Challenges in Mobile phone 'Ad-Hoc' Networks

Last month I blogged about a Mobile phone based Ad-Hoc network. The following slide, again from Dr. Ariela Zeira, InterDigital's Vice-President of Advanced Air Interfaces shows the possible problems in having an LTE based approach for a Mobile phone 'Ad-Hoc' network.

This kind of technology is probably quite a few years away.

Double whammy for GSM Security

Via PC World:

A researcher at the Def Con security conference in Las Vegas demonstrated that he could impersonate a GSM cell tower and intercept mobile phone calls using only $1500 worth of equipment. The cost-effective solution brings mobile phone snooping to the masses, and raises some concerns for mobile phone security.

How does the GSM snooping work?

Chris Paget was able to patch together an IMSI (International Mobile Identity Subscriber) catcher device for about $1500. The IMSI catcher can be configured to impersonate a tower from a specific carrier. To GSM-based cell phones in the immediate area--the spoofed cell tower appears to be the strongest signal, so the devices connect to it, enabling the fake tower to intercept outbound calls from the cell phone.

What happens to the calls?

Calls are intercepted, but can be routed to the intended recipient so the attacker can listen in on, and/or record the conversation. To the real carrier, the cell phone appears to no longer be connected to the network, so inbound calls go directly to voicemail. Paget did clarify, though, that it's possible for an attacker to impersonate the intercepted device to the wireless network, enabling inbound calls to be intercepted as well.

But, aren't my calls encrypted?

Generally speaking, yes. However, the hacked IMSI catcher can simply turn the encryption off. According to Paget, the GSM standard specifies that users should be warned when encryption is disabled, but that is not the case for most cell phones. Paget explained "Even though the GSM spec requires it, this is a deliberate choice on the cell phone makers."

What wireless provider networks are affected?

Good news for Sprint and Verizon customers--those networks use CDMA technology rather than GSM, so cell phones on the Sprint or Verizon networks would not connect to a spoofed GSM tower. However, AT&T and T-Mobile--as well as most major carriers outside of the United States--rely on GSM.

Does 3G protect me from this hack?

This IMSI catcher hack will not work on 3G, but Paget explained that the 3G network could be knocked offline with a noise generator and an amplifier--equipment that Paget acquired for less than $1000. With the 3G network out of the way, most cell phones will revert to 2G to find a viable signal to connect to.

Another one from CNET:

A researcher released software at the Black Hat conference on Thursday designed to let people test whether their calls on mobile phones can be eavesdropped on.

The public availability of the software - dubbed Airprobe -- means that anyone with the right hardware can snoop on other peoples' calls unless the target telecom provider has deployed a patch that was standardized about two years ago by the GSMA, the trade association representing GSM (Global System for Mobile Communications) providers, including AT&T and T-Mobile in the U.S.

Most telecom providers have not patched their systems, said cryptography expert Karsten Nohl.

"This talk will be a reminder to this industry to please implement these security measures because now customers can test whether they've patched the system or not," he told CNET in an interview shortly before his presentation. "Now you can listen in on a strangers' phone calls with very little effort."

An earlier incarnation of Airprobe was incomplete so Nohl and others worked to make it usable, he said.

Airprobe offers the ability to record and decode GSM calls. When combined with a set of cryptographic tools called Kraken, which were released last week, "even encrypted calls and text messages can be decoded," he said.

To test phones for interception capability you need: the Airprobe software and a computer; a programmable radio for the computer, which costs about $1,000; access to cryptographic rainbow tables that provide the codes for cracking GSM crypto (another Nohl project); and the Kraken tool for cracking the A5/1 crypto used in GSM, Nohl said.

More information about the tool and the privacy issues is on the Security Research Labs Web site.

Interdigital's 'Fuzzy Cells' technology for cell edge performance improvement

Back in LTE World Summit 2010, I heard from Dr. Ariela Zeira, InterDigital's Vice-President of Advanced Air Interfaces about various things Interdigital have been working on.

One of the technologies that caught my attention was Fuzzy Cells technology to increase the cell edge rates. The following is from their press release for Mobile World Congress:

BARCELONA, Spain, Feb 15, 2010 (BUSINESS WIRE) -- InterDigital, Inc. today announced the demonstration of its "Fuzzy Cell" technology that improves cell-edge performance at the 2010 Mobile World Congress. The Fuzzy Cell technology is part of the company's comprehensive suite of "Next Generation Cellular" (NGC) innovations that combine advanced network topologies and spectrally-efficient air interface solutions for LTE-advanced and beyond.

"Many wireless operators and customers are experiencing a substantial degradation of service quality caused by the ever-growing demand for mobile data," said James J. Nolan, Executive Vice President, Research and Development, InterDigital. "We are at the forefront of developing solutions for more efficient wireless networks, a richer multimedia experience, and new mobile broadband capabilities that support operators to capture revenues from the boom in smartphones. The Fuzzy Cell fits nicely within our much broader efforts on spectrum optimization, cross-network connectivity and mobility, and intelligent data delivery techniques."

While cellular networks have become virtually ubiquitous, users continue to experience inconsistent and unpredictable performance when moving around. While this degradation is often the result of network congestion or an obstructed path of the radio waves, it is also inherent to traditional cellular deployments, whereby signals degrade towards the fringe of any given cell due to interference from neighboring cells. It is estimated that typical users experience this situation, known as being in the cell-edge, more than 50% of the time. Advancements in HSPA and LTE primarily increase peak data rates and only offer modest improvements in average performance throughout a cell.

Fuzzy Cells is a novel approach for leveraging existing resources to improve spectral efficiency and cell-edge performance. In a traditional deployment a device connects to one site at a time (even if multiple sub-bands are used at each site) and all sites use the same power levels and sector orientations for all sub-bands. In a Fuzzy Cell deployment, a device may connect to multiple sites at a time through the different sub-bands and continue to realize full system bandwidth. The power levels and sector orientations of the different sub-bands are optimized for best performance. In simpler terms, the device exploits the best combination of base station support regardless of its position, removing traditional limitations of cell or sector boundaries. Importantly, Fuzzy Cell technology can also allow gains indoors as it allows connection to more than one cell/sector at a time as available. The Fuzzy Cell technology provides additional improvement over Fractional Frequency Reuse (FFR) methods that are supported by current specifications.

The following shows the demonstration of Fuzzy cells:

I haven't heard any news recently on this technology but its an interesting concept, not sure if it would be adopted in the near term in the standards.

The Tester's Prayer

The Tester's Prayer

Oh Lord, give us our daily bugs;

and the wisdom to find the solution or pass the blame.

Oh Lord, help us find the problems before the developers;

for if they fix the problems there may be none for us left to find.

Oh Lord, make sure that developers dont fix their problems properly;

for it gives us time to sit and relax.

Oh Lord, grant us the patience when same problem comes again and again;

for some things are better left unfixed for us to find.

Oh Lord, grant us serenity when all things work fine;

and the belief that things will soon fall in line.

Thanks to everyone who contributed and helped refine this over the years :)

NTT DoCoMo announces 'Crossy'

NTT DoCoMo unveiled the brand name and logo of its forthcoming LTE next-generation mobile service for the Japanese market, which is scheduled to launch in December. The brand name is written Xi™ and read “crossy.” The logo is shown below.

The “X” denotes both “connection” and “infinite possibility,” and the “i” both “individual user” and “innovation.” The logo, which resembles the infinity symbol, aligns the letters in a single stream to embody the bonds that organically link people, goods and information, and lead to new innovation.

DOCOMO’s Xi LTE service will offer downlinks of up to 75 Mbps, approximately 10 times faster than the company’s current FOMA™ 3G service. Initially, Xi will be available in the Tokyo, Nagoya and Osaka areas, but coverage eventually will be expanded to other major cities and then additional areas of the nation. Xi users will be seamlessly handed over to the FOMA network whenever they leave a Xi service area.

Xi handsets, billing plans and other details will be announced later.

Meanwhile the world got its fourth commercial LTE network this week, and its first outside the Nordic region - in the unlikely telecoms hotspot of Uzbekistan.

The Uzbek launch came from Russian giant MTS, and shows how some emerging global telecoms players plan to leapfrog rivals by deploying LTE or WiMAX in markets where 3G is under-developed, and then harness that experience for their mainstream territories. MTS follows TeliaSonera's three LTE commercial switch-ons (in Sweden and Norway plus a soft launch in Finland).

MTS calls its new network "the first fully operational 4G network in the CIS and Central Asia" and is it initially available in the central zone of capital Tashkent, boasting theoretical peak speeds of up to 100Mbps using dongles. The network runs in the 2.5-2.7GHz band and the equipment comes from Huawei.

Benefits Of Self-Organising Networks

I have blogged about SON's on different occasions. Recently I came across SOCRATES project that aims at the development of self-organisation methods to enhance the operations of wireless access networks, by integrating network planning, configuration and optimisation into a single, mostly automated process requiring minimal manual intervention.

Future communication networks will exhibit a significant degree of self-organisation. The principal objective of introducing self-organisation, comprising self-optimisation, self-configuration and self-healing, is to effectuate substantial operational expenditure (OPEX) reductions by diminishing human involvement in network operational tasks, while optimising network efficiency and service quality.

Regarding the technological scope, SOCRATES primarily concentrates on wireless access networks, as the wireless segment generally forms the bottleneck in end-to-end communications, both in terms of operational complexity and network costs. As a consequence, the largest gains from self-organisation can be anticipated here. We select the 3GPP LTE (3rd Generation Partnership Project, Long Term Evolution) radio interface as the central radio technology in our studies. The reason for this choice is that 3GPP LTE is the natural, highly promising and widely supported evolution of the world’s most popular cellular networking technologies (GSM/EDGE, UMTS/HSPA).

The SOCRATES project is supported by the European Union under the 7th Framework Program, and will run from January 1, 2008 until December 31, 2010.

Benefits Of Self-Organising Networks

View more presentations from Zahid Ghadialy.

You can view and download all the presentations from the SOCRATES Project here.

MSF LTE Interoperability White Paper, Jun 2010

This white paper provides a summary of the MultiService Forum’s (MSF) Global LTE Interoperability event which took place from March 15-30, 2010.

The LTE Interoperability Event is designed to test standards compliance of Evolved Packet Core network scenarios of interest to major Service Providers, and to gauge vendor support for this technology. Building on the success of previous Global MSF Interoperability (GMI) events, the LTE Interoperability event provided the first global “real network” multi-vendor trial of the Evolved Packet Core infrastructure.

Incorporating the Evolved Packet Core defined within the Third Generation Partnership Project (3GPP) Release 8 (R8) standards, the MSF architecture introduced new access tiles to support LTE access and non-3GPP (specifically eHRPD) access to EPC. The IMS core network provided the application layer for which services may be deployed, and the binding of Quality of Service utilizing the Policy and Charging Control (PCC) for the bearer.

The event demonstrated that most of the defined LTE/EPC interfaces were mature and interoperable; however limited backwards compatibility between different implementations of 3GPP Release 8 specifications did create some issues. The fact that 3GPP does not require backward compatibility is a known limitation, but it is important to understand that this is limiting interoperability with commercially available equipment. Service providers will need to factor this into vendor selection.

Highlights of the event included:-

• Sessions were successfully established via LTE access to EPC, with creation of default and dedicated bearers with appropriate Quality of Service applied.
• An end-to-end IMS Voice over LTE session was also successfully demonstrated,
• Access to the EPC via a simulated eHRPD access was successfully tested.
• Handover between LTE and eHRPD,
• Roaming was successfully tested.

Though the essential standards are reasonably mature, the implementation of early versions of the standards within several of the available implementations of network nodes highlights the problems that can arise due to non-backwards compatibility between 3GPP releases. It is also clear that early implementations have focused initially on development of LTE access to EPC and that support for legacy access (2G/3G) to EPC is somewhat behind. Events such as the MSF LTE Interoperability event highlight these issues and prove the validity of the MSF approach to achieving multi-vendor interoperability.

MSF LTE Interoperability White Paper, Jun 2010

View more documents from Zahid Ghadialy.

This paper is available to download from here.

'Single-Vendor LTE' from Alcatel-Lucent

Alcatel-Lucent is positioning itself as the only single-vendor solution that service providers need to deploy Long Term Evolution (LTE) networks, including everything from the radio access network and mobile backhaul to routing, base stations, and applications enablement.

The infrastructure giant is taking this message on the road with a 53-foot LTE trailer equipped with 84 TVs to demo what next-generation networks can do, besides just make things really, really fast.

In fact, one theme in all of Alcatel-Lucent’s demos isn't the speed, but the need for one throat to choke when deploying LTE, whether an operator is evolving from a 2G or 3G network or starting from scratch -- the route AlcaLu hopes they will take.

The other strong theme is the applications LTE will enable, both for businesses and consumers, and AlcaLu's strong position with the developer community. The Alcatel-Lucent trailer not only demos multiple applications, many of which are video-based, but shows how they can run simultaneously on LTE.

One significant challenge will be Alcatel-Lucent's ability to blend those two themes.

Read the complete article at Light Reading here.

Meanwhile, Ericsson CEO Hans Vestberg has been complaining that there are components shortage industry-wide. "We share the same suppliers with consumer electronics makers and others," said Vestberg. "There is a fierce competition for those components."

Vestberg said he believes the components pipeline will open up soon, although other networks providers don't look for much of a supply improvement for several months.

Ericsson has been digesting the Nortel acquisition, which solidified its position as the leading LTE infrastructure provider. It also gained an important beachhead in South Korea with its acquisition of Nortel LG, now Ericsson LG.

"Over the past years, we have gone through major changes with cost reductions and strengthened portfolio and market presence while maintaining our technology leadership," said Vestberg. "The cost reduction program initiated in the first quarter 2009 has been completed, reaching its target. Going forward, cost and capital efficiency will remain top of our agenda."

Read the complete article at Information Week here.

Qualcomm probably given up on Mobile TV idea

Bad news for Mobile TV proponents and supporters.

Qualcomm apparently is in talks to sell off its struggling MediaFLO digital mobile TV business, executives said in a conference call on Wednesday.

The announcement came during the conference call accompanying Qualcomm's third-quarter earnings. Qualcomm reported net income of $767 million, up 4 percent from a year ago, on revenue of $2.71 billion, which decreased 2 percent over the same period a year ago.

During the call, Qualcomm chief executive Paul Jacobs announced the new direction for its MediaFLO business, a subsidiary of Qualcomm. MediaFLO brands its digital mobile television service as FLO TV. Qualcomm had saddled the business with a three-year, nonrefundable prepaid service agreement, which apparently hasn't helped MediaFLO's prospects.

"With respect to our FLO TV business, we're engaged in discussions with a number of partners regarding the future direction of the business," Jacobs said, according to a transcript by Seeking Alpha. "We are considering a number of alternatives and we will update you as appropriate."

This news comes at a time when Mobile TV business as a whole is not doing very well. Couple of weeks back I blogged about Mobile TV in China which has not been as successful as initially thought.

Qualcomm was one of the early proponents on another technology called MBMS. Couple of years back they decided to back MediaFLO and not focus much on MBMS. They bought the 700MHz spectrum in the US and launched nationwide TV network. This is also used by other carriers to deliver broadcasts to their devices.

In fact just a few months back they were pushing their standalone FLO TV device. Anyway, it seems they have probably given up on Mobile TV idea like a lot of others who dont see much return for the investment in Mobile TV. The average person is happy and content just to be able to watch Youtube on their mobile.

The following is from Rethink Wireless:

One option might be to shutter MediaFLO itself and sell on the licenses and tower assets - 700MHz is seen as beachfront spectrum in the US, and both Verizon and AT&T will build their initial LTE networks there. Jacobs made clear, in an interview with GigaOM, that he would rather keep MediaFLO as a content system. He said: "We want to see FLO continue so it's not like we'd want to sell the spectrum, but there are certainly people who would buy it for the spectrum. The spectrum is extremely valuable."

Qualcomm always intended to sell MediaFLO eventually - its usual route when it invests in spectrum and builds networks. The same pattern will be seen in India, where it will work with local partners to create a TD-LTE system in the 2.3GHz spectrum it recently acquired and then will sell the business on once established. However, it would have hoped to make more return on its investment in FLO before exiting. "We put FLO TV operations into our strategic investments for financial reporting because we always intended to get out of the operator business. …. It's not operating the way we want it to - it's not necessarily our core business, so we're looking at our options," Jacobs said in the same interview.

iRon

For my son's birthday, we got him a iPod; my daughter got an iPhone for hers. I was extremely delighted to receive an iPad for my birthday. Thinking along the same lines, for my wife's birthday, I got her an iRon. Thats when the fight started...