Ask Slashdot: How Secure Is a Cellphone's eSIM?
source link: https://ask.slashdot.org/story/21/07/09/2353208/ask-slashdot-how-secure-is-a-cellphones-esim?sbsrc=askslashdot
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Ask Slashdot: How Secure Is a Cellphone's eSIM? (pcmag.com) 33
Posted by EditorDavid
on Saturday July 10, 2021 @11:34AM from the asking-about-eSIMs dept.
A few months ago PC Magazine explained eSIMs:
You almost certainly have a SIM card: a thumbnail-sized chip that sits in your mobile phone, telling it which carrier and what phone number you use. Now those SIMs are going digital (or "e") and moving your information to a reprogrammable, embedded chip.
A SIM card is a "subscriber identity module." Required in all GSM, LTE, and 5G devices, it's a chip that holds your customer ID and details of how your phone can connect to its mobile network... An eSIM takes the circuitry of a SIM, solders it directly to a device's board, and makes it remotely reprogrammable through software... There are some minor consumer downsides, though. With eSIMs, it's harder to switch one plan between devices — you can't just swap the physical card around — and they can make it harder for you to temporarily remove your SIM if you don't want to be tracked by a carrier.
Google's Pixels have had eSIMs since 2017, and Apple's iPhones have had them since 2018...
Now let's see how long-time Slashdot reader shanen feels about them:
Shopping for a new smartphone due to premature battery swelling of a cheapie, but surprised to find out I can't just plug the SIM into a new phone. There ain't no SIM here, but rather the dying phone has an eSIM.... Quick research indicated it's only software, so my obvious question is "How secure can an eSIM be?" (The obvious search results also fail to produce "fresh" results.)
But the black hats have already had a couple of years to work on the problem, and it seems intrinsically difficult to do anything securely if you're only using software. My probably obsolete understanding is that part of the basis of SIM security is that you'd have to destroy the SIM to save its data, but is there an actual security expert in the house?
Related question based on my surprise. How would you even know if you're using an eSIM? Especially since it appears to be possible to use an eSIM on a phone with a SIM.
Share your own thoughts and opinions in the comments.
How secure is an eSIM?
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK