This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Mychaela Falconia mychaela.falconia at gmail.comHello Osmocom community, I made some posts here earlier this year about my attempts to obtain some programmable SIM cards from Grcard (a well-known Chinese manufacturer of SIM and other smart cards) that are GSM SIM only, without USIM or ISIM applications - but I just realized that I never posted anything regarding the final outcome of those escapades. The present post is intended to summarize what I obtained and what I learned through that venture. The first point to be noted is that Grcard make many bazillion different card models, but frustratingly, they never let me see any kind of catalog of their different offerings. Instead what happened is that when I first approached them back in January and told them what I was looking for in very basic terms (I simply said that I wanted a GSM-only SIM card without any USIM or ISIM stuff), they offered me one of their card models based on those stated requirements, they first sent me a few sample pieces of this card model they selected for me, and then I ended up ordering 200 pieces of that same model with my own custom printing on the cards. The card model which Grcard offered to me back in January and of which I got 200 pcs a month ago in April turned out to be exactly the same in technical terms as the one that was once sold by Sysmocom as sysmoSIM-GR2: https://osmocom.org/projects/cellular-infrastructure/wiki/GrcardSIM2 As I understand it, Sysmocom had that sysmoSIM-GR2 as an offering back in late 2013, thus it was quite surprising to see that Grcard still readily sell that exact same model 7 and a half years later - but they do. As a result of having done a ton of work with these cards over the past few months, I now know a lot more about them than is said in the scant Osmocom wiki page above, and a lot more than the little bits of knowledge embedded in pySim code from 2013 supporting this model. Extensive write-ups about these cards can be found in my fc-sim-tools repository, but here is a basic summary of the good and the bad: The good: * These GrcardSIM2 aka FCSIM1 cards are truly native GSM 11.11 SIM, and do not speak the unwanted-innovation UICC protocol at all. * F=512 D=8 speed enhancement (the only SIM speed enhancement mode called for in the original GSM 11.11 spec and the only one implemented in most classic GSM MS hardware such as Calypso) is supported by these cards, thus if your GSM MS firmware has this speed enhancement enabled (at least with TI platform, many legacy fw versions have it disabled - don't know about other GSM chipset vendors), your phone will talk to the SIM at about 50781 bps, instead of the circa 8737 bps you get with the basic non-enhanced F=372 D=1 mode. * The security model on these cards works the way it is supposed to: they initially ship with a known default SUPER ADM key, but if you change both ADM5 and ADM11 (SUPER ADM) keys to your own secrets, then the card becomes fully secure in the traditional SIM security sense. I personally don't understand and will likely never understand what is so wrong with letting your paying service subscribers know their own Ki and letting them clone their SIM if they so wish, but if you wish to replicate the traditional security model where you program Ki and change ADM keys to some secret, you *can* do it with FCSIM1 cards. Standard PIN1/PIN2/PUK1/PUK2 can be freely reset if you authenticate with ADM5 or ADM11, but if you change those ADM keys to secrets, then the PIN system becomes fully secure too. Contrast the situation with Grcard's earlier model (sysmoSIM-GR1) where anyone can freely reset both regular and ADM PINs without any authentication, meaning no security whatsoever. * All 3 of COMP128v1, COMP128v2 and COMP128v3 are supported. I naturally choose COMP128v3 for my own deployments - A5/1 is weak enough to begin with, no need to weaken it further by reducing the effective key length to just 54 bits with COMP128v1 or v2. * As far as I can tell, there are NO unwanted STK applications on these cards. Harald said here earlier that Sysmocom's business relationship with Grcard ended when Grcard started shipping cards with some preinstalled STK applications displaying some pop-up messages in Chinese, but I see no evidence of any such applications being present on the FCSIM1 cards I got from them this year. I have tried issuing a feature-generous TERMINAL PROFILE toward the card (listing support for all common SAT features), and the SW response was 9000 - no matter what I tried, I never got the card to respond with SW of 91xx, indicating some proactive SIM command - thus as far as I can tell, these SIMs never issue any proactive commands. * The best good of all: no MOQ! Instead of being forced to buy 1000 or more cards and have them go to waste because I will never find that many people who have the same pattern of technology likes and dislikes as I do, I was able to buy just 200 cards - I could have ordered as few as 100, but I ordered 200 because they were cheap - and I got those 200 cards with my own custom printing and with my choice of form factor cut - I chose 2FF-only, of course. The bad: * The free reformatting ability that existed on sysmoSIM-GR1 has been taken away. On sysmoSIM-GR1 you could erase the card file system and recreate your own tree of DFs and EFs according to your own liking (with you deciding which files to include or omit, what size to allocate for each file, and what access conditions it should have), but those proprietary APDU commands from GR1 don't work on GrcardSIM2 (FCSIM1), and the official answer from Grcard is that such downstream reformatting is not allowed. I am guessing that what I want probably *can* be done by reformatting the card flash and reloading their CardOS at a lower level, but needless to say, Grcard won't divulge any of the knowledge that would be needed for such an endeavor. * The fixed formatting these cards came with (which we have no way of changing per above) is far from ideal: EF_AD is only 3 bytes and not 4, some files that aren't absolutely critical but would be nice to have like SDN and ECC are missing, and the allocated record size for EF_ADN is only 28 bytes, allowing only 14 characters for the contact name field. Contrast with old T-Mobile USA SIMs that have 44-byte ADN records (30 characters for contact name), or current Sysmocom cards that have 34-byte ADN records, allowing 20 characters. Grcard people told me that they can change this file system layout to a different one with MOQ of 10000 pcs, but of course such MOQs are absolutely not acceptable for "just for love" applications like mine. * There is no OTA programming capability on this card model. I was hoping that I could program EF_MSISDN over the air (yes, I know full well that a phone doesn't need to know its own MSISDN to make or answer calls, but all classic GSM phones have a menu command for "Show my number" or whatever it's called, and that's what EF_MSISDN on the SIM is for) like I can do on sysmoUSIM-SJS1 and sysmoISIM-SJA2 cards, but nope, this functionality just isn't there. Grcard folks were telling me that they have some other card model that supports OTA, but I never got a straight answer out of them as to whether that other card model is also GSM SIM only, or if it is UICC/USIM/ISIM - I suspect the latter, which would be totally uninteresting to me. * The worst badness of all is that Grcard people absolutely hate customers who ask too many technical questions, and when pressed, they typically respond only with non-answers. There is basically NO technical support of the kind we got used to in highly technical communities like Osmocom with vendors like Sysmocom, instead they are used to dealing with sales and marketing types. I also got the impression that selling to R&D customers is very foreign to them, instead they are set up for making cards for operator/MVNO type of customers who let the card vendor do all of the programming at the factory and don't get into any real technical stuff themselves. So here is what we got: https://www.freecalypso.org/members/falcon/pictures/SIMs/FCSIM1_front.jpeg https://www.freecalypso.org/members/falcon/pictures/SIMs/FCSIM1_back.jpeg The cards depicted in those photos are quite real, they are sitting right here at my FreeCalypso HQ in California, and they work in the sense that I can program everything including IMSI, Ki and COMP128v3 selection. I haven't set up my own GSM network yet - I already acquired a couple of nanoBTS units (one for 850 MHz, one for 1900 MHz), but I still need to acquire a better server machine for running Osmocom CNI software. Much like any other feeling and soulful human, I have a deep-rooted urge to share my work with others. When it comes to the present SIM card venture, I am doing everything I can to share my work with the community in 3 ways: 1) The software I developed for programming these cards is free to the world, with an explicit public domain license statement: https://www.freecalypso.org/hg/fc-sim-tools/ My fc-sim-tools suite is a direct competitor to pySim, written in C instead of Python, and split into separate fc-simtool and fc-uicc-tool for the two very different protocols that exist for talking to SIM cards. Oh, and my tools can be used to program Sysmocom webshop cards too, not just my Grcard-based FCSIM1. 2) If anyone else would like to buy similar cards from Grcard, I will be happy to put you in touch with my contact there and guide you through the process - and by encouraging anyone with a commercial interest to buy directly from Grcard instead of me acting as a reseller, I explicitly disavow any thought of commercially profiting from any related venture or acting as any kind of commercial entity myself. 3) If there is anyone in the world who shares my core philosophical position whose wording is imprinted on the plastic on my FCSIM1 cards (see the pictures above) and would like to get a few of these cards, please let me know, and I will be glad to send you however many cards you need, for the cost of shipping only, or at most covering my own cost of ordering more cards in the highly unlikely event that I get enough interest to run down my stock. In hacking fellowship, Mother Mychaela Hasta la Victoria, Siempre - 2G forever!