Difference between revisions of "Talk:Tutorial:Unlock iPhone 3G with TurboSim"

From The iPhone Wiki
Jump to: navigation, search
Line 4: Line 4:
   
 
[http://www.hackint0sh.org/forum/showthread.php?t=45903 This] is the original thread on hackint0sh, initiated by Zf. -caique2001-
 
[http://www.hackint0sh.org/forum/showthread.php?t=45903 This] is the original thread on hackint0sh, initiated by Zf. -caique2001-
  +
  +
  +
== 'illegal stuff' issue with MCC/MNC set to 001/01 ==
  +
  +
Actually I don't really believe in the 'illegal' fairy tale any more. (Though I will not remove the warning as I am not sure.)
  +
  +
The login into the cellular network is based upon the key stored on SIM, only the home provider knows it. The home provider has a database where it looks up the corresponding key. So if a fake IMSI is sent, totally different from original IMSI, authentication '''must''' fail (''This'' is obviously illegal). Vice versa, if authentication is successful, nothing could be considered illegal as the secure key stored on the card is tied to the callers identity.
  +
  +
Even more interesting is the fact, that some providers seem to receive the HPLMN not from IMSI, but from ICCID. A swisscom card, 'proxy-sim'ed with turbosim and zero-g does login into vodafone's and t-mobiles network Germany, meaning it roams (GPRS vodafone working, EDGE t-online working!). Where does vodafone / t-mobile take the HPLMN from, to set up correct routing to swisscom? As it can't be taken from IMSI (set to 001/01) it is appearently gathered from ICCID, isn't it?
  +
  +
So my guess is: If the provider's login implementation allows login with 001/01 (because possibly taking MCC/MNC from ICCID), everything is fine.
  +
  +
Maybe someone working in the mobile business can enlighten this subject.

Revision as of 23:51, 15 August 2008

experiences?

it would be interesting to see the experiences of anyone that has tried this unlock method

This is the original thread on hackint0sh, initiated by Zf. -caique2001-


'illegal stuff' issue with MCC/MNC set to 001/01

Actually I don't really believe in the 'illegal' fairy tale any more. (Though I will not remove the warning as I am not sure.)

The login into the cellular network is based upon the key stored on SIM, only the home provider knows it. The home provider has a database where it looks up the corresponding key. So if a fake IMSI is sent, totally different from original IMSI, authentication must fail (This is obviously illegal). Vice versa, if authentication is successful, nothing could be considered illegal as the secure key stored on the card is tied to the callers identity.

Even more interesting is the fact, that some providers seem to receive the HPLMN not from IMSI, but from ICCID. A swisscom card, 'proxy-sim'ed with turbosim and zero-g does login into vodafone's and t-mobiles network Germany, meaning it roams (GPRS vodafone working, EDGE t-online working!). Where does vodafone / t-mobile take the HPLMN from, to set up correct routing to swisscom? As it can't be taken from IMSI (set to 001/01) it is appearently gathered from ICCID, isn't it?

So my guess is: If the provider's login implementation allows login with 001/01 (because possibly taking MCC/MNC from ICCID), everything is fine.

Maybe someone working in the mobile business can enlighten this subject.