Might be only a bit related, but osmocomBB [1] is a quite complete project that implemented an open baseband library.
It can be installed on a lot of old dumbphones and allows to create a base station and mobile station. Might help you to understand the inner workings of the network protocol quirks.
Back then it was known to be _the_ project to easily build an IMSI catcher, so its scene got a lot of redteamers using it.
There is also an ongoing effort to reverse engineer the usb modem of the pinephone, but afaik it's still a lot of work. [2]
It's my understanding that the FCC and equivalents make it almost impossible for there to be open hardware that connects to the phone network. And any cracks they haven't filled, Qualcomm has NDA'd the documentation for.
Also there are several other companies that have a lock on that thing.
When I worked at QCOM at one point I had access to that the 3g versions. My boss had printed it out. It was about 2 inches thick single spaced double sided. Rumor was the 4g one was double that. Then there was the 'chipset'/serial interface about the same size.
So could you re-write one? Yeah (given the time for it). Never mind the legal tangle that bcom, qcom, marvel, whatever Motorola is these days, Huawei, ZTE, and others have built around it. That would just be the technical. Then getting it onto a real cell network would take a lot of work. You prob could make your own in a unlicensed band though if you stuck inside the power limits. Title I/II determine what people can and can not do with the US networks. Think the current thinking is physical connection you can do quite a bit, but radio it is locked down. But I could be wrong.
I'm no expert in this area, so I'm just going to ask: suppose you implement the entire 4G standard, but alter the used frequencies to a range you can legally transmit on (say, the 2.4GHz or 5.2GHz range), would the technology be different enough that it couldn't be adapted into a real 4g modem by changing the frequency range the device operates at? Is there some inherent technical challenge that makes the technology operate around 1600MHz but not around 2400MHz?
LTE has some advantages over WiFi (i.e. the IoT features, the roaming features, the endpoint management features) so I can see a 2.4GHz LTE network being quite useful in some edge cases. With open technology, private LTE networks can probably serve quite nice business use cases.
Not only is this possible there is actual spectrum dedicated to this kind of purpose https://en.wikipedia.org/wiki/Citizens_Broadband_Radio_Servi... though there are a lot of other rules around it (e.g. some slices can be allocated in a given region to a licensed user but not all of the slices in a region).
This is not only possible, it's already a thing with unmodified hardware. The 900 MHz band is a ham radio band in the US, but it's used for GSM in Europe. That means that you can quite legitimately set up a GSM base station in the US if you have a ham license, as long as you abide by ham radio regulations (which might require some hacks), e.g. you can't turn on encryption and you need to broadcast your callsign periodically. Then most multiband phones will connect to it thinking it's a European GSM network. I can't find it right now, but I watched a talk where someone described doing just that.
900MHz is also used for LTE in Europe, so I'm pretty sure you could do the same thing with 4G/LTE.
The particular bands the cell providers run in were sold to them by the government (or bought from someone else who got them from the gov). If I remember correctly it was mostly the antennas lengths and what the tuner was set to for the chipsets (some being fixed, some being more SDR). Some bought those particular bands because they tend to penetrate buildings better than others.
But yeah if you could keep inside the power levels, and stay in the unlicensed bands, and keep out of trouble with the patent courts you probably could make an LTE network. I would not be surprised if many of the chipsets already could do it. Power levels would be your biggest hurdle for something more than a test network.
FCC has issued guidance for manufacturers to protect against modifications that would break FCC rules. The easiest way to do that is to have a closed-source baseband firmware.
It depends what you mean by 'closed-source'. Yes it's probably impossible to certify a radio baseband that anyone can hack on. It would be possible to manufacture a radio baseband for which all the source code was public and anyone could verify that that source code was running.
But most of the time Quallcomm, Broadcom and the others have an army of lawyers and an absurd amount of money to burn to ensure that your project, life and general existence is ruined, just to protect their bottom line.
The standards themselves are freely available (and extremely difficult to understand) --- just search for 3GPP --- but I think the main problem is spectrum licensing and transmitter approval.
One could be made with the pinephone modem. I believe its running a version of android and people are working on reverse engineering it right now. The chip is a little big for a dongle so you'd end up with something kinda like the OpenModem in your link there.
Some impressing work is indeed being done here on the PinePhone modem: https://github.com/Biktorgj/pinephone_modem_sdk/ (firmware replacement, with a re implementation of many blobs and a mainline linux kernel - I tried and everything seems to work, however the sound is a bit low by default (this can be configured) and the modem is slow to boot)
If the baseband and associate chipsets are isolated on the other side of a USB connection, why not use (any old dongle) and isolate it with some kind of USB "condom" with configurable "firewalling" ?
In fact, I believe I have seen such devices for USB development - a configurable passthrough USB interface that would allow you to control what gets sent over the interface.
That kind of a setup would be much, much easier to develop and safeguard than developing a modem/baseband from the ground up ...
Just curious, what would the advantage of having an "Open 4G USB Dongle" be ? Why not just get a Ublox or similar module ?
Even if it's open you still have to pay usage on the carrier's network.
That's going to be a very long list, but of the top of my head:
1. Much easier repairs since all schematics are known in advance.
2. Price. A lot of the price of the modems comes from licensing fees as others have already noted.
3. Integration. Directly embedding the pcb into your project will be much, much easier.
4. Collaboration. Working together in projects that utilize 4G becomes easier too. Many use cases might get revealed without the original creators intending for them.
5. Security. "More eyeballs on a line of code make bugs run away" and all that jazz.
Only disadvantage might be reverse engineer people might get bored not having enough things to RE :-)
Although a 4G module like a ublox is pretty easy to throw on a PCB, most of those things are just a couple chips inside so it just seems like there's not a lot of repairs other than just swap out the module. I've seem those modules in the $20 range, seems like a lot of work to get around the licensing fees on a $20 module?
I thought that board looked interesting. Looks like a $50 cellular board, includes 500MB of data over 10 years (though with missing fineprint according the the HN thread). Might not be a terrible board to design around. Though adding it to your BOM will make your final retail cost on the order of $450.
Some creative googling got me this, for a different starting point. Looks like it might be a useful project writeup dealing with SDR and connecting to some cellular sources.
I'm not sure how common open SDR hardware is, though some forum threads seem to suggest the Hackrf schematics are here, and are meant to be replicated:
I think one of the big problems is ultimately going to be dealing with phone companies. I think that will ultimately stymie any open efforts in this space, since at the end of the day, you need someone to accept your cellular traffic.
It can be installed on a lot of old dumbphones and allows to create a base station and mobile station. Might help you to understand the inner workings of the network protocol quirks.
Back then it was known to be _the_ project to easily build an IMSI catcher, so its scene got a lot of redteamers using it.
There is also an ongoing effort to reverse engineer the usb modem of the pinephone, but afaik it's still a lot of work. [2]
[1] https://osmocom.org/projects/baseband
[2] https://github.com/Biktorgj/pinephone_modem_sdk