Cellphone Forensic Software Open Sourced

Niek writes "The Netherlands Forensic Institute (part of the Dutch Ministry of Justice) has open sourced one of their high-profile software frameworks, TULP2G. With this BSD licensed framework, one can extract and decode all data from GSM SIM cards, e.g. called phone numbers and received SMS messages. This was previously only possible with commercial software. Dutch press release, Powerpoint presentation. Earlier this year, the Dutch government GPLed their online election software."

HUH ?

[makapuf]

you know, if you really are up to that, you must think of a SIM card as a small (16-64k) filesystem.

Files are organized into a tree structure in directories and protected (read, write..) by PIN codes. Files can be seen as fixed size arrays of fixed siez strings. The GSM standard specification (GSM 11.11) says that, and what information can be found where. (example, on the directory 'GSM' - which is really a filenumber on the sim instead of a filename), you'll have the last number dialled (LDN file).

the procotol used to open/read files is fairly open.

That's it. So what's so special to write such a program ? You need e.g. serial access to the card interface, the SIM specification, and a small script language, then a few hours later, voila.

(or you could put the SIM card in a phone and check the information)

What you don't have is access to the pin protected information, and good luck to attack those since all european telco industry relies on this.