This group of people are not the developers of the open-source GSM basestation stack they demod, funding them does not contribute to the OpenBTS. Fairwaves built a business trying to commercialize the readily available OpenBTS software stack, which was developed by Range Networks. Range split and the original author of OpenBTS, is the project maintainer behind YateBTS, which is a totally revamped version of OpenBTS with support in the works for LTE. So if you care about GSM, and LTE basestations go directly to the source http://yatebts.com
CEO of Fairwaves here.
Just want to slightly correct here. We indeed started with OpenBTS, but we switched to Osmocom years ago for a variety of reasons including better code quality and proper community development model. And while we're not the original authors of Osmocom either, we added SDR devices support to it, polished osmo-trx to a state it can be used in production, wrote first GPRS implementation, etc, etc.
Right now Osmocom is a thriving community with several companies actively contributing, so it's moving faster than any other open-source GSM project out there. There will be more really exciting news about Osmocom soon - keep your eyes open.
So if you want to go to the source - I suggest http://osmocom.org/projects for real open-source.
Btw, no one stops you from using osmo-trx/LimeSDR with YateBTS if that's what you prefer. That's the beauty of choice open-source gives you.
Indeed, hardware is the key. You can't run a GSM base station without a good SDR transceiver attached to your PC. :)
In 2009 when we tried to launch OpenBTS with a USRP1 (Osmocom didn't work with SDR back then), it just didn't work and we had to spend days figuring out why and we had to solder a better clock to it to get it working. Today you have a selection of inexpensive SDR devices (B200, BladeRF, UmTRX.org) which let you run a GSM stack at home and LimeSDR is a great progress in this direction, especially given it's OSHW.
Note: always know the laws and check your local spectrum regulation policies if you want to run a GSM station. In most countries you need to get a license to do that even for educational/research purposes.
I also strongly discourage everyone from attaching any amplifiers to the aforementioned boards yourself. Even if you think you're sure you're not disrupting anything. Amplifiers will amplify all noise and spurs generated by your transceiver including ones in other bands you do not expect. So you may (and most likely will) interfere with other services. If you need a high power base station (and you have a license to run it) - get a commercial BTS which is tested to meet requirements and avoid interference. I can definitely recommend our UmSITE (shameless plug), but there are a number of other companies selling commercial BTSes.
If you're not interfering with existing services and run your BTS in a closed mode, 911 is not a concern, because a GSM BTS broadcast channel has a bit which indicates 911 service availability and all open-source GSM software disable this by default. So phones won't camp on your BTS for emergency services. To avoid interference you really should be running at low power like 1mW (on SDRs like UmTRX which have pretty high power by themselves you can easily reduce the power to a reasonable level) and use an unused ARFCN. Make sure to do a proper scan with fosphor/SDRangeLove to see traffic-only channels. Usual scan tools will give you a list of beacon (BCCH) channels, but will miss all TCH-only ones,
We're also partnering with Lime Microsystems (people behind LimeSDR) to create a next gen inexpensive embedded SDR - so you could turn an application you developed with LimeSDR into an industrial/embedded product easily. Check out http://xtrx.io for details.
The whole setup to run something like this already runs in the high thousands. If you plan on doing anything worthwhile (legally) you will be spending nearly $5,000 on a benchtop RF cage. If you plan on needing amplifiers to get more than 10 feet of range you will be spending $2,000 on an amplifier. There are no shortcuts in RF, operating an illegal basestation can very easily affect E911 service and put you in jail for a very long time if your basestation stops someone from receiving emergency services.
I don't want to go into too many details for obvious reasons but you really do not need to spend a 2000$ on an amplifier to get more than 10 feet of range if you are building say a DIY IMSI catcher.
Just suffice to say are over the counter (if you are willing to order from china, or heck Dealextreme) cell blockers and boosters that cost <200$ that can block cell reception over a much much greater area than a 10 ft radius.
That's not true. To run a benchtop setup you just need an inexpensive SDR (LimeSDR, UmTRX or B200) and your laptop - that's not "high thousands". If you're deploying networks professionally, then yes - you'll spend thousands on proper base stations, software to control them, etc. But in the latter case you should have your spectrum license, so operating a BTS should not be an issue.
Also see my post above about 911 services.
Just FYI working with GSM can be highly illegal in many places, especially without asking for and getting "permission" and then following the regulations regarding transmit power and shielding.
Please note that when you fuck with GSM you don't only screw around with your cellphone, you screw around with the guy or gal on the street calling 911, or with your upstairs elderly neighbour's emergency SOS/Telecare device, burglary alarms, fire alarm etc. so be very very careful in order not only to not get caught but to also not be an "asshat" on "blocking an ambulance" levels because you can easily just become that due to a mistake on your part.
Those SDR boards can't have that much power, can they? I mean, a usb powered radio rx/tx board running in your apartment can in no way seriously disrupt other peoples' communications.
Really depends on allot of factors, a 10dbm (which is what the board spec claims to be the limit as 10mw = 10dbm (only true for 10mw since it's a 10 x base 10 logarithmic function), but it could potentially be set to higher TX if it's only limited by software and 20-25db transmitter has a range of of 1000's of sq/m, with 20+ DBM transmit power/gain you can get into 1000M+ transmit range alone) "GSM Booster"/Picocell can easily cover an area of ~200M/sq, that's a radius of 30 ft for 1800-1900 3/4G, and more (can't recall by how much off the top of my head and I'm not doing the math) for 800-900mhz cellular signals.
But you don't need to be able to provide a stable connection to interfere with someone else's phone call a lucky alignment of the heavenly bodies at just the wrong moment can cause a call to drop or your phone to start roaming, deregister etc. at quite likely longer ranges than 30ft (how longer that's another question) and that can be enough you don't need to effectively build a jammer/unrouted rogue station that would constantly blanket everyone's reception in order to cause issues.
But one of the reasons I gave fairly localized examples is that while 30ft may not seem that much and it might not be, in most residential environments it's enough to potentially cause issues for some one else on the street, driving by, next door etc, and you never know what can happen.
If you want to play with GSM or any other potentially disruptive radio spectrum use it at very low power and preferably either with direct and shielded coax connections or within a faraday cage, they aren't hard to build and you can easily put both your phone and your SDR into one and work on them remotely.
USB3 can pump up to 900mA @ 5V = 4.5W, which is pretty good. But each device has its own specs - e.g. LimeSDR has only 10dBm output power, because it doesn't have a built-in amplifier. So if you (1) don't attach a large antenna to it, (2) you operate in your basement, (3) you choose an unused ARFCn and (4) you operate in closed mode, you should be fine form technical perspective. That said, legality of this is up to you - check your local spectrum rules.
It also seems to have an option for an external power supply so you could potentially add more power to it.
I don't know what the specs for it are, but 1000mW is 20dBM which gives you a very nice coverage range on it's own and it's definitely possible to power that of USB alone.
You can and I've recommended it but it's not that trivial either the path loss in coax signals as well as some other factors might not work with all SDR's and RF equipment and it takes a bit more legwork to set up.
Dumb question ... with coax, do you need an SDR board anymore? I assume not since you can do everything in CPU? Or is there some specialized acceleration you get with Silicon. Complete newb here.
The Coax is just a media for the radio wave to propagate through for all intents and purposes for this experiment it's no different than vacuum it's just a piece of cable you still need a transmitter and receiver to actually generate and receive the radio signal as well as a DAC of some sort to connect it to the PC :)
Basically if you do it via direct coax you basically connect a coax cable to the micro bnc port on your SDR (to which the regular antenna coax cable would connect) and the other end has to be connected to the BNC connector on the device that is talking to you radio, some phones have BNC connectors for testing (older phones used to have it to connect to the car phone fixture for better signal) but for some you'll have to solder a connector manually to the phone board or have some setup to connect to whatever custom connector the phone uses to connect to the antenna.
I know that the iPhone 6/s plus for example has a micro bnc connector for the Wifi antennas but I can't recall what they use for the GSM one but it's either going to be bnc or some custom connector if they are using some fractal antenna printed on flex cables or one that is embedded into the case which is quite common these days.
EDIT: Correction the connectors on the LimeSDR and on most phones are U.FL not BNC, I just have a habit of calling all Coax/RF connectors BNC so if this incorrect in some other post apologies :P
ARGGGG
EDIT #2: Apparently the iphone (as well as some other phones) use some "custom" connectors that mechanically look like U.FL but are smaller, so FML and good luck finding a cable to connect to it.
Yeah, we're not as well known as some of the more prominent SDRs out ther. We're mostly targeting professional users and have been mostly focused on figuring out how to get our tech into the real telecom world. Stay tuned - you will hear more about us, as we now have our system integrated into operators and have our hardware running in the real world.
Here is a video of tests we're doing at installations with real operators - https://www.youtube.com/watch?v=mxpUXPy1htA
(our equipment is almost invisible on the top of the tower, big racks and thick cables are existing infrastructure which was there)
Can you change the transmission bands to the ISM ones or is it fixed to GSM bands? For a tinkers setup, the frequency shouldn't matter since you may not care about performance? Asking out of curiosity.
Yes. Osmocom/OpenBSC actually started as an open-source "network in a box" which implements all critical GSM network elements in a single executable. It greatly expanded since then - check out a list of projects there. As I mentioned below, more companies are joining Osmocom and there will be hopefully more work on the core network side. Other open-source projects targeting core network elements are http://www.mobicents.org/ and http://www.projectclearwater.org/ (IMS).
