The Truth About SIM Card Cloning

  Рет қаралды 1,142,441

Janus Cycle

Janus Cycle

Күн бұрын

Пікірлер: 1 100
@JanusCycle
@JanusCycle Жыл бұрын
There have been some really great responses on possible alternate ways to getting your Ki number. Including, voltage glitching your SIM to get it to read out unintended memory addresses. Physical extraction and/or reading the chip's die directly using a Scanning Electron Microscope. Or bribing an engineer working in your local network to access your Ki database entry. Wikipedia is a wonderful collaborative information resource. This video provides a quality example of the way collaborative effort promptly fixes these errors. I demonstrate the truth, and within just a couple of hours, editors rush in to check and fix the accuracy of Wikipedia. Keep up the great work everyone :)
@Redditard
@Redditard Жыл бұрын
I have a query,,, is there a way to use a sim cards functionality such as of internet, phone calsl and sms on a PC? with some kind of adapter, I have looked far and wide but can't find any sim-card adapter and software combo which can do this do you have any idea?
@peeniewalli
@peeniewalli Жыл бұрын
I'm ancient building tube-amps and first pre-windows interface time when so called younger-wonder age 10-16😊 (" it's so simple , but the manufacturer trends to over button/Dail was funny. Still most don't know why things work. I 'm now entering that old styled thinking patterns group of people. But A.I. winning on board games GO is just unfairness towards human workings-processor trying to navigate in a bowl of pea soup.....intuitive non-selfishness works better. Can that be progressing in self-education AI situation near future?🤔 sparks Mr youngster thinking again. Thanx for upload this!
@KPbICMAH
@KPbICMAH Жыл бұрын
@@Redditard there used to be some netbooks some time ago with built-in 3G modems and SIM card slots, so you could browse the internet or send SMS via mobile network (not sure about voice calls). Some USB 3G dongles from Huawei also allowed enabling voice features, but that was like 10 years ago.
@Redditard
@Redditard Жыл бұрын
@@KPbICMAH yeah, but they aren't sold anymore I did check it
@popoffs5273
@popoffs5273 Жыл бұрын
​@@Redditard yes but your pc would need an antenna or other hardware capable of talking with mobile networks
@JanusCycle
@JanusCycle Жыл бұрын
The Phone Cloning Wikipedia page has been updated. Thank you to whoever did that so quickly, less than two hours after release!
@slyceth
@slyceth Жыл бұрын
I still don't get it. So I have this sim card. It's made of metal and plastic. How can I not plug it in, copy the data to another? It makes zero sense. Explain it to me
@JanusCycle
@JanusCycle Жыл бұрын
@@slyceth Sure thing, SIM cards have a little processor inside that does secret key authentication calculations. The software running on this processor also decides how to respond to requests to read the memory. It will never allow the secret key to be read out. The only way in theory to read the entire memory would be to bypass the processor. By directly extracting the internal silicon and reading the memory contents directly with an electron microscope or similar specialised equipment. This also destroys the original SIM card in the process.
@dandeeteeyem2170
@dandeeteeyem2170 Жыл бұрын
Dude thank you for doing this video, although I would worry about the type of enemies you will make for posting it.. There was an Aussie politician who claimed his sim was cloned about 5 years ago. I saw a radio show in Sydney then got US private investigator Ed Oppernan on their show to debunk the politician's claims in a phone interview. I was very vocal at the time, because I knew for a FACT they were lying to protect this flaw from being fixed and essentially throw this politician under the buss. What people need to realise, especially those who think that law enforcement should be allowed to do this because "nothing to hide, nothing to fear", is that anything the good guys have access to, the bad guys do too. How do I know? The son of a guy who was high up in the mafia, had the hots for my girlfriend at the time. He was sending messed up messages to her pretending to be me. He was not spoofing my number because he could read her replies, and I changed my phone to make sure it wasn't my phone having remote access software running on it. We only realised why we were fighting, and she was sending me messages that made no sense, because we managed to catch him doing it when I had the day off work and were together while he tried to send more abusive messages as me. As a side note - encryption matters. A government back door is a a mafia back door. Imagine you were in the witness protection scheme and your private communication was being read by the wrong people. Or police records. Or private photos which can compromise people in positions of authority. Does Dan Andrews and other politicians frothing at the mouth about getting everyone jabbed make sense now? Encryption protects everyone, bad and good. The old trope of needing to catch pedophiles is BS, and they have many other means of doing that job that they should be adequately funding. Rant over, excellent video
@du42bz
@du42bz Жыл бұрын
@@slyceth It's actually pretty simple Computer to SIM card: "Gimme key" SIM card to Computer: "No"
@BrianG61UK
@BrianG61UK Жыл бұрын
Why didn't you do it yourself? That's what I do when I see something that's wrong on Wikipedia.
@threeMetreJim
@threeMetreJim Жыл бұрын
Reminds me of the time when I used to play with SIM emulators. They used to run on a small microcontroller (A PIC variety). Gold cards, silver cards, wafer cards (and others) usually used for decrypting the old analogue satellite pay TV. But could be used as clone phone-cards in payphones and something called a yes-card (a fake bank card that used a flaw that meant it wasn't checked online) where you could enter any PIN on the PIN pad.
@JanusCycle
@JanusCycle Жыл бұрын
I remember those cards, but I didn't have a use for one so I have never tried them out. That payphone trick is quite sneaky.
@threeMetreJim
@threeMetreJim Жыл бұрын
@@JanusCycle I've still got all the details and source code (as an historical artifact), but fully expect the vulnerable systems to have been hardened by now.
@Veso266
@Veso266 Жыл бұрын
@@threeMetreJim can you share your source code maybe?
@MRooodddvvv
@MRooodddvvv Жыл бұрын
I still have one of those. it let enter imsi and ki directly from phone "sim menu" but on new phones that menu half broken so it only work properly on old phone. It let create multiple "profiles" with pairs of imsi and ki and switch between them. On old phone switching worked even without need to reboot phone to reconnect to new network. It worked for 2g and 3g without any issues but for 4g couldnt work because for 4g algorithm was changed again and 3rd code called "opc" was added to make more "security trough obscurity".
@mathiasjapri
@mathiasjapri Жыл бұрын
FBI we got a suspect here... 🤣🤣🤣😅
@fujitsubo3323
@fujitsubo3323 Жыл бұрын
Pretty crazy seeing all this out in the open all these years later. I use to see a lot of this stuff and the systems Telstra used when I worked for them back in the day. Everything you said was correct.
@ShawnJonesHellion
@ShawnJonesHellion Жыл бұрын
Everything everyone says is correct apparently. Christian channel commenter's say that. Satanist channels commenter's say that. Atheist cult channels commenter's say that. Republicans channels all say that. Democrat channels, libertarian channels, bigfoot sighting channels.... Channels that say: see where I'm getting with this, probably say that
@JxH
@JxH Жыл бұрын
Back in the day, Satellite TV access cards were hacked by 'glitching'. That's resetting the card, counting clock cycles, and then glitching the power supply. Repeated thousands of times (with variable parameters) until the card responded out of spec, and spilled its secrets, or (at the user end) allowed access to adjust the available channels.
@raylopez99
@raylopez99 Жыл бұрын
So that's how they did it! Those clever pirates, selling those cards which would last a few months before having to be replaced...or so I'm told.
@JxH
@JxH Жыл бұрын
@@raylopez99 Once in a while, closer to a year. But sometimes the signal provider would issue a series of changes all in a row, and the hacked cards would be mailed back and forth more than being used. Later, one could buy a glitcher (serial or parallel port, long before USB) and subscribe to the new software from the pirate. I stopped before it became illegal in my jurisdiction. And I always maintained a local subscription to the local provider, in case that might mitigate things. House had up to four small dishes at one point.
@mickey7245
@mickey7245 Жыл бұрын
@@JxH i remember my mom and dad buying those cards until they gave up because of them having to change it every year or 6 months
@bobFranck-wq5mz
@bobFranck-wq5mz 5 ай бұрын
Merde
@mikeyjohnson5888
@mikeyjohnson5888 Жыл бұрын
About 20 years ago a family friend claimed to be able to do this alongside hacking the cards in cable boxes and such. Of course, he wasn't open about his process but some of the things he talked about were mentioned here. Maybe he wasn't actually doing anything but its neat to see he wasn't totally blowing smoke. He did eventually get caught up in a casino machine cheating scandal so its not hard to imagine he was up to something.
@EdwardJamesBickels
@EdwardJamesBickels Жыл бұрын
The whole DirecTV smart card story was fun to read. The gist of it was them and hackers going back and forth for years until DTV started sending required card updates that appeared to have useless data, but once the last bytes were received, it turned into a program running on the card itself. Then a week before a Super Bowl (I think it was 2000 or 2001), they sent a command that bricked all hacked smart cards and set the first 8 bytes of the card to GAMEOVER.
@batica81
@batica81 Жыл бұрын
Amazing nostalgia trip :) Cloning SIMs to wafer or "12in1" cards was quite popular in the Balkans before multisim phones came out. It was more convenient to restart your phone and select the active SIM with a code than juggling a few actual cards of different providers. Due to 64k inquiry limit, it worked only on some cards ofcourse. However there was a horror story that most of the phone repair shops (and enthusiasts) unknowingly used a "backdoored" version of Woron scan that was sending all the KI numbers to some Russian hacker group that made the clones as well, and then used them to call ultra premium numbers they set up :)
@MMC_Repair
@MMC_Repair Жыл бұрын
Точно, такое было.
@raylopez99
@raylopez99 Жыл бұрын
A high tech version of what occasionally happens today, where a stranger who looks like a drug dealer will ask to use your phone, because he "lost" his, and then use it to make a deal. A kind of a 'burner phone' technique.
@MrAsddasdasda
@MrAsddasdasda Жыл бұрын
@@raylopez99 Not the same
@counterleo
@counterleo 11 ай бұрын
Your part about the backdoored version of Woron scan will serve as my daily reminder to only use this sort of software in a virtual machine isolated from the Internet :)
@janikesina7813
@janikesina7813 9 ай бұрын
There is a lesson about the russians in this. Learn it
@nickmashek840
@nickmashek840 Жыл бұрын
Typically, music on most educational / research videos is misplaced and annoying, IMO. You Sir...are the exception. Beautiful and brilliant song and version selection. Perfect application and execution. Thanks for making this video, the content was info I've been curious about for years. Depeche Mode was the cherry on top!
@JanusCycle
@JanusCycle Жыл бұрын
Thank you, music is really important in life, and my videos :)
@Mjmikol
@Mjmikol Жыл бұрын
i was waiting for the moment u discribed... I WAS DELIGHTED and slightyly impressed as wel.
@Mjmikol
@Mjmikol Жыл бұрын
though... the volume in the end track is kind a louder the the rest...
@JKC40
@JKC40 Жыл бұрын
@@JanusCycle what remix is that?
@JanusCycle
@JanusCycle Жыл бұрын
@@JKC40 The Eric Lymon remix
@grajzer
@grajzer Жыл бұрын
What a blast from the past. I was playing with this 20-30 years ago and it was really fun. One interesting thing was that first mobile operator in my country didn't use KI authentication for quite some time, and phone numbers were correlating with IMSI numbers, so you would be able to easily guess IMSI number of any phone number and clone it.
@manp1039
@manp1039 Жыл бұрын
what was the correlation?
@grajzer
@grajzer Жыл бұрын
@@manp1039 differences between two phone numbers and their IMSI keys were the same :) so, if i wanted to "hijack" phone number 12345 and mine phone number was 12300 i would just add 45 to my IMSI number
@rodak_
@rodak_ Жыл бұрын
Wait... Are you THIS DEJAN?!
@grajzer
@grajzer Жыл бұрын
@@rodak_ You mean the guy who hacked this algo, Kaljević? No, but I knew him. He's no longer alive.
@rodak_
@rodak_ Жыл бұрын
@@grajzer I was referring to the guy who made the "Dejan flasher" for Nokia phones. Was he the same guy?
@KPbICMAH
@KPbICMAH Жыл бұрын
Speaking about SIM card vendors sending card data to mobile operators. I used to work for a GSMoperator in one of the former Soviet republics in the early 2000s, being responsible for interaction with SIM makers, among other things. We used PGP for any sensitive information sent via email, but even if you did get the plain-text output files, you wouldn’t get Ki from them, as it was additionally encrypted with a transport key (which was delivered separately and entered in the switch for decrypting the Ki information inside the AUC). Different keys were used for different SIM vendors (and sometimes several keys for the same vendor), and these were only referenced in the output files by their numbers, which means the actual Ki value was pretty much never available to anyone on the operator's side. I don’t think this was much different in the UK or elsewhere, at least post-2000.
@mustfit
@mustfit Жыл бұрын
Interesting, thank you. Have you (op-side) had the transport keys in plain? Could you decrypt Ki outside AUC using the transport key?
@KPbICMAH
@KPbICMAH Жыл бұрын
@@mustfit no, the switch people received the transport keys and input them into the system. So in theory we could have cooperated with them on this.
@mustfit
@mustfit Жыл бұрын
Interesting, thank you again
@ShawnJonesHellion
@ShawnJonesHellion Жыл бұрын
Back in my day we had tons of tricks like kicking people off the internet. seriously. That sounds so far off like something a bigfoot or religious follower would say that no one today would even believe that was possible I bet. I bet I could make a video about it claiming it still exists an the big feet/ape evolution people would spread it like it's gospel
@MRooodddvvv
@MRooodddvvv 9 ай бұрын
I really surprised its not mobile operator who writes those keys in blank cards from manufacturer. It is even possible to order those blank cards from sellers online for cheap. And process of writing keys is so simple and only require basic usb card reader hardware it could be even done at operator sim card sale office.
@RichardBetel
@RichardBetel Жыл бұрын
It's been a long time, so I don't remember all the details, but I remember the days at Research In Motion developing the Tachyon, aka The BlackBerry 5810/20... It had a number of problems. An important one was that they SIM card slot was prone to bad electrical connections and static discharge. One (entirely temporary and never shipped IIRC) solution was to get the Ki and program it into the phone, so that the phone could emulate the SIM card rather than use it... It made the phone far more reliable. My memory was that it was possible to have the phone work out the Ki by passively gathering challenges, actively get it (which took a day or so if it didn't crash, and was tough on the battery), or asking nicely and getting it from the carrier. Our SIMs at work were weird special SIMs meant for testing and devellopment, so the Ki's were not treated with the same care as normal SIMs. I think it's possible that they didn't have protected ROM on some of them, so if you had the right tools, you could just read the Ki off of it.
@Auberge79
@Auberge79 Жыл бұрын
one of my simcards (bought around 2003) was cloned over 10 years ago (same simmax 16-in-one), and it still works perfectly in 2G and 3G networks after all this years. No need to swap cards in my old phones :-) Just switch it on and ready-to-go! By the way, should I switch more than one phone at the same time, they both (or all 3) can make calls, but only last-one-online will receive the incoming call. However I do not turn on more than one phone simultaneously.
@JanusCycle
@JanusCycle Жыл бұрын
It must be nice to have the convenience of cloned SIMs. And the last-one-online incoming calls is correct. Best to keep only one phone switched on :)
@narfharder
@narfharder Жыл бұрын
The "what happens with two identical SIMs simultaneously on the network" question is a plot point in _Primer_ (2004), arguably the most convoluted time-travel movie ever. Now I know the answer to that, thanks. But I wonder, does the last-one-online rule still apply in the new SIM paradigm? For a network to assume there are no simultaneous duplicate subscribers seems... sloppy.
@manp1039
@manp1039 Жыл бұрын
I am guessing that your calls and numbers you call are being monitored? and you may not be the only one with clones of your original sim that you bought in 2003?
@MRooodddvvv
@MRooodddvvv 9 ай бұрын
Same here. Only issue is 4G not available.
@JCLoony
@JCLoony Жыл бұрын
Would be interesting to see if you could run a low power GSM base station to get these devices online and play with this a bit more in depth.
@cannaroe1213
@cannaroe1213 Жыл бұрын
You'd be surprised how expensive low-power GSM base stations are to buy/run. It isn't simply a matter of software, to handle 100s of simultaneous links they have to have extremely expensive clocks, and this is true even if there is only 1 subscriber, the base station basically keeps time. Now i'm sure it's possible with a HackRF and a TCXO solder into something somewhere, but it's not as easy as reading a card with a card reader unfortunately, unless you spend above $3000
@JCLoony
@JCLoony Жыл бұрын
Sure, but OpenBTS with a cheap SDR would probably be enough for a local system to be setup. Main issue I see is managing the RF situation, can it be run low power legally, or would the room have to be turned into a faraday cage first?
@johndododoe1411
@johndododoe1411 Жыл бұрын
Some places keep Gen2 GSM running as the common fallback for later phones after their preferred protocol is shutdown . So when 3G shuts down, the old 3G phones "roam" to the backup 2G net. Same for 4G.
@blakegriplingph
@blakegriplingph Жыл бұрын
The question is, as intriguing as it was, in some places SIM cards are sold more or less freely like here in the Philippines making burners and fraudulent calls easy; it wasn't until 2022 when mandatory SIM registration was enacted.
@HonestAuntyElle
@HonestAuntyElle Жыл бұрын
Whoa. That's hard to imagine having lived in Australia. Getting a new SIM has always been such a barrier, that people were far less likely to swap prepaid carriers because of it.
@kerozin520
@kerozin520 Жыл бұрын
@@HonestAuntyElle I'm in Croatia, you can still buy prepaid sim cards without any kind of identification or registration, they're $3 or so. You can optionally register it with info that is not checked in any way and in that case they send you those $3 you paid for card back to your prepaid account to use for calls.
@loganmacgyver2625
@loganmacgyver2625 Жыл бұрын
@@kerozin520 in Hungary you have to register it and they call it EU law
@gameconsole9890
@gameconsole9890 Жыл бұрын
Philippine law is shit. They make that law to lessen sms scam but still there is sms scams and now it even become more convincing.
@adriancoanda9227
@adriancoanda9227 Жыл бұрын
so even with registration, it is still possible to extract an e sim profile and edit the info in a such way that you will get a new identity and if that identity exists on the career server than easy as cake
@worroSfOretsevraH
@worroSfOretsevraH Жыл бұрын
Oh I spent so much time back when I was young in the early 2000's playing with SIM cards, phone cards, SIM card emulators. I've built a serial port scanner, and used it with Dejan Kaljevic's software. Lots of fun. (R.I.P.)
@JanusCycle
@JanusCycle Жыл бұрын
Dejan Kaljevic was the pioneer of phone hacking, and sad that he has passed. It's good to see him being mentioned.
@slavisaasus
@slavisaasus Жыл бұрын
I was privileged to know him quite well. Godspeed, Den's hacking den...
@ElaineGarcia-uo8qj
@ElaineGarcia-uo8qj 5 ай бұрын
Switching ssms was how I upgraded, traded and sold a lot of my phones back when flips were cool. I even knew someone who's unlock for a small fee Now smms are useless in modern smartphones and om learning how to unlock phone by myself
@jvinsnes
@jvinsnes Жыл бұрын
Your voice fits perfectly for the topic. An obscure, niche topic in electronic enthusiast community. I remember my dad used to get gold cards from ebay back in the day and programmed them to work as a car wash card. The first time he tried it, the cashier said he had 50k on it. Can’t imagine what went through his mind at that point
@alexus267
@alexus267 9 ай бұрын
64k attempts lifetime limit, how neat. That's probably why my SIM card mysteriously died after 15 years of flawless service (getting a replacement was challenging since not many people remembered the time one didn't have to show id and register everything in that country).
@SianaGearz
@SianaGearz Жыл бұрын
I knew some guys who kept a 2G tower unit in their bathroom and were slowly hacking it, I think they were able to span a little network of their own but they didn't run it very often. Perhaps you can find some enthusiasts like that where you live.
@manp1039
@manp1039 Жыл бұрын
Is the frequency for 2G unused by any other networks? I would have guess that if the phone company had no use for it the government would take back that frequency and offer it to other service providers? And if they did and thes rogue 2g towers were broadcasting on the airwaves.. they would eventually get identified, there broadcasts would potentially either be jamming the new legit devices using those frequencies and/or those new devices would jam the rogue 2g stations broadcasts??
@SianaGearz
@SianaGearz Жыл бұрын
@@manp1039 I'm hoping frequency reassignment is a SLOW process. And as long as noone complains, nobody investigates. Hush hush sort of business though, you don't show every stranger your bathroom if you have one of those.
@ShawnJonesHellion
@ShawnJonesHellion Жыл бұрын
Naa I live in the 13th largest city in usa. They don't even know how to milk the cows on their farms in usa. Back in the day I was like a space alien using computers. Today they still think only phones exist
@MRooodddvvv
@MRooodddvvv 9 ай бұрын
LOL
@thetankie007
@thetankie007 Жыл бұрын
Very interesting! I always wanted to know the details of how SIM cards worked. I actually built a SIM card reader when I was younger but it just bricked the SIM cards, it must have been hitting the limit!. However as a teenager everyone at school had a Nokia 5110 (without sim), you could enter a secret technician menu and change the phone number to a friends phone number and then receive their text messages and calls! it only worked when you were on the same cell tower and more of a funny prank as it diverted calls and messages and their phone would stop working.
@blakegriplingph
@blakegriplingph Жыл бұрын
You may be referring to the AMPS/TDMA variants of the 5110. AMPS is notorious for being insecure, and that may have been the network standard used on the cellphone provider my dad complained about a few decades ago.
@CapTVchilenaShootingStarMax
@CapTVchilenaShootingStarMax Жыл бұрын
I remember having a TDMA/AMPS Ericsson phone and with some service codes you could even listen to calls from other people.
@anthonychilufya6580
@anthonychilufya6580 Жыл бұрын
​@@blakegriplingph is your dad a revisionist or hackitivist
@dan_youtube
@dan_youtube Жыл бұрын
That's hilarious, must have seen a lot of sexting from the cheerleader team
@WistrelChianti
@WistrelChianti Жыл бұрын
nice video and nice music. Remember ages back reading about how sim cards were essentially little CPUs rather than things that simply store data, so cloning was impossible. Didn't know there was a way to mathematically brute force what they were doing but I guess it makes sense. I now see why government so upset about encrypted chat programs. Guess they lost their favourite toy.
@gayusschwulius8490
@gayusschwulius8490 Жыл бұрын
They are microcontrollers, yes, but they do have memory containing the required executable code and keys, so it's absolutely not impossible to read them out.
@iRelevant.47.system.boycott
@iRelevant.47.system.boycott 7 ай бұрын
If they worked, they would be illegal.
@ckm-mkc
@ckm-mkc Жыл бұрын
In a lot of places, SIM cloning is an insider job that is done by someone inside the phone company who has all the tools to "port" the number to a new SIM. These days it is a compromised human rather than hardware.
@circuit10
@circuit10 Жыл бұрын
What motivation do people have to do it? That seems like a lot of effort to just... have a spare SIM? So there must be some other reason
@Ontrus
@Ontrus Жыл бұрын
There are a number of reasons (surveillance is mentioned in the video), but a huge, more nefarious motivator is getting access to MFA security. Assuming you can get a user's account credentials through social engineering or other means, having access to their phone number to receive MFA verification codes can give you access to tons of sensitive information. Government sites, bank accounts, web accounts, corporate resources, etc. Cellphones and their numbers are generally fairly secure; they are a separate, independently secured (sometimes through their own MFA security), physical object that also tends to be very important to the user, so people tend to keep them on hand, and they will be replaced quickly if lost. The best way to get around that security is to either get the sim out of the phone, or use social engineering/bribing (made easier because of the information the criminal has already gathered about the victim) to manipulate an underpaid customer service worker to replace the sim.
@JT-lq4yd
@JT-lq4yd Жыл бұрын
​@@circuit10 The SIM "cloning" you may see on the news is just someone transferring a cell number to new SIM, it may be a new SIM or cell company. This is so that someone is able to get a MFA code to allow them to your bank account.
@circuit10
@circuit10 Жыл бұрын
@liampeanut1269 Scam
@deang5622
@deang5622 11 ай бұрын
The phone number is not stored in the SIM. The phone number is held in the HLR/HSS of the mobile network. And it is associated with the IMSI number of SIM card. And the IMSI numbers are allocated in batches to each mobile network operator. So if you are trying to clone a SIM and use the SIM to get free phone calls, then you don't need to port a number from another SIM to the cloned SIM. Access to the mobile network is not granted to the mobile phone based on the mobile number, it's based on the IMSI number which is held in the SIM card and in the HLR/HSS.
@anthony4530
@anthony4530 Жыл бұрын
Incredibly interesting, informative and entertaining! Your choice of music was nothing short of genius! Thank you for taking the time to put this together.
@JanusCycle
@JanusCycle Жыл бұрын
Glad you enjoyed :)
@PHANTOmIND8
@PHANTOmIND8 Жыл бұрын
Our service provider can give up to 4 sim clones if requested with a small fee. I had 3 sims of the same number all working on different phones with 3G/4G simultaneously. This service started around 2 decades ago.
@mrblc882
@mrblc882 Жыл бұрын
Most probably those are not clones - just regular SIMs pinned to same number.
@ANWA143
@ANWA143 Жыл бұрын
What service provider and how would this work? Would all of the phones ring when that number was being called?
@PHANTOmIND8
@PHANTOmIND8 Жыл бұрын
@@ANWA143 service provider is STC in Saudi Arabia. You can send calls and messages from all sims but set one sim for recieving calls and you can switch the recieving to one sim at a time if you liked. Worked like a charm.
@j90319
@j90319 Жыл бұрын
​@@PHANTOmIND8 thats incredibly unsafe if someone gets your phone number you wouldnt even notice, as if someone sim swaps a normal phone number the real user would lose signal
@mickwolf1077
@mickwolf1077 Жыл бұрын
I cloned my sim card years ago, I had a stk 8 in 1 sim that could have 8 numbers. I only ever used one and kept the original sim at home. It didn't take long either.
@therealchayd
@therealchayd Жыл бұрын
I managed to accomplish a SIM clone back in the early noughties, and it was only possible to get the Ki on one out of about 10 SIM cards I tried, I think providers had added authentication limits to SIMs at that time (this was all done for legit purposes where we were developing a JavaCard application and no provider would give us a Ki unless we paid thousands and signed NDAs etc, so we DIY'd it in the end)
@TeeDwomanGodshowsmercy
@TeeDwomanGodshowsmercy 11 ай бұрын
please my sim is still cloned, what do i do? my ex listens to my calls
@BillAnt
@BillAnt 7 ай бұрын
@@TeeDwomanGodshowsmercy- Most likely it's not your sim cloned, but there's a spy app on your phone grabbing everything. Big difference.
@triularity
@triularity Жыл бұрын
You'd think they would have implemented simple rate limiting at the first sign of brute force attacks. Only allow a key attempt at most once a second.. maybe delayed even more if multiple are requested back to back. For normal use, this delay may never occur/be noticed. But that 40 minute attack might take days, weeks, or months, instead. Also, while I could understand some secret proprietary algorithm decades ago, anything in the past 10 years or so should be using established public key encryption, with SIM cards randomly generating there own private key and only exporting the public one. So nobody could amass everyone's keys, even if they wanted, since they would never be known to start with. Then you'd have to resort to glitching, side channel attacks, or more destructive means to try to get the key.
@JanusCycle
@JanusCycle Жыл бұрын
Even with the new stronger algorithms, including some sort of rate limiting should be easy to include and greatly add to the security. I don't know if they have done this, but your analysis is spot on.
@ignorance72
@ignorance72 Жыл бұрын
SIM cards don't have real-time clocks so it would be hard to implement rate limiting.
@triularity
@triularity Жыл бұрын
No, but one would have to power off the SIM and then back on, waiting for it to initialize again first. That is much slower than just hammering it constantly. Plus, it might be able to write a counter to persistent storage each time it fails, and then on power-up, it will have to wait a given amount before it will accept another attempt or clear the counter. It only needs to track accumulated run-time to delay.
@BillAnt
@BillAnt 11 ай бұрын
​@@JanusCycle- My assumption for not rate/time limiting is, if there's an unreliable network connection due to weak signal or interference, the requests/responses would need to be resent several times in order to connect. They could have imposed something like 10 non-limited requests per second then a 1 second pause which would slow down hacking attempts significantly. But the best protection is a longer key.
@iRelevant.47.system.boycott
@iRelevant.47.system.boycott 7 ай бұрын
@@ignorance72 Couldn't it be done algorithmic ? With an exponentially increasing number of empty loops between each failed attempt ?
@NeonVisual
@NeonVisual Жыл бұрын
Back on 1G phones I was in school at the time, and with some friends we managed to get access to hidden menus in the phone and copied all these random digits into a different phone, and then when we called the number both phones rang! Could only answer one of them though as the other then stopped ringing. This was back when the call was basically not yet digital, if you went somewhere away from signal the voice started to go fuzzy like a walkie talky. Didn't take long for 2g phones and text messages to appear on the scene, at which point everything was digitally encrypted with the sim.
@Ton4i
@Ton4i Жыл бұрын
love the depish mode music when you put the second sim card for reading
@pakfones
@pakfones Жыл бұрын
I've done cloning years ago 😀 I'm talking about the year 2006, 2007. Nothing is new in this video for me, Anyway you've got a thumbs-up
@JanusCycle
@JanusCycle Жыл бұрын
Hello to an experienced SIM cloner! I'm glad you enjoyed the video :)
@exoqqen
@exoqqen Жыл бұрын
all these new kids woth their videos on this topic are nice and dandy, but you're actually going indepth on some of the history and more practical attacks. very nice
@JanusCycle
@JanusCycle Жыл бұрын
Thank you
@leodf1
@leodf1 Жыл бұрын
What a cool channel. Real gem stumbled upon. The DM lyrics while bruting that poor SIM was hilarious. Subbed.
@JanusCycle
@JanusCycle Жыл бұрын
It's a great song!
@etmax1
@etmax1 Жыл бұрын
There's potentially another way to read out the Ki No. from a sim card, use an e-beam prober to read out the actual Flash memory in the SIM card. You need a lot spare change to buy one, but I'm sure that's not much of a problem for a state owned spy agency. On your comment on Wikipedia being updated so quickly, actually virtually anybody can do that, so it was probably one of your regular viewers.
@Steve211Ucdhihifvshi
@Steve211Ucdhihifvshi Жыл бұрын
Goverments dont work that way usually mate, Years ago they just mandated that Providers ie telstra etc provide unfettered access to agencies on request. Meaning at least 15 years ago when i worked for telstra, they could see everything you did, imagine their capabilities now.
@etmax1
@etmax1 Жыл бұрын
@@Steve211Ucdhihifvshi I think you've misunderstood what I was saying, It wasn't that state level actors do it, only that it is the sort of budget you need. Of course multinationals have more loose change than a lot of governments so clearly they can do it.
@EvilSapphireR
@EvilSapphireR Жыл бұрын
So by literally viewing the hexdump of the flash memory? Wouldn't that contain the code that runs on the SIM processor as well that you'd have to disassemble to sort them out from the key and understand how the code retrieves the key? Are the processors used by SIM card documented?
@etmax1
@etmax1 Жыл бұрын
@@EvilSapphireR I would suggest to you that it is all relatively easily achieved by a skilled operator. I once did a hex dump of a microcontroller's Flash and hand disassembled the whole thing (didn't have the disassembler, just the data book), created a flow chart of what it was doing corrected a bug and then reassembled it all and programmed the device in 2 weeks. With the proper SW tools it would have been much easier. As to the documentation of the CPU they all use off the shelf cores. Some companies do soft cores in an FPGA but that's not going to happen for a simm card reader
@Paul-XCIV2
@Paul-XCIV2 Жыл бұрын
Maybe this is why mobile operators are keen for you to have a new SIM whenever you get a new handset, even if you are retaining the same number with the same provider.
@ElaineGarcia-uo8qj
@ElaineGarcia-uo8qj 5 ай бұрын
Don't install the sim!!!
@samwilliamson4715
@samwilliamson4715 Жыл бұрын
Nice video. Interesting stuff. Apt music choice @ 4:38 - nice 👍 Would still like the option of having handsets with multiple sims or at lest two or more carriers in one sim so you can switch carriers for different rates or needs..
@Hauketal
@Hauketal Жыл бұрын
That is exactly what I'm typing this on. Dual SIM phones are quite common if you search for them.
@robogirlcops
@robogirlcops 9 ай бұрын
GLAD YOU ARE ON OUR SIDE THX
@mihiguy
@mihiguy Жыл бұрын
In this context I'm interested how the eSIM affects this. How does the Ki value get into the eSIM without being able to be intercepted, assuming the owner of the eSIM phone is interested in cloning his Ki value to use on more devices? BTW 90 00 is not only for sim cards but generally for PCSC smart cards and means "command successful". Error messages start with a 6 in hexadecimal which is not only flipping the digit glyph, but also its bit representation.
@JanusCycle
@JanusCycle Жыл бұрын
My guess is that an encrypted packet is sent to the eSIM chip, which decrypts it to get the Ki. The specifications exist, but I have't looked into eSIMs yet.
@mihiguy
@mihiguy Жыл бұрын
@@JanusCycle Thank you for the response. But that means, that either all eSIM must have another key that is known to the carrier (chicken and egg problem), or some PKI must be involved that requires someone to sign the keys used as they would otherwise be prone to Man in the middle attacks (introducing a new point of failure)
@JanusCycle
@JanusCycle Жыл бұрын
Thank you, very good points. I have also wondered about eSIM security. Just not had the time to look that deeply yet.
@mkontent
@mkontent Жыл бұрын
@@mihiguy diffie helman
@mihiguy
@mihiguy Жыл бұрын
@@mkontent Without some kind of authentication scheme, Diffie-Hellman only helps agains passive listeners, not against active men in the middle.
@stockwellengineeringhints3527
@stockwellengineeringhints3527 Жыл бұрын
Absolutely fantastic ending. The music really fits the visuals.
@JanusCycle
@JanusCycle Жыл бұрын
Thank you
@dimples282
@dimples282 Жыл бұрын
This video is a great case study in supply chain exploitation with the points discussed from 9:47 onwards. Kinda like that one XKCD comic about encryption, rather than cracking a Ki, just social engineer and/or drug your way into the manufacturers which is the path of far less resistance.
@MrCrazyGameGuy
@MrCrazyGameGuy Жыл бұрын
Just like to point out that just because there is no "known" method to clone a modern SIM card; that doesn't mean certain people don't know how to do it. Just because something isn't widely spread, doesn't imply that theres no way to do that thing. I'm sure you can't find any information on copying a government issued form of ID, but it does happen.
@JanusCycle
@JanusCycle Жыл бұрын
You make a good point, there is a dark web out there.
@PredragKuzmanovic
@PredragKuzmanovic Жыл бұрын
I just have a basic knowledge of computer/phone etc devices but this video I watched in full , even when video actually ended at 11:44 I stayed to watch listening the song . Kudos , bro !
@JanusCycle
@JanusCycle Жыл бұрын
Sometimes just seeing technology and hearing the descriptions, even when you don't understand it all can help you learn. When learning more things in the future you will remember bits and it will become easier. I'm really glad you enjoyed this. Thank you for watching.
@markjune3027
@markjune3027 Жыл бұрын
My ex-roommate went to MIT, he's now head of R&D (they don't call it that but I can't remember the exact job title) for Deutsche Telekom/Tmobile here in the U.S. Back in 2014 when we were living together, I watched him clone his own sim card so he could have multiple phones with the same number. This was on Tmobile's 3G/4G network. He definitely found a significant vulnerability and wasn't keen on sharing it with me. And I doubt he's the only one who knows of it. But instead of revealing it, he (and/or they) keep their mouths shut so they don't "fix" it again. He learned his lesson with satellite TV -- they used to hack the cards in order to get free TV. They would then release the new hacked ROM online and eventually the TV company would send out a patch to fix the hole and they'd have to crack it again; rinse repeat. This happened numerous times until the satellite TV company finally did away with that card system all together. If my ex-roommate would have never released those hacked roms on the internet, he would probably still have free satellite TV to this day. He said he'll never forget that lesson.
@JanusCycle
@JanusCycle Жыл бұрын
Interesting, thank you. I wonder if the vulnerability he found was inside the SIM or in the network.
@CarcharothQuijadasdelased
@CarcharothQuijadasdelased Жыл бұрын
"...they just want to listen in if they need to." something tells me that "if they need to" means all the time to misconstruct or find the smallest thing in case you dare to "notice" or do a "wrong think".
@iRelevant.47.system.boycott
@iRelevant.47.system.boycott 7 ай бұрын
The ability to harvest a data stream is considered a digital goldmine these days.
@Budgiebrain994
@Budgiebrain994 Жыл бұрын
Your videos get better and better.
@nowheremanjk8624
@nowheremanjk8624 Жыл бұрын
In my country they are blocking the 3G network. 2G stays because apparently some old infrastructure works on it, and the 2G network has several advantages
@awalden
@awalden Жыл бұрын
Excellent video, content, narrating, presentation... everything! (And I especially loved that version of "Policy of Truth") Wishing you continued success with your youtube channel! ~ Allen
@JanusCycle
@JanusCycle Жыл бұрын
Thank you Allen. I really enjoy making videos and I'm glad you enjoyed this one.
@JohnDoe-bd5sz
@JohnDoe-bd5sz 11 ай бұрын
I did this to my card and my wifes card and put them on an ATMEL card. Worked fine and i was able to select which simcard i wanted to emulate, simply by the PIN code. If i turned the phone on and entered 1111 as PIN i would get my own card, if i used 2222 i got my wifes. Sadly both phone numbers could not be active at the same time though. Was mainly done as proof of concept, but i did it with a program just like yours that found the IMSI and KI.
@JanusCycle
@JanusCycle 11 ай бұрын
Nice, I'm glad you got this working.
@examplerkey
@examplerkey Жыл бұрын
Some years ago, a father and son cloned a sim card, for whatever reason. They were found out, arrested and jailed. I think there's a way from the NP side to find out this kind of activity, for example by way of phone make and model number or an UUID.
@manp1039
@manp1039 Жыл бұрын
that is exactly what i was thinking. It is not just a sim that the network has for any device that connect to it. Those people would have had to clone everything on the phone.. and there may even be one or more unique chips on each of the phones that the NP can collect data from.. in addition to which tower and date and time it connects (presuming this father and son were using prepaid sim cards where the location they lived and their legal names etc were not already known by the NP and connected with the sim acct?
@MRooodddvvv
@MRooodddvvv 9 ай бұрын
Are they got lifetime sentence for such horrible crime against humanity ?
@luigigaminglp
@luigigaminglp Жыл бұрын
Great video! Your voice is very nice, the topic is very interesting (to me lol) and the demonstrations and explanations were really good. Keep up the great work!
@nick066hu
@nick066hu Жыл бұрын
Even if I could clone a modern SIM card somehow, I would very much be cautious to use more than one of them simultaneously. I guess the operators have some algorithm to recognize requests with the same IMSI numbers coming from different cells (from distant locations) at or around the same time, and would block my account, and may even ask me unpleasant questions. Or is the cloning so unlikely that they don't care? Any comments on this?
@BertoldVdb
@BertoldVdb Жыл бұрын
I have accidentally turned on two modems using the same physical SIM on 4G (the sim slots are connected to the system CPU and then proxied to the modems, it happened due to a software bug). It didn't cause problems but only one of the modems was working, although both claimed to be registered. Probably depends on the network.
@BertoldVdb
@BertoldVdb Жыл бұрын
BTW: Since both modems were on the same board, they both joined the same cell.
@stultuses
@stultuses Жыл бұрын
The network operates separately to the billing system When you make a call, the records that make up your call (CLR's, Call Link Records (Think of your mobile call going from cell tower to cell tower, onto say a landline network to eventually end up at someone's home, all of those hops are CLR's)) are aggregated into a CDR, Call Detail Record) that is used for Rating (assigning distance and charging / service components to), that is then fed into the Billing engine (for assigning a cost value to) i.e. [CLR + CLR + CLR+ ...] -> CDR -> Rated -> Billed Back in the 3G and 4G days, it didn't matter how many dual sims were on the network, the system doesn't cross check (how could it, with literally millions of phones on the network, it would be extremely compute intensive. Even 10,000 phones active at once would take 10,000 x 10,000 cross checks) It was the last sim activated that got the incoming calls, so even though you had multiple sims the last active used to get the incoming traffic Making calls was different, any copied sim on the network could make calls at any time Things have most certainly changed since I was involved in the telco space though
@nick066hu
@nick066hu Жыл бұрын
@@stultuses Thank you for the inside info. It was 15, maybe 20 years ago, I wrote microcontroller code into a Microchip PIC in our remote control device monitoring pump stations. The uC was interfaced to a GSM modem, that we had to buy and maintain subscriptions for about 150 pcs SIM cards. It was expensive, although we used very little data, just a couple of bytes per message, and almost nothing if no errors, so it really felt an overkill having so many full phone subscriptions (the operator had no plan for M2M communication back then). I was then thinking about how we could trick the system with cloned SIMs but lacked both the courage and knowledge for it.
@Aim54Delta
@Aim54Delta Жыл бұрын
​@@stultuses I could imagine if they wanted to that they could implement some kind of optimized cross-check algorithm to catch duplicate sims, but I can see where it would be mostly a non-issue to correct. The number of people who can clone a sim is relatively small and mostly limited to people who tend to confound your efforts, anyway - and by virtue of how the network functions, it wouldn't really be a valid way of gaming the system to the user's favor ... again, outside of niche uses. It's not just cross-checks for activating phones, it's cross-checks for changing towers or some means of rationally managing a phone between nearby towers. In principle, it could be done - but I don't really see it as being a priority investment as it addresses a very niche problem that is only a problem when governments aren't doing it (at least from the network operator's perspective). Further, here in the States, most cell infrastructure is locally or regionally owned/maintained and the network operator leases access to the tower, as I understand it. That adds a whole different layer into authentication strategies. The authentication would have to be baked into the communication standard used by the tower so that any carrier could function. The only thing I could see being different with 5g is some manner of sub-identifier which would basically turn a sim card into a network gateway and multiple devices could send/receive on the network at the same time. My phone would just ignore the data packets for a different phone. I could see support for this being put in.... but don't really see the use/advantage as you'd have to effectively route data to two different towers for broadcast... or more. And whatever plan that is would probably be absurdly expensive while having no particular benefit other than potentially reducing the number of authenticated devices on a tower (as the sim allocates and band and packet address the device) .... but you could implement something similar to this without doing cloned sims in congested areas, overlapping devices into a single band and using the band as an old fashioned network bus.
@JeffLovesShantae
@JeffLovesShantae Жыл бұрын
Thank you very much bro, for leaving the subtitles activated for the language in Spanish. Greetings from Colombia. ❤️‍🩹
@JanusCycle
@JanusCycle Жыл бұрын
Making subtitles is hard work. I'm glad you appreciate them. Thank you for letting me know.
@chinmayasinghrawat4622
@chinmayasinghrawat4622 Жыл бұрын
Very interesting to watch. Funny how the SIMs are compromised over simple e-mails though.
@raylopez99
@raylopez99 Жыл бұрын
True, I've worked on big, secret M&As (Mergers & Acquisitions) where the utmost care was taken to ensure privacy, since it would affect the price of the companies if word got out, and yet details of the deal were sent in plaintext over email.
@josephkanowitz6875
@josephkanowitz6875 Жыл бұрын
@@raylopez99 ב''ה, all securely stored at RIM's data center, right?
@raylopez99
@raylopez99 Жыл бұрын
@@josephkanowitz6875 Iron Mountain...I do remember that logo a lot. Back in the the day before I think Google even did https on all its transmissions.
@MMWA-DAVE
@MMWA-DAVE Жыл бұрын
FYI, as of April 2023 there is 900Mhz GSM still operating in one part of Australia I work at. Christmas Island. Telstra still operates the only mobile phone network there, its still 2G voice and SMS only, just like the early 90’s. The only mobile data service on the island is offered by a small business known as CiFi with their own LTE equipment and that service is data only. Their connection comes by way of tapping into the Vocus under sea cable from Perth. I was there only last week and can confirm this is the case still. Telstra has accepted millions of dollars of tax payers money in order to upgrade their service to 4G, but as usual is moving at a glacial pace. At some stage this remaining 2G outpost will also get switched off.
@JanusCycle
@JanusCycle Жыл бұрын
That is fascinating. It must be easy for Telstra to keep it going with the spare equipment they kept from the old network.
@MMWA-DAVE
@MMWA-DAVE Жыл бұрын
@@JanusCycle astonishingly, they even installed additional 2G equipment last year to increase coverage 😂 I’m no expert and wonder if it is in fact modern stuff thats been dumbed down till the necessary bandwidth is available. Voice quality on the 2G service is below average also, extremely low bit rate and like AM radio quality. When you make a whatsapp or optus wifi call using the cifi LtE its like listening to a CD player in the age of worn out type 1 cassettes for the first time.
@anhedonianepiphany5588
@anhedonianepiphany5588 Жыл бұрын
Why am I not surprised that most of the Ki numbers are known by surveillance agencies? This is the reason one doesn’t attempt any crucially private exchanges without decent end-to-end encryption.
@_____7704
@_____7704 Жыл бұрын
This whole channel is magical - more videos on phreaking generally please
@HonestAuntyElle
@HonestAuntyElle Жыл бұрын
What was the original sales purpose of the SimMax holding 12 Sims, was it able to be swapped by phones, or did it need an external device to swap between profiles. If it was simple as typing a number command and rebooting, then I could see the purpose if you were trying to make cheap calls from Optus to Optus or Telstra to Telstra or for frequent travellers.
@JanusCycle
@JanusCycle Жыл бұрын
One of the benefits they describe is 'Change mobile phone number without turning off mobile phone'. I'm not sure how it was done, yet.
@kerozin520
@kerozin520 Жыл бұрын
If I remember correctly there were sim cards which could store multiple sim card profiles/numbers you would read cards you have and then store those into that single "super sim" and on some phones you could cycle through those stored profiles even through menu on phone itself.
@JanusCycle
@JanusCycle Жыл бұрын
@@kerozin520 This could be using SIM Application Toolkit to add menu options to the phone. Another aspect of SIM cards that doesn't seem well known about.
@Auberge79
@Auberge79 Жыл бұрын
You actually have "SIM menu" on your phone and there's an item called "change number" provided you have this all-in-one SIMcard inserted, so you can select there any of slots of your 12-in-one SIM. But not all phones do support simcard hotswap, so most old phones still needed reboot (power cycle) in order to change simcard.
@veryboringname.
@veryboringname. Жыл бұрын
​@@JanusCycle Yup, that's actually what the "STK" on the card refers to - SIM ToolKit. On phones that supported STK, an extra menu would appear on the phone allowing you to pick a SIM. You could also use a PIC programmer like the Infinity USB to write SIM-EMU software onto a blank Greencard to create your own SIMMAX-style multisim-in-one card. From memory SIM-EMU worked more reliably than SIMMAX.
@Spelter
@Spelter Жыл бұрын
Somehow, somebody copied my Sim Card back in the year 2000 here in Germany, but not like that. This person had to build an access point, so my phone logged into it, and they must've sniffed every information they could get. They phoned away on my bill. 200 bucks later, I went to police and the provider told me I was in a different city while calling people. Lucky me, I had proof I worked at that time - at least I thought lucky me. O2 refused to refund me, it went to the court, I won, but they kicked me out of the contract. So yeah, somehow it was easier 23 years ago, when no real encryption was implemented in GSM. This video made me remember it. Decades later, we know how you can build your cell tower or at least a small version of it. How somebody gets the KI number though with just listening to 1 calculation... maybe somebody made "logged in" phones reauthenticate many times and then.. tried the rest? I know, I was working at my job back then, and not in Berlin, so who knows how that worked back then. Hardware was slow back then, so your method would be taking a long time.
@mamborambo
@mamborambo Жыл бұрын
Since you know so much about SIM and how they work, please do an episode on eSIM and how to convert between them. My provider charges for esims and it is difficult and costly to swap sims between phone.
@manp1039
@manp1039 Жыл бұрын
you said "convert".. did you mean transfer the esim to a new device? if you did mean "convert" convert to what?
@guruoo
@guruoo Жыл бұрын
We used to clone our in house phones back in the analog days to save on maintaining separate accounts. Like to experiment this for a couple of my phones, but so far yet to find a safe trojan-free version of woron scan.
@JanusCycle
@JanusCycle Жыл бұрын
This is where I downloaded from. I use a sacrificial laptop though to keep my main computer safe. woronscan.narod.ru/
@Valery0p5
@Valery0p5 Жыл бұрын
It is no secret that the phone network in general was built with very little security in mind, even a WhatsApp call is safer in most circumstances.
@iRelevant.47.system.boycott
@iRelevant.47.system.boycott 7 ай бұрын
The GSM net was intentionally built with sub par security.
@co5tellooffical
@co5tellooffical Жыл бұрын
Man those old SIM cards be bringing back memories of my first phone 😢
@stevenchristenson2428
@stevenchristenson2428 Жыл бұрын
Actually capturing responses and working out the key is how you can figure out the secret key in WPA2 encrypted wireless networks. All you really need is a computer that can put the wireless card into promiscuous mode and set it up to listen for new device traffic. You can even send a bad packet of data to the network to reboot all the devices and they all have to re-auth back to the WAP thus getting a large number of encrypted packets to process. You then either manually decrypt the password or you can put the encrypted password into a giant list of known passwords and see if the user used one of them. It only takes like 48 hours or so to decrypt WPA2 encrypted keys and maybe even less with GPU processing. Its pretty fun to do, just don't use it to try and steal your neighbors wifi as that can be illegal in some places.
@X4Alpha4X
@X4Alpha4X Жыл бұрын
the time to crack WPA2 is extremely variable depending on hardware and complexity of the password assuming brute force(or how big the password list is, assuming it even has it). there was a manufacturer of mobile data wifi pucks who used a default password of 8 random numbers. a laptop with a 1070 GPU could brute force that keyspace in about 4 mins with hashcat.
@judyreyjumamoy
@judyreyjumamoy Жыл бұрын
i didnt search for this and i dont know why i watched the video till the end
@miscme7116
@miscme7116 11 ай бұрын
I remember the good old times when me and my friends would clone the analog NMT mobile phones. It was ridiculously easy back then, and then you can be any number in the network. In my country for a long time it was not believed that it was possible. There was a classic case where a police chief gave a challenge to replicate his phone number, as he did not believe it was possible. Next month he received in his mobile invoice costs for calls to adult phone services not made by him, and he had to believe it was true.
@salvadorcruz46
@salvadorcruz46 11 ай бұрын
My sims locked every time I turn it off,I know a little bu about to Learn more
@ABaumstumpf
@ABaumstumpf Жыл бұрын
How i HATE how simcards have changed over the years. Now you gotta register even prepaid simcards for "security"? Yeah no - it got nothing to do with that as we have seen what it is actually used for the past 3 years. Then also the push towards eSIM. So now the phones can be hardware vendor locked and i can not just use whatever phone i want (aside from the other obvious problems). And the most aggravating thing is trying to get a 2nd SIM officially..... i asked my provider - it is "only" 5€ per month.......and 20€ for the card ..... and 20€ each year for "services" .... and 5€/month extra to be able to use it for anything but phonecalls. They seriously want to charge me more just for a 2nd SIM than it would cost me to get an entire 2nd contract.
@Knaeckebrotsaege
@Knaeckebrotsaege Жыл бұрын
Would be interesting to try this in a country where 2G/basic GSM is still alive and well, like Germany. I still know of two pre-2000 prepaid SIMs that are still active and being used, one being my moms (from sometime in '97) and one being mine from my very first own phone I got for christmas '99, which might already be too new...
@MRooodddvvv
@MRooodddvvv 9 ай бұрын
If you still want to know one of those cloned cards still work well in russia because original card was lost and that number only used in old phone without 4g so no one bothered to do anything and just used cloned card. No issues or oddities was noticed for years.
@bikepacker9850
@bikepacker9850 Жыл бұрын
I like how you formally announce "We've reached the end of the video" . Great video, I have no interest in the subject matter, yet, watched the whole thing.
@morsine
@morsine Жыл бұрын
Thanks a lot mate! this was the question I had when I was a child, and I searched a lot for it.. thank you for solving my childhood mystery!
@morsine
@morsine Жыл бұрын
@Liam Peanut your spammer is running and old script xD
@monmonmon4177
@monmonmon4177 11 ай бұрын
its like cracking a wpa wifi code (trying many codes until matching exact one) but sim cards have security made in, factory they send a voltege on a pin to burn it, this pin is the one for writting or making changes on the sim so it cannot be edited
@kevinlee7263
@kevinlee7263 Жыл бұрын
Sounds like those scenes in movies where someone pulls the sim card out of another person's phone while they're in the bathroom, clones it in 30 seconds, and puts it back in their phone before they know what happened, are pretty far-fetched.
@JanusCycle
@JanusCycle Жыл бұрын
There is a scene just like your description in the The Bourne Supremacy. Since it's a movie we can assume Bourne had a backdoor SIM exploit, or some other secret intel we don't know to keep it fun :)
@benmahdjoubharoun1467
@benmahdjoubharoun1467 Жыл бұрын
*Basically, everybody has access to you but not you to yourself.*
@lobsangbarriga5324
@lobsangbarriga5324 Жыл бұрын
Very well explained, thank you! And nice music btw
@MrGrisha84
@MrGrisha84 Жыл бұрын
This video answered more questions that I had, so I guess I know way more now than I did before starting the video
@JanusCycle
@JanusCycle Жыл бұрын
Thanks for watching!
@alexanderwhite8320
@alexanderwhite8320 Жыл бұрын
Very good video, two thumbs up! As a person who cloned SIM cards and made multiple-in-one cards I can tell the video and explanation is 100% accurate. Except the part of spy agencies spying by intercepting the Ki number.
@JanusCycle
@JanusCycle Жыл бұрын
Spy agencies intercepted Ki numbers in emails from card manufactures sent to networks. Not over the air. Hopefully I made that clear enough in the video.
@ChristineDuffy-m8q
@ChristineDuffy-m8q 2 ай бұрын
Thank you for sharing this I was getting spam texts recently and my bank informed me about this very thing so I now know how they did it and changed all my details so haven't received any since
@JanusCycle
@JanusCycle 2 ай бұрын
Unfortunately there is something called the 'SIM Swap attack', where network employees are duped into swapping your SIM details to another SIM card. Try not to rely on SMS messages for security.
@ChristineDuffy-m8q
@ChristineDuffy-m8q 2 ай бұрын
@@JanusCycle Thank you
@uglyrose2019
@uglyrose2019 10 ай бұрын
Mine has been cloned already....I worked at a BIG telephone company and you would be surprise how corrupt the employees are!!!! Money talk.....as you already know ..... Most illegal things are not done by criminals but by government employees.....😂
@dodegkr
@dodegkr Жыл бұрын
What a tune to select, bravo, more! I hope you have a lime mini2 on order for some TACS and LTE fun
@fredsalter1915
@fredsalter1915 Жыл бұрын
Does this apply to eSIM and iSIM as well? Thanks. Great vid!
@JanusCycle
@JanusCycle Жыл бұрын
Those chips are also much more secure.
@1337GameDev
@1337GameDev Жыл бұрын
What's MORE interesting - The idea of exploiting the HARDWARE. Sim cards are FULL computers than run a variant of Java (unless that changed) called JavaCard. On certain models, the hardware can be glitched and manipulated to reveal memory, via execution cache and hence, the encryption keys.
@helmutzollner5496
@helmutzollner5496 Жыл бұрын
It was known from the start of the GSM implementations that the SIM crypto algorithm was pretty weak. But as you said it was kept secret, which in the early 1990s created quite a discussions. Normally in Crypto systems the security lies in the secrecy of the key, not in the secrecy of the algorithm. But this was ignored by the GSM standards consortium. I guess there were two reasons. The first is that they were worried about the SIM chips available being powerful enough. The other reason was probably the governments wanted a back door. To your assertion about getting the Perso keys of the SIM cards, there the security has been tightened considerably and the Perso Keys issued by the SI vendors are now sent in a classic crypto ceremony in 3 parts, where only the combination of all three parts of the key will result in the correct key. This is used to derive the individual chip keys. But I guess there may be still different standards used by different vendors.
@JanusCycle
@JanusCycle Жыл бұрын
I'm glad we are getting smarter at having good security. Great info, thanks.
@HitchensTV
@HitchensTV Жыл бұрын
​@@JanusCycle The 3 part way is not default for any manufacturer afaik. Where I worked we started forcing encrypted orders in 2019 or so, after which I ordered new cards and destroyed my old ones. But even that handling did not seem to be the default way for the big manufacturers =/
@iRelevant.47.system.boycott
@iRelevant.47.system.boycott 7 ай бұрын
It is know that it was the second reason. The Brits.
@AmeenAltajer
@AmeenAltajer 10 ай бұрын
Thanks man, great stuff!
@upseguest
@upseguest Жыл бұрын
Zune theme on your xp laptop? Did you ever own a zune or did you just download it because it looked cool?
@JanusCycle
@JanusCycle Жыл бұрын
It looks very cool. I still need to buy a Zune one day :)
@upseguest
@upseguest Жыл бұрын
@@JanusCycle yeah lol, sadly the zune service doesnt work anymore so a lot of the functionality is lost but you can still store music on it!
@silvian-nicolaeobrete1185
@silvian-nicolaeobrete1185 10 ай бұрын
Amazing channel. So glad I found it!
@JanusCycle
@JanusCycle 10 ай бұрын
cool, thank you :)
@Jbrimbelibap
@Jbrimbelibap Жыл бұрын
So SIM card cloning is dead if I am not a government entity ? Good to know, thank you, I add thought of cloning a sim card to share internet access but looks like it's not possible
@JanusCycle
@JanusCycle Жыл бұрын
Yep, no way to clone a modern SIM
@orange11squares
@orange11squares Жыл бұрын
@@JanusCycle well, telekom companies can replace your sim card in case you lost it, same phone number....
@ItachIBrolly2
@ItachIBrolly2 Жыл бұрын
@@orange11squares Not the same, once the SIM is replaced the number is assigned to the new SIM card and the old one becomes useless, I work in a US telecom company
@HoloScope
@HoloScope Жыл бұрын
@@ItachIBrolly2 yep this
@IvanIvanov-uw4yx
@IvanIvanov-uw4yx Жыл бұрын
@@JanusCycle Isn't it viable to read it directly from the chip with a microscope, destroying the original sim in the process, and later cloning it to another 2 sims?
@sbcinema
@sbcinema Жыл бұрын
here in germany, most of the old networks are still available, i use a NOKIA from 1998 myself (witout gps)
@IvanIvanov-uw4yx
@IvanIvanov-uw4yx Жыл бұрын
2G is still available everywhere across europe. It was something related to contracts mobile operators had with emergency phone numbers iirc, so we will probably have 2G for at least 10 more years!
@CosminSandu2907
@CosminSandu2907 Жыл бұрын
Here from Hugh Jeffreys! 👋🏻
@JanusCycle
@JanusCycle Жыл бұрын
Welcome, I hope you enjoy.
@codebeat4192
@codebeat4192 Жыл бұрын
Nice production and very clear explanation.
@MarkBryant007
@MarkBryant007 Жыл бұрын
I love the use of Depeche Mode.
@mespap273
@mespap273 10 ай бұрын
Great Explaination and Speech, Man!!! :)
@JanusCycle
@JanusCycle 10 ай бұрын
Hey thanks!
@kefler187
@kefler187 10 ай бұрын
Jokes on them, no one can listen in on my phone calls because I don't make any XD Google does have front row seats to my internet browsing habbits though as I subscribe to the whole google ecosystem lol.
@妃廬詩裳乃汰
@妃廬詩裳乃汰 Жыл бұрын
My dad just lost his phone by dropping it into our well. After the incident, he cloned his lost sim card. but some apps interact weirdly with the new sim. It had known the sim has the same number as the old one but some verifications were not sent to the new card but to the old one.
@app0the
@app0the Жыл бұрын
If he went to get a replacement at the carrier, it's likely not a clone but a new card that the carrier bound to his account. I remember when I did that back in Russia all my bank and payment apps stopped working because the login code would come in an sms and they weren't sure it was me who made the replacement sim card (there used to be a lot of incidents where carrier employees would illegally reissue sim cards to get into peoples bank accounts)
@Graeme_Lastname
@Graeme_Lastname Жыл бұрын
Just one more reason to not have a mobile phone. Thanks m8. 🙂
@Graeme_Lastname
@Graeme_Lastname Жыл бұрын
@Liam Peanut 🙂
@rd9831
@rd9831 Жыл бұрын
Ok thats how pegasusus works😄
@iRelevant.47.system.boycott
@iRelevant.47.system.boycott 7 ай бұрын
It's a bitch. Try to mention a certain ideology and you may be unpleasantly surprised.
@everythingbearausphreak7370
@everythingbearausphreak7370 Жыл бұрын
First old school video I've seen in a while, memory lane Janus... Whats your old Handle ?
@JanusCycle
@JanusCycle Жыл бұрын
Thanks! but not something I want to share in a public comment, Telstra never did find me :)
@krzbrew
@krzbrew Жыл бұрын
Ah such nostalgia...
@notjoeshmura_rauly0028
@notjoeshmura_rauly0028 Жыл бұрын
Hmmm. I now saw you on a Janus video
@alaindoblaje
@alaindoblaje Жыл бұрын
i have a clone of my own 4g sim card, text messages only arrive to one and phone calls only arrive to one, wich one is random
@ssenkumbadeogratius6910
@ssenkumbadeogratius6910 9 ай бұрын
u still have xp bro
@k-vn-7
@k-vn-7 Жыл бұрын
Brief but perfect musical interlude!
@MrSmith_
@MrSmith_ Жыл бұрын
Excellent video! Really interesting topic and you explained so well. Hope to see more content from you.
@rexarn781
@rexarn781 Жыл бұрын
I didn't know a simcard was this complicated.
@ZED-PV
@ZED-PV Жыл бұрын
What a great video and great song to end it off with!!
1985 Cellphone In Your Pocket
25:28
Janus Cycle
Рет қаралды 249 М.
SIM Card Emulator Vs Motorola StarTAC
15:47
Janus Cycle
Рет қаралды 210 М.
Человек паук уже не тот
00:32
Miracle
Рет қаралды 2,9 МЛН
How Strong is Tin Foil? 💪
00:25
Brianna
Рет қаралды 46 МЛН
Sigma baby, you've conquered soap! 😲😮‍💨 LeoNata family #shorts
00:37
How do SIM Cards work? - SIMtrace
11:09
LiveOverflow
Рет қаралды 1,8 МЛН
How to avoid the 'SIM swapping' scams that are on the rise
6:38
InvestigateTV
Рет қаралды 1,1 МЛН
Access Location, Camera  & Mic of any Device 🌎🎤📍📷
15:48
zSecurity
Рет қаралды 2,5 МЛН
NEVER install these programs on your PC... EVER!!!
19:26
JayzTwoCents
Рет қаралды 3,8 МЛН
Saving Photos To . . . A Voice Recorder?
22:16
Janus Cycle
Рет қаралды 39 М.
Credit card cloning is too easy!
9:07
David Bombal
Рет қаралды 3,3 МЛН
10 ILLEGAL GADGETS YOU CAN BUY!
9:02
BEST COOL TECH
Рет қаралды 3,7 МЛН
How THIS instagram story kills your phone.
12:46
Mrwhosetheboss
Рет қаралды 15 МЛН