Related
Hi,
I need to read CellID and RxLev by my program. I have no idea how to do this. Could anyone to help me? Thanks
Unfortunately it's not been implemented by HTC, so the simple answer is no. You could try and use the SMS system directly through RIL, although because Cell based positioning is quite a hot topic and nobody has yet done it, I'd guess it't not possible.
Anybody know if XDAII has a working API for this?
Just use tracelogger, pwd is htc, choose MMI + Event then run the tracelogviewer provided by the XDA developers site you'll get your CID and rx Level
andyclap said:
Unfortunately it's not been implemented by HTC, so the simple answer is no.
Click to expand...
Click to collapse
This is I would guess why RIL_GetCellTowerInfo always returns 0x80004001, which I belive means not implemented. (XDA I) But I might be using the wrong call... ??
If this information is available on the XDA II, then there must be programmatically a way through RIL, so either I am using the wrong call, or RIL has been fixed, or something else I haven't thought of... Any ideas?
Ben.
Yeah, it would be great if the XDAII supported this (Cell based min-GPS!), so does anybody know for definite the scope of the new RIL on the XDAII?
andyclap said:
Cell based min-GPS
Click to expand...
Click to collapse
You read my mind!
I think this might be why this information is so hard to find. This data, once calibrated (which using, say, TomTom, would not be hard) is a considerable asset, to which the various phone companies are trying to protect. Which sounds like a challange to me...
Ben
Yeah - O2 at least are marketing this info as a developer program, with a lookup charge "from 5p per lookup". What a bargain, considering the device already has the information (though it really applies to mobile phones that don't have SDK access).
Don't they realise that if they helped us create an app for them to do this and, say, link to multimap.com, it'd be a killer app and they'd sell hundreds more XDAs.
Good idea. They would get the GPRS service charge for the multimap lookup as well. Although I think the cell id is too course. But some part of the phone knows far more accuratelly where it is, so that it knows when to change cell. Although this is not yet an area I know much about.
I belive, if you jump through enough hoops, O2 gives grants for programms which enhance the XDA, there's a project for somebody.... If anybody can work out how to get the s***ding cell id out of the XDA
ben
Yeah - O2 at least are marketing this info as a developer program, with a lookup charge "from 5p per lookup". What a bargain, considering the device already has the information (though it really applies to mobile phones that don't have SDK access).
Don't they realise that if they helped us create an app for them to do this and, say, link to multimap.com, it'd be a killer app and they'd sell hundreds more XDAs.
Click to expand...
Click to collapse
The idea of the Location APi is not as good as what we want. The idea is that an office queries O2 servers for the cell location of the target unit, for which they charge the office (end-user). O2 are looking for software solutions that draw on this to provide added content so that some poor sap carries on paying 5p a hit to get back the rough cell based location of a unit. Bloody expensive as a tracker or SatNav. Might as well just stick a GPS unit on the back & send that data back via GPRS - cheaper!
O2 actually have a website with the info on their cell sites on it BUT they have 8500 of them at least, so getting all that info out is a hard task.
Site is Here
We need to crack getting Cell ID, Signal Strength, Nearest Other Towers, Nearest OT Signal Strength + I daresay a few more before applying that to a database, after which we could probably have a device that told us our position to within 100m, which we could then send back via GPRS, thus not allowing the network to charge 5p a hit.
That's why the Cell Location database is not available - they stand to make/lose too much revenue.
Wonder how much the database is worth?
It wouldn't be too difficult to scrape the site - while it gives no true positional information, it can return a list of cell towers within a radius (upto 5km ish) of a known tower, with their distance: we could triangulate three sets of this information to get the real locations of towers. Once these locations are known, we can recursively triangulate from them to eventually get all the data for the UK at least.
But, the main thing to do, as you say, is to find a programmatic way of getting the current cellId, signal strength, and preferably as much information about other local towers too to further refine the result.
Hmmm, just thought - as the XDA developers here are "jolly nice and clever people", they have supplied the source to tracelogview. It wouldn't be too difficult to modify this to scan for tower information messages and do the appropriate things. It just means that the users have to enable tracelog manually, though perhaps we could send some keyboard messages to start it up and enter the password. It's hacky, but it just might work!
Might have a go at this tomorrow!
Overview of Location APi as offered by O2 - taken from Source02 website
The first of our APIs to be delivered is the Location API which has been developed by our partner Redknee.
The service enables you to create and sell innovative new applications and services based on a mobile phone user's location.
The O2 service is charged from 5p a lookup and provides the longitude and latitude co-ordinates of the centre of the cell site sector the phone is located within. Cell sites are typically split into three sectors and range in size from several hundred metres in urban areas up to 15 kilometres in more remote regions.
Third parties are able to develop location-enabled applications utilising real time location data from the O2 UK network. Application owners will have the opportunity to validate their applications in a test environment prior to connecting to the live O2 UK network. Location information will only be passed to third parties who have a contract with O2 and have the consent of the end user to determine his/her location.
Click to expand...
Click to collapse
I may be wrong, but...
I belive the telco and the phone have a different idea of where the device is, as they plot the position of the device using different mechanisms and for different uses. They use this when they have to contact a phone to send an incomming call. This application is making use of the telco's permanent database of the location of all their devices. This is easy money for the telco.
We do not have access to this data, and the positional information we can get will be in a different format, accept for the Cell ID. We will have to infer the position of the XDA from RIL, TAPI, AT, using the data listed in previous postings. As was suggested, getting an idea of the strength of local transmitters, and calculating a position. Which in it's self may be a real challange, as there is not likelly to be a linear relationship between the strength of the transmitter and the distance to it.
It may be likelly that the cell size (~200m, -> ~15km) is the nearest we'll ever get. I note that people in Dover very often get routed through transmitters in France due to the cliffs on the coast of England. In this case, any meaningful positional data is getting more unlikelly.
PS, can any kind person with an XDAII tell me whether the RILL call:
HRESULT RIL_GetCellTowerInfo(HRIL hRil);
Returns something other than 80004001?
Ben
PS, can any kind person with an XDAII tell me whether the RILL call:
HRESULT RIL_GetCellTowerInfo(HRIL hRil);
Returns something other than 80004001?
Click to expand...
Click to collapse
Unfortunatelly this still returns '80004001 Unsupported' on XDA II.
But the RIL_GetSignalQuality does return valid data when connected to GPRS, unlike XDA I, so some things are getting better...
Ben
Hi all,
i just saw a programm that uses the cell ID and convert this one °, but it just works with received data from any handy via Irda or cable.
So if u want to take a look visit (german site):
http://www.wolfgang-back.com/navigauss.php
That works but it would be the first way, to use the XDA cellID instead of external data...perhaps any idea on this?
With greetings from germany
Harry
Cell ID
Guys u can get the cell id using java.
The cell ID is memorized in the sim card and the mobile phone compares always whether the CID he is receiving from the signal, is the same one memorized in the sim card.
If yes the mobile does nothing. If not the mobile phone updates the CID in the sim card. this is done almost every 5 seconds.
Now we need the API !!! and maybe the AID of the sim applet. :roll:
Once more,
could the following be a walkable way?:
1. cell-Id could be shown (tracelog and traceview says how)
2. If that is fact, then it is with calculating gauss-to- longitude/latidude (visit www.nobbi.com) makable to view the actually position.
3. The last step it would be, to bring Information like longitude/latidude in ° to the standard gps-format (it is known or free i think) and send it via comm1 to all navigation-software.
4. So if this all is nonsens tell me because i am not really a programmer ( my code would be as fine as my english is :-((
bye Harry
Hiwi said:
1. cell-Id could be shown (tracelog and traceview says how)
Click to expand...
Click to collapse
That's right, but cell id says nothing about position.
2. If that is fact, then it is with calculating gauss-to- longitude/latidude (visit www.nobbi.com) makable to view the actually position.
Click to expand...
Click to collapse
see comment 1. Only O2 Germany transmits GK/coordinates over Cell Broadcast....
3. The last step it would be, to bring Information like longitude/latidude in ° to the standard gps-format (it is known or free i think) and send it via comm1 to all navigation-software.
Click to expand...
Click to collapse
If 1. and 2. would be possible this is still a problem since most (all) GPS-Software only accept input from COM-Port (you have to emulate a COM-Port ... not trivial)
4. So if this all is nonsens tell me because i am not really a programmer ( my code would be as fine as my english is :-((
Click to expand...
Click to collapse
:wink:
John
Having written a DLL to get the CellID from the XDA, and then comparing the result with the O2 cell tower map info as described by 'Puff the Magic Wagon' on Nov 4, I find there is a discrepancy of 10000
e.g. in a clients office in Blackburn
Cell ID returned = 3AAF( Hex) = 15023 (Dec)
From www.webmap.o2.co.uk Higher Audley Cell = 5023
This seems to be the case for all cells I have tried.
There also seems to be some Cell ID's which I cannot reconcile with the o2 map results.
mjgermain
The problem you've encountered arrises from the fact that there are more than 9999 CSR (Cell Site References) that are registered with the RA.
O2 identify cells in the following way.
AXXXX
Where A = the direction the transmitter is facing (directional transmitters)
(roughly)
1=North
2=South East
3=West
then 4, 5, 6 & sometimes 7, 8, 9 depending on how many transmitters on the aerial - always in 3s
So in your example 1XXXX, the transmitter is facing north (so should be to the south of you) but depending on that aerial (yours only has 3)
We then get to the XXXX
I believe that CSRs are allocated by the government and are a 5 figure number. Therefore CSRs upto 9999 are able to be placed quite simply.
15023 is correct.
However, what happens when transmitter number 10001 comes along? According to O2 numbering system, that 0001 number is already allocated. So they have to use another method of identifying cells.
Somewhere else in the country there might be transmitter that IDs as 15023 :shock: :?
So having a database of CellIDs and transmitter numbers is not all that is needed, the additional "identifier" is required and together that gives the CSR which has a lat/long applied to it.
The identifier is the LAC or Local Area Code
So AXXXX + LAC = CSR
There are still a few anomolies in this as well it would seem. Fill-in transmitters and "private" or "mini" transmitters the likely cause.
I had access to the O2 CellID db when I was last working & we were able to create a basic Cell tracking system, but the company went titsup.com before we were able to factor in LAC and signal strength etc.
Does your program work on XDA2?
I was watching the idiot box the other day and it indicated that due to the 911 phone issue and requirement, all mobile phones were required to be able to be located to an address when calling 911, and thus all phones were required to have GPS unit installed, is this correct?
If that is so, are these phones illegal in the US as they dont have one, or do they have one and we dont know about it?
In the UK it is possible to track a mobile phone, and is done with 999 call in certain circumstances a number of ways. But I don't believe they use GPS in any of them yet. the main way is to tri-anglated (spelt sommit like that!) where the signal came from, which pin-points it to a faily small, but not perfect, radius.
The US are normally slightly more advanced with that sort of thing, but probably use a similar system.
Sorry, I just read your post again, the located to an address might be what we in UK do as a Subscriber Check, which is how we locate the owners of mobile phones in the police in UK. It can only be done in certain circumstances again, due to human rights, data protections, etc etc. But does not locate where the phone is when the signal was made, instead informs us who owns and registered the phone, and to what address.
Great if the phone is a contract phone.... But with PAYG it's not always that simple... you can pick these up anywhere now, and some people don't bother registering them...
When you use your mobile phone it can usually communicate with more than 1 base station & pick the nearest, it will also identify which transmitter on the base station has the strongest signal. You may also move between base stations as signal strength varies.
This information along with the amount of time to send & receive a signal can be used to identify the location of the mobile.
If the mobile can only see 1 base station it can be used to identify the location of the mobile in relation to the base station along with the distance.
If it can see 2 or more base stations it can be used to triangulate location.
Hope this helps.
Mike
Operators are required to upgrade their networks to support E911 service and have (I seem to remember) until November 2006 to complete said upgrade. There is presently no provision requiring individual handsets to provide GPS coordinates - or any other location-indicating function. There are several initiatives being explored that, if they come to fruition, would require location-reporting functions to be an integral part of new handsets.
Many of the dumb phones (Motorola etc) do already have some kind of GPS receiver, mostly AGPS (Assisted GPS) where the mobile network provides time, ephemeris and almanach, and the receiver only needs to listen to the sat time.
But only the HP iPAQ 6515 and 6915 have a similar chip at the moment, other smartphones or Pocket PC phones (like the Universal) don't have it. With all the hype around LBS it won't take long, maybe two or three generations of devices, until this is standard anyhow.
The E911 compliance has been delayed over and over again, and will be delayed through november. To cite the late Douglas Adams "I like deadlines, especially the swooshing sound they make when they pass by."
I am particularly interested in the wizard, however on a fundamental level WM will most likely operate the same across most models in respect to this issue (or at least that is the theory).
I realize that most GSM boards have processors on them which do things like channel syncing (which is fairly time sensitive since its tdma&fdma), a5, gsm framing, and all that. You more or less connect a sim, speaker and mic, and treat the gsm rf board as a black box.
I am hoping that somewhere someone has unearthed something that allows more direct control over the gsm board on these phones. I am aware of engineering mode, however that is not quite what I wanted.
I would like to be able to at the very least set the call parameters before a call goes out. For example, lets say that I want to disable A5, sinec there are 3 standard levels one being no encryption, and the tower and the phone negotiate and agree upon the highest common, something in the phone somewhere has to say that it supports encryption.
I am just uncertain if all that is burried away in a 'black box' somewhere and its not a software problem from within WM.
If anyone has any ideas I would greatly appreciate it, even if they are pointers to research material that may help me out a bit.
On WinMobile GSM part is isolated from the windows part, like in normal PCs modem hardware is isolated from mainboard. GSM part has its own CPU, RAM, ROM, operating system, and communicates with Windows via COM-port (or USB port in Universal). For example Universal has Qualcomm MSM6250 chip with some proprietary OS. HTC Himalaya had a different chip (I don't remember it now), and OS was based on nucleus RTOS. Anextek SP200 communicator had Siemens MC45 modem inside.
GSM hardware is a black box for WinMobile OS. MS specifies only some recomendations for OEMs, and controlling encryption is not among them. You can control it if GSM vendor supports some AT command, or some other proprietary method (maybe via dev_specific RIL command).
In the case of Universal, its GSM can be controlled from a PC with the usual Qualcomm diagnostic software (QXDM, QPST, etc), when you setup the device as a pass-through bridge between PC and GSM module. But I don't know any methods of doing the same from inside WinMobile.
mamaich said:
GSM hardware is a black box for WinMobile OS.
...
You can control it if GSM vendor supports some AT command, or some other proprietary method (maybe via dev_specific RIL command).
In the case of Universal, its GSM can be controlled from a PC with the usual Qualcomm diagnostic software (QXDM, QPST, etc), when you setup the device as a pass-through bridge between PC and GSM module. But I don't know any methods of doing the same from inside WinMobile.
Click to expand...
Click to collapse
That is what I was afraid of. Most of the GSM radio boards (or individual chips) are set up to act that way, and since its faster and cheaper I really dont know of anyone that hasnt done that in any phone that was made in the last few years.
At any rate, is there any documentation that discusses how to locate which com port or other method is used to access the GSM device within a wizard (or any other htc model, odds are many of them are similar, if not identical with this subcomponent).
Are there any known AT commands? my first project is to write something similar to the gsm engineer mode program, obtaining BTS information. I am unsure if this is obtained only via AT commands or if its something more involved, but welcome any information on this.
Found what appears the be half the answer at http://wiki.xda-developers.com/index.php?pagename=RIL While that gives me access to the radio for some stuff (location data app that can work with gsmloc.org for example) it does not appear to enable me to set any parameters for a new call.
So if anyone knows of any tricks that would help say for example disable a5 crypto (on a per call basis idealy) or something similar to the setup of a call I would still appreciate hearing about that.
I know that Typhoon ( spv c500 / i-mate sp3 /Dopod 565) memory block with gsm info data. I am trying to find it in Magican - but no results. I dont know how Typhoon place this info in mem.
Cellid is coming soon ina new release
Enjoy and Merry Xmas
Thanks so much for that austin_boy!!!
Thanks!!!
Dan
austin_boy said:
Cellid is coming soon ina new release
Click to expand...
Click to collapse
It would be useful f it'd show CellIDs for neighbour towers as well!
it will show the cell ids in the next release
Austin_Boy - GOOD JOB
I am T-Mobile user in USA and there is some discripences in user manual and real values.
Item 36 and 37 in User Manual (RLC: Uplink coding Scheme and RLC: Downlink coding Scheme) I have read-outs like this
0 - CS1 - same
8 - MCS4 - different - supposed to be MCS5
9 - MCS5 - different - supposed to be MCS6
12 - MCS8 - different - supposed to be MCS9
This is in EDGE network in NYC area. I use FieldTest_157.
May you check it out? Thank you.
Pawlisko said:
Austin_Boy - GOOD JOB
I am T-Mobile user in USA and there is some discripences in user manual and real values.
Item 36 and 37 in User Manual (RLC: Uplink coding Scheme and RLC: Downlink coding Scheme) I have read-outs like this
0 - CS1 - same
8 - MCS4 - different - supposed to be MCS5
9 - MCS5 - different - supposed to be MCS6
12 - MCS8 - different - supposed to be MCS9
This is in EDGE network in NYC area. I use FieldTest_157.
May you check it out? Thank you.
Click to expand...
Click to collapse
Can we monitor the handover process via this field test? If yes, what's the parameter for WCDMA and GSM? Pof, thank you very much for the SuperCID thingy...
tr4657 - What do you mean handover in WCDMA? It does not work this way.
In CDMA as long as WCDMA you may might be served by few NodeB's. In FieldTest in WCDMA group you have field Num3GServing which will tell you how many NodeB are serving you. From 1 to 3 at the same time. Items 154-157. Item 146 shows if handset are communicating with NodeB.
In GSM you will be able to see handover when Cell-ID field will be introduced. But only on the time of handover.
Hope that answer you question
Pawlisko said:
tr4657 - What do you mean handover in WCDMA? It does not work this way.
In CDMA as long as WCDMA you may might be served by few NodeB's. In FieldTest in WCDMA group you have field Num3GServing which will tell you how many NodeB are serving you. From 1 to 3 at the same time. Items 154-157. Item 146 shows if handset are communicating with NodeB.
In GSM you will be able to see handover when Cell-ID field will be introduced. But only on the time of handover.
Hope that answer you question
Click to expand...
Click to collapse
OK. Half of my question was answered. Thanks. But I was searching for handover timing and occurences when travelling from point A to point B... I guess I need Nokia Net Monitor to do it.... Huhuhuhi... Sad...
tr4657 - In Nokia Net Monitor you mean Display 41 and 42? If yes - you have to speak with austin_boy thou I think it is not possible that way.
Field test is live program, and you probably need that program to be resident to constantly monitor network parameters and save them.
Nokia NetMon is good, thou to beter monitor networks you need commercial programs, PCMCIA card and laptop to save your findings. Problem with software because it is very expensive (ca. 10k USD).
CDMA and WCDMA work in very different way than GSM. GSM is constant checking due to its nature (TDMA - uses Time, Slots in Cells, Coverage is fixed, only connected to one Slot in BTS, than handoff[handover] to different Slot etc). CDMA is very different (CDMA - uses Code, Cells does not have Slots, Coverage is changing due to workload) that is why it is event driven.
Back to your question - you need better software, for most of us Field_Test is enough - Nokia NetMon is good but also not good enough. If you need more - 10k USD and professional software will give you everything. Almost everything - you need somebody in NMC to cooperate with you for all data.
Thanks for the info. By saying I need a special program; does the program then needs it's own monitoring hardware? I sometimes came across several sites offering the specific hardware to measure all the parameters of Cellular Network including UMTS/CDMA... BTW, what is the name of the software?
tr4657 - I do not have answer for you about software name. I have it somewhere in my private newsgrups but will take time to find it.
I know that there is special software installed in SonyEricsson's, Nokia's and Motorola's handset. This software is very rare, part of selled network infrastructure. Other software is PC based. Usualy you have to have PCMCIA card with special drivers, which allows direct hardware monitoring.
Never heard of software for PPC thou probably it is developed.
Data logging
Can anyone think of a way to log the data from field test at regular intervals eg for mapping reception of an area?
Cell ID Vaule
I have installed this app on my Hermes device. Looks to be working largely OK, but No Cell ID in the AMR section. Any idea ??
Other Devices
Next question - will the application work on any other devices (namely the HTC Artemis). Many Thanks
ace10 said:
I have installed this app on my Hermes device. Looks to be working largely OK, but No Cell ID in the AMR section. Any idea ??
Click to expand...
Click to collapse
You need to pick up 2g signal, if your signal is 3g AMR will not work. Force 2g in band selection.
ace10 said:
Next question - will the application work on any other devices (namely the HTC Artemis). Many Thanks
Click to expand...
Click to collapse
Is for hermes only.
Cell ID's
vijovame said:
You need to pick up 2g signal, if your signal is 3g AMR will not work. Force 2g in band selection.
Click to expand...
Click to collapse
I definately have no 3G signal here - but cell id field was missing from that section..
I'm trying to create a program similar to fieldtest for network diagnostics and troubleshooting for customers on the NextG network which uses 850MHz HSDPA technology. The program must read signal strength and local/neighbouring cell id and then log the data along with some gps info. I'm using an imate jasjam. I guess that the values given in field test are accessed via the RIL? It would be nice to get a copy of the source code for this program so I could see what is happening...
gunrum44 said:
I'm trying to create a program similar to fieldtest for network diagnostics and troubleshooting for customers on the NextG network which uses 850MHz HSDPA technology. The program must read signal strength and local/neighbouring cell id and then log the data along with some gps info. I'm using an imate jasjam. I guess that the values given in field test are accessed via the RIL? It would be nice to get a copy of the source code for this program so I could see what is happening...
Click to expand...
Click to collapse
Will be great. Where is NextG?
I keep reading about problems with the radio not being compatible because the rogers radio is somehow different. What exactly is the radio? I'm betting it doesn't mean my phone will tune in to AM/FM stations....unless it does and makes me love my phone even more...lol
basically the phone radio controls your reception, with a newer radio you will usually get a better reception quality as well as GPS fix is faster.
the radio also controls how fast the camera is and a little bit of the quality(i don't know why i just know it's true
XwXDv8XwX said:
I keep reading about problems with the radio not being compatible because the rogers radio is somehow different. What exactly is the radio? I'm betting it doesn't mean my phone will tune in to AM/FM stations....unless it does and makes me love my phone even more...lol
Click to expand...
Click to collapse
In the context of phone hacking/hardware, the "radio" refers to the part of the phone which communicates with cellular towers. It is so named because the communication is done via radio waves. Specifically when people talk of flashing the radio, they are referring to the baseband processor. In most modern (2G and up) mobile phones, there are actually two processors. One is the application processor, which does all the work involving the operating system and apps. The other is the baseband processor, which actually deals with the GSM or WCDMA air interface (its a lot more complex than just broadcasting ones and zeros into the air).
Why would they use two processors instead of one? There are two main reasons. The first is that in order for cell networks to function properly, timing is key. For example, in the GSM system, each frequency is divided up into several time slots (TDMA means Time Division Multiple Access). The length of these slots are counted in the milliseconds. If a phone starts transmitting just a couple of milliseconds too late, it will overlap into the adjacent time slot and corrupt both its own and the neighboring transmission. Now, have you ever had your phone lag up because it was doing something complex? If the GSM stack ran on the same processor as the application stack, any system lagging introduced by the os/apps could cause the GSM connection to be unstable. The other reason is security. Especially in the age of smartphones, users are able to run code that may not be verified as secure. Separating the two functions prevents malicious code from tampering with the radio operations.
Note however that there are some flavors of Symbian which CAN run both the applications and baseband on the same processor. These are called real-time flavors of Symbian, so noted because the processor will always execute the baseband in real-time, regardless of how high apps are prioritized. This solves the timing problem, but other techniques have to be employed to add additional security.