IKnow
31-07-2004, 06:33 AM
Folks,
Warning: long post....read when you have time. But, I really want Sir Graham's and/or
Simemu to read it.
I have programmed Simemu 5.0 on a silver card (I could not make 6.1 to work: see my
previous post). But I never actually cloned a SIM. One reason for that is I studied GSM
protocol and reached the conclusion that if operators want, they can catch a cloned SIM
very easily. Will they do anything about it? That is another matter.
As posted by some Dutch poster, his operator detected the cloned SIM because of
multiple TMSI requests. I have read Sir Graham's argument that TMSI is dynamic and
operator's won't care about it.....but I beg to differ...here is why:
1. When you get your original (new) SIM and activate it...your actual IMSI is transmitted in
clear text. But after that the ME (phone) and the BS (tower) have negotiated a key, a
TMSI is assigned to your SIM by the operator.
2. The ME actaully stores the TMSI in SIM file. And uses this TMSI for future exchanges.
keeping the original IMSI a secret. The TMSI changes dynamically...but as long as
you are using the same SIM, the TMSI will be in sync with the operator.
3. When you clone a SIM you do not copy the TMSI. And even if you did (along with
the Kc), in no time you will get a new TMSI (on cloned SIM) and your original SIM's
TMSI will be out of sync.
4. So if you plan to use two (or more) ME (phones) only one phone (and it's SIM) will
be in sync with the operator. When you switch on the other phones (even after switching
off rest of them) it will send the network a TMSI which is out-of-sync. And a operator
can easily catch that.
5. There are other issues like simemu does not change ISS-ID when you switch...but
that can be fixed. But I am not sure how TMSI-out-of-sync (tooo) can be fixed.
6. So my conclusion is- if you live a law abiding country and want to clone SIMs so that
you can use multiple phones (even one at a time) think again.
I think simemu is a great program and we should all be thankful to SIMEMU for
writing and maintaining it.
Best regards
-ik
Warning: long post....read when you have time. But, I really want Sir Graham's and/or
Simemu to read it.
I have programmed Simemu 5.0 on a silver card (I could not make 6.1 to work: see my
previous post). But I never actually cloned a SIM. One reason for that is I studied GSM
protocol and reached the conclusion that if operators want, they can catch a cloned SIM
very easily. Will they do anything about it? That is another matter.
As posted by some Dutch poster, his operator detected the cloned SIM because of
multiple TMSI requests. I have read Sir Graham's argument that TMSI is dynamic and
operator's won't care about it.....but I beg to differ...here is why:
1. When you get your original (new) SIM and activate it...your actual IMSI is transmitted in
clear text. But after that the ME (phone) and the BS (tower) have negotiated a key, a
TMSI is assigned to your SIM by the operator.
2. The ME actaully stores the TMSI in SIM file. And uses this TMSI for future exchanges.
keeping the original IMSI a secret. The TMSI changes dynamically...but as long as
you are using the same SIM, the TMSI will be in sync with the operator.
3. When you clone a SIM you do not copy the TMSI. And even if you did (along with
the Kc), in no time you will get a new TMSI (on cloned SIM) and your original SIM's
TMSI will be out of sync.
4. So if you plan to use two (or more) ME (phones) only one phone (and it's SIM) will
be in sync with the operator. When you switch on the other phones (even after switching
off rest of them) it will send the network a TMSI which is out-of-sync. And a operator
can easily catch that.
5. There are other issues like simemu does not change ISS-ID when you switch...but
that can be fixed. But I am not sure how TMSI-out-of-sync (tooo) can be fixed.
6. So my conclusion is- if you live a law abiding country and want to clone SIMs so that
you can use multiple phones (even one at a time) think again.
I think simemu is a great program and we should all be thankful to SIMEMU for
writing and maintaining it.
Best regards
-ik