Fairphone Baseband OS / firmware?

Really useful discussion :thumbsup:, but just wanted to point out that you may not get a response from the official Fairphone team, as these are community forums. The team do try to keep in touch with the community, but may not respond directly.

If it gets to point where you think you need an official answer you can flag to the community mods and we’ll do our best to get a response. Alternatively you could contact support directly and update here with any response

1 Like

There are regulatory compliance issues with baseband firmware (eg FCC in the US, OFCOM in the UK, others in other countries) which will take you far more than a few months to sort out. I don’t know the details - I’m a software guy, not a lawyer - but this has to be worked out separately for each regulatory body, by guys with expensive suits, not coders.

2 Likes

I’d be really interested in the official response if you could ask the team!

Ah, I think I’d managed to forget I’d heard that. :frowning: I wish, whether fancy suits of not, they’d at least do their jobs and only approve reliable secure firmware, regardless of if they’re under pressure to approve exploitable code or not.

2 Likes

Hi,

I like the discussion very much here and I a sure we can give some insights into what we can and will do later(but not right now). Working on an open/secure baseband is not one of them. We have to realize why Fairphone does (try) to open source things and what Fairphone’s roles is here.

3 Likes

Hi. I wanted to write this to the Fairphone team but couldn’t find a contact address, and it’s too long for a tweet. I know this is firstly a forum between users, but I’m hoping that posting here might at least be a first step.

Context: I am not yet a Fairphone owner, in fact not even a smartphone owner as I’m very unhappy with the way the market has evolved into a state where users are not really in control of the devices they bought. I can’t see myself using a standard Android device except for testing purposes. Needless to say, Apple and Windows devices are even less of an option. I appreciate that Fairphone went further than mainstream phone makers towards opening their phone to its users, and reading the latest blog post on Fairphone’s approach to software has made me more hopeful that the new Fairphone might offer a degree of freedom that will enable me to fully embrace it. I am a software developer, but know next to nothing about hardware. I’m also a volunteer at Digitalcourage, a German NGO that deals with digital rights, but here I’m writing personally.

I am writing about something I’ve seen on a page from the Tor project about Android security and privacy. I quote from Mission Impossible: Hardening Android for Security and Privacy | The Tor Project

If you truly wish to secure your mobile device from remote compromise, it is necessary to carefully select your hardware. First and foremost, it is absolutely essential that the carrier’s baseband firmware is completely isolated from the rest of the platform. Because your cell phone baseband does not authenticate the network (in part to allow roaming), any random hacker with their own cell network can exploit these backdoors and use them to install malware on your device.

While there are projects underway to determine which handsets actually provide true hardware baseband isolation, at the time of this writing there is very little public information available on this topic. […]

The page then goes on to discuss some seemingly exotic and inconvenient ways of achieving this separation. This is clearly an issue that is not yet served well and would need more attention from hardware makers. I understand that the Fairphone project is dependent on its suppliers, but I was wondering if there is a chance that this issue could be raised with suppliers as part of the search for the next Fairphone platform.

Thanks for reading, and for any replies.

6 Likes

Hi, I could not insist more on this crucial matter.

Currently, it exists two categories of smartphones : the ones which control its user through the baseband, and the neo900 (which aim to sandbox the baseband)(and which is not exactly ‘existing’ yet).

Here is Edward Snowden explaining on the BBC why we should free ourselves from baseband chips : http://www.bbc.com/news/uk-34444233

Here is a Wired paper explaining how neo900 project is working to circumvent the problem : http://www.wired.com/2013/11/neo900/

Regarding FairPhone, my 1st concern was about Free Software operating system. I suggested to work for free during a year to port Firefox OS on FairPhone but were considered seriously. One year latter, reading that Sailfish OS will be supported, I’m back :smile:

A Free Software operating system can’t hold its promess if it is in the shadow of another OS controlling the phone. This issue may be less known for the moment, but is also far more a concern. A great work have been accomplish between FP1 and FP2, it’s impressive. So we know you can do it. Please, change the world once again, and have control over basebands a thing that comes true with your next phones or modules.

Here is a project of open base band chip if it can help : https://bb.osmocom.org/trac/

5 Likes

The more I’ve thought about this the more important it seems.

Perhaps the way forward is a partnership, involving Fairphone, OsmocomBB, Cyanogenmod, XDA, EFF, (& Digitalcourage @sebalis ?), etc.

If one barrier to open source baseband OSes is the very expensive process required by regulatory bodies (who obviously aren’t doing their job very well if they allow the current set of sub-standard, vulnerable bbs), I think there’s a good chance we could get this done through crowdfunding, building an online community of people willing to contribute at the same time.

@Chris_R I don’t think we ever got an official response from the Fairphone team on this: would you be willing to chase up the possibility of them supporting a project with this as the remit?

@keesj is one of the devs at Fairphone. Whilst the responses here are not the official stance of Fairphone, the post above does give a bit of an indication:

I’ve also invited @Douwe,the new online/community manager (sorry, forgot your exact jobtitle!) who may also be able to point us in the direction of any relevant stakeholders / developments.

1 Like

if someone knows this, then it will be @keesj

But add me to your list of +1’s for a free and open baseband.
Also add me to your +1 list of people who believe this is much harder then most think… :frowning:

3 Likes

For sure, there are multiple reasons the situation has fallen this way. One good protection of this untrustable component is its complexity : many protocols to support, many legislations to comply… I never said it would be easy, I just say it must be done.

It is what matters now.
You are who we would trust to ship it in new phones.

(it’s what could deserve an FP3 if any … maybe FP2 will be the last, and new features will be accessible via regular new modules releases…)

It’s pretty simple: The QC SoC is the easiest chip for building a top notch phone (~ current Nexus like) with an ODE/OEM fast and with a least some kind of software support. Basebandwise it’s another story. Just keep in mind that there is the very slim possibility that the baseband software could be able to control the full phone.

Currently (and only how I understand things that were told/written me) the FP is not a DIY hardware/software project and will not be a DIY hardware/software project for a long time. They design phones with what is available, try to improve their hardware supply chain and sell them to us. And sometimes they even listen to their customers :wink:

And although I dislike sony a lot they are currently putting some manpower into this. Maybe their released code will also improve some things (talking about SoC/Android support, not BB).

Sorry for bumping this old (but as far as I noticed not outdated) thread.

[quote=“teppe, post:7, topic:1228, full:true”]

[quote=“Kris_S, post:3, topic:1228”]
Hi @teppe,

Places you could look for the info:

Personally I don’t know enough about this topic to be of any help. If you can’t find the info in the above mentioned docs you could always inquire about it through Support.[/quote]

Thank you, I appreciate it. I’m still looking around to try to work this out, but I think it’s probably part of the MediaTek (MT6589) chipset, who FairPhone have managed to secure some source code from before. Unfortunately, MediaTek are said have particularly bad baseband firmware.[/quote]

Thank you for your investigation and sharing your infromation. Any updates on this? Maybe some official statement/mail contact I didn’t recognize?

…all ideas I have as well related to Fairphone reading Free Software Cellular Baseband, just some text parts:

What Openmoko produced in the late 2000s seems like the perfect
solution to the problem of closed proprietary phones with closed
proprietary basebands - but there is one problem with this solution. The
problem is that Openmoko phones are no longer made: the last production
batch was in 2009, and all remaining surplus has now been fully
exhausted - and none of the newer post-Openmoko initiatives have
retained the feature that matters, Openmoko’s Calypso modem.

The solution to THIS problem is obvious: we need to produce a series
of new phones with the same TI Calypso baseband as used by Openmoko, the
only cellular baseband chipset that currently exists in the world that
can run fully free, fully functional firmware as opposed to the closed
and proprietary kind. (The chips themselves are still available as
surplus on the Chinese markets in very large quantities.)

Unfortunately the team around Michael Sokolov only got around 2300$ and the documentation FTP server and FreeCalypso Bitbucked page seems down or inactive.

So…

…why not a collaboration between Fairphone and Michael Sokolov/FreeCalypso? He seems to have the knowledge, Fairphone has/is the platform.

1 Like

. What Openmoko produced in the late 2000s seems like the perfect
solution to the problem of closed proprietary phones with closed
proprietary basebands

I can assure you that it was far from perfect. I owned an Openmoko, I participated in the community. But I was never able to make decent quality phone calls. My wife woulf always recognize when I used it, as “you sound as if you stuck your head in a bucket”. Improving hardware supplies and manufacturing, software, drivers, and baseband (and keeping all that maintained) is more than any single organization can tackle. Take note that even sony had to withdrew Android Nougat plans for some of their current phones as Qualcomm refuses to update their proprietary graphics driver.

3 Likes

After looking into the OsmocomBB project more, I’ve realised that all hope of an open-source baseband processor is hopeless.

They’ve managed to reverse-engineer a GSM baseband processor, which somewhat works on a select few 10+ year old phones and only via getting some leaked specs. And from what I’ve heard 3G and LTE are also an order of magnitude more difficult to reverse engineer.

So let’s instead focus on the lower hanging fruit and the actual solution The Tor Project realised in the previously quoted post - hardware baseband isolation.

Their immediately proposed solution was having a tablet + a separate portable router with your 4G SIM card but we can actually have this all in one phone.

The Neo900 is a smartphone which is doing just that.

So if they’re able to do it and have a modular phone, I don’t see why Fairphone wouldn’t aim to do this also.

@keesj @Johannes

1 Like

This device costs 1,200€! :stuck_out_tongue_winking_eye:

1 Like

Just a quick note that Keesj left Fairphone earlier this year, and that I (and the other community moderators) are volunteers from the community rather than Fairphone employees. @Douwe is still at Fairphone though, and I would imagine that he tries to advocate this kind of thing where he can.

2 Likes

1.100 to 1.200 results from the very low number of devices. That price would much lower, if more people would want to buy it.

And ? - it´s just a number…:stuck_out_tongue_winking_eye:

Some people would call this a “voice distortion feature”. :wink:

…or why the effort is not combined: would be very hard for me to decide bewteen a FP2 and Neo900. Both have features I don’t want to miss.

1 Like