Building a new totally free phone

[Michael Spacefalcon]

Nick <openmoko-community at njw.me.uk> wrote:

> Your free phone idea appeals to me enormously, Michael.

Yay, one more supporter!

> However, can GSM really be a base for secure communication anyway?  

I see that after your post, the thread on the mailing list veered off
into a discussion of security.  But that diversion totally misses the
point: it isn't so much about secure communication as it is about the
Four Freedoms of software:

http://www.gnu.org/philosophy/free-sw.html

When it comes to the matters of free software philosophy, I am very
much like RMS.  I have a major problem with carrying a device in my
pocket containing firmware for which I lack the source - not because
it is a security threat, but because it's morally wrong.

The only difference between me and RMS/FSF is on the matter of
legalities.  While I define free software in terms of exactly the same
4 freedoms as the FSF, RMS and the "conventional" free sw camp add an
additional condition that these 4 freedoms be exercised legally -
whereas I add no such extra clause: whether it's legally free or
illegally free, it's still free software to me.

There also are some practical considerations that affect only feature
phones and not smartphones.  I have yet to encounter a phone UI design
that doesn't suck, and I hope that most people on this list will agree
with me that being able to customize the UI to one's preferences is an
essential freedom that a geeky, empowered phone user should have - and
I mean *really* customize the UI, not just twiddle menu settings, but
being able to study, modify or even totally rewrite the UI code.

Smartphones have a separate application processor to run the UI, so
you can indeed play with the UI on Linux to your heart's content while
keeping the modem as a black box.  But this approach does not work for
a feature phone where the UI and the modem are tightly integrated into
a single whole.  Exercising full freedom over the UI code in a feature
phone requires having a complete and rebuildable source for the
firmware suite as a whole.  (Having the GSM stack pieces as binary
objects to be linked with the UI source would work too, but then one
gets tied to a proprietary compiler toolchain, etc.  In any case we
already have full source for the GSM stack thanks to the TSM30 and
LoCosto leaks, so it's a solved problem now.)

Now look at the situation from the perspective of a user who does NOT
want his or her phone to be anything other than a plain phone.  For
such a user, a non-smart feature phone ought to be ideal, but if the
user also wants the freedom to fully own the UI design, s/he currently
has to pay for an otherwise completely unnecessary application
processor.  And when I say "pay for", I'm *not* referring to the
purchase price of the device - I would gladly pay a lot more for my
ideal Free Dumb Phone than the most expensive GTA04 or Ubuntu Edge or
whatever.  Instead I mean pay for in terms of carrying extra weight,
extra power consumption, extra system complexity otherwise unneeded,
many additional points of failure, etc.

*That* is what I seek to rectify with my Free Dumb Phone project,
aside from the moral issue.  Freedom is a right that all phone users
should enjoy, not a privilege that's limited to just Linux smartphones
to the exclusion of non-smart feature phones.

> I've heard that the encryption used is really crappy, and while some 
> things like MITM forced reregistration to disable encryption and 
> ease surveillance could be countered by appropriate phone settings, 
> if the best encryption algorithm available can be cracked by a home 
> PC in a few days, you're still screwed.

The GSM encryption is a red herring - it makes absolutely no difference
whether it's there or not.  Imagine if the GSM encryption were perfect
and unbreakable - what would change?  Nothing.  The over-the-air
encryption is only between the mobile station and the network.  In a
public phone network, where you can dial the phone number of any
stranger and hear each other's voices if the other party answers,
encryption can't be end-to-end.  The network has to be able to decrypt
with one end's key and re-encrypt with a different key for the other
end, so the network itself has (and must have) access to the cleartext
form of your digitized voice.

If I am the world's most wanted criminal and enemy #1 of all major
governments, and they want to spy on my phone conversations, they
aren't going to bother with cracking GSM over-the-air encryption,
they'll just put in a "lawful intercept" at the switch.

The only way to render all "lawful intercept" mechanisms ineffective
is to use end-to-end encryption.  That won't work when calling
strangers, or calling the transit line to check bus/train schedules
etc, but it's a very feasible mechanism for private and secure
communication mechanism among family members, friends etc.

Here in USA we have one advantage over the EU etc lands where most
people on this list seem to be located: CSD (circuit-switched data)
calls still work in this part of the world, and in terms of the
Calypso firmware, CSD would be a heck of a lot easier to implement (or
rather, integrate TI's existing implementation into freecalypso-sw and
get it to work) than GPRS.  Cost is not an issue either: here in USA
T-Mobile offers unlimited 2G everything, i.e., unlimited calls, SMS
and GPRS, for $50/month flat.  At least here in USA, CSD calls are
billed just like regular voice calls, so if the plan says unlimited
calls, then CSD is unlimited-free too.

I do greatly look forward to implementing end-to-end-secure calls over
CSD in the FreeCalypso project - but it is very far down the line
though, my plan is to get all of the standard phone functionality
working first.

> A truly free phone is a worthy and very important thing for other 
> reasons, but could such a thing be strongly secure too?

See above about end-to-end encrypted voice calls between family members
(or other parties participating in the chosen non-standard protocol)
over CSD with FreeCalypso.  If you live in a place where CSD doesn't
work, it can be done over GPRS too, but the software complexity takes
a hike upward, so it'll take longer to get working.

> Am I correct in 
> thinking that once the first firmware part of your project was 
> complete, one could flash load that the GTA02 modem, and have a (far 
> more 'smart' and Linux-y than you're ultimately planning) free 
> openmoko phone?

Yes, with one caveat: what I'm going to produce will be a proof of
concept version, but unless the JR+HW+PF trio changes their policy, I
will leave it to someone else to put the finishing touches on it.

Because what I'm ultimately after is a non-smart feature phone, I have
no plans of using my GTA02 as anything other than a bring-up/testing
platform, and for the latter purpose a proof-of-concept version would
be sufficient.

If there are other people (such as you) who care more about the GTA02
and would like to see my FreeCalypso-sw get to a point where it
compiles into a drop-in fw image for the GTA02 (drop-in replacement
for the original fw, but built from full source with gcc), I would be
willing to donate my volunteer labor to make it happen, but only if
the ridiculous NDA worship is brought to a stop and the source+object
mix from which calypso-moko11.m0 was built is made public - not
otherwise.

In the absence of a public release of the "moko" hoardware, my
FreeCalypso project will still produce a fw image that can be flashed
into the GTA02, but it'll be just enough for me to test and prove that
it works.  It will likely lack GPRS and other features, and won't be
integrated cleanly to serve as a drop-in replacement.  It won't be too
hard to put those finishing touches in, but I won't need them myself,
and I don't feel like throwing pearls before swine - giving something
to a "community" that treats me as something beneath dirt.

> Or would the modem firmware have to be programmed 
> differently for the GTA02 compared to your feature phone?

It's a build configuration option - think ./configure or
make menuconfig.

> While I am more interested in a feature phone than a 'smart' phone,

Wow, I'm not the only one!

> I would be 
> very happy to have a really free modem firmware on my GTA02 in the 
> meantime.

Then maybe you should try talking some sense into Joerg etc - maybe
they'll listen to you more than they are willing to listen to me.

> It's interesting to think of the meanings of 'free' in your message.  

See above: I use exactly the same definition of Free Software as the
FSF, in terms of exactly the same Four Freedoms, but *without* adding
that silly extra clause that it also has to be legal.

> Because one of the nice things of free software traditionally has 
> been the ability to say "it's free software, so I can do what I like 
> with it, and you can't invoke state violence against me for doing 
> so,"

Counter state violence with your own violence: raise your own army
that can challenge the forces of the state on a tactical battlefield.
It isn't too hard, we did it successfully back in 1917, and we can do
it again.

> With this in mind, I do wonder why the OsmocomBB work isn't 
> appropriate as a base for your work? Can you explain this a bit more 
> why it isn't?

For two reasons:

> Is it just that they are quite a long way from 
> producing a complete firmware for a phone?

That's one reason.  The other is a personal/moral one.  The leader of
that project is Harald Welte, and I have strong reasons to suspect
that many of its other major contributors are also members of that
elite clique of people who are sitting on copies of the Closedmoko
hoardware and not sharing.  I'm not going to contribute to a project
led by such people.

But as you can see from the evolution of the freecalypso-sw code over
the past several months, I'm not just sitting around waiting for those
people to change - instead I'm busily churning along on my own code
base, using the sources which are now publicly available as my starting
raw material.

openmoko at pulster.de (Christoph Pulster) wrote:

> Just because something is illegal does not prevent it to be crap.
> You are not interested to built helpful hardware,

Just because a non-smart phone is not helpful hardware to YOU does not
mean that it isn't helpful to anyone.  As you can see from Nick's
on-list response, at least one other person would also apparently
prefer a free-firmware-based feature phone over a smartphone.

VLR,
SF