I have a query,,, is there a way to use a sim cards functionality such as of internet, phone calsl and sms on a PC? with some kind of adapter, I have looked far and wide but can't find any sim-card adapter and software combo which can do this do you have any idea?

I'm ancient building tube-amps and first pre-windows interface time when so called younger-wonder age 10-16😊 (" it's so simple , but the manufacturer trends to over button/Dail was funny. Still most don't know why things work. I 'm now entering that old styled thinking patterns group of people. But A.I. winning on board games GO is just unfairness towards human workings-processor trying to navigate in a bowl of pea soup.....intuitive non-selfishness works better. Can that be progressing in self-education AI situation near future?🤔 sparks Mr youngster thinking again. Thanx for upload this!

@@Redditard there used to be some netbooks some time ago with built-in 3G modems and SIM card slots, so you could browse the internet or send SMS via mobile network (not sure about voice calls). Some USB 3G dongles from Huawei also allowed enabling voice features, but that was like 10 years ago.

@@KPbICMAH yeah, but they aren't sold anymore I did check it

​@@Redditard yes but your pc would need an antenna or other hardware capable of talking with mobile networks

I still don't get it. So I have this sim card. It's made of metal and plastic. How can I not plug it in, copy the data to another? It makes zero sense. Explain it to me

@@slyceth Sure thing, SIM cards have a little processor inside that does secret key authentication calculations. The software running on this processor also decides how to respond to requests to read the memory. It will never allow the secret key to be read out. The only way in theory to read the entire memory would be to bypass the processor. By directly extracting the internal silicon and reading the memory contents directly with an electron microscope or similar specialised equipment. This also destroys the original SIM card in the process.

Dude thank you for doing this video, although I would worry about the type of enemies you will make for posting it.. There was an Aussie politician who claimed his sim was cloned about 5 years ago. I saw a radio show in Sydney then got US private investigator Ed Oppernan on their show to debunk the politician's claims in a phone interview. I was very vocal at the time, because I knew for a FACT they were lying to protect this flaw from being fixed and essentially throw this politician under the buss. What people need to realise, especially those who think that law enforcement should be allowed to do this because "nothing to hide, nothing to fear", is that anything the good guys have access to, the bad guys do too. How do I know? The son of a guy who was high up in the mafia, had the hots for my girlfriend at the time. He was sending messed up messages to her pretending to be me. He was not spoofing my number because he could read her replies, and I changed my phone to make sure it wasn't my phone having remote access software running on it. We only realised why we were fighting, and she was sending me messages that made no sense, because we managed to catch him doing it when I had the day off work and were together while he tried to send more abusive messages as me. As a side note - encryption matters. A government back door is a a mafia back door. Imagine you were in the witness protection scheme and your private communication was being read by the wrong people. Or police records. Or private photos which can compromise people in positions of authority. Does Dan Andrews and other politicians frothing at the mouth about getting everyone jabbed make sense now? Encryption protects everyone, bad and good. The old trope of needing to catch pedophiles is BS, and they have many other means of doing that job that they should be adequately funding. Rant over, excellent video

@@slyceth It's actually pretty simple Computer to SIM card: "Gimme key" SIM card to Computer: "No"

Why didn't you do it yourself? That's what I do when I see something that's wrong on Wikipedia.

Everything everyone says is correct apparently. Christian channel commenter's say that. Satanist channels commenter's say that. Atheist cult channels commenter's say that. Republicans channels all say that. Democrat channels, libertarian channels, bigfoot sighting channels.... Channels that say: see where I'm getting with this, probably say that

Thank you, music is really important in life, and my videos :)

i was waiting for the moment u discribed... I WAS DELIGHTED and slightyly impressed as wel.

though... the volume in the end track is kind a louder the the rest...

@@JanusCycle what remix is that?

@@JKC40 The Eric Lymon remix

Точно, такое было.

A high tech version of what occasionally happens today, where a stranger who looks like a drug dealer will ask to use your phone, because he "lost" his, and then use it to make a deal. A kind of a 'burner phone' technique.

@@raylopez99 Not the same

Your part about the backdoored version of Woron scan will serve as my daily reminder to only use this sort of software in a virtual machine isolated from the Internet :)

There is a lesson about the russians in this. Learn it

I remember those cards, but I didn't have a use for one so I have never tried them out. That payphone trick is quite sneaky.

@@JanusCycle I've still got all the details and source code (as an historical artifact), but fully expect the vulnerable systems to have been hardened by now.

@@threeMetreJim can you share your source code maybe?

I still have one of those. it let enter imsi and ki directly from phone "sim menu" but on new phones that menu half broken so it only work properly on old phone. It let create multiple "profiles" with pairs of imsi and ki and switch between them. On old phone switching worked even without need to reboot phone to reconnect to new network. It worked for 2g and 3g without any issues but for 4g couldnt work because for 4g algorithm was changed again and 3rd code called "opc" was added to make more "security trough obscurity".

FBI we got a suspect here... 🤣🤣🤣😅

Glad you enjoyed :)

So that's how they did it! Those clever pirates, selling those cards which would last a few months before having to be replaced...or so I'm told.

@@raylopez99 Once in a while, closer to a year. But sometimes the signal provider would issue a series of changes all in a row, and the hacked cards would be mailed back and forth more than being used. Later, one could buy a glitcher (serial or parallel port, long before USB) and subscribe to the new software from the pirate. I stopped before it became illegal in my jurisdiction. And I always maintained a local subscription to the local provider, in case that might mitigate things. House had up to four small dishes at one point.

@@JxH i remember my mom and dad buying those cards until they gave up because of them having to change it every year or 6 months

Dejan Kaljevic was the pioneer of phone hacking, and sad that he has passed. It's good to see him being mentioned.

I was privileged to know him quite well. Godspeed, Den's hacking den...

@Liam Peanut your spammer is running and old script xD

That is exactly what I'm typing this on. Dual SIM phones are quite common if you search for them.

Thank you Allen. I really enjoy making videos and I'm glad you enjoyed this one.

It's a great song!

Sometimes just seeing technology and hearing the descriptions, even when you don't understand it all can help you learn. When learning more things in the future you will remember bits and it will become easier. I'm really glad you enjoyed this. Thank you for watching.

The whole DirecTV smart card story was fun to read. The gist of it was them and hackers going back and forth for years until DTV started sending required card updates that appeared to have useless data, but once the last bytes were received, it turned into a program running on the card itself. Then a week before a Super Bowl (I think it was 2000 or 2001), they sent a command that bricked all hacked smart cards and set the first 8 bytes of the card to GAMEOVER.

what was the correlation?

@@manp1039 differences between two phone numbers and their IMSI keys were the same :) so, if i wanted to "hijack" phone number 12345 and mine phone number was 12300 i would just add 45 to my IMSI number

Wait... Are you THIS DEJAN?!

@@rodak_ You mean the guy who hacked this algo, Kaljević? No, but I knew him. He's no longer alive.

@@grajzer I was referring to the guy who made the "Dejan flasher" for Nokia phones. Was he the same guy?

Interesting, thank you. Have you (op-side) had the transport keys in plain? Could you decrypt Ki outside AUC using the transport key?

@@mustfit no, the switch people received the transport keys and input them into the system. So in theory we could have cooperated with them on this.

Interesting, thank you again

Back in my day we had tons of tricks like kicking people off the internet. seriously. That sounds so far off like something a bigfoot or religious follower would say that no one today would even believe that was possible I bet. I bet I could make a video about it claiming it still exists an the big feet/ape evolution people would spread it like it's gospel

I really surprised its not mobile operator who writes those keys in blank cards from manufacturer. It is even possible to order those blank cards from sellers online for cheap. And process of writing keys is so simple and only require basic usb card reader hardware it could be even done at operator sim card sale office.

You'd be surprised how expensive low-power GSM base stations are to buy/run. It isn't simply a matter of software, to handle 100s of simultaneous links they have to have extremely expensive clocks, and this is true even if there is only 1 subscriber, the base station basically keeps time. Now i'm sure it's possible with a HackRF and a TCXO solder into something somewhere, but it's not as easy as reading a card with a card reader unfortunately, unless you spend above $3000

Sure, but OpenBTS with a cheap SDR would probably be enough for a local system to be setup. Main issue I see is managing the RF situation, can it be run low power legally, or would the room have to be turned into a faraday cage first?

Some places keep Gen2 GSM running as the common fallback for later phones after their preferred protocol is shutdown . So when 3G shuts down, the old 3G phones "roam" to the backup 2G net. Same for 4G.

It must be nice to have the convenience of cloned SIMs. And the last-one-online incoming calls is correct. Best to keep only one phone switched on :)

The "what happens with two identical SIMs simultaneously on the network" question is a plot point in _Primer_ (2004), arguably the most convoluted time-travel movie ever. Now I know the answer to that, thanks. But I wonder, does the last-one-online rule still apply in the new SIM paradigm? For a network to assume there are no simultaneous duplicate subscribers seems... sloppy.

I am guessing that your calls and numbers you call are being monitored? and you may not be the only one with clones of your original sim that you bought in 2003?

Same here. Only issue is 4G not available.

You may be referring to the AMPS/TDMA variants of the 5110. AMPS is notorious for being insecure, and that may have been the network standard used on the cellphone provider my dad complained about a few decades ago.

I remember having a TDMA/AMPS Ericsson phone and with some service codes you could even listen to calls from other people.

​@@blakegriplingph is your dad a revisionist or hackitivist

That's hilarious, must have seen a lot of sexting from the cheerleader team

Whoa. That's hard to imagine having lived in Australia. Getting a new SIM has always been such a barrier, that people were far less likely to swap prepaid carriers because of it.

@@HonestAuntyElle I'm in Croatia, you can still buy prepaid sim cards without any kind of identification or registration, they're $3 or so. You can optionally register it with info that is not checked in any way and in that case they send you those $3 you paid for card back to your prepaid account to use for calls.

@@kerozin520 in Hungary you have to register it and they call it EU law

Philippine law is shit. They make that law to lessen sms scam but still there is sms scams and now it even become more convincing.

so even with registration, it is still possible to extract an e sim profile and edit the info in a such way that you will get a new identity and if that identity exists on the career server than easy as cake

Making subtitles is hard work. I'm glad you appreciate them. Thank you for letting me know.

What motivation do people have to do it? That seems like a lot of effort to just... have a spare SIM? So there must be some other reason

There are a number of reasons (surveillance is mentioned in the video), but a huge, more nefarious motivator is getting access to MFA security. Assuming you can get a user's account credentials through social engineering or other means, having access to their phone number to receive MFA verification codes can give you access to tons of sensitive information. Government sites, bank accounts, web accounts, corporate resources, etc. Cellphones and their numbers are generally fairly secure; they are a separate, independently secured (sometimes through their own MFA security), physical object that also tends to be very important to the user, so people tend to keep them on hand, and they will be replaced quickly if lost. The best way to get around that security is to either get the sim out of the phone, or use social engineering/bribing (made easier because of the information the criminal has already gathered about the victim) to manipulate an underpaid customer service worker to replace the sim.

​@@circuit10 The SIM "cloning" you may see on the news is just someone transferring a cell number to new SIM, it may be a new SIM or cell company. This is so that someone is able to get a MFA code to allow them to your bank account.

@@liampeanut1269 Scam

The phone number is not stored in the SIM. The phone number is held in the HLR/HSS of the mobile network. And it is associated with the IMSI number of SIM card. And the IMSI numbers are allocated in batches to each mobile network operator. So if you are trying to clone a SIM and use the SIM to get free phone calls, then you don't need to port a number from another SIM to the cloned SIM. Access to the mobile network is not granted to the mobile phone based on the mobile number, it's based on the IMSI number which is held in the SIM card and in the HLR/HSS.

Is the frequency for 2G unused by any other networks? I would have guess that if the phone company had no use for it the government would take back that frequency and offer it to other service providers? And if they did and thes rogue 2g towers were broadcasting on the airwaves.. they would eventually get identified, there broadcasts would potentially either be jamming the new legit devices using those frequencies and/or those new devices would jam the rogue 2g stations broadcasts??

@@manp1039 I'm hoping frequency reassignment is a SLOW process. And as long as noone complains, nobody investigates. Hush hush sort of business though, you don't show every stranger your bathroom if you have one of those.

Naa I live in the 13th largest city in usa. They don't even know how to milk the cows on their farms in usa. Back in the day I was like a space alien using computers. Today they still think only phones exist

LOL

Thank you

Thanks for watching!

please my sim is still cloned, what do i do? my ex listens to my calls

@@temitopeadeleye9394- Most likely it's not your sim cloned, but there's a spy app on your phone grabbing everything. Big difference.

Thank you

Hello to an experienced SIM cloner! I'm glad you enjoyed the video :)

Most probably those are not clones - just regular SIMs pinned to same number.

What service provider and how would this work? Would all of the phones ring when that number was being called?

@@ANWA143 service provider is STC in Saudi Arabia. You can send calls and messages from all sims but set one sim for recieving calls and you can switch the recieving to one sim at a time if you liked. Worked like a charm.

​@@PHANTOmIND8 thats incredibly unsafe if someone gets your phone number you wouldnt even notice, as if someone sim swaps a normal phone number the real user would lose signal

Even with the new stronger algorithms, including some sort of rate limiting should be easy to include and greatly add to the security. I don't know if they have done this, but your analysis is spot on.

SIM cards don't have real-time clocks so it would be hard to implement rate limiting.

No, but one would have to power off the SIM and then back on, waiting for it to initialize again first. That is much slower than just hammering it constantly. Plus, it might be able to write a counter to persistent storage each time it fails, and then on power-up, it will have to wait a given amount before it will accept another attempt or clear the counter. It only needs to track accumulated run-time to delay.

​@@JanusCycle- My assumption for not rate/time limiting is, if there's an unreliable network connection due to weak signal or interference, the requests/responses would need to be resent several times in order to connect. They could have imposed something like 10 non-limited requests per second then a 1 second pause which would slow down hacking attempts significantly. But the best protection is a longer key.

@@ignorance72 Couldn't it be done algorithmic ? With an exponentially increasing number of empty loops between each failed attempt ?

Goverments dont work that way usually mate, Years ago they just mandated that Providers ie telstra etc provide unfettered access to agencies on request. Meaning at least 15 years ago when i worked for telstra, they could see everything you did, imagine their capabilities now.

@@Steve211Ucdhihifvshi I think you've misunderstood what I was saying, It wasn't that state level actors do it, only that it is the sort of budget you need. Of course multinationals have more loose change than a lot of governments so clearly they can do it.

So by literally viewing the hexdump of the flash memory? Wouldn't that contain the code that runs on the SIM processor as well that you'd have to disassemble to sort them out from the key and understand how the code retrieves the key? Are the processors used by SIM card documented?

@@EvilSapphireR I would suggest to you that it is all relatively easily achieved by a skilled operator. I once did a hex dump of a microcontroller's Flash and hand disassembled the whole thing (didn't have the disassembler, just the data book), created a flow chart of what it was doing corrected a bug and then reassembled it all and programmed the device in 2 weeks. With the proper SW tools it would have been much easier. As to the documentation of the CPU they all use off the shelf cores. Some companies do soft cores in an FPGA but that's not going to happen for a simm card reader

You make a good point, there is a dark web out there.

They are microcontrollers, yes, but they do have memory containing the required executable code and keys, so it's absolutely not impossible to read them out.

If they worked, they would be illegal.

cool, thank you :)

My guess is that an encrypted packet is sent to the eSIM chip, which decrypts it to get the Ki. The specifications exist, but I have't looked into eSIMs yet.

@@JanusCycle Thank you for the response. But that means, that either all eSIM must have another key that is known to the carrier (chicken and egg problem), or some PKI must be involved that requires someone to sign the keys used as they would otherwise be prone to Man in the middle attacks (introducing a new point of failure)

Thank you, very good points. I have also wondered about eSIM security. Just not had the time to look that deeply yet.

@@mihiguy diffie helman

@@mkontent Without some kind of authentication scheme, Diffie-Hellman only helps agains passive listeners, not against active men in the middle.

the time to crack WPA2 is extremely variable depending on hardware and complexity of the password assuming brute force(or how big the password list is, assuming it even has it). there was a manufacturer of mobile data wifi pucks who used a default password of 8 random numbers. a laptop with a 1070 GPU could brute force that keyspace in about 4 mins with hashcat.

Interesting, thank you. I wonder if the vulnerability he found was inside the SIM or in the network.

True, I've worked on big, secret M&As (Mergers & Acquisitions) where the utmost care was taken to ensure privacy, since it would affect the price of the companies if word got out, and yet details of the deal were sent in plaintext over email.

@@raylopez99 ב''ה, all securely stored at RIM's data center, right?

@@josephkanowitz6875 Iron Mountain...I do remember that logo a lot. Back in the the day before I think Google even did https on all its transmissions.

My sims locked every time I turn it off,I know a little bu about to Learn more

The ability to harvest a data stream is considered a digital goldmine these days.

Those chips are also much more secure.

Spy agencies intercepted Ki numbers in emails from card manufactures sent to networks. Not over the air. Hopefully I made that clear enough in the video.

One of the benefits they describe is 'Change mobile phone number without turning off mobile phone'. I'm not sure how it was done, yet.

If I remember correctly there were sim cards which could store multiple sim card profiles/numbers you would read cards you have and then store those into that single "super sim" and on some phones you could cycle through those stored profiles even through menu on phone itself.

@@kerozin520 This could be using SIM Application Toolkit to add menu options to the phone. Another aspect of SIM cards that doesn't seem well known about.

You actually have "SIM menu" on your phone and there's an item called "change number" provided you have this all-in-one SIMcard inserted, so you can select there any of slots of your 12-in-one SIM. But not all phones do support simcard hotswap, so most old phones still needed reboot (power cycle) in order to change simcard.

​@@JanusCycle Yup, that's actually what the "STK" on the card refers to - SIM ToolKit. On phones that supported STK, an extra menu would appear on the phone allowing you to pick a SIM. You could also use a PIC programmer like the Infinity USB to write SIM-EMU software onto a blank Greencard to create your own SIMMAX-style multisim-in-one card. From memory SIM-EMU worked more reliably than SIMMAX.

I'm glad we are getting smarter at having good security. Great info, thanks.

​@@JanusCycle The 3 part way is not default for any manufacturer afaik. Where I worked we started forcing encrypted orders in 2019 or so, after which I ordered new cards and destroyed my old ones. But even that handling did not seem to be the default way for the big manufacturers =/

It is know that it was the second reason. The Brits.

you said "convert".. did you mean transfer the esim to a new device? if you did mean "convert" convert to what?

The GSM net was intentionally built with sub par security.

that is exactly what i was thinking. It is not just a sim that the network has for any device that connect to it. Those people would have had to clone everything on the phone.. and there may even be one or more unique chips on each of the phones that the NP can collect data from.. in addition to which tower and date and time it connects (presuming this father and son were using prepaid sim cards where the location they lived and their legal names etc were not already known by the NP and connected with the sim acct?

Are they got lifetime sentence for such horrible crime against humanity ?

If you still want to know one of those cloned cards still work well in russia because original card was lost and that number only used in old phone without 4g so no one bothered to do anything and just used cloned card. No issues or oddities was noticed for years.

I have accidentally turned on two modems using the same physical SIM on 4G (the sim slots are connected to the system CPU and then proxied to the modems, it happened due to a software bug). It didn't cause problems but only one of the modems was working, although both claimed to be registered. Probably depends on the network.

BTW: Since both modems were on the same board, they both joined the same cell.

The network operates separately to the billing system When you make a call, the records that make up your call (CLR's, Call Link Records (Think of your mobile call going from cell tower to cell tower, onto say a landline network to eventually end up at someone's home, all of those hops are CLR's)) are aggregated into a CDR, Call Detail Record) that is used for Rating (assigning distance and charging / service components to), that is then fed into the Billing engine (for assigning a cost value to) i.e. [CLR + CLR + CLR+ ...] -> CDR -> Rated -> Billed Back in the 3G and 4G days, it didn't matter how many dual sims were on the network, the system doesn't cross check (how could it, with literally millions of phones on the network, it would be extremely compute intensive. Even 10,000 phones active at once would take 10,000 x 10,000 cross checks) It was the last sim activated that got the incoming calls, so even though you had multiple sims the last active used to get the incoming traffic Making calls was different, any copied sim on the network could make calls at any time Things have most certainly changed since I was involved in the telco space though

@@stultuses Thank you for the inside info. It was 15, maybe 20 years ago, I wrote microcontroller code into a Microchip PIC in our remote control device monitoring pump stations. The uC was interfaced to a GSM modem, that we had to buy and maintain subscriptions for about 150 pcs SIM cards. It was expensive, although we used very little data, just a couple of bytes per message, and almost nothing if no errors, so it really felt an overkill having so many full phone subscriptions (the operator had no plan for M2M communication back then). I was then thinking about how we could trick the system with cloned SIMs but lacked both the courage and knowledge for it.

​@@stultuses I could imagine if they wanted to that they could implement some kind of optimized cross-check algorithm to catch duplicate sims, but I can see where it would be mostly a non-issue to correct. The number of people who can clone a sim is relatively small and mostly limited to people who tend to confound your efforts, anyway - and by virtue of how the network functions, it wouldn't really be a valid way of gaming the system to the user's favor ... again, outside of niche uses. It's not just cross-checks for activating phones, it's cross-checks for changing towers or some means of rationally managing a phone between nearby towers. In principle, it could be done - but I don't really see it as being a priority investment as it addresses a very niche problem that is only a problem when governments aren't doing it (at least from the network operator's perspective). Further, here in the States, most cell infrastructure is locally or regionally owned/maintained and the network operator leases access to the tower, as I understand it. That adds a whole different layer into authentication strategies. The authentication would have to be baked into the communication standard used by the tower so that any carrier could function. The only thing I could see being different with 5g is some manner of sub-identifier which would basically turn a sim card into a network gateway and multiple devices could send/receive on the network at the same time. My phone would just ignore the data packets for a different phone. I could see support for this being put in.... but don't really see the use/advantage as you'd have to effectively route data to two different towers for broadcast... or more. And whatever plan that is would probably be absurdly expensive while having no particular benefit other than potentially reducing the number of authenticated devices on a tower (as the sim allocates and band and packet address the device) .... but you could implement something similar to this without doing cloned sims in congested areas, overlapping devices into a single band and using the band as an old fashioned network bus.

Hey thanks!

There is a scene just like your description in the The Bourne Supremacy. Since it's a movie we can assume Bourne had a backdoor SIM exploit, or some other secret intel we don't know to keep it fun :)

It looks very cool. I still need to buy a Zune one day :)

@@JanusCycle yeah lol, sadly the zune service doesnt work anymore so a lot of the functionality is lost but you can still store music on it!