The "NexDock" (from Nex Computer) already turns your phone into a laptop workstation. Purism chose it as the docking station for their Librem 5 phones. But now Nex is offering its own smartphone "that runs Android 16, launches Debian, and dual-boots into Windows 11," according to the blog It's FOSS: Fourteen years after the first concept video was teased, the NexPhone is here, powered by a Qualcomm QCM6490, which, the keen-eyed among you will remember from the now-discontinued Fairphone 5. By 2026 standards, it's dated hardware, but Nex Computer doesn't seem to be overselling it, as they expect the NexPhone to be a secondary or backup phone, not a flagship contender. The phone includes an Adreno 643 GPU, 12GB of RAM, and 256GB of internal storage that can be expanded up to 512GB via a microSD card. In terms of software, the NexPhone boots into NexOS, a bloatware-free and minimal Android 16 system, with Debian running as an app with GPU acceleration, and Windows 11 being the dual-boot option that requires a restart to access. ["And because the default Windows interface isn't designed for a handheld screen, we built our own Mobile UI from the ground up to make Windows far easier to navigate on a phone," notes a blog post from Nex founder/CEO Emre Kosmaz]. And, before I forget, you can plug the NexPhone into a USB-C or HDMI display, add a keyboard and mouse to transform it into a desktop workstation. There's a camera plus "a comprehensive suite of sensors," according to the article, "that includes a fingerprint scanner, accelerometer, magnetometer, gyroscope, ambient light sensor, and proximity sensor.... "NexPhone is slated for a Q3 2026 release (July-September)..." Back in 2012, explains Nex founder/CEO Emre Kosmaz, "most investors weren't excited about funding new hardware. One VC even told us, 'I don't understand why anyone buys anything other than Apple'..." Over the last decade, we kept building and shipping — six generations of NexDock — helping customers turn phones into laptop-like setups (display + keyboard + trackpad). And now the industry is catching up faster than ever. With Android 16, desktop-style experiences are becoming more native and more mainstream. That momentum is exactly why NexPhone makes sense today... Thank you for being part of this journey. With your support, I hope NexPhone can help move us toward a world where phones truly replace laptops and PCs — more often, more naturally, and for more people.

Read more of this story at Slashdot.

An anonymous reader quotes a report from DroidLife: When the FCC cleared Verizon of its 60-day device unlock policy a week ago, we talked about how the government agency, which is as anti-consumer as it has ever been at the moment, was giving Verizon the power to basically create whatever unlock policy it wanted. We also expected Verizon to make a change to its policies in a hurry and they did not disappoint. Again, the FCC provided them a waiver 7 days ago and they are already starting to update policies. As of this morning, Verizon has implemented a new device unlock policy across its various prepaid brands and I'd imagine their postpaid policy change is right around the corner. Brands like Visible, Total Wireless, Tracfone, and StraightTalk, all have an updated device unlock policy today that extends to 365 days of paid and active service before they'll free your phone from the Verizon network. Starting January 20, Verizon says that devices purchased from their prepaid brands will only be unlocked upon request after 365 days and if you meet several requirements [...]. What exactly is changing here? Well, if you purchased a device from Verizon's value brands previously, they would automatically unlock them after 60 days. Now, you have to wait 365 days, request the unlock because it doesn't happen automatically, and also have active service. [...] The FCC mentioned in their waiver that by allowing Verizon to create whatever unlock policy they wanted that this would "benefit consumers." How does any of this benefit consumers?

Read more of this story at Slashdot.

An anonymous reader quotes a report from U.S. News & World Report: U.S. health officials plan a new study investigating whether radiation from cellphones may affect human health. A spokesperson for the U.S. Department of Health and Human Services (HHS) said the research will examine electromagnetic radiation and possible gaps in current science. The initiative stems from numerous concerns raised by Health Secretary Robert F. Kennedy Jr., who has linked cellphone use to neurological damage and cancer. "The [U.S. Food and Drug Administration] removed webpages with old conclusions about cell phone radiation while HHS undertakes a study on electromagnetic radiation and health research to identify gaps in knowledge, including on new technologies, to ensure safety and efficacy," HHS spokesman Andrew Nixon said. He added that the study was directed in a strategy report from the president's Make America Healthy Again Commission. Some webpages from the FDA and the U.S. Centers for Disease Control and Prevention say current research does not show clear harm from cellphone radiation. The National Cancer Institute, which is part of the National Institutes of Health, says that "evidence to date suggests that cellphone use does not cause brain or other kinds of cancer in humans.".

Read more of this story at Slashdot.

After nearly two decades of touchscreen dominance, QWERTY smartphones are staging a niche comeback, with Clicks and Unihertz unveiling new physical-keyboard phones at CES 2026. Gizmodo reports: At CES 2026, Clicks, the company behind the Clicks keyboard case and the new Power Keyboard, announced plans to sell the Communicator, a "second phone" with a QWERTY keypad. Clicks pitches the $500 phone, launching later this year, as a device primarily intended for messaging -- sending texts, DMs, Slack messages, whatever. The company didn't have a functional unit -- only a mockup dummy to fondle at the show -- but it looked cool enough, even if it'll be a very niche product. It's a cool idea, but how many people will carry a companion phone to their main phone just to shoot off a few DMs? $500 is a lot to ask for that satisfaction. But Clicks isn't the only one trying to bring back QWERTY phones. Unihertz, makers of the really tiny Jelly Android phones and also Tank phones with massive battery capacities, also teased a new phone with a physical keyboard. The Titan 2 Elite seems to be a less gimmicky version of the Titan 2, which itself was a BlackBerry Passport knockoff but with a bizarre square screen on the backside. Look closely, and there are some weird similarities between the Clicks Communicator and the Titan 2 Elite. We don't have dimension specs yet, but the screens seem to have the same rounded corners, and even the hole-punch camera is in the same upper-left corner. The only difference seems to be the keyboards; the Communicator uses individual keys, whereas the Titan 2 Elite's keyboard is more BlackBerry-esque. After digging into the Clicks Communicator's specs, a few other features stood out that Slashdotters might appreciate. There's a dedicated 3.5mm headphone jack, a physical "kill switch" (essentially an alert slider), fingerprint scanner and even a customizable notification LED. The last time we saw a phone with a dedicated notification LED was around 2019!

Read more of this story at Slashdot.

Welcome back, my aspiring cyberwarriors!

New technological developments in recent years has made it possible to build a private cellular network at very low cost. This can be useful to many organizations who place their privacy at a premium such as firms engaged in research and development of intellectual property (IP) or law firms, to name but a few.. You can read here how the Mexican drug cartels built their own private cellular network to evade both law enforcement and competitors snooping.

This article was written by one of our most advanced students, Astra. Astra is an ardent supporter of Ukraine’s freedom and an advanced student of low cost cellular networks.

If you want to learn more about setting up a private 4G LTE network, enroll in our SDR for Hackers: Building a Private 4G Network!

In this article, he will demonstrate how to build your own 4G LTE network!

LTE Networks

The concept of private LTE itself is not new. There are ready-made solutions that allow you to lease frequencies and deploy such network at your enterprise. But, of course, all this equipment is not suitable for a one-time testing experience, so we will launch a network based on SDR.

If in the world of open-source stacks GSM is ruled by Osmocom, then here in 4G LTE the undoubted leader is  srsRAN. This is a completely open-source software that with minimum configuration, allows us to launch this kind of network.

srsRAN can be built from source, but I recommend using DragonOS, which has already been mentioned many times by OTW, where this software is already included in the distribution.

There is also another similar project which is LibreCellular that uses slightly different hardware, but the key concept is the same of srsRAN.

How LTE works

Let’s understand how this network (RAN, Radio Access Network) works.

It is a network that utilizes frequencies more efficiently and provides much faster performance compared to GSM and 3G.

It consists of three key components:

EPC (Evolved Packet Core)

This the operator’s core network. Its main component is the MME (Mobility Management Unit), through which all signaling traffic from UEs (User Equipment) passes. This node is responsible for service transfer, calling, authentication and many other operations. Its other parts are the billing service and gateways (service and packet), which provide data exchange between parts of the network and other networks. Connected to the core network is the HSS (Home Subscriber Server), a secure database where encryption keys and subscriber information are stored. In a GSM network, the role of this node is played by the home register (HLR).

eNBs (eNodeB).

These are the base stations. LTE operates in a wide range of frequencies, from 450 to 2600 MHz. Their use varies from country to country, as some of these frequencies are already reserved for something else. Like GSM, there are channel numbers here too – the E-UTRA Absolute Radio Frequency Channel Number (EARFCN).

The whole spectrum of frequencies is divided into broad sections (LTE bands), the choice of which differs from country to country.

UE (User Equipment).

These are the devices that connect to the network such as phones and modems.

What does it take to get your own LTE network up and running?

In order to reproduce everything that I will be describing below, you will require some specific hardware and specific configuration.

For this test you will need:

1)      A Linux and a Windows machine.

2)      A full duplex SDR with proper antennas. B210, BladeRF, and LimeSDR are suitable.

3)      A sim card reader

4)      Programmable LTE USIM cards

5)      An android smartphone

Let’s start 

Boot into DragonOS and plug in the SDR.

Navigate to the /etc/srsran folder.

dragonos> cd /etc/srsan

You’ll find the configuration files there.

dragonos > ls -l

In the enb.conf file we will modify two parameters: MCC and MNC

These parameters are identical to those used in GSM networks – they are country code and network code. Normally, we should use some arbitrary values, but the problem is that most phones refuse to work when they see strange values for network. That’s why we need to specify the MCC of the country you live in or use the 999, which is the value for private enterprise networks. With regards the network code (MNC) make sure to set one that doesn’t belong to any operator working in your country.

[enb]

enb_id = 0x19B

mcc = 999

mnc = 01

mme_addr = 127.0.1.100

gtp_bind_addr = 127.0.1.1

s1c_bind_addr = 127.0.1.1

s1c_bind_port = 0

n_prb = 50

#tm = 4

#nof_ports = 2

 

Then, modify the epc.conf file in the same way:

 

[mme]

mme_code = 0x1a

mme_group = 0x0001

tac = 0x0007

mcc = 999

mnc = 01

mme_bind_addr = 127.0.1.100

apn = srsapn

dns_addr = 8.8.8.8

encryption_algo = EEA0

integrity_algo = EIA1

paging_timer = 2

request_imeisv = false

lac = 0x0006

full_net_name = astra00011

short_net_name = astra00011

 

Now in two separate terminals, run first sudo srsepc and then sudo srsenb.

Next, take your phone and go to search for networks manually. If we are lucky we’ll see a network, depending on which values you set, starting with 99913. If we try to connect to this network, we will surely fail – the phone will connect a bit and then give a sad “No service”.

It’s all about authentication. That is what we are going to deal with now.

Fire up a windows machine and plug in the sim card reader. Insert a blank sim into the reader.

I am using a non open source software to read/write on sims. There are other options such as pysim.

Once the sim card is read, we can proceed writing the required parameters.

The key parameters required by srsRAN are the IMSI, KI and OPC.

The first field to fill in is to write value for ICCID. The ICCID number should be a unique 19 digit identifier for the SIM card itself. It should composed by the following:

 

Field	Description	Example
Major Industry Identifier	Always set 89 for telecommunication purposes	89
Country Code	2 or 3 digit country code as defined by by ITU-T recommendation E.164.	01
Issuer Identifier	1 to 4 digits. Usually the MNC code.	23
Individual Account Identifier	Variable account identification number.	000000000001

Next we need to generate an IMSI (international mobile subscriber identity) number. This 15 digit number is used to uniquely identifier each user of a cellular network.

Field	Description	Example
MCC	Mobile Country Code	999
MNC	Mobile Network Code	23
Individual Account Identifier	Account identifier (usually the same as the one in the ICCID but chopped here to stay in the 15 digit limit)	0000000001

Next step is to generate the KI value (subscriber key), which is known only by the subscriber and network and used to authenticate the device on the network. We also need to generate a OPC (operator code derived) value.

I used the following script to generate 128-bit values for both Ki and OPC:

Then fill in the last parameters which consists of:

PLMNwAct: A user-managed list of preferred Public Land Mobile Networks (PLMNs) ranked by priority, along with the corresponding access technologies (2G/3G/4G/5G, etc.).

OPLMNwAct: An operator-controlled version of the user-preferred PLMN list mentioned above.

HPLMNwAct: The Home PLMN, including the specified access technology, identifies the network associated with the subscriber’s identity, represented as a combination of Mobile Country Code (MCC) and Mobile Network Code (MNC) with the access technology included.

 EHPLMN: A list of Equivalent Home PLMNs. Networks in this list are treated as equivalent to the home network, meaning the device won’t consider itself roaming when connected to them. This field can be useful, for example, when operators merge, allowing each to include the other’s

PLMN in this list (though the original source for this suggestion could not be verified).

FPLMN: A list of forbidden PLMNs that the device should not automatically attempt to register with. This can be used to avoid all specified local public mobile networks.

If everything was correctly set up, once you insert your programmed sim card in your smartphone, you should be able to see something like this in the network parameters:

Notice that we still don’t have any mobile connection (top right corner icon)

Lastly, we need to choose the radio frequency for transmission and reception, which is conveniently represented by an EARFCN (Evolved-UTRA Absolute Radio Frequency Number). srsRAN supports exclusively FDD (Frequency Division Duplexing), where the mobile device’s downlink and uplink operate on separate frequencies. By specifying the downlink EARFCN, srsRAN can determine the corresponding downlink frequency. This can be done in the /etc/srsran configuration folder in the rr.conf file.

The final step to complete the whole configuration is to edit the user_data.csv file. This file includes the SIM card identity that we previously configured. This file is utilized by the Home Subscriber Service (HSS). The information programmed into the SIM cards is now necessary for operation.

Keep in mind that srsRAN does not support calls and SMS, only internet connectivity. Calls are possible with VoLTE, but this involves additional components such as the IP Multimedia Subsystem (IMS) that srsRAN does not natively include.

Now’s the time to raise our 4G LTE network:

In two separate terminals type:

>sudo srsepc

followed by

sudo srsenb

Success! We have our own private 4G LTE network!

Summary

It is now possible to create your own 4G LTE network with low cost components and a bit of expertise! These networks can be invaluable to those who place a high priority upon privacy and confidentiality. This is key in a era where competitors or nation state actors may be inside your mobile carrier’s system.

To learn more about SDR (Signals Intelligence), join our SDR (Signals Intelligence) program or our Subscriber Pro training package. Look for our SDR (Signals Intelligence) for Hackers for Mobile Systems, June 9-11.