions with probing equipment shows up at your door, and they won't go away before they hand you a ticket for a fine that depending on your local laws ranges from a few 1000 bucks to a few years of prison
illwieckz has joined #neo900
illwieckz has quit [Excess Flood]
<DocScrutinizer05> I heard in USA they are particularly tough on that, fines I heard of are in the 6 digit range, with a few months of jail on top
<DocScrutinizer05> re SpaceFalconia, I really don't like the flase statement about OsmocomBB either >> using knowledge from leaked sources for driving Calypso hardware and DSP<< Actually most of the knowledge is lehit knowledge about GSM specs from reading the literally 100s of 1000s of pages of documents. something Michaela completely denies to ever do
<DocScrutinizer05> then some guys did real RE for the calypso, also something she refuses to do
jonsger has quit [Ping timeout: 258 seconds]
Pali has joined #neo900
<DocScrutinizer05> I sympathize with the "GSM forever" demand. And actually the requests regarding support for that are reasonable in that slidestack
<DocScrutinizer05> aiui in european countries GSM support is legally mandatory. There's just too much M2M stuff out there using GSM only modem
<DocScrutinizer05> in USA carriers do whatever they want. You see where that gets them to
<DocScrutinizer05> pihyou don't need a desert, a temporary licence for a camp or congress like https://events.ccc.de/2008/12/18/gsm-hacking-not-even-wireless-can-hide-from-the-25c3/ will do. That's what the osmocom guys do
<DocScrutinizer05> pigeons: ^^^
ArturSha1 has quit [Ping timeout: 240 seconds]
qwazix has joined #neo900
<DocScrutinizer05> I think the licence was as much as a few 100 bucks for one channel one week
<DocScrutinizer05> for a BTS with only 2W, sufficient for a radius of maybe 500m to 1km
<DocScrutinizer05> or was it 50W? can't remember
<DocScrutinizer05> however even with such licence still operating a phone with freecalypso firmware is formally illegal, unless the licence explicitly would include such experimental devices
<pigeons> I appreciate all your information, and I feel a little bad distracting you since I know you're really busy. I am aware of much of these caveats and also am not testing anytime soon, but its important to mention
<DocScrutinizer05> and even then you get into trouble as soon as any such phone would try to log in on any other than the licences local BTS
<DocScrutinizer05> no worries
<DocScrutinizer05> :-)
<DocScrutinizer05> I love elaborating on those aspects once in a year or two
<DocScrutinizer05> it's basic knowledge necessary to understand the whole complex topic of "free GSM"
<DocScrutinizer05> and thus why Neo900 used the approach we chosen
<DocScrutinizer05> we aim at a legally safe phone, that's nevertheless protecting users against any (avoidable) privacy attacks from the network
<DocScrutinizer05> a hypothetical smartphone with freecalypso would be neither legal nor protect users per se
<DocScrutinizer05> Michaela's radiostack is no bit safer against exploits than any arbitrary commercial legal radiostack
illwieckz has joined #neo900
<DocScrutinizer05> so from a security/privacy aspect, tackling the radiostack is barking up the wrong tree really
<DocScrutinizer05> it would be very nice if the radiostack was open to community review, so any vulnerabilities could get spotted by community as well as the manufacturer and the agencuies that alwasys can have access to the sourcecode. But for the end user not much would change really
<atk> DocScrutinizer05: Well, "YubiKey" was entirely open source to begin with
<atk> DocScrutinizer05: then someone found a big bug in the open source implementation, and the company had to issue replacements
<atk> (because the firmware was immutable)
<atk> Then a short while later, the next product line from the company was entirely closed source
<DocScrutinizer05> hmm, I don't see the point
<atk> If I had to guess, the higher-up people thought that "people being able to find exploits and us having to fund replacements" was a liability
<atk> I mean, you could still find the bug if it was closed source, but it would have been much more difficult
<DocScrutinizer05> sure
<atk> the point is, that these company CEOs probably care more about money than about absolute security
<DocScrutinizer05> of course they do
<atk> But yes, I think the first step would be to actually ALLOW a publicly auditable implementation to exist
<atk> is that even allowed?
<atk> what are the specific FCC rules on how locked down the modem must be for legal use
<DocScrutinizer05> but even if they would consider secuity the top prio goal, they still couldn't guarantee it
<DocScrutinizer05> sure auditing is allowed
<atk> but like, public auditing?
<DocScrutinizer05> the FCC rules say very little but with huge implications. Like "the IMEI must be immutable"
<atk> I see
<atk> So really, they don't care if everyone can view the source, as long as nobody can change it?
<DocScrutinizer05> and, more generically, "the device must obey to the technical specifications (both physical and protocol) at all times"
<DocScrutinizer05> yes
<atk> Well, the next step is to incentivise companies to make their source available
<atk> but I think that's going to be a lot harder
<atk> especially if the firmware is actually immutable
<DocScrutinizer05> the companies have no economical benefit from allowing that
<atk> exactly
<DocScrutinizer05> the firmware *is* immutable for all known contenporary chipsets afaik. Thanks to crypto-signatire on reflashing
<DocScrutinizer05> the sourcecode is considered a highly secret company asset particularly for competitors copying stuff or finding vulnerabilities to block the project the moment it costs the company most to fix that issue
<DocScrutinizer05> it's all just business
<DocScrutinizer05> everything a company does, from secret closed source to OTA update, is only done for risk management
<DocScrutinizer05> and don't be mistaken on the complexity of a contemporary 3G or LTE radio stack - it's a multitude of lines of sourcecode compared to e.g. an average linux system (without apps)
pagurus` has joined #neo900
pagurus has quit [Ping timeout: 240 seconds]
arnaudj has quit [Ping timeout: 240 seconds]
<ravelo> could be worth a microblog-Post on neo900.org
<Joerg-Neo900> alas microblog is borked
<Joerg-Neo900> some mess with twitter integration
<enyc> o dear ;p
pbryan__ has joined #neo900
cc___ has joined #neo900
pbryan_ has quit [Ping timeout: 255 seconds]
<ravelo> ok
<Joerg-Neo900> the article is indeed a nuce read
<Joerg-Neo900> nice* - akas in German only. Short summary: German NGO for consumer rights starts a lawsuit against a shop selling old Android phones which can't get sucrity-updated. Calim: "the shop must inform users about the fact that the device has known unfixable vulnerabilities"
<Joerg-Neo900> ohmy let me retry
<Joerg-Neo900> nice* - alas in German only. Short summary: German NGO for consumer rights starts a lawsuit against a shop selling old Android phones which can't get security-updated. Claim: "the shop must inform users about the fact that the device has known unfixable vulnerabilities"
<ShadowJK> Hopefully one day that could be extended to "Must inform the users about the fact that the manufacturer has not fixed security holes for more than 6 months for each model"
<ShadowJK> :D
<Joerg-Neo900> indeed
<Joerg-Neo900> though I actually hope more for a "manufacturer must facilitate users to install/modify the firmware on their own devices" - however unlikely
Pali has quit [Remote host closed the connection]
arnaudj has joined #neo900
arnaudj has quit [Quit: arnaudj]