Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




189 posts

Master Geek


Topic # 15217 9-Aug-2007 21:19
Send private message

Hypothetically if someone was to ask Vodafone for the Ki number (authentication key) relating to their mobile account, would they hand it out, given appropriate checks and verifications had taken place?

Do Vodafone support have access to this information? Who would one speak to in getting this information, without spending hours on the phone trying to explain exactly what you're after, to someone who's got no idea what it is?


Create new topic
27274 posts

Uber Geek
+1 received by user: 6706

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 81812 9-Aug-2007 21:23
Send private message

Other than trying to h8x0r a SIM for an iPhone or doing something unlawful what possible use would you want for it?


19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


  Reply # 81813 9-Aug-2007 21:26
Send private message

lduncan: Hypothetically if someone was to ask Vodafone for the Ki number (authentication key) relating to their mobile account, would they hand it out, given appropriate checks and verifications had taken place?

Do Vodafone support have access to this information? Who would one speak to in getting this information, without spending hours on the phone trying to explain exactly what you're after, to someone who's got no idea what it is?



Ki relates to the SIM

And no Vodafone will not give out this info, This would be a major security risk

Don't even try to be honest

 
 
 
 




189 posts

Master Geek


  Reply # 81814 9-Aug-2007 21:29
Send private message

subtle as a brick aye ;)

It's an interesting circumvention of the iPhone baseband though. Seems to be totally transparent to the mobile network (IMEI, IICD, IMSI), while appeasing the baseband checks.



189 posts

Master Geek


  Reply # 81816 9-Aug-2007 21:35
Send private message

johnr:
Ki relates to the SIM

And no Vodafone will not give out this info, This would be a major security risk
It's only a major security risk if one subscribers key is given to another subscriber. So long as it's given to the account holder then there's no 'damage' done, unless they are foolish enough to make it available (accidentally or otherwise) to someone with the knowledge to take advantage of it.

Extracting Ki numbers from early vodafone sim cards is fairly trivial, the recent versions, it's not.

19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


Reply # 81819 9-Aug-2007 21:45
Send private message

lduncan:
johnr:
Ki relates to the SIM

And no Vodafone will not give out this info, This would be a major security risk
It's only a major security risk if one subscribers key is given to another subscriber. So long as it's given to the account holder then there's no 'damage' done, unless they are foolish enough to make it available (accidentally or otherwise) to someone with the knowledge to take advantage of it.

Extracting Ki numbers from early vodafone sim cards is fairly trivial, the recent versions, it's not.


Its a security risk no matter how big or small

Thats is all I have to say on this topic

John



189 posts

Master Geek


Reply # 81821 9-Aug-2007 21:48
Send private message

I suspected as much. But, if you don't ask...

3000 posts

Uber Geek

Trusted

  Reply # 81822 9-Aug-2007 21:51
Send private message

They used to freely give them out mainly as most staff did not even know what they were.

One of the "features" of the new system is to restrict access to "stuff you really shouldn't touch" like KI Strings and old defunct products so short answer... No. too late.

The KI strings were easily extracted from the old simcards (IF only I could find those 70-odd Bellsouth '98 sims I have stashed) but the new (SIM2) cards just fail, I have had no success rates using 4 test sims from recent connections both Prepay and on-account.

I did a bit of interesting stuff to various phones over the years with the Silverwafer and a home made tool called SIMulator but cannot remember much of it now, I kind of lost interest in the low-level stuff when UMTS came along (And i've just chucked out a lot of that old stuff)



189 posts

Master Geek


  Reply # 81825 9-Aug-2007 21:57
Send private message

paradoxsm: They used to freely give them out mainly as most staff did not even know what they were.
Interestingly, there are a few reports of overseas carriers handing them out to people looking to try this iPhone network lock circumvention.

One of the "features" of the new system is to restrict access to "stuff you really shouldn't touch" like KI Strings and old defunct products so short answer... No. too late.

Unfortunate.


21617 posts

Uber Geek
+1 received by user: 4432

Trusted
Subscriber

  Reply # 81831 9-Aug-2007 22:18
Send private message

If they cant be extracted, does that mean that the put several sim cards onto one blank one readers wouldnt work on the vodafone nz sim's?




Richard rich.ms

3000 posts

Uber Geek

Trusted

  Reply # 81832 9-Aug-2007 22:20
Send private message

yes, Neither worked. not Supersim or the standard goldcard (fullsize) worked for me.


I remember supersim did not work on the new vodasims back when I tried it in 1995 either.



189 posts

Master Geek


  Reply # 81833 9-Aug-2007 22:32
Send private message

Yeah, the original SIM card Ki extractor I believe used a collision in the encryption scheme to reduce the number of brute force "tries" to get the key, so that it didn't kill the chip.

However security in later SIM versions means this no longer works... and currently there are no know solutions, brute forcing just kills the SIM after a few 10's of thousands of attempts.

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.