Touche'

at 31:56 it says "Shadysim" although i think it's a name of an app they made for it or part of a script

@Tntmod54321 you clearly, clearly didn't get the original comment. WAY over your head.

is it the real simshady?

What?

yup what happened to me was i was learning about the art of hacking and programming, Then i saw that defcon had some ted talk type shit and was like, oh dis gonna be some good shit and you were hours down the hole, i am weeks down dis hole

Got here via Jason Scott talks... learning ALL the things now!

This is me right now. 4 to go on my Watch Later, haha

same here checks date 2013 the fuck I have been missing out

d1rksta same. Been watching these for 10 hours not got a clue what they're talking about tbh but it's clever as fuck.

an* do you also think your HDD or SSD is just a spinning plate or flash cell? (not meant too offensive but this is obvious)

@@chrissxMedia Necroposting while being an asshole. Nice.

Yes, it's likely an arm-m0 with 8-16K of ram with a serial interface and some non-volatile memory. Possibly the A3/A5 crypto and whatever crypto I'm potentially missing about UMTS and LTE might be in there in hardware as well. That's all it is. It has an ISO protocol for talking to it, bits send over a serial line and messages are along the lines of CLA INS LEN P1 P2. CLA and INS are class and instruction. Some instructions are even standardized like those to do with files, SELECT FILE, APPEND FILE etc. Files are not huge btw. There are a few bytes long maybe 512-1024 bytes max because the flash will be maybe anything from 8-32K. The smartcard OS firmware will usually observe wear levelling especially for files that get updated a lot. Without knowing too much I'll bet you have to access the GSM application by authenticating against a file using PIN1. Then you can use the instruction to calculate the reply to A3 crypto challenges. And then there are also ways to add your own SIM Toolkit applications. So you see, it's not at all just a piece of "dumb" flash memory. It definitely can do a hell of a lot more than your first home computer if you had one. Only the RAM is lots less, usually around 1-8K.

I find it crazy to think that inside this tiny tiny chip there's a whole computer with better specs than a freaking NES (Nintendo). (Minus a few things like the GPU... I know...)

If it was only a simple EEPROM it would be so easy to clone. The reason you need a CPU inside is because that way the private keys never leave the SIM, but the phone simply sends commands to the SIM that computes the required cryptographic functions giving back the result, without the phone knowing the secret keys. That is the principle of operation of all smart cards (a SIM is just one of them), like the one in your credit card or your pay TV card.

what is sim apt?

@@busteraycan I second this

Lol I was thinking this comment was out of date then I realized it was from 3 years ago and realized the video was way out of date.

@@TheOnlySolipsist I was thinking this comment to a comment was out of date. Any of you guys still alive?

@@CrazyMineCuberthey are all in jail. Glowies got them

and fools actually believe such technology managed communications between the earth and the moon....

Tzisorey Tigerwuf Yeah I barely understand this stuff but I get it somebody could sneak something in that could be really powerful for them and damaging to you, stingray baby you’ve beenyou been Zucked!

Yeah, probably a really good way for intelligence service to set up a wiretap... Just run a AT command to dial a number, turn the volume and responses on the display off and you just got yourself a nice mic in the room. Or send a sms to get your cell, etc. The possibilities are probably endless and it will run on every f*cking phone with no way to notice or delete it (srsly, who would check their SIM card for bugs?)

*hackable*. They covered that. You send any junk to the card, it replies with a signed error message, you recover the key from the signature (weak hash) and sign your payload with that key.

Wow. And now "simjacker" is just made public

@@eulemitbeule5426 dude exactly what "simjacker" could do

Day mean when space station enc decode over smart net,pays?

Have you considered that maybe that's exactly what it still is? Terrorist payment method..... After all, ISIL is the group, so why the change? Those in charge like to name two or more things the same that seem not to be related, but actually are.

isis was also an egyptian goddess, are they also related? did she invent the payment method and birth the terrorist organization too?

And their enemy was Google.

Where are you from?

justFuuZe Prolly south asia.

justFuuZe Going with Filipino. They're subscribed to a few Phillippines-based TV series channels. The Phillippines would make sense, too, given the nation's rather poor telco situation.

Something like that just happened to Estonian foreign minister. Check it out.

Anders Fredriksson ever hear that wierd noise right before the ring when you call your drug dealer?

Rex2k10 That's disturbing. Why the hell would one put a Java VM on a µController? I even feel like I'm wasting efficiency when using C instead of Assembly.

I believe the main reason was standardization to make it easier for third parties to write apps; reduce complaints from angry users that can't get their game/app to work on their new hand set, and probably a failed attempt at predicting the ways in which mobiles would develop.

"Failed attempt". Lol you do realise Android, the most popular mobile phone operating system in the world supports the Java apis.

Surely the reason JAVA was used instead of Python or some derivative of C is the total limited scope of people who program these things, ever. It's a tiny circle jerk of a few industry leaders, their circle of developers, and managers who have never written a line of code themselves but heard of JAVA on Linkedin.

It is because it is a much safer language to develop with, and if you are going to have any idiot able to develop an app that can be accessed by something that is in every other person in the worlds pocket. You are going to want to avoid that shit storm. There are also Java elitists. The best thing Java did was lend its name to JavaScript.

android does allow it, at least on samsung devices

Anlaggy Laggy Samsung FTW

***** What?

***** Its android, android is the operating system. Samsung is the phone maker.

>mfw put down by totally not op *:(*

That's pretty interesting, care to share more about that? Do you have any documentation/videos talking about this?

Only need to read the url haha

+rentacow fuckin isis ruined them ):

Trashed the shuttle like some KZbin commenter asked,challenger next,planes?

Softcard now

I think the phone is network bound, so you get a compulsory subscription for the network companies which collaborate with phone companies. I think If you lose a phone you buy another one of the same network version and calls their customer service to cancel the old number or the new one and choose which will be used I'm really not sure tho

Thanks for the idea , as new products that are now very interchangeable and allow switching and reading and writing and copy and inter device direct wire connections . As well as transfer of complete Lynix portable device add ons with diverse cell phone multiple adapters at high speed and so much more ability’s . That it’s like a explosion of device uses that never before was so affordable and micro processed and diverse that only ones creative excitement will limit one especially with satellite and ham station and frequency scanners to really make AI a co pilot with a crew working to develop what you simply question if it’s only possible then it’s done before you finish talking with predictive technology .

Darren >> There is no fair use in copying someones work and re-posting it in verbatim. And absolutely not to monetize it.

Ads Darren... Ads

Just watched it, no ads here

@D C That's not how fair use works...

@@shockingguy I got 10 ads, maybe you have an ad blocker because it's definitely monetized.

neoqueto -- Maybe there is but that might be a feature on specific SIM cards. What I have found is just by going to Wikipedia's sim toolkit page and then clicking on the ETSI standards document in the references. That's an eye opener just by itself, because it describes the command the phone accepts from the SIM and how the SIM can f with your phone in many ways. But the Standard you want is ETSI TS 131.113 which talks about the USAT interpreter and it's programming environment. It seems to be just a byte code interpreter with specific data types for text messages etc. And skimming through the manual I find in section 8.8 "Execute Native Command". The instruction code is 47H/C7H followed by length in bytes, then some stuff and finally a 16 bit NCI. You don't get to just jump anywhere you want, you have to give it a native call identifier. And that's where I'll bet it gets card specific. You're going to have to tell the card os to create a new application for you with a certain AID. In that command you're going to have to tell it how many bytes long. Then you would create the application files including writing your binary to a file and setting a special execute bit on it. The AID is probably the NCI. But for that you are going to have to have a USIM that supports this business, has space available and had its access rules/protections set so you can do it, or you have the crypto keys to unlock these features. And then I wondered if you can buy fresh un programmed USIM cards online and it turns out you easily can for a very reasonable price. I have no idea what they are the ones I looked at and I would only buy if they can supply the keys and the technical manual. You will likely deal with Chinese who don't speak much English. Now that's what's possible on the interface between the SIM and the phone and you have been educated on it for free. As a bonus I am just going to throw in I bet you didn't know your sdcards contained a arm core you can run code on using vendor specific sdcard commands.

I'm pretty amazed what Java shouldn't have run. That's just painful to watch.

Probably a fem-to-cell or reverse engineered one and setting Sim card to connect to it..

@@shawnireland1197 thank you! still would be nice to have some concrete data on what was used and how

Francisco Oliveira I noticed that you use a real name, and real photo, like i do.... but please be constructive. This lad, (or 98% of us) may not be a 'professional' speaker/orator/spokeman/function-compere and may be a bit nervous. He's not trying to compete with Hollywood pros but trying get a tech topic across. Their forum's about real people, not a fake congressman speech with white teeth xx Anyway... hello where ever you are.... from sunny Australia....

Glenn Sprigg alister cook england captain says uhhmmm uhmmm ummmm uhmmmmm aahhmmmm

JC MmmBrains it wasn't the "umms" for me, it was the lip-smacking noises that drove me spare, that both speakers did it was maddening.

+Maxx Fordham If you give a good speech they will probably leave you alone. Otherwise GTFO.

Well actually, rentacow, these guys and others already *were* giving a good speech, but they still had them take a drink -- just because it was their *first* speech. So no, it's not about how good the speech is. So if there's someone who has an *actual* answer on what their reaction might be if you politely declined the drink like I would, I'd love to hear your answer. Thanks, if so.

+Maxx Fordham you have to understand that these aren't normal nerds, they are a secret satanic cult who worship alcohol as a divine conduit. So naturally, if you refused to drink you would be ritualy disembowled on a pentagram covered alter, and the alpha-nerd would feast on your still beating heart.

(Missing hyphen from "still[-]beating" set aside...) Yeah, huh, QuantumPlurality? :-P

Well, water or not, Charlie Powell, the word "shot" need not be encased in quotation marks (if you use anything, it'd be double to start with anyway), since even if it's not alcoholic, the little amount in a shot glass is still a shot. Okay, so *maybe* this convention has a question on your application form asking you if you drink alcohol, and you could mark "no," and they might bring you something other than that for your mid-to-end-speech toast. Well, how do you know about the supposed water-swigging guy?

Some things are worse than ISIS, like static.fjcdn.com/pictures/Turbo+anal+isis_b53324_5508709.jpg

I bet stock for that company plummeted...