Hacker Newsnew | comments | show | ask | jobs | submit | francuzz's comments login

Yes, but this problem was created mainly by Apple itself when they "standardised" nano-SIM


This is true. The standard sim, when clipped, works in two of my smartphones....


MSISDN file on the SIM card (EFmsisdn) is optional and has default access rights allowing you to modify it with just a PIN(CHV1) code (see 3GPP TS 51.011). Therefore, information stored in this file is not very reliable, since everyone knowing the PIN code of the card can change it's content. I do not think it has anything to do with the security reasons...

I do not see anything wrong with using IMEI as a seed for a password generation, the problem is that this number should be encrypted using proper encryption method and not just transformed using MD5 hash function.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact