Back in 2004-2006 when we were building the first version of Opera Mini mobile phone usage statistics were really lacking. The mobile phone market was insanely fragmented, and varied so much per country. This was the time when there was like 1-2 new devices launched every day. We had a hard time figuring out exactly which devices to prioritize debugging for.
So I had this idea that we'd do wardriving to figure out what brands (and perhaps even models) were popular in different regions. We got quite far into this idea before abandoning it.
GSM insecurity was a key enabler. If I remember correctly, at that time it was possible to get at least the IMEI via passive eavesdropping, somehow.
The reason we abandoned this idea: A combination of our inhouse lawyer's opinion plus we realized we could just brute-force it by manually testing thousands of devices with a staff of about 5 manual testers of the proper ability. The most productive person we hired for that role was 60+. She had previously worked as COBOL programmer for a local bank.
I guess this could illustrate a key difference between a bay area company and a nordic company, at the time...
> 2004-2006 when we were building the first version of Opera Mini mobile phone usage statistics
Hi, I just wanted to say that Opera Mini was such a major part of my life, and I'm sure I speak for many others as well. I was in Sri Lanka at the time, and those Java apps enabled the world to us!
I read whole documentations on some software on a Nokia 6630, and I made my way to here 15 years later.
Thank you for being part of an amazing software that changed many lives.
I still use operamini.jar for reading hackernews, for me it gives even better ux than typical smartphone browser, because I want just text and nothing more. No popups, no suddenly videos, no proposals to install freaking apps, no cookie banners, no bothering about slow https handshake when gsm coverage is really elusive. Operamini saves old button phones from being just bricks.
I love moments like this where two people meet and share information about a shared thread in their lives, when they would otherwise probably never know. Good job hacker news:)
Hey, much like the other comment said, Opera Mini made a lasting impact on me. 10 years ago, I was a teenager from Serbia living in a shitty high school dorm at the time with Internet being cut off at 11pm (with a pretty busy day before). My crappy Sony Ericsson with very limited data was all I had to spend nights learning and feeding my curiosity and passion for programming. Opera Mini was a game changer. I read source code, blogs, docs, wiki, posted in forums and chat rooms, even pirated some programming books using it.
Many years later I'm doing great and I honest to God think I wouldn't have gotten as far as I did if it weren't for your work.
Thank you.
And that was a cool story, would love to hear more :)
Here in Russia was a time when Opera Mini mods were popular. There was even a WAP site where you could configure a mod and have the jar generated for you! I remember using one of these on a Siemens CX75. That mod had a very tiny custom font and the ability to download and somehow upload files. I stopped using the mods when an all-new version was released that could display desktop sites with a more-or-less correct layout, a "mouse" pointer and the ability to turn the display sideways. It was a godsend to use VKontakte especially — there was no mobile website back then because just the idea of using your phone to access the internet was rare and somewhat badass.
> I stopped using the mods when an all-new version was released that could display desktop sites with a more-or-less correct layout, a "mouse" pointer and the ability to turn the display sideways.
Late reply, but maybe you'll read it:
That was Opera Mini 4. In Opera Mini 1-3 the "layout" actually happened on the actual device, using the very slow java VM.
In Opera Mini 4 and later, the layout for non-mobile web
sites was done on the server-side using some pre-defined screen width, like 700px or so. Or for for a mobile web site, using the exact width of the screen. The output is more similar to PDF than HTML. Like, write this text there, this image, there, paint this filled rect there etc.
This generation was the one that really got us hundreds of millions of MAUs.
Ha, this brings back memories indeed. I was working on the Skype J2ME app at the time and Opera was one of the few complex apps to look up to for a source of motivation and inspiration.
This brings back memories. I helped set up the first GSM network in California / Nevada. Strange to see its remnants still out there. I would have expected it to all be deprecated by now. Anyone from HN still currently working with it?
I can try. Here [1] is some of the terminology. We were assisted by Orange (from the UK) to set up the first GSM network in the U.S. using primarily Ericsson equipment. We soft launched in San Diego at the RNC, then re-launched officially state wide in California and Nevada using Ericsson AXE-10 switches (mainframes). We had several MSC's. These were the switches that routed calls to the SS7 network. Those had BSC's which were the switches that routed calls from within a region to the MSC's. The cell sites attach to the BSC's. The cell sites were connected to the telco network with channelized T1's. (24 channels) Each channel was divided up into multiple voice and stand alone dedicated control channels. The phones registered to an HLR (Home Location Register). The HLR, ALR and EIR used for hardware and user mapping / registration. That data fed into billing systems. Access to those systems was performed using the x.25vbis protocol. We also had value added systems that provided support for SMS (text messaging), message waiting indicators (for voicemail) and other various services. It turned out that text messaging was super popular, so it went from being a value added service to a primary service. We did not charge per message, despite our sister company in the UK doing so. In the early days, you could tail all the text messages and almost keep up. All of our vendor documentation was in massive binders. None of the documentation was digital. Any changes to code would take many months to get revised documentation if it was revised. I think I may have been one of the few people to ever use the EIR to block a stolen phone. One of our cell techs left their Nokia-9000 (fancy early prototype keyboard flip phone, promoted in the move The Saint) and they were very expensive. I spoke with the phone thief, offered them a reward, but they declined so I turned the phone into a paperweight. That feature was never used by customer support as far as I know, for fear of bricking the wrong phones. One of the cool features of GSM is call prioritization. If a phone is flagged as a first responder, they can kick a person off a congested cell site to free up a voice channel.
One service we never implemented was Wildfire. (no documents to cite that I know of). She used the same tech the NSA used to monitor voice calls. She was created in response to the hands-free laws that were about to be passed. You could say in the middle of a call, "Wildfire!" "Yes" "Call mom" or "bridge on mom". She had some funny Easter-eggs as well, at least in demo mode. "Wildfire!" "Yes" "What sound does a cow make?" "mooo..." I guess she could be considered the first iteration of something like Siri, but on the server side. The coolest thing about Wildfire was that she could understand every language and every dialect with zero training. [EDIT: I stand corrected, see threads below, apparently she did require training, but came to use fully populated / trained. ] She ran on SCO Unix. Thankfully our lobbyists were able to kick that can far down the road and cell phones evolved to a point where hands-free was possible on the devices vs. being required on our network. No idea what the official name of that code was. This was in the late 90's and cellphones were a bit more primitive than they are today.
I was responsible for doing switch upgrades in the off peak hours (generally start around 2am). In most cases this was not service interrupting. We injected code written in PLEX [2] live into the switches. To test call routing I would dial 911 to verify it worked, then call coworkers. One time I forgot to apply a U.S. specific code patch that muted the operator override tone to tell you the operator is on your call. That made call quality testing awkward. "Who is that? Is someone on our call?". They would put me up in really shady cheap hotels. One of the hotels in El Cajon had walls so thin you could hear people 4 rooms away. I woke up every day to cops yelling at someone to get on the ground any time I had to go there.
One time a switch upgrade went sideways while I was at the kids basketball game. They escalated to me to fix it. Problem was that the only fix was a full rollback. If I recall correctly, the B-Tree tables were corrupted and most calls were not routing properly to landline. Cell to cell was still functional. I had to reboot an MSC (full reload) from my Nokia-9000. I had to telnet into the gateway then connected via x.25vbis and ran a full reload. Hopefully they have at least moved to ssh by now. So if you were curious, rebooting those mainframes from disk (MFM disks IIRC) took 40 minutes.
SYREI:RANK=RELOAD,REASON="Resume updated"
That took Northern California off the network for 40 minutes. The moment I executed the command, everyone around me stopped ignoring their kids and put their phone away. The problem was resolved when everything finished loading and initializing.
I was also also had the privilege of monitoring one of the first mass-spammers of cell phones in the U.S. I was going to have their SS7 link cut, but my management said "They are paying their bills, keep your nose out of it". Most of the folks loaned out from Orange were our management and leadership team. I did not get along with some of them as some of them openly hated Americans. One of the times they messed with me was paging me to go watch a modem light all night, repeatedly, because. Between the many layers of bureaucracy of telco and the wildly toxic management, I left wireless telco and never looked back. The mostly hired people from the military, probably assuming they would just say "yes sir" to anything. Clearly they did not talk to my former commanders.
I also had to debug cell site issues. Nine times out of ten we would have to either reboot a sector or re-initialize it. In the mean time, bugs would be submitted to Ericsson developers. We had many developers from Sweden on site. I enjoyed working with the folks from Sweden. They had a good sense of humor and knew how to enjoy life. This was impressive considering the vast knowledge of both mainframes and cellsites they were required to have low-level knowledge of.
I know I am leaving out a lot of things, but most of the other experiences you could have at any big company. This is from a long time ago, so apologies in advance if I get a few details wrong. I already corrected one of them thanks to added details from leon1das. Nice to see there are other GSM folks here!
Neat story. Digital comms is an area I’m interested in, but don’t have any real experience in, although I have experimented as a hobbyist before. I recall reading about PLEX a few years back along with some other domain specific language from the ITU that was used for a similar purpose. CHILL, I believe it was[0].
I grew up in the UK, but now live in CA, and Wildfire is the technology I miss the most. The fact that you could summon it during arbitrary calls seemed like far-future tech but it worked incredibly well. I loved the idea that you could store your contact list in the network instead of on the handset so it didn't matter if you got a new handset.
I only worked with GSM. One of our competitors at the time was Sprint and they used CDMA. I did some testing of prototype phones that supported AMPS, TDMA and CDMA, but they attached to their respective networks and used GSM on our network. Most of the prototype phones never saw the light of day.
Most likely based on Nuance Communication ASR. It wasn't "free speech", you had to design a closed grammar tree of all the voice commands using an atrocious file format/language...
> could understand every language and every dialect with zero training
Errrrr.... No. The accuracy was inversely proportional to the size of the grammar tree.
In that case I probably missed out on all of that. She came to us pre-loaded with the ability to understand all of those things. Perhaps from your network? I remember the vendor batch loading a lot of .au files when the servers were first stood up. The test users did not have to do any interactive training with Wildfire.
Not really. We only did a PoC and never moved beyond that. It was a fallback plan if the lobbyists failed, but people seemed quite confident they would not fail. Apparently someone else did the speech training. revised comment above
A related topic... GSM security is better in western nations than other nations:
> Many western countries use the “strong” encryption algorithm A5/1, while other countries are “forced” to rely on the much weaker A5/2. [1]
So in non-western countries breaking GSM security is much cheaper than in the rest. Why would that be? Who would want that and has the ability to exert such force?
So tether the open source running latop internet access over the burner phone and use a VPN to protect your privacy.
> use the “strong” encryption algorithm A5/1, while other countries are “forced” to rely on the much weaker A5/2
Aren't they both equally bad due to being completely broken at this point?
>So in western countries breaking GSM security is much cheaper than in the rest.
You got it the wrong way around: A5/2 is the "export" version used in "non-western countries". The reason for that is crypto export controls which were very fashionable at the time GSM was developed.
> use a VPN to protect your privacy.
This is off-topic, but I'd challenge that as a general recommendation.
> Why would that be? Who would want that and has the ability to exert such force?
Essentially every country ever has desired to have an "unbreakable" cipher for its own use and breakable ciphers for everyone else. Only in the modern era has the general cryptographic security of civilian communications become a concern.
You can't prevent other nations from independently implementing or inventing better ciphers, but in the modern era where only a limited number of vendors implementing a given technology exist, those vendors are constrained by export restrictions in their countries of origin.
Coming from this space, I can tell you that the fear of operators to _maybe_ break 0.1% of their customer's experience is a solid ground to not update.
I have seen these discussions first hand (in Europe, early 2000) where we had to convince super large providers that they should update the crypto (an other issue: the refresh timing of the TIMSIs) and accept that some old (blackberry mainly at that time) devices would not be happy.
Think about the numbers, some of these national providers have 20 million customers and there is nothing more expensive then 200.000 people contacting customer service or even leaving to the other provider since their phone does work there...
I think it had the potential to be, but I'm not sure that it actually was. I have no means to back it up, but I recall that the French were heavily involved in GSM and, well, they liked a lot of zeros in encryption keys...
> but in a way the NSA thought only they knew about?
I doubt the NSA was involved. GSM was developed in Europe. But it was development by committee and strong cryptography background was underrepresented at least. So bad flaws went even into the supposedly strong encryption.
This is brings back very old memories. My first job out of uni was as an SDE at Ericsson and my first job was writing VLR and MSC software for the first GSM networks in the US. My initial project was handling DTMF so if you pressed a number on the phone, my code handed that! Back in the day, prior to the web taking off, many exceptionally talented programmers/hackers worked in telephony. Then the web took off and most left for greener pastures.
So I had this idea that we'd do wardriving to figure out what brands (and perhaps even models) were popular in different regions. We got quite far into this idea before abandoning it.
GSM insecurity was a key enabler. If I remember correctly, at that time it was possible to get at least the IMEI via passive eavesdropping, somehow.
The reason we abandoned this idea: A combination of our inhouse lawyer's opinion plus we realized we could just brute-force it by manually testing thousands of devices with a staff of about 5 manual testers of the proper ability. The most productive person we hired for that role was 60+. She had previously worked as COBOL programmer for a local bank.
I guess this could illustrate a key difference between a bay area company and a nordic company, at the time...