11-15-2020, 11:07 AM
(11-15-2020, 08:21 AM)wibble Wrote:There are reverse engineering efforts for Qualcomm and Quectel modems underway.(11-13-2020, 10:27 PM)JuniperFury Wrote: So most mobile network modems are blackboxes? Is there any way to reverse engineer them or hobble together my own 3G modem for private use?I'm not aware of a legal one that isn't a black box - between corporate intellectual property policies and regulatory dislike for unlicensed people being able to change transmit characteristics it's an uphill battle. It's a similar situation for WiFi chipsets - most of them have an embedded processor with closed firmware too, and sometimes they have security issues. The FCC were sufficiently worried about the possibility of OpenWRT users using bands or transmit powers not allowed in their country that they considered mandating firmware signing for wifi access points. Wider awareness of SDR is probably a nightmare scenario for them.
I saw an unrelated project that might be useful: https://www.forbes.com/sites/thomasbrews...gray-jeep/
It's using a "a software-defined radio (SDR)" for MITM attacks. Is it possible to use such a modem just for calling and not spying on other phones?
It may be possible with SDR - I'm not sure what the current state of projects like OpenBTS is - but outside controlled environments it will be illegal in most jurisdictions, and impractical for a mobile phone - have a look at the size and power consumption of the transmit-capable SDR stuff.
We will see how far they advance...