SIM cards lead lives of their own

I think this is a neat detail of a court job: an mobile network operators (AT&T US in this case) technique to keep track of the IMEI of the previous and current phone using the same SIM card: What is AT&T doing at 1111340002? (July 2021). The trigger being a handset change or firmware update.

All the logic to trigger the sms is in the SIM card, talking to the baseband modem, no host operating system (Android) involved.

He followed up recently with More Proactive SIMs, where at least 5 of the 6 sim cards had some automatism to send packets.

6 Likes

:exploding_head:
Unreal, I had maybe some idea, but it’s so surprising when the details finally come out

@tcecyk this is an excellent find- thanks for sharing. I note from the first link:

The fact that the SIM reports the IMEISV of the phone (and of the previous phone) is a sign that a change of IMEI probably triggers the message. And, sure enough, moving the SIM from one phone to another, exposing the SIM to a new IMEI, does trigger the message.

and:

After the lab work, deposition of an AT&T employee revealed that the only other trigger is a firmware update of the baseband processor.

As to the first item, this is understandable from a network operator’s perspective to verify the device on the network. As to the second item, I would be curious to know if an /e/OS firmware update let’s say from /Q/ 0.18 to 0.19 would update the baseband processor- I would think not, but I am not technically literate enough to make that a declarative statement.

With that said, it does stand to reason that going from /Q/ to /R/ may however update the baseband processor- or perhaps this is the reason behind flashing to stock before installing /R/.

Perhaps someone knowledgeable in this regard could reply when they have a moment? It would be a good data point to have as we collectively review this risk.

1 Like