| Well, you're all right, maybe!
But...there are people who practice so called "remote unlocking" using client-server approach.
And those people know everything they need on boot authorizatinon, they have the right applets
as well. Why shouldn't I know the same?
Their client (logger) is very interesting program!
Here's a start of communication protocol:
Phone | Logger
5A ('Z') | 3F ('?')
5C 06 01 FF FF FF FF FF
(for R520, device ID?) | 50 00 AB ('P',...)
45 70 06 ('EpF') |...Something from server
What's next?...
Again, Emma II does the same thing so I think that analysing the 'right' communication log will help us to understand the protocol. Smartcard: it's really a black box, but communication channel between program and phone is open. Or you suppose a strong cryptography?
So I'm just trying to take the step towards the understanding this staff and ask community to help me. Maybe it's nonsense again, but I beleive that joined forces of interested people could solve this problem in a week or even less! |