Electronics > RF, Microwave, Ham Radio
Removing cellular RF chip to cut ties to network (Samsung/Android Kernel)
pac_redwood:
Greetings. I'm attempting to do the unthinkable. Cut ties to the cellular network and use my Samsung device as a standalone computing platform without being connected to the BORG. I am guessing that when my Samsung s8 powers-on the radio does a warm boot prior to the Android kernel init boot. I believe the radio in my s8 is a Exynos RF 5511 SOC or similar. Prior to the Android kernel booting the Samsung radio may search for the strongest local signal, registers it's IMEI and retrieve subscription info. This is pure speculation at this point and I'm seeking clarification if you the reader have this knowledge.
What I want to accomplish is removal of the Samsung radio SOC and replace it with a cheap microcontroller (PIC32 or somesuch) that mimics the I/O of the Exynos RF 5511 and ultimately tells all upstream processes that everything is good to launch Android. The Android kernel class TelephonyManager would then be modified on my custom Android kernel to handle missing pieces.
Does anyone here have experience with Samsung s8(or similar) motherboards? What is the boot process and where can I find schematics and data flow for the radio SOC?
Peabody:
Would this be different from just removing the SIM, turning off cellular data, and forgetting all wireless connections?
pac_redwood:
Yes, very different. The plan is a clean slate computing platform with no RF SOC or antenna with later plans for LoRa.
janoc:
Then just buy a board with your desired CPU and don't mess with the phone. There are plenty of cheap ARM SBCs these days.
If you remove the baseband IC the phone will most likely not even boot anymore because that chip often does a lot of other things than just talking to the cell network. And you can't know that without seeing the vendor's documentation.
--- Quote from: pac_redwood on September 28, 2023, 09:46:12 am ---What I want to accomplish is removal of the Samsung radio SOC and replace it with a cheap microcontroller (PIC32 or somesuch) that mimics the I/O of the Exynos RF 5511 and ultimately tells all upstream processes that everything is good to launch Android. The Android kernel class TelephonyManager would then be modified on my custom Android kernel to handle missing pieces.
--- End quote ---
Good luck finding any information about that. It is all proprietary.
--- Quote from: pac_redwood on September 28, 2023, 09:46:12 am ---Does anyone here have experience with Samsung s8(or similar) motherboards? What is the boot process and where can I find schematics and data flow for the radio SOC?
--- End quote ---
Pretty much nowhere, given that this is Samsung's proprietary information. That is certainly not published. You won't get even the chip's datasheet without an NDA, much less any documentation to an actual existing phone.
Infraviolet:
If this is an old phone otherwise destined for scrap, what abou trying to simply remove the antennas or break the traces that lead to then instead? Antenna might make a more obvious target for disconnection than the RF ICs.
Navigation
[0] Message Index
[#] Next page
Go to full version