Saturday, September 29, 2018

What Information Can Be Pulled Off A Mobile Device SIM Card?

I recently taught a mobile forensics course and asked my students to identify what kind of information that can be retrieved from a mobile device SIM card.  Here’s a list of some of the retrievable information students listed:

 Integrated Circuit Card Identifier (ICCID) – this is the number that is printed on the SIM card itself.  It is nineteen or twenty digits long.

International Mobile Subscriber Identity (IMSI) – this is the number that identifies a SIM card user on a GSM network.  It is stored in the EF(IMSI).  It is a fifteen-digit number.  Three components that make up the IMSI are:
  • Mobile Country Code (MCC) – the first three digits identify the country.
  • Mobile Network Code (MNC) – the next two digits identifies the cell provider mobile unit in a GSM network.
  • Mobile Subscriber Identity Number (MSIN) – the next nine digits identifies the mobile unit in a GSM network.
Service Provider Name (SPN) – the mobile provider’s name.  This can be found from the ICCID.

Mobile Station International Subscriber Directory Number (MSISDN) – basically, the SIM card’s telephone number.  This number can vary from fifteen to sixteen digits long.  The MSISDN is stored in EF(MSISDN).  It is made up of three components:
  • Country Code (CC) – up to three digits
  • National Destination Code (NDC) – two or three digits
  • Subscriber Number (SN) – up to a max. of ten digits
Abbreviated Dialing Numbers (AND) – These numbers are shortcuts on the phone of the most frequently dialed phone numbers.  These are generated by the subscriber.  They are stored in the EF(AND) file.

Last Number Dialed (LND) – This is a listing of the most recent calls and can be found in the EF(LND).

Short Message Service (SMS) – Short messages sent to other phones with a maximum length of either 160 or 70 characters.  These messages can be found in the EF(SMS) file.  These messages show not only the message but also the time the message was sent, the sender and receiver’s phone number, etc.

Language Preference (LP) – the preferred language of the subscriber.

Card Holder Verification (CHV1 and CHV2) – allows access to files after the user’s verification of PIN 1(CHV1) or PIN 2(CHV2).

Ciphering Key (Kc) – a 64-bit ciphering key used for encryption and decryption of data on an over-the-air channel.  It is generated by the Mobile Station from a random challenge by the GSM network.

Fixed Dialing Numbers (FDN) – phone numbers added to a list and the SIM restricts outgoing calls only to those numbers listed.

Location Area Identity (LAI) – The LAI will be stored on the SIM card so that a phone knows what location it is in and able to receive service.  If a phone changes areas, then the new LAI is stored in the SIM.  This is great for investigators to be able to read a list of where the SIM card has been geographically.

Temporary Mobile Subscriber Identity (TMSI) – the SIM is assigned a TMSI by the Mobile Switching Center (MSC) whenever a phone is in the vicinity of a new MSC.  Information about the phone is stored in the Visitor Location Register (VLR) and the phone is given a TMSI which allows the subscriber to be uniquely identified.

Service Dialing Numbers (SDN) – Numbers that are installed by the service provider which cannot be changed or deleted by the user.  The SDNs are usually hidden.

Thanks to my Mobile Forensics class students!



Sunday, September 16, 2018

Online Ladder Logic Simulations

Some of you know how much I’m loving being back in the classroom as a Visiting Assistant Professor at the University of Hartford College of Engineering, Technology and Architecture (CETA). I started in January for the spring semester and am fortunate to have been invited back for the fall semester. CETA offers both BS Engineering Technology and BS Engineering degrees with students having the following options:

  • Engineering, with its emphasis on theory, analysis, and design, 
  • Technology, which teaches engineering technology, with an emphasis on hands-on application of theory; or
  • Architecture, with its emphasis on a combination of design and application of theory.
I’ve had the opportunity to teach both Engineering Technology and Engineering courses. In the spring I taught the second half of a digital electronics course. In that course we spent considerable time working with Quartus, an Intel CAD system used to design digital circuits. 

Over the summer I had some time and experimented a bit with PLC Fiddle - a really nice
https://bit.ly/2xsAElk
online ladder logic simulator for testing, training, and code sharing. Using PLC Fiddle I’ve put together a set of logic gate simulations linked hereUsing the simulations the user can turn inputs on and off for various logic gates (AND, OR, NAND, NOR, EXOR and NEXOR) and observe the outputs. Here’s a screen shot of the simulations. 

If you follow the link below the screen shot you'll go to the simluation website where you can turn Input 1 and Input 2 ON and OFF (OFF = Logic 0, ON = Logic 1) by clicking the boxes next to Input 1 and Input 2 in the left hand column. As you change the Inputs, watch how the Output changes for each gate type. 

I’m not teaching a digital course this semester but if you are - feel free to share and use the simulations in your classes. And - if you are a faculty person, current student, former student, already have your AS or AAS degree and want to continue, etc, etc and are interested in an excellent Engineering, Engineering Technology or Architecture BS degree program - I can help connect you with the right people at the University of Hartford. My Hartford email address is gosnyder@hartford.edu You can contact me any time!