@Zf_

This may be a dumb question, but you seem to be the least blinded by the hope of an unlock.... How do these things actually work?
I would think just spoofing the MCC MNC to the phone would be sufficient, but apparently there is more to it than that, right?
Otherwise I would expect that data wouldn't fail, and they wouldn't stop working after a while.

nah it's not a dumb question, it's important to understand what's going on.

You're right, spoofing the MCC+MNC is enough to fool the phone SIM locking algorithms.

Now the problem is, what about your actual connection ? Let's sum it up roughly

The MCC/MNC is part of the IMSI, which is your login to the mobile network.

The previous exploits relied on the fact that the baseband was quite dumb and read the IMSI more than once - once for the unlock module, and the other times for the real baseband operations. So sending a fake IMSI with the correct sequence was enough to unlock the baseband and still have an happy network, since that fake IMSI never made it to the network.

Now the baseband is smarter and reads the IMSI only once - so from now on, when you're trying to login to the network, you'll show a bad login. You can then use a lot of tricks to make the network ask you again for your login/pass, or make it use old valid credentials (still suming it up very badly here, but you got the general idea). Problem is, those tricks are temporary, not reliable, and most of all, highly illegal in most countries.

That's the sad state of proxy SIM unlocking right now ...

__________________
char dumbass[128]="pasta.dat";

So basically, when it stops working, your network got tired of you being a jackass?

yeah ... for the moment it's temporary ... but they could very well ban you or even sue you (and we're talking about laws close to counter-terrorism here, not small charges) ... of course those new xsim sellers don't care, they have a take the monies and run fast business, and it's up to you to handle the mess waiting to happen

__________________
char dumbass[128]="pasta.dat";

I hit a wall, like I mentioned without the ability to program the Boost mode my Yessim is dead in the water.

It starts of well for like 5 minutes, then goes to "Searching" then a few hours later goes to "No Service"... Basically the network saying F*K YOU as it learns and adapts to the hack, much like an evil Matrix-esque pseudo-neural organism. (See I should be a writer not a hacker). :hack:

I had to pull out my normal sim so I can, like, use my regular SonyE phone.

So... sorry mate, I've got no useful new logs until this RJ45 dealie-o is sorted out. I am going to Belgium and Netherlands next week so I really want to be able to use something with one of those non-roaming Europe-wide simcard things.

Okay with this number and running launchctl unload /System/Library/LaunchDaemons/com.apple.DumpBasebandCrash.plist I got some good logs now.

First one with AT&T locked, "No service" on UK networks will be sent to you. Trying again, turn phone off, turn phone on, baseband dump. 2nd Log file will be sent.

Hello,

I've been talking to team-mate Zf about the xSIM stuff and would be interested in getting some high quality scans of the xSIM and yesim and any other variants or clones of the TurboSIM type "unlocking" devices to investigate further.

If anyone could take a close up macro shot of the front and the back of their Yesim, xSIM or whatever they have it would be appreciated.

Please send to blog@iphone-dev.com

-- pytey
iPhone DevTeam.

Coming up soon. Scans

Another major thing which you've not added. The SIM card belongs to your provider.

They could also claim that you 'playing' with it is against their T&C. I've not had any problems with that now but something I have been thinking is this.

Once a network sees these attempts - I wonder if they apply some monitoring to it.

The reason I say this is fairly straight forward. My voda sim worked on a certain brand of proxy sim. Alwys worked - even if only for outbound calls/texts. But now it simply refuses to work at all when paired with a proxy sim. Strange.

I was too late. :p Mattmartincouk is the man!