📡 The talk is about decoupling the SIM card from the mobile phone or modem to perform various measurements.
🌐 Roaming in cellular networks can be complex and interesting due to the differences in configurations, hardware, and software between home and visiting networks.
💰 International travel and testing in different networks can be expensive and tedious.
🌐 MobileAtlas decouples SIM cards from modems and enables global connectivity.
⚙️ Goals of the project include scalability, automatability, and controlling background noise.
🔒 Challenges faced include adapting the SIM interface and protocol for global usage.
🔧 The use of SIM tunneling and Schottky diodes simplifies the negotiation of speeds and voltages between the SIM provider and the modem.
🔄 Linux network spaces and binary encoding are used to control background traffic and ensure accurate measurements of data counting.
📲 Bluetooth rSAP protocol allows for the connection and sharing of SIM cards between an Android phone and the system.
🌐 SIM tunneling provides an opportunity for carriers to verify services and improve configurations for Voice over LTE roaming.
🔑 SIM cards can update or change their unique identifier (IMSI) over the air for roaming purposes.
⚙️ USB devices have a practical limit of around 20-30 devices due to hardware and driver limitations.
📍 The system has been deployed to 10 European countries and North America, with some limitations in Canada.
🔬 The use of modems instead of software-defined radios is due to regulatory challenges and safety concerns.
💡 The platform allows for internet-related measurements, including billing and abuse of zero-rating offers.
🔍 Different metrics are used for traffic classification, including UDP port, IP address, and deep packet inspection.
📊 The study focused on deep packet inspection and analyzed zero-rating applications like WhatsApp, Snapchat, and Facebook Messenger.
🧪 Experiments were conducted to verify web endpoints' zero-rating, detect IP-based and hostname-based classification methods.
🔒 Operators use both IP-based and hostname-based classification for zero-rating traffic.
⚙️ Attackers can exploit hostname-based classification by faking host data and spoofing SNI in TLS connections.
🔍 Location tracking can be done through ringback tones issued by terminating operators, allowing differentiation between operators.
🌍 By analyzing the amplitude and frequency of calls, it is possible to determine the operator and country of the callee.
📱 SIM cards can send covert binary SMS messages without the user's knowledge, containing information about the user equipment.
🔒 Roaming is an interesting case where two operators cooperate, and there are ways to exploit it for hiding traffic and locating subscribers.