Legal situation

[Mychaela Falconia]

viva astoria <viva.astoria at yandex.ru> wrote:

> Then I have the following impression and question: it seems to me that the
> newly developed firmware is neither information-safer than the original TI
> firmware

When I first read what you just wrote, my thought was what the heck
does "information-safer" mean, but then I see further below that you
are worrying about intentional backdoors and the like in the code.

Because TI is not Qualcomm and never was anything like QC, I personally
consider the possibility of intentional backdoors or spying logic in
their code to be extremely unlikely, and I choose not to worry at all
about that highly unlikely possibility.  If you are worried about such
things, you are more than welcome to audit the code yourself with your
own time or your own money (if you hire someone of your choosing), but
*not mine*.

> (because it contains the same code; previously this code was compiled by TI,
> now it is compiled by FreeCalypso, but the source code is the same)

My FC firmware maintenance work consists of more than mere
recompilation, there is also board-level hardware porting (TI's
original codebase cannot possibly support a board that was conceived
many years after TI closed down that business unit) and minor but
important functional extensions.

There is also an ongoing transition of one major fw component (the
G23M protocol stack) from one TI version to a slightly newer one; the
old version is in binary object form (we have no source for it), the
new one came as C source, but it still has some bugs left to be shaken
out.

> nor legally safer than the original TI firmware? Is that wrong?

It seems to me that what you are really saying without spelling it out
explicitly is that in your eyes FreeCalypso has no value.  If so, then
it is simply not for you, and you are wasting both your time and ours
by flooding our mailing list with your opinions regarding the lack of
value in our work.

I maintain FreeCalypso hardware, firmware and the associated host
tools for my own personal enjoyment, and I make this work available to
others because there are a few other odd people in the world who like
it.  You are clearly not one of those people, hence FOR YOU there is
no value in FreeCalypso, and you are just wasting your time and ours
by subscribing and posting to our list.  It would be better for
everyone if you simply unsubscribe and leave us alone.

> Did FreeCalypso team actually read and inspect the whole parts of code
> written by TI?

The FC team currently has only one software engineer (that's me; the
job of other current team members is to provide emotional support),
and as I said above, I have absolutely no interest in expending
massive amounts of time auditing the code we inherited from TI for
privacy or security concerns, as those are not my areas of interest
at all.

> (This is also one of the reasons why I am asking about the specifications:
> if there are specifications, maybe not in the form of verbal prose, but in
> the form of "this low-level chip command changes chip memory this way, and
> this low-level chip command sends this signal to the actual network",

The "specifications" you are talking about do not exist in any written
form, but they do exist in the brain wetware of OsmocomBB people who
have studied TI's TCS211 firmware (while vehemently denying in public
that they have ever used it), figured out how it does every hardware,
DSP or radio operation of interest to them, and used this mentally
reconstructed knowledge to implement their OsmocomBB layer1.

> and someone is developing firmware with the intent of making it open-source
> from the start,

Those OsmocomBB people have done just that, but their product is not
usable as an end user phone.  If you wish to spend the next several
years putting together an end-user-oriented phone or modem fw on the
basis of OsmocomBB and make it both "information-safe" and legal, I'll
be happy for you, but please note that I will never use your better fw
myself, instead I will always continue using my preferred TI-based fw,
as for me the personal joy of using that fw far exceeds any concerns
about spying backdoors or whatever.

M~