OsmocomBB: A tool for GSM protocol level security analysis of GSM networks

By: Harald Welte[1]

The OsmocomBB project[2] is a Free Software implementation of the GSM
protocol stack running on a mobile phone.  

For decades, the cellular industry comprised by cellphone chipset makers and
network operators keep their hardware and system-level software as well as GSM
protocol stack implementations closed.  As a result, it was never possible
to send arbitrary data at the lower levels of the GSM protocol stack.
Existing phones only allow application-level data to be specified, such as
SMS messages, IP over GPRS or circuit-switched data (CSD).  

Using OsmocomBB, the security researcher finally has a tool equivalent
to an Ethernet card in the TCP/IP protocol world:  A simple transceiver
that will send arbitrary protocol messages to a GSM network.

Well-known and established techniques like protocol fuzzing can finally
be used in GSM networks and reveal how reliable and fault tolerant the
equipment used in the GSM networks really is.

[1] http://laforge.gnumonks.org/
[2] http://bb.osmocom.org/