[Simsec] SIM MitM Firewall

Michael Kramer michael.kramer at uni-konstanz.de
Thu Nov 17 13:10:13 CET 2016

Dear SIMSEC Mailing list,

my name is Michael Kramer. Currently I'm working on my Master Thesis in which I want to evaluate the security of SIM cards.

The generell idea is to use a SIMTrace Board from Osmocom to analyze the traffic between the SIM card and the mobile device. Afterwards I want to implement rules to block or modify certain commands e.g. to block silent SMS.

I already got all the hardware working and can now check the traffic. However If I send either a normal or silent SMS to my phone the traffic only consists of four "UPDATE BINARY" commands. I can't find any significant difference between the normal and the silent SMS in these commands. SnoopSnitch however is able to detect the silent SMS. To send those I use the "Ping SMS" app from the appstore on a different phone.

Now I wanted to find more information on how SMS are processed or what exactly the "UPDATE BINARY" commands are doing but I haven't found much information.
So any reference documents or general information would be helpful!

Michael Kramer

More information about the Simsec mailing list