Slashdot Mirror

← Back to Stories (view on slashdot.org)

Embedded SIM Design Means No More Swapping Cards

Posted by timothy on from the but-watch-for-the-new-skimmers dept.

judgecorp writes "A new remotely-programmable embedded SIM design from the GSMA operators' group means that devices can be operated on the Internet of things and won't have to be opened up to have their SIM card changed if they move to a different operator. The design could speed up embedded applications."

34 of 192 comments (clear)

  1. why? by Anonymous Coward · · Score: 5, Insightful

    why is this needed?

    1. Re:why? by Anonymous Coward · · Score: 5, Funny

      Because nano-sim is too big for Apple users because it's still bigger than their penises.

    2. Re:why? by viperidaenz · · Score: 4, Interesting

      waterproof phones? My Motorola Defy is good and all, but those rubber plugs and the seal around the battery cover can only take 1M of water pressure.

    3. Re:why? by maliqua · · Score: 5, Insightful

      so you think it will be easier and more painless to have to call your provider each time you want to switch to activate it?

      i'll take fidgeting with a small sim card over dealing with a call center

    4. Re:why? by inasity_rules · · Score: 2

      I think the issue occurs when one is out of the boat here.. In the boat is fine.

      --
      I have determined that my sig is indeterminate.
    5. Re:why? by Wycliffe · · Score: 4, Insightful

      Not only why? But I don't want it. This seems like a huge step backwards for consumers. One of the great things
      about GSM vs CDMA is the ability to move a phone from carrier to carrier or a number from phone to phone. I don't
      want an embedded sim that only the carrier can change and I can't swap to a different handset or carrier. Some
      things I routinely do are swap a sim when in a foreign country or put my sim into an old cheap phone when I take
      it to the beach or if my phone is acting up, dies, or needs to be charged.

    6. Re:why? by poetmatt · · Score: 4, Insightful

      Not only that, but imagine what happens when they refuse to assist you in switching?

      When you have a physical sim you can swap it yourself. You have no such choice if you don't have control over the sim.

      This is actually a very large loss to phone users unless you can reprogram it yourself.

    7. Re:why? by poetmatt · · Score: 3, Insightful

      So that you have to replace your entire phone if you have a bad sim.

      I'm not sure how that's a good thing, but I'm guessing the carriers didn't think about that.

    8. Re:why? by R.Mo_Robert · · Score: 2

      Not only why? But I don't want it. This seems like a huge step backwards for consumers. One of the great things
      about GSM vs CDMA is the ability to move a phone from carrier to carrier or a number from phone to phone. I don't
      want an embedded sim that only the carrier can change and I can't swap to a different handset or carrier. Some
      things I routinely do are swap a sim when in a foreign country or put my sim into an old cheap phone when I take
      it to the beach or if my phone is acting up, dies, or needs to be charged.

      Good thing it isn't intended for consumers, then. Look, I know this is Slashdot and it isn't cool to RTFA, but, really, from TFA:

      Despite the convenience of over-the-air management, the GSMA says the embedded design is not meant to replace conventional SIM cards, even though this exact idea was floated when ETSI was deciding on the future of the nano-SIM in 2012.

      --
      R.Mo
    9. Re:why? by Anonymous Coward · · Score: 2, Informative

      RTFA. They're not talking about phones; they're talking about assorted Internet-of-Things devices--how your toaster and your microwave talk to your Roomba.

      Do you want your smart electric meter to stop talking to your electric company because they're switching network standards and don't have time to send a technician to change SIM chips in every meter in the city? With this, your meter can be reprogrammed to connect to an updated network without a service call to your house.

      Of course, if someone hacks the network and reprograms your meter, that's bad. But don't we have the same risk now? And if this allows your electric company to update your meter to a more secure protocol on the fly, that's a good thing, isn't it?

    10. Re:why? by mrchaotica · · Score: 3, Insightful

      And FISA wasn't "intended" to allow the NSA to spy on Americans. But you can see how that worked out!

      --

      "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

    11. Re:why? by VernonNemitz · · Score: 4, Interesting

      I'd say it is not needed. Because anything described as "remotely programmable" means "remotely abuse-able". Botnet operators will love it.

    12. Re:why? by CreatureComfort · · Score: 4, Funny

      I use Windows Phone, it crashes anywhere *you insensitive clod*.

      --
      "Unheard of means only it's undreamed of yet,
      Impossible means not yet done." ~~ Julia Ecklar
    13. Re:why? by Jane+Q.+Public · · Score: 4, Insightful

      "I'd say it is not needed. Because anything described as "remotely programmable" means "remotely abuse-able". Botnet operators will love it."

      My thoughts exactly.

      If I buy a phone, I want it to be MY phone. I don't want or need "remotely programmable" bullshit. I am so tired of this kind of garbage I can hardly put it into words.

    14. Re:why? by CohibaVancouver · · Score: 2

      Did you even RTFA? This is for the 'internet of things' - Imagine you want to move the anti-theft system in your motorcycle from carrier A to B. Or a city wants to move their digital parking meters to a cheaper carrier. Instead of needing to move a physical SIM you could do is online.

      Or an online watch, where there are advantages to having it sealed up, with no SIM slot. Heck even with a 'phone' it's useful. Imagine you arrive in Hong Kong at midnight and you want to move your phone to Vodaphone. You don't have to seek out some store and buy a SIM - Just happens presto.

    15. Re:why? by ArhcAngel · · Score: 3, Insightful

      Did you even RTFA? This is for the 'internet of things' - Imagine you want to move the anti-theft system in your motorcycle from carrier A to B. Or a city wants to move their digital parking meters to a cheaper carrier. Instead of needing to move a physical SIM you could do is online. Or an online watch, where there are advantages to having it sealed up, with no SIM slot. Heck even with a 'phone' it's useful. Imagine you arrive in Hong Kong at midnight and you want to move your phone to Vodaphone. You don't have to seek out some store and buy a SIM - Just happens presto.

      Imagine all of those scenarios except the person/entity making the changes isn't the owner.

      --
      "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    16. Re:why? by ScooterComputer · · Score: 2

      Carriers will love it too, since they'll once again make the device owner beholden to them for the "magic keys".

      --
      Scott
      "Hokey religions and ancient weapons are no match for a good blaster at your side, kid."
    17. Re:why? by Obfuscant · · Score: 5, Insightful

      Heck even with a 'phone' it's useful. Imagine you arrive in Hong Kong at midnight and you want to move your phone to Vodaphone. You don't have to seek out some store and buy a SIM - Just happens presto.

      When I travel with my phone, I don't even want to turn it on before I put in a new SIM for the local system. Turn it on, it registers with the local carrier and your home carrier starts forwarding calls to it -- at international rates.

      I certainly don't want "presto" reprogramming my SIM. I don't want to have to call my home carrier to tell them to move it to X, and then X to have them move it back, and have one or both of them charge me for the privilege of screwing it up so I have no working phone at all. No thanks. That's one of the benefits of having GSM versus whatever. The phone is the SIM, and I can carry more than one to be more than one thing. And I can use the second SIM in my backup phone without it costing me a second plan on both carriers.

    18. Re:why? by Jane+Q.+Public · · Score: 3, Insightful

      This.

      It's YOUR phone. You should be able to do anything you want with it, and use it with any carrier of your choice. I see no justifiable reason why "someone else" should have control over ANY kind of "remote" control over it.

      As I wrote to someone else: that's trading freedom for a little bit of convenience. In the long run, that will turn out to be a bad trade almost every time.

    19. Re:why? by aaronb1138 · · Score: 4, Insightful

      This is stupid. Moving a physical token is easier, faster, and more intuitive than digging around for credentials to some website or worse yet, dealing with your mobile provider to transfer an account. It's nice to know if my phone breaks, I can grab my previous model on the spot and shove the sim in and have a working phone without trying to deal with the provider. Even more so if I am playing with ROMs and hacking away at a couple pieces of hardware.

      Doing things online to physical devices is usually slower, less efficient, and less intuitive.

  2. What could possibly go wrong. by jellomizer · · Score: 3, Interesting

    Compared to a hard wired chip, we got something controlled by software. And a lot of Devices that likes to be jail braked.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  3. Sounds good in theory... by langelgjm · · Score: 5, Insightful

    Sounds good in theory, just so long as the "remote provisioning" can be handled by the user of the device, and the user doesn't have to ask permission from anyone.

    --
    "Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
  4. Internet of Things by rogueippacket · · Score: 4, Insightful

    This buzzword annoys me even more than Cloud. Cloud has more or less become common vernacular for describing Internet-connected servers which you may or may not own, but the term Internet of Things seems to imply that a) there were no "things" on the Internet before now and b) the "old Internet" simply isn't hip enough to run more devices, and you should be clambering all over a vendor to be a part of it. Ugh.

    1. Re:Internet of Things by vux984 · · Score: 2

      cloud was inevitable; every network diagram I've ever seen always represented the internet as a "cloud".

      I've always thought it was perfectly approrpriate too. Its a relatively opaque morphous network outside of your direct control, there's "stuff" in it, you can connect to but you don't really know what or where it is.

      And cloud storage and cloud compute etc is literally moving those servers on those diagrams INTO the cloud. :)

      So cloud doesn't bug me as a term at all. As a trend it offends me greatly, since in many cases it is STUPID to move your stuff into the cloud, and companies are doing it because its trendy and hip and has a low upfront cost. But that's a separate issue.

      Internet of Things? Meh... I think you are reading too much into it. The internet is traditionally clients and servers that were recognizable as computers. The internet of things is just referencing the recent mass push to put a lot of things on the internet that aren't really recognizable as computers... from your cofeemaker to your thermostat.

      I've never really gotten a sense that it was "new" or "hip" or that it even required a "vendor".

  5. Cloning a phone just got easier... by neorush · · Score: 2

    How long before the market for phone serials are is just as big as credit card data. I would imagine this technology be jail broken in hours and then the bad guys can easily change phone numbers. Imagining being able to change phones in-between calls, or how about randomly using a stolen one...that said, I do feel moving this to software is a good idea. As long as I can switch carriers as easy as the carriers can switch it.

    --
    neorush
  6. Re:Would not be a problem at all by Anonymous Coward · · Score: 5, Interesting

    a SIM contains a cryptographic signature and some other things.

    It's basically a watered down TPM that has a unique ID, a few kilobytes of storage, and a cryptographic key set.
    A physical device like that makes it difficult to replicate the functionality of the SIM card, making it harder to make one device use the credentials and system identity of another device. (EG, it makes it harder for an attacker to steal your network identity and make lots of 1-900 number calls, which will then show up on YOUR bill, amongst other things-- like framing you in a murder by making all his calls with your number, etc.)

    Making this an easily reprogrammed internal chip makes that physical level of security go away.

    That's a bad thing.

    Sometimes being inconvenienced is really in your best interest.

  7. What could possibly go wrong? by CokoBWare · · Score: 5, Insightful

    I view this as bad for a number of reasons:

    1. Normally, when you have service, it's attached to the SIM, not the phone. With this new embedded SIM model, this goes away. Your service is attached to the phone. Bad.
    2. Remotely programmable means that it will be even easier for hackers to fuck with your phone. Bad.
    3. Your phone is really no longer your phone. The carrier will have ultimate jurisdiction over the phone, unless you pull the battery. Bad.
    4. If I lose or seriously damage my phone, my SIM is gone, and I HAVE to buy a new phone and activate it again. Bad.

    I won't want a phone like this if this is how the carriers want to do business. I'll keep my removable SIM card thank you very much.

    1. Re:What could possibly go wrong? by mlts · · Score: 2

      You hit the nail on the head. With CDMA providers, unless you buy the device from them, AFAIK, they won't allow it on the network. With GSM providers, if you had an unlocked device with the proper antenna bands, it would work without issue, and just swapping the SIM did the job. No calling up and pleading for permission to use the device, just a card swap and perhaps a power cycle.

      A simless device gets us back to the bad old days. With those, I have to beg/plead with the telco in order to have a device allowed on their network, and they can easily just give me the middle finger.

      Thumbs down on simless devices.

  8. Who, exactly, gets to send over the air updates? by Animats · · Score: 5, Informative

    To fix this issue, the GSMA has developed a non-removable SIM that can be embedded in a device for the duration of its life, and remotely assigned to a network. This information can be subsequently modified over-the-air, as many times as necessary.

    What this seems to do is take control away from the user, who could swap SIM cards, and give it to some carrier. This looks like something where you beg and plead with your old carrier to let you switch your device to a new carrier. There's a lot of elaborate key management in this system, and compromise of certain keys could break the whole system.

    Spec for the system architecture.

  9. Hardware write locks? by mrex · · Score: 2

    I'd be OK with this, under one condition - a hardware-based write protection lock that is absolutely 100% not able to be bypassed or circumvented in software.

    I'll never understand why this incredibly basic feature that is so easy to design, cheap to implement, and valuable to device security went the way of floppy disks. How awesome would a thumb drive with a hardware write lock be?

  10. Flimsy cover story by FuzzNugget · · Score: 2

    Preventing the need to open up devices to swap a SIM could be easily resolved by using a simple spring-loaded insert/eject slot for SIM cards (the same way most SD card slots work). That this is because of the "Internet of Things" is a cover story, and a weak one. What's more of a hassle? Spending 30 seconds to swap SIM cards or spending 30 minutes on hold before mentally parsing the unintelligible engrish of a slave-wage phone drone?

    This is a solution to a problem that doesn't exist. The only "problem" this solves is enabling the carriers to revert to the abusive and restrictive CDMA model.

  11. Something wrong with headline by Pop69 · · Score: 4, Insightful

    "Embedded SIM Design Means No Longer Able To Swap Cards"

    There, that reads better

  12. The Internet of Things isn't a thing by Gothmolly · · Score: 3, Informative

    It's marketing, like "the cloud". It's such a gross oversimplification that it's meaningless.

    --
    I want to delete my account but Slashdot doesn't allow it.
  13. Re:Who, exactly, gets to send over the air updates by Animats · · Score: 2

    What this seems to do is take control away from the user, who could swap SIM cards, and give it to some carrier.

    When you say "seems to," do you really mean "could possibly some day"?

    No, I mean that's what the documentation seems to say. The user can't swap SIM cards when there is no removable SIM card. It has to be done remotely. From the documentation, it seems that the carrier has the keys to do that, but the user does not. Some devices start out in "provisioning mode", from which point (I think) the first carrier to talk to the device downloads a profiile and has control of the device until they release it. Or the device might come pre-locked to a carrier. Whether the user can force the device back to provisioning mode seems to be under the control of the profile downloaded by the carrier.

    it's a lot like the way domain transfer works between registrars, with the "domain locked" status being under the control of the "losing registrar". That's led to disputes.

    Who tells whom what to do? - V. Lenin