Rooting SIM Cards

SmartAboutThings writes "Smartphones are susceptible to malware and carriers have enabled NSA snooping, but the prevailing wisdom has it there's still one part of your mobile phone that remains safe and un-hackable: your SIM card. Yet after three years of research, German cryptographer Karsten Nohl claims to have finally found encryption and software flaws that could affect millions of SIM cards, and open up another route on mobile phones for surveillance and fraud."

Re:Update a SIM?

There is a good and sound reason for writing the action instead of GUID on the tag: compatibility. When the NFC spec was being designed, operators were heavily lobbying towards a system you suggested where a GUID would cause a lookup. Unfortunately, the way they wanted to do was that *they* design what happens for the lookup, which would've resulted in a system that every NFC tag action would have been dependent on the operator that issued the tag and the phone. For example, going to an URL could force you go through an operator pay portal first. (A lookup table on the phone would be mighty complicated too; imagine "open this URL" action and how you would implement that with nothing but GUIDs.)

However, a system was devised where the action is in plain text (figuratively speaking, the spec is binary but open) on the tag, so the phone does not need to consult anything and anyone to work.