Hard-core iPhone tricks

The crave blog over at CNET news has a great post on a Hanoi entrepreneur’s cell phone service/repair shops, and the brisk business they are doing unlocking 3G iPhones. If this sounds boring, you are probably not familiar with the process necessary to unlock this particular phone:

The technician then extracted the baseband chip, the component that controls the connection between the phone and the mobile network, from the motherboard. (This is a painstaking task as the chip is strongly glued to the phone’s motherboard. A mistake during this process could brick the phone completely.)

Once the chip was extracted, it was Tuan Anh’s turn. He used a chip reader to read information into a file. He then used a Hex editor to remove the locking data from the file, and after that, the chip got reprogrammed with the newly altered file. Now it was no longer programmed to work with only a specific provider.

Pretty hard-core. Once the soldering irons come out, you have left the Mall kiosks behind…

Hat tip to Perry Metzger and the cryptography list for the link, and the reminder that, given proper motivation, people will do unexpected and unauthorized things with technology. Assuming otherwise usually fails.

DEFCON talk on Charlie Card hacking blocked [updated]

CNET reports on yet another case of security-by-obscurity-by-court-order…

Three MIT students had planned to give a presentation at this year’s DEFCON, but the MBTA got a judge to issue a TRO preventing them from going ahead.

The presentation itself is available via the campus newspaper, as well as having been included in attendees conference materials.

Bruce Schneier recently wrote about the Mifare hacking paper that suffered a similar court challenge, although eventually allowed by the Dutch courts to be published.

The card system in Boston (and a number of other cities) uses the same technology, with the same weaknesses… (“Monoculture Bad”)

UPDATE: Discussion of the case in JOLT Digest, “An online companion to the Harvard Journal of Law & Technology”. (via saqib on The Cryptography Mailing List)

UPDATE: Nice overview from Ars Technica, highlighting the First Amendment issues in play here.

UPDATE: EFF Press Release: Judge Lifts Unconstitutional Gag Order Against MIT Students

The court found that the Massachusetts Bay Transportation Agency (MBTA) had no likelihood of success on the merits of its claim under the federal computer intrusion law and denied the transit agency’s request for a five-month injunction. In papers filed yesterday, the MBTA acknowledged for the first time that their Charlie Ticket system had vulnerabilities and estimated that it would take five months to fix.

Note that the MBTA suit is still alive, even though at least one judge apparently understands it to be a weak case. I hope that if it isn’t dropped, the expense involved comes up in the looming fare increase debate…

Bookmark this on Delicious

UPDATE: Popular Mechanics interview with Zack Anderson, one of the MIT students, on how this went down, and what happens now.

What happens next? There’s still a lawsuit from the MBTA, right?
Probably the next thing is, hopefully at this point we’ll be able to settle this and make it go away. If not, we’re going to have to file a motion to dismiss the case, but I think, and I definitely hope, that things are kind of over now. We didn’t give the talk, which was I think a primary aim that they had. That was effective on their part.