SIMtrace phone-side VCC

Tom Schouten tom at zwizwa.be
Tue Jul 30 18:15:55 UTC 2013


for the MITM, there seem to be a couple of variables to play with (as 
compared to passive sniffing) that make it a little more reliable:

- wait for X number of power cycles, i.e. don't send ATR until the 3V3 
one comes up
- manipulate ATR: it seems possible to set the voltage class explicitly

The power-wait works for the BLU phone I mentioned, and the Nexus One.
N1 also starts out with a different voltage (about 2.3V, weird..)









More information about the simtrace mailing list