Author: Martin

I am sure you have a backup of the data you have stored stored in the cloud just in case your account gets suspended? No you don't because it's really unlikely? Yes, perhaps, but it recently happend to a friend who uses a couple of Google services to exchange emails and documents and to work on documents together with other people. Imagine the feeling when one day the log-in attempt was greeted with a message like "sorry your account was suspended because you were violating the T&Cs. Your account might be reactivated again, please send an email to us describing your activity". What!?? No serious, that was the message. Fortunately it seems it was only a hickup of the system. When trying to log-in again a couple of minutes later access was restored. Still scary and it shows how much control you have over your data in the cloud…

In a previous post I've been looking at the Nokia 7650 which was released 10 years ago in 2002 and compared it to 2012 devices. Pretty amazing difference. But one can also go back 10 years from the 7650… and land back in 1992, when GSM was first launched. Flagship device of the day: The Siemens P1, have a look here. Now how many orders of magnitude is that?

The point I want to make here: The crazy evolution in mobile did not only happen in the past couple of years since smartphones have become mainstream, it's been happening for a couple of decades now, most people just don't remember anymore.

About a year ago, my Android excursions culminated in me programming my first Android app, which even did something useful for my research on top, a cell logger app that saves cell and location area IDs the app encounters to a text file. Since then I've offered it on the blog for download as an APK file for direct installation and the source code on top for those who want to have a look or play with it themselves. Also, I published it on the Android market (now Google Play) to get a feeling for how complicated it is to publish something there and to see if it would be picked up over time.

And indeed it did. While I don't have any statistics on how often it was downloaded from my blog, Google's market statistics are quite insightful. In one year the app was downloaded to 1357 devices and 300 installs are still active (which doesn't necessarily mean it is used all the time). The numbers might seem quite small, but it's an experimental app so it's probably only useful to few people. So I'm delighted and happy that the app was useful to others as well. Actually to more than I expected. There's still a lot of potential for the app such as adding GPS tracking and maps overlay, etc. Perhaps that's something for after this summer once a current project that consumes my spare time is finished.

You probably still know Windows XP? Of course you do, because it still runs on many computers today, despite having been launched 10 years ago, back in 2002. The look and feel is still the same as back then. But do you remember the Nokia 7650? Probably not because you haven't seen anybody in half a decade using one. But, believe it or not, it was also launched back in 2002 and it was THE high end smartphone of its day to be had for around 600 euros. Let's have a look at the specs then and now:

• CPU: 104 MHz (vs. 1.0 GHz and up today, 1 order of magnitude)
• Storage memory: A whooping 4 MB (vs. 16-32 GB today, almost 4 orders of magnitude)
• Camera: 640×480, i.e. 0.3 Megapixels (vs. 8 megapixels found in most phones today or 41 megapixels of the Nokia 808, 1 order of magnitude)
• Network: GPRS, 40 kbit/s (vs. 21 MBit/s HSPA+, 2 orders of magnitude)
• Display resolution: 176×208 pixels, 4096 colors (vs. 640×960 (iPhone4), not quite an order of magnitude, but you can easily tell..)

And all of this in 10 years. Kind of gives you an idea of what to expect in 10 years from now (apart from Windows XP still running on some machines).

 

So far, I've mostly been looking at Network Address Translation (NAT) as a good counter measure on mobile devices to block unsolicited incoming communication so the modem doesn't have to wake up all the time. Another benefit of NAT is of course also to keep the bad guys away from your devices on the network layer. But actually how much unsolicited traffic is there that reduces battery life in mobile devices and puts your device or local network at risk? As I didn't have any specific numbers on that I decided to try it out to see what happens.

I ran my tests with a Linux PC connected to the Internet and running Wireshark in various ways. In one setup, I used my DSL line. On the router I assigned the Linux PC as a DMZ host, i.e. all unknown incoming packets were forwarded to it. Needless to say that the PC had all current security patches applied and only had the services running that were really require. In another setup I used a 3G dongle and an APN without NAT. The rest of the world didn't really care if the link was fixed or wireless the incoming unsolicited traffic was pretty much the same. Therefore, I don't distinguish between the two in the following.

And here is what happened:

Incoming Traffic Frequency: There was incoming traffic not generated by any of my running applications every 5-10 minutes, i.e. around 10 connection requests per hour, or 10 additional and unnecessary modem wakeup calls.

Type of Incoming Traffic:

Some of the incoming traffic could easily be identified as P2P file sharing connection requests, most likely triggered by a P2P client running on a device that had the IP address I was assigned previously. No harm done here.

Most connection requests had a less harmless nature, definitely sent to see if services are running that could potentially be exploited. Here are some interesting highlights detected during my 6 hour experiment:

• Frequent connection requests to telnet, ssh and http ports. I ran the tests with several different dynamic IP addresses assigned and always got those requests from many different sources. Definitely probes to see if old and outdated services were running that could be exploited.

• Unsolicited SIP requests: I saw those from a number of different originations, so people are running SIP scanners out there to see if VoIP servers are running on systems out there.

• Active VNC attack: I had one instance where the VNC port was probed. As I had a VNC server running on that system the other end started the handshake dialoge and logged off once he had my server version string. I checked with a real VNC client and even when I don't type in the password the communication goes much further than what I saw in this even. There are some VNC server flavours out there that are vulnerable so that was most likely an active attack to scan for those out there.

• Microsofts Remote Desktop Port: I also saw a number of RDP connection requests, so even before the recent criticial security patch for a remote code execution vulnerability, automated scans were running against this port.

• Microsoft SQL database weakness probe

• Unsolicited DNS responses: Every now and then I got DNS response packets which were not triggered by internal DNS queries. The responses contained URLs for xxx sites. I haven't quite understood the background behind that

• Port Scans: General port scans not from P2P services to well known port numbers, e.g. 110 POP3, etc. 

I ran the test with several different IP addresses on different days to ensure I didn't have an IP address that was used by someone else before and thus triggering certain things. The result in each case was the same so all things described above pretty much must be from automated scripts just running up and down the IP address space looking for targets. Also interesting are the countries of origin of those requests. It's pretty much an international phenomenon, requests were coming from everywhere, including the US, European Countries, Russia, China, Australia, etc. etc.

Not a peaceful world out there…

Only a few years ago, the first thing many people did when buying a new 3G phone was to switch to 2G-only mode as they felt it would reduce power consumption. Whether that had an effect or not, that's what they did. Times have changed and today smartphone users leave their device in 2G/3G mode because connected data apps (web browsing, email, instant messaging, etc. etc.) have become an integral part of the experience. I have now gone even further and have switched to 3G-only mode as UMTS coverage has become almost as ubiquitous as 2G in where I live (Cologne-Bonn area). And here's why:

• HD-voice: Quite a number of my friends have HD-voice capable phones now with superior voice quality. For the moment, that's only available on UMTS in practice so I don't want my phone to be handed over to 2G and thus be kicked back to the traditional narrow-band voice codec.

• Simultaneous voice and data: Especially during longer conference calls I take on the mobile phone I like to be able to switch to the web browser or the email client to do some background research. UMTS had the simultaneous voice and data connectivity already back in day 1 and I've become used to it and don't want to be thrown to 2G during the voice call and my data applications to stop working. 

• Security: Yes, this one's perhaps a bit on the paranoid side but GSM is not as uncrackable anymore as it used to be. Better to be on the 3G side.

Admittedly, I switch back to dual-mode 2G/3G when I travel as 3G coverage is not as ubiquitous as in my home town.

With LTE networks on air these days it seems that those that don't have one yet need to come up with an excuse. Not that they really have to from a technical point of view when they have a well running and optimized HSPA+ Dual Carrier network but still, LTE sounds nicer. So one of my favourite excuse is "we are waiting for LTE-Advanced" without giving more details. But what is it exactly they are waiting for?

LTE-Advanced consists of many features such as LTE CoMP I discussed a couple of days ago. I am pretty sure that's not the one feature they are waiting for to come to the market. Rather, I get the impression that they are waiting for Carrier Aggregation (CA), that allows bundling several carriers in different bands together.

So say, you have 10 MHz in one band and 10 MHz in another band and you want to bundle that together. Is that LTE-Advanced then? Sure it is, from a definition point of view. But is it better than taking a "plain old" 20 MHz channel defined in LTE Release 8 that you don't have to scrap together? And why wait for that in the first place, isn't 10 MHz good enough to start with?

So the point I am trying to make here is to listen with pointed ears when someone uses the term "LTE-Advanced" and actually ask what specifically is meant by that. Combining two 10 MHz channels doesn't count for me (even though it is technically LTE-Advanced). Having said that I can hardly wait for the press to fall into the trap and declare one country more advanced in wireless than another because an "LTE-Advanced" network (with 2x10MHz CA) has been deployed there, while other parts of the world are "lagging" behind (with networks that have 20 MHz LTE Release 8 channels) deployed.

Bah, so much double-talk.

If you are in the "advanced" LTE stage (not to be mixed up with LTE-Advanced) and care about resource blocks, subframes, physical channels, control format indicator, antenna ports, HARQ indicator channels, etc. etc. and how all of that comes together, I've found two interesting links to visualize all that:

The first link is to an LTE Resource Grid calculator. After setting a all input parameters such as the channel size (1.4 to 20 MHz), number of symbols used for the downlink control channel, etc. the resource grid is visualized with the different physical channels marked in different colors. Great stuff, finally an easy way to transform all those formulas in the spec to an easy to understand map and see how changing the input parameters change to channel map. Also, the map is a great way to understand how much of the channel is used for control information and thus overhead, and how much is used for actual user data.

The second link is an LTE Physical Downlink Shared Channel Allocation Calculator. Given the channel bandwidth, control format indicator, modulation type, the number of resource blocks assigned to a device and a couple of other input parameters and the calculator will come up with the number of bits that are transmitted per slot and subframe (1ms) to a device. Again, it's interesting to play around with the input parameters and see how the result changes in real time.

Have fun

LTE has a bit of a problem with voice and a number of different approaches exist to sail around this for the moment. While some network operators might have an inclination towards CS-Fallback (CSFB) to GSM and UMTS, others like Verizon have gone the dual radio approach, i.e. having two radios active at the same time, one for CDMA-1x and one for LTE. An example is the HTC Thunderbolt, that has two radio chips inside. For CDMA it uses a Qualcomm MSM-8655 and for LTE it uses a MDM-9600. For details see here. But it seems to two chip approach might not be necessary for much longer. In this whitepaper, Qualcomm states that "for LTE handsets, the 8960 modem enables […] simultaneous CDMA voice and LTE data (SVLTE [Simultaneous Voice and LTE])". That certainly fixes issue requiring two baseband chips required in a CDMA/LTE smartphone. A potential solution for the GSM/LTE world as well?

Here's a link to an interesting map (Breitbandatlas) on the website of the German Department of Commerce on where in the country high speed Internet access is available at speeds of >= 1 Mbit/s. The map is an overlay of fixed line DSL availability with HSPA and LTE coverage. The map is split into tiny cells and for each cell the networks are listed that are available at that location. The result is 99.5% population coverage.

A very good value but it should be noted that for those covered by HSPA and LTE, there's a volume limit per month, typically between 5 and 30 GB depending on the price. That's quite enough for most people and includes occasional Youtube use. Don't forget though to tell your kids about the limit, too 🙂