New Life in Openmoko Phones

Nils Faerber nils.faerber at
Fri May 22 12:31:41 CEST 2009

Werner Almesberger schrieb:
> Nils Faerber wrote:
>> Wouldn't it be more fruitful to create a project that is only concerned
>> about providing the best possible tools, hardware and software, for
>> braking into and reverse engineering existing devices?
> There are already a number of projects that do exactly this, such
> as OpenEZX and gnufiish. There are a number of limitations to this
> approach, though:

Fully aggree about all the limitations - we have all been there, tried
that and failed to various degrees.

What I am wondering is if it would be possible by providing a single
project putting together all the bits and pieces and developing the glue
could solve the problems that reverse engineering usually suffers from.

For example it is currently still a major pain to setup and configure
OpenOCD correctly for your target. Would it probably be possible to
develop a large part library and create proper auto detection? That will
automagically detect the JTAG chain, parts on it and offer programming
and debugging options?
Collect and integrate tools for signal analysis, decoding, disassembling
etc. in a manner like KiCAD - collect and integrate well along with
simple hardware designs to attach to target devices.

I also think that reverse engineering projects have become easier
recently since many of the design houses and manufacturers do not
reinvent the wheel everytime they make a new device. They rather base on
reference designs and do only slight modifications. Not all of them of
course, but enough to satisfy the open source community with a variety
of devices.
I think of devices like the HTC ones that have become easier and easier
to hack over the years.
There are of course beasts that are unlikely to be hacked anytime soon,
like some of the Motorola ones or almost all Nokia phone devices (I
don't know of any hack trying to break into a Series60 device though
they should be able to run Linux).

> Of course, none of this means that this approach is guaranteed to
> fail, there is the success story of the WRT54G, but that's also
> a much simpler and extremely long-lived device.
> So the bottom line is that I don't think this approach can only
> scale if you can convince the company whose phone you "opened" to
> cooperate with you. And it's unlikely that they would be able to
> open their design, even if you could convince them they should.

This is indeed unlikely, for many "good" reasons.

> On the other hand, the approach where you own the design can be
> brought to mass-production with anyone's support. Even a small
> carrier or a consortium of interested parties could do it.
> Furthermore, an open design lowers the barrier of entry for people
> who want to make variants. Not only do they not have to license
> the design, but they also don't depend on a single company to
> support them.

The setup cost is still very unattractive even if you want to build a
project with a respectable number of devices.
I would be extremely glad if a manufacturer would jump on such a train!
But I am sceptical about it.

>> Hardware is needed in the form of good debug adapters. Those would be
>> much easier to have made than a complete phone device. Good software is
>> needed for the hardware debuggers and also for disassembly analysis,
>> protocol analysis etc.
> I think in terms of tools, both approaches can share a lot. A
> protocol analyzer will help you debug your own implementation 
> just as well as it will help you to discover a vendor's mystery
> protocol.

He :)

The world could be so much better if mobile devices would be as open as
PCs - then we could save so much effort and do what we all really like
to do, develop software and not tools to develop software.

> - Werner
  nils faerber

kernel concepts GbR        Tel: +49-271-771091-12
Sieghuetter Hauptweg 48    Fax: +49-271-771091-19
D-57072 Siegen             Mob: +49-176-21024535

More information about the hardware mailing list