Was thinking "remote interface" but as I say I am not 100% it was a good while ago, not had any issues with them for a long while.

 

Yeah, this sounds like it could be the case. If I leave the SIM out, I get E 13 (no SIM). On the 1.25 firmware, it was looking for an SMS to be received, so this might be the same thing but with a message being displayed. I'll get the logic analyser on it later and see if it is actually doing anything.

I don't know if the kill is coming from Vodafone or Gemini, I'm not sure it's really possible to tell. But I can use the SIMs for a short period for data before they cut out.

Calm down calm down. He can have webway, Redcare, Emizon, Chrion whatever he wants. I sent him DC because he ASKED for DualCom. When he ASKS for something else then i'll send it to him.

 

#simples

Wouldn't mind having my network tested by a hacking boffin.

 

Yep - I wanted to start on DualCom. I looked at the boards and saw they were quite simple and hadn't changed physically for 10+ years. I also am very new to GSM signalling. I'm also totally in the dark with the encryption, authentication etc. - I'm hoping to find a vulnerability in the architecture or design rather than specific implementation of encryption or anything like that.

Webway have given me enough confidence that the architecture and design of their system is good, so I'd be looking for a very specific issue in implementation on their system.

There are a good few PEN Testing companies

 

Not all pen testers are 'good' though.

 

More specifically, very few are attuned to the needs of our industry or embedded devices / GPRS / GSM comms in general.

Not all pen testers are 'good' though.

 

More specifically, very few are attuned to the needs of our industry or embedded devices / GPRS / GSM comms in general.

 

There are very few that want to do anything if it doesn't involve an Ethernet port or at least embedded Linux. TTL serial, reading EEPROM, custom debug interfaces? Nope.

 

The Dualcom boards are a bit of a pain TBH. The processors (78K0R) are only really supported by Renesas and IAR tools which are both really quirky. The instruction set is really hard work - there are about 90 different MOV instructions - so hand reading it is just a no-go compare to AVR or even x86.

Edited November 13, 201312 yr by cybergibbons

 

.

Quote "Webway have given me enough confidence that the architecture and design of their system is good, so I'd be looking for a very specific issue in implementation on their system."

 

 

Out of interest what was Webways response when you wanted the blueprint to their stuff?

Edited November 13, 201312 yr by matthew.brough

The Dualcom boards are a bit of a pain TBH. The processors (78K0R) are only really supported by Renesas and IAR tools which are both really quirky. The instruction set is really hard work - there are about 90 different MOV instructions - so hand reading it is just a no-go compare to AVR or even x86.

 

So, whats the betting the front door lock is strong but all the important documents are laid out on the kitchen table for all to see?

Out of interest what was Webways response when you wanted the blueprint to their stuff?

 

I suspect we're back to 3am Strepsils again?!

Edited November 13, 201312 yr by datadiffusion

 

 

.

Quote "Webway have given me enough confidence that the architecture and design of their system is good, so I'd be looking for a very specific issue in implementation on their system."

 

 

Out of interest what was Webways response when you wanted the blueprint to their stuff?

 

 

Webway invited me to their premises (as did CSL Dualcom), but also provided me with some detail of what they do and were fine answering question, and weren't aggressive or imposing when I posted an image of one of their boards annotated with some detail. 

So, whats the betting the front door lock is strong but all the important documents are laid out on the kitchen table for all to see?

 

I suspect we're back to 3am Strepsils again?!

 

Well... the socketed EEPROM which has settings generated using CS2364 "Programmer for DualCom GPRS". I can't actually program the EEPROM with this as I don't have the CSL programmer, but the .prm file it generates is easy to interpret and load using a normal EEPROM programmer. I've also read several of the EEPROMs from the board I have and they all seem to use the same password for access to the CSL Dualcom APNs.

 

Is that a problem? Not really sure at the moment. 

Webway invited me to their premises (as did CSL Dualcom),

Maybe CSL wanted you there for a different reason?

Id of thought the apn password must be global.

Not sure really... is there a reason why it should be global?