I’m not too knowledgeable about cellular equipment, but I was wondering how much of the phone based data actually gets to the SIM card.
Would it be possible, by sniffing the connection to the card, to listen to the content of calls and mobile data? Or would it be possible to get tower information in a similar format to rayhunter?
I understand there is some encryption, would getting the keys for that enable some of the previous ideas?
The SIM card (Subscriber Identity Module) stores the cryptographic keys that identify the subscriber account and let it connect to the cellular network.
Every SIM card has a little microprocessor built-in, so those secrets never leave the SIM card. This is donr specifically to prevent the type of eavesdropping attack that you’re suggesting.
More info on Wikipedia.