initial checkin of 2022-10-19 OsmoDevCall SIMtrace2 talk
After Width: | Height: | Size: 8.1 KiB |
After Width: | Height: | Size: 28 KiB |
|
@ -0,0 +1,410 @@
|
|||
\section{SIM Cards}
|
||||
|
||||
\subsection{Smart Card Basics}
|
||||
|
||||
\begin{frame}{Terminology}
|
||||
\begin{description}
|
||||
\item[SIM] Subscriber Identity Module
|
||||
\item[USIM] Universal Subscriber Identity Mdoule
|
||||
\item[UICC] Universal Integrated Chip Card
|
||||
\item[MS] GSM Mobile Station (phone, modem)
|
||||
\item[UE] UMTS User Equipment
|
||||
\item[ME] GSM Mobile Equipment (MS + SIM)
|
||||
\item[OTA] Over The Air
|
||||
\item[SAT] SIM Application Toolkit
|
||||
\item[CAT] Card (UICC) Application Toolkit
|
||||
\item[USAT] USIM Application Toolkit
|
||||
\item[TAR] Toolkit Application Reference
|
||||
\end{description}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Relevant Specification Bodies}
|
||||
\begin{itemize}
|
||||
\item ISO (ISO 7816) smart cards
|
||||
\item ETSI (Eurpoean Telecomms Standardisation Institute)
|
||||
\begin{itemize}
|
||||
\item Classic GSM SIM
|
||||
\item UICC card as basis for various telecom ID purposes
|
||||
\item Card Application Toolkit (CAT)
|
||||
\end{itemize}
|
||||
\item 3GPP (3rd Generation Partnership Project)
|
||||
\begin{itemize}
|
||||
\item USIM Application
|
||||
\item USIM Application Toolkit (USAT)
|
||||
\item API based applet interworking
|
||||
\end{itemize}
|
||||
\item Global Platform
|
||||
\begin{itemize}
|
||||
\item Overall spec for SIM/USIM with Java
|
||||
\end{itemize}
|
||||
\item Sun Microsystems (now Oracle)
|
||||
\begin{itemize}
|
||||
\item Java Card Virtual Machine
|
||||
\item Java Card Runtime Environment
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{The Subscriber Identity Module (SIM)}
|
||||
\begin{itemize}
|
||||
\item Basic idea was to store cryptographic identity of subscriber inside smart card
|
||||
\item User can thus migrate identity from one device to another
|
||||
\item User can furthermore use different SIM in same device (e.g. local prepaid SIM while travelling)
|
||||
\item Original SIM card design mostly ISO 7816-4 filesystem and single command to execute A3/A8 algorithm inside card
|
||||
\begin{itemize}
|
||||
\item This could even be done in logic, no processor required
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{The modern SIM}
|
||||
The modern SIM is an entirely different beast
|
||||
\begin{itemize}
|
||||
\item Cryptographic processor smart card
|
||||
\begin{itemize}
|
||||
\item Symmetric cryptography such as DES, 3DES, AES
|
||||
\item Public key cryptography such as RSA, ECC
|
||||
\end{itemize}
|
||||
\item Java Card including a small Java VM and Java RE
|
||||
\item Multiple application support
|
||||
\item Ability to download applications (Applets) into card
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Smart Card Basics}
|
||||
\begin{itemize}
|
||||
\item microprocessor with RAM, Flash and Operating System
|
||||
\item Interface: Electrical + Logical Protocol (ISO7816-3, ISO7816-4)
|
||||
\item File System based representation of information
|
||||
\item Protocol describes remote operations on the file system
|
||||
\item Few non-filesystem related commands for e.g. authentication
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Smart Card Filesystem}
|
||||
\begin{itemize}
|
||||
\item Hierarchical file system like on PC
|
||||
\begin{description}[MF]
|
||||
\item[MF] (master file): root directory
|
||||
\item[DF] (dedicated file): subdirectory
|
||||
\item[EF] (entry file): actual file
|
||||
\begin{itemize}
|
||||
\item transparent or record oriented
|
||||
\item record linear fixed/variable or record cyclic
|
||||
\end{itemize}
|
||||
\end{description}
|
||||
\item File names don't exist on card. 16bit FID (File ID) or 8bit SFID used instead
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Smart Card Filesystem Hierarchy}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=110mm]{sim-mf-df_gsm.png}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}{Smart Card Filesystem Permissions}
|
||||
\begin{itemize}
|
||||
\item similar to 'permission bits' on Linux or other PC OS
|
||||
\item each file can define separate read/write permissions
|
||||
\item some cards are permanently read-only
|
||||
\item other files can be written to after regular PIN verification
|
||||
\item yet another set of files e.g. needs one of the ADM PINs
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
||||
%\begin{frame}{Smart Card Logical Channels}
|
||||
%\begin{itemize}
|
||||
% \item Initially Smart Cards had only one interface (UART)
|
||||
% \item This means that only one application on the host side can interact with it, as there's sharde state
|
||||
% \item logical channels introduce a concept where this connection is virtualized, and multiple separate states (including with different access privileges) can exist in parallel
|
||||
%\end{itemize}
|
||||
%\end{frame}
|
||||
|
||||
\begin{frame}{SIM Card APDU Commands}
|
||||
Classic SIM card commands include the following
|
||||
\begin{itemize}
|
||||
\item SELECT (change directory / open file)
|
||||
\item READ BINARY, UPDATE BINARY (read/write transparent EF)
|
||||
\item READ RECORD, UPDATE RECORD (read/write record EF)
|
||||
\item ENABLE CHV, DISABLE CHV, CHANGE CHV (enable, disable or change PIN)
|
||||
\item VERIFY CHV, UNBLOCK CHV (verify or unblock PIN)
|
||||
\item RUN GSM ALGORITHM (A3/A8 authentication)
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Smart Card Filesystem}
|
||||
Typical operations of the phone include
|
||||
\begin{itemize}
|
||||
\item navigating inside filesystem by SELECT on DF/EF
|
||||
\item authenticating the user PIN
|
||||
\item reading/updating files
|
||||
\begin{itemize}
|
||||
\item reading IMSI
|
||||
\item old-school SMS and contact storage
|
||||
\item storing session keys (Kc/KcGPRS, ...)
|
||||
\item storing last cell on power-off
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Smart Card PINs}
|
||||
The level of access to the filesystem and other card features is
|
||||
determined by authentication using a shared secret, called 'PIN'.
|
||||
\begin{itemize}
|
||||
\item Regular PIN for normal use of the card by the end user
|
||||
\item PUK for resetting the pin after too many retries
|
||||
\item ADM1..n PIN for access by the operator only
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Multi-Application Smart Cards}
|
||||
\begin{itemize}
|
||||
\item Classic SIM cards are single application, accessing the
|
||||
GSM related files works by entering the known DF.GSM
|
||||
directory with its well-known FID
|
||||
\item Later the idea of multi-application smart cards entered
|
||||
the market
|
||||
\item A multi-application smart card contains an EF.DIR in the
|
||||
MF
|
||||
\item EF.DIR contains records with the AIDs of all applications
|
||||
on the card.
|
||||
\item AID prefix is well-known to the application, AID suffix is
|
||||
manufacturer specific. Applications use prefix-match
|
||||
\item application specific directory can be entered by SELECT on
|
||||
the AID
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{USIM Application Dedicated File (ADF.USIM)}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=110mm]{usim-dir-structure.png}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\subsection{From SIM to UICC and USIM}
|
||||
|
||||
\begin{frame}{Evolution of the SIM}
|
||||
\begin{itemize}
|
||||
\item Classic GSM SIM cards
|
||||
\begin{itemize}
|
||||
\item initial GSM / ETSI TS 11.11 for classic GSM SIM, based on ISO 7816-2/3/4
|
||||
\item small changes for GPRS support by introducing a few new optional files
|
||||
\item Class byte 0xA0 used in GSM SIM
|
||||
\end{itemize}
|
||||
\item USIM cards
|
||||
\begin{itemize}
|
||||
\item Completely new approach based on ETSI UICC spec, multi-application capable
|
||||
\item Selection of ADF.USIM by AID
|
||||
\item Many new files
|
||||
\item backwards compatibility achieved by placing DF.GSM
|
||||
in MF and linking (think of symlink/hardlink) of
|
||||
relevant files
|
||||
\item Authentication for GSM and UMTS can be completely
|
||||
different (algorithm, secret key used, ...)
|
||||
\end{itemize}
|
||||
\item Additional application profiles exist for GSM-R, TETRA and
|
||||
other ETSI related communications systems.
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Evolution of Specifications}
|
||||
\begin{itemize}
|
||||
\item Classic SIM: ETSI TS 11.11 / 3GPP TS 51.011
|
||||
\item UICC Card: 3GPP TS 31.101, 31.900, ETSI TS 102 221, 102 222
|
||||
\item USIM application: 3GPP TS 31.102
|
||||
\item ISIM application for IMS (VoIP for LTE): 3GPP TS 31.103
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{ISIM Application Dedicated File (ADF.ISIM)}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=110mm]{isim-dir-struct.png}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\subsection{SIM Application Toolkit (SAT)}
|
||||
|
||||
\begin{frame}{SIM Application Toolkit (SAT)}
|
||||
\begin{itemize}
|
||||
\item Ability for card to run applications that have UI on the phone
|
||||
\begin{itemize}
|
||||
\item Display menu items on-screen
|
||||
\item Get user input from keypad/touch-screen
|
||||
\end{itemize}
|
||||
\item Original Version Described in TS 11.14 and 11.11
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SAT -- Proactive SIM}
|
||||
The {\em Proactive SIM} features
|
||||
\begin{itemize}
|
||||
\item Sending a short message
|
||||
\item Setting up a voice call
|
||||
\item Playback of a tone in earpiece
|
||||
\item Providing location information from ME to SIM
|
||||
\item Have ME execute timers on behalf of SIM
|
||||
\item Sending DTMF to network
|
||||
\item Running an AT command received from SIM, sending result back to SIM
|
||||
\item Ask ME to launch browser to SIM-provided URL
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SAT -- Call and SMS Control}
|
||||
\begin{itemize}
|
||||
\item ME passes MO call setup attempts to SIM for approval
|
||||
\item SIM can then
|
||||
\begin{itemize}
|
||||
\item approve or decline the MO call
|
||||
\item modify the call details such as phone number
|
||||
\item replace the call with USSD message
|
||||
\end{itemize}
|
||||
\item ME passes USSD requests similar to Call Control
|
||||
\item Similar mechanism exists for all MO SMS
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SAT -- Provide local information}
|
||||
The SIM can inquire the ME about
|
||||
\begin{itemize}
|
||||
\item MCC / MNC / LAC / Cell ID
|
||||
\item IMEI of ME
|
||||
\item Network Measurement Results
|
||||
\item BCCH channel list
|
||||
\item Date, Time, Timezone
|
||||
\item ME language setting
|
||||
\item Timing Advance
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SAT -- Event download}
|
||||
The SIM is notified by ME about certain events such as
|
||||
\begin{itemize}
|
||||
\item Call Connected / Disconnected
|
||||
\item Location Status (Location Area change)
|
||||
\item User activity (keyboard input)
|
||||
\item Idle screen available
|
||||
\item Browser termination
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SAT - Data download}
|
||||
\begin{itemize}
|
||||
\item Enables Operator to exchange arbitrary data with the SIM
|
||||
\item Could be RFM (Remote File Management)
|
||||
\begin{itemize}
|
||||
\item Read or modify phone book entries
|
||||
\item Even change the IMSI of the SIM (!)
|
||||
\end{itemize}
|
||||
\item In case of Java Card, can be download of card applets
|
||||
\begin{itemize}
|
||||
\item Applets are stored permanently on SIM
|
||||
\item Can later use SAT procedures to interact with ME
|
||||
\item TS 03.19 specifies Java API to access SAT from Java RE
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SAT - Data download}
|
||||
SAT Data Download can happen via
|
||||
\begin{itemize}
|
||||
\item via SMS or Cell Broadcast
|
||||
\begin{itemize}
|
||||
\item Uses TS 03.40 TP-PID {\em SIM DATA Download}
|
||||
\item ME forwards such SMS to the SIM in {\tt ENVELOPE} APDU
|
||||
\item Response from SIM is sent back as MO-SMS or DELIVERY REPORT
|
||||
\end{itemize}
|
||||
\item via BIP (Bearer Independent Protocol)
|
||||
\begin{itemize}
|
||||
\item Dedicated CSD call between network and SIM
|
||||
\item GPRS session between network and SIM
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SAT - Data download}{Data download security}
|
||||
\begin{itemize}
|
||||
\item GSM TS 03.48 specifies secure messaging for data download
|
||||
\item Includes replay protection
|
||||
\item Supports DES and 3DES
|
||||
\item SMS chaining for long commands / large data
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\subsection{SIM threat model}
|
||||
\begin{frame}{SIM card abuse by hostile operator}
|
||||
\begin{itemize}
|
||||
\item Even if the phone might be considered trusted, the SIM card is owned and controlled by the operator
|
||||
\item Using SAT features, the operator can control many aspects of the phone
|
||||
\item Examples
|
||||
\begin{itemize}
|
||||
\item Remotely reading address book / stored SMS
|
||||
\item Monitor user behavior (browser termination, idle screen, ...)
|
||||
\item Ask phone to establish packet data session
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SIM card re-programming by attacker}
|
||||
\begin{itemize}
|
||||
\item If the SIM is not properly secured (auth + encryption keys, ...) a third party attacker can send SAT envelope SMS to the card and install resident Java applets
|
||||
\item The attacker can then
|
||||
\begin{itemize}
|
||||
\item Obtain detailed location information and send it via SMS
|
||||
\item Intercept/log outgoing calls
|
||||
\item Sending copies of incoming + outgoing SMS elsewhere
|
||||
\end{itemize}
|
||||
\item Even using SIM card channel to exploit baseband stack is feasible
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{SIM card proxy / MITM by attacker}
|
||||
As soon as an attacker has temporary physical access to a phone, he can
|
||||
\begin{itemize}
|
||||
\item Insert a proxy-SIM between real SIM and phone
|
||||
\item Do everything a Java applet could do, but even with a securely configured SIM as he does not modify the existing SIM
|
||||
\item Sniff current Kc and send it out e.g. via SMS or even UDP/TCP packets over GPRS
|
||||
\item ... by only using standard interfaces that are common among all phones (as opposed to baseband software hacking which is very model-specific)
|
||||
\end{itemize}
|
||||
Most users would never notice this as they rarely check their SIM slot
|
||||
\end{frame}
|
||||
|
||||
%%%%%%
|
||||
\subsection{SIM attacks countermeasures}
|
||||
|
||||
\begin{frame}{Defending against SIM based attacks}
|
||||
\begin{itemize}
|
||||
\item SIM cards are Operator issued, Ki is on the SIM
|
||||
\begin{itemize}
|
||||
\item SIM card can thus not be replaced, but original SIM must be used
|
||||
\end{itemize}
|
||||
\item Configure telephone to not store contacts or SMS on SIM
|
||||
\item Communication between SIM and ME is not encrypted/authenticated
|
||||
\item Solution: Proxy SIM between SIM and ME to break STK / OTA
|
||||
\begin{itemize}
|
||||
\item Filter all STK/OTA/Proactive commands like ENVELOPE
|
||||
\item Indicate lack of STK support to ME (EF.Phase)
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Proxy SIM with firewall}
|
||||
\begin{itemize}
|
||||
\item There are no known commercial products that implement STK/OTA filtering
|
||||
\item But there are a number of shim SIM cards that are plugged between SIM and SIM slot
|
||||
\item Most of them are used for SIM unlocking modern phones
|
||||
\item Some vendors produce freely (re)programmable proxy SIMs:
|
||||
\end{itemize}
|
||||
\begin{figure}[h]
|
||||
\subfigure{\includegraphics[width=40mm]{bladox-turbosim.jpg}}
|
||||
\subfigure{\includegraphics[width=25mm]{rebelsim2.jpg}}
|
||||
\caption{Bladox TurboSIM (AVR) and RebelSIM II (8051)}
|
||||
%\caption{Bladox Turbo SIM (AVR)}}
|
||||
\end{figure}
|
||||
\end{frame}
|
After Width: | Height: | Size: 35 KiB |
|
@ -0,0 +1,79 @@
|
|||
\section{Osmocom SIMtrace2}
|
||||
|
||||
\subsection{Analyzing SIM card communication}
|
||||
|
||||
\begin{frame}{Analyzing SIM problems }
|
||||
\begin{itemize}
|
||||
\item Regular end-user phone does not give much debugging
|
||||
\item SIM card itself has no debug interface for printing error messages, warnings, etc.
|
||||
\item However, as SIM-ME interface is unencrypted, sniffing / tracing is possible
|
||||
\item Commercial / proprietary solutions exist, but are expensive (USD 5,000 and up)
|
||||
\item Technically, sniffing smart card interfaces is actually very simple
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\subsection{Osmocom SIMtracee Introduction}
|
||||
|
||||
\begin{frame}{Introducing Osmocom SIMtrace2}
|
||||
\begin{itemize}
|
||||
\item Osmocom SIMtrace2 is a passive (U)SIM-ME communication sniffer
|
||||
\item Insert SIM adapter cable into actual phone
|
||||
\item Insert (U)SIM into SIMtrace hardware
|
||||
\item SIMtrace2 hardware provides USB interface to host PC
|
||||
\item {\tt simtrace2-sniff} host PC program encapsulates APDU in GSMTAP
|
||||
\item GSMTAP is sent via UDP to localhost
|
||||
\item wireshark dissector for GSM TS 11.11 decodes APDUs
|
||||
\item NEW: pySim-trace for higher-level decoding
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\subsection{Osmocom SIMtrace2 Hardware}
|
||||
|
||||
\begin{frame}{Osmocom SIMtrace2 Principle}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=70mm]{simtrace-schema.png}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Osmocom SIMtrace2 Hardware}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=105mm]{simtrace_and_phone.jpg}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{Osmocom SIMtrace2 Hardware}
|
||||
\begin{itemize}
|
||||
\item Hardware is based around AT91SAM3S controller
|
||||
\item SAM3S Offers two ISO 7816-3 compatible USARTs
|
||||
\item USARTs can be clock master (SIM reader) or slave (SIM card)
|
||||
\item Open Source Firmware on SAM3S implementing
|
||||
\begin{itemize}
|
||||
\item APDU sniffing
|
||||
\item card emulation / remote SIM
|
||||
\end{itemize}
|
||||
\item Auto-bauding depending CLK signal, PPS supported
|
||||
\item Schematics / layout is open source (CC-BY-SA)
|
||||
\item Assembled + tested kits can be bought from {\url https://shop.sysmocom.de/}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}{wireshark decoding}
|
||||
\begin{figure}[h]
|
||||
\centering
|
||||
\includegraphics[width=95mm]{wireshark-sim.png}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}{SIMtrace TODO}
|
||||
SIMtrace hardware is capable, but no software yet for:
|
||||
\begin{itemize}
|
||||
\item perform MITM (APDU filtering)
|
||||
\item PC/SC compatible smart card reader
|
||||
\item autonomous tracing operation (No PC / USB), store APDU logs {\em in the field} on integrated SPI flash
|
||||
\end{itemize}
|
||||
Firmware and host software all FOSS, anyone can extend and innovate!
|
||||
\end{frame}
|
||||
|
After Width: | Height: | Size: 52 KiB |
After Width: | Height: | Size: 21 KiB |
|
@ -0,0 +1,155 @@
|
|||
|
||||
\newcommand{\degree}{\ensuremath{^\circ}}
|
||||
%\documentclass[handout]{beamer}
|
||||
\documentclass[aspectratio=169,11pt]{beamer}
|
||||
|
||||
% This file is a solution template for:
|
||||
|
||||
% - Talk at a conference/colloquium.
|
||||
% - Talk length is about 20min.
|
||||
% - Style is ornate.
|
||||
|
||||
|
||||
|
||||
% Copyright 2004 by Till Tantau <tantau@users.sourceforge.net>.
|
||||
%
|
||||
% In principle, this file can be redistributed and/or modified under
|
||||
% the terms of the GNU Public License, version 2.
|
||||
%
|
||||
% However, this file is supposed to be a template to be modified
|
||||
% for your own needs. For this reason, if you use this file as a
|
||||
% template and not specifically distribute it as part of a another
|
||||
% package/program, I grant the extra permission to freely copy and
|
||||
% modify this file as you see fit and even to delete this copyright
|
||||
% notice.
|
||||
|
||||
|
||||
\mode<presentation>
|
||||
{
|
||||
\usetheme{CambridgeUS}
|
||||
\usecolortheme{whale}
|
||||
|
||||
%\setbeamercolor{titlelike}{parent=palette primary,fg=black}
|
||||
\setbeamercolor{frametitle}{use=block title,fg=black,bg=block title.bg!10!bg}
|
||||
% from beamercolorthemeorchid.sty to make it look more like warsaw
|
||||
\setbeamercolor{block title}{use=structure,fg=white,bg=structure.fg!75!black}
|
||||
\setbeamercolor{block title alerted}{use=alerted text,fg=white,bg=alerted text.fg!75!black}
|
||||
\setbeamercolor{block title example}{use=example text,fg=white,bg=example text.fg!75!black}
|
||||
|
||||
\setbeamercolor{block body}{parent=normal text,use=block title,bg=block title.bg!10!bg}
|
||||
\setbeamercolor{block body alerted}{parent=normal text,use=block title alerted,bg=block title alerted.bg!10!bg}
|
||||
\setbeamercolor{block body example}{parent=normal text,use=block title example,bg=block title example.bg!10!bg}
|
||||
|
||||
|
||||
|
||||
% or ...
|
||||
|
||||
%\setbeamercovered{transparent}
|
||||
% or whatever (possibly just delete it)
|
||||
}
|
||||
|
||||
\mode<handout>{
|
||||
\usepackage{misc/handoutWithNotes}
|
||||
\pgfpagesuselayout{2 on 1 with notes landscape}[a4paper,border shrink=5mm]
|
||||
\usecolortheme{seahorse}
|
||||
}
|
||||
|
||||
% ensure the page number is printed in front of the author name in the footer
|
||||
%\newcommand*\oldmacro{}
|
||||
%\let\oldmacro\insertshortauthor% save previous definition
|
||||
%\renewcommand*\insertshortauthor{%
|
||||
% \leftskip=.3cm% before the author could be a plus1fill ...
|
||||
% \insertframenumber\,/\,\inserttotalframenumber\hfill\oldmacro}
|
||||
|
||||
\usepackage[english]{babel}
|
||||
\usepackage[latin1]{inputenc}
|
||||
\usepackage{times}
|
||||
\usepackage[T1]{fontenc}
|
||||
|
||||
\usepackage{subfigure}
|
||||
\usepackage{hyperref}
|
||||
\usepackage{textcomp,listings}
|
||||
%\usepackage{german}
|
||||
\lstset{basicstyle=\scriptsize\ttfamily, upquote, tabsize=8}
|
||||
|
||||
|
||||
\title{Osmocom SIMtrace2 Tutorial}
|
||||
\subtitle{SIM card protocol tracing - why and how}
|
||||
\author{Harald~Welte}
|
||||
\institute{sysmocom - s.f.m.c. GmbH}
|
||||
\date[October 2022]{OsmoDevCall 2022-10-19}
|
||||
|
||||
|
||||
% - Use the \inst command only if there are several affiliations.
|
||||
% - Keep it simple, no one is interested in your street address.
|
||||
|
||||
% - Either use conference name or its abbreviation.
|
||||
% - Not really informative to the audience, more for people (including
|
||||
% yourself) who are reading the slides online
|
||||
|
||||
\subject{SIM card protocol tracing}
|
||||
% This is only inserted into the PDF information catalog. Can be left
|
||||
% out.
|
||||
|
||||
|
||||
|
||||
% If you have a file called "university-logo-filename.xxx", where xxx
|
||||
% is a graphic format that can be processed by latex or pdflatex,
|
||||
% resp., then you can add a logo as follows:
|
||||
|
||||
% \pgfdeclareimage[height=0.5cm]{university-logo}{university-logo-filename}
|
||||
% \logo{\pgfuseimage{university-logo}}
|
||||
|
||||
|
||||
|
||||
% Delete this, if you do not want the table of contents to pop up at
|
||||
% the beginning of each subsection:
|
||||
%\AtBeginSubsection[]
|
||||
%{
|
||||
% \begin{frame}<beamer>{Outline}
|
||||
% \tableofcontents[currentsection,currentsubsection]
|
||||
% \end{frame}
|
||||
%}
|
||||
|
||||
|
||||
% If you wish to uncover everything in a step-wise fashion, uncomment
|
||||
% the following command:
|
||||
|
||||
%\beamerdefaultoverlayspecification{<+->}
|
||||
|
||||
|
||||
\begin{document}
|
||||
|
||||
\begin{frame}
|
||||
\titlepage
|
||||
\end{frame}
|
||||
|
||||
|
||||
% Structuring a talk is a difficult task and the following structure
|
||||
% may not be suitable. Here are some rules that apply for this
|
||||
% solution:
|
||||
|
||||
% - Exactly two or three sections (other than the summary).
|
||||
% - At *most* three subsections per section.
|
||||
% - Talk about 30s to 2min per frame. So there should be between about
|
||||
% 15 and 30 frames, all told.
|
||||
|
||||
% - A conference audience is likely to know very little of what you
|
||||
% are going to talk about. So *simplify*!
|
||||
% - In a 20min talk, getting the main ideas across is hard
|
||||
% enough. Leave out details, even if it means being less precise than
|
||||
% you think necessary.
|
||||
% - If you omit details that are vital to the proof/implementation,
|
||||
% just say so once. Everybody will be happy with that.
|
||||
|
||||
%\include{part-introduction}
|
||||
|
||||
|
||||
\part{Java SIM}
|
||||
\include{part-sim}
|
||||
|
||||
\include{section-simtrace}
|
||||
|
||||
%\include{part-ota}
|
||||
|
||||
\end{document}
|
After Width: | Height: | Size: 70 KiB |
After Width: | Height: | Size: 58 KiB |
After Width: | Height: | Size: 68 KiB |