Do any of the #iPhone hackers in my timeline know of a method of exchanging arbitrary APDUs with the eUICC (likely similar/same to the SIM) on hacked/rooted Apple devices? I want to find out some properties of the eUICCs used by Apple. @jiska #followerpower
Conversation
Notices
-
Embed this notice
LaF0rge (laf0rge@chaos.social)'s status on Monday, 25-Nov-2024 20:22:15 JST 
LaF0rge
-
Embed this notice
LaF0rge (laf0rge@chaos.social)'s status on Monday, 25-Nov-2024 20:23:56 JST
LaF0rge
@jiska alternatively, injecting custom certificates into the certificates accepted by the LPA (local profile assistant == eSIM manage) on iOS would also help: Then I could make it connect to osmo-smdpp and could inquire about the eUICC features thatway. #iphone #security #esim
-
Embed this notice
jiska 🦄:fairydust: (jiska@chaos.social)'s status on Tuesday, 26-Nov-2024 02:57:45 JST 
jiska 🦄:fairydust:
@LaF0rge feel free to ping me at CCC, I'll bring some setup. :)
Might be possible via QMI modification/injection.
-
Embed this notice
LaF0rge (laf0rge@chaos.social)'s status on Tuesday, 26-Nov-2024 03:17:19 JST
LaF0rge
@jiska ok, thanks. Note I know nothing about iPhones, iOS or the Apple universum. All I'm basically looking for is the eUICCInfo2 which the eUICC returns when asking for it using a STORE DATA APDU after selecting the ISD-R. QMI can be used on other phones to talk to the eUICC, see https://programm.froscon.org/2024/system/event_attachments/attachments/000/000/857/original/FrOSCon_2024_-_eSIM_management_on_Qualcomm_phones.pdf @z3ntu
-
Embed this notice
jiska 🦄:fairydust: (jiska@chaos.social)'s status on Tuesday, 26-Nov-2024 03:48:58 JST
jiska 🦄:fairydust:
@LaF0rge Apple uses a custom variant of QMI where even 1/3 of their services are proprietary 🥲 but except from that, the working principle is quite similar.
-
Embed this notice
All GNU social JP content and data are available under the