"Only, it turns out the cryptography isn't weak, the process is controlled and the undisclosed flaw remains undisclosed."
56-bit DES is still excessively weak; he was eliciting a known (in plain text) response from the SIM and using a rainbow table to get the key. Which will still work as far as I know. As for the attack... I don't know the details, but here's a few interesting points:
1) JavaCard does away with the code verifier that standard Java has, in recognition of the limited die size and storage space of the JavaCard device. I do believe most code that'd try to read or write outside your program's address space would be caught by the verifier.
2) JavaCard implementation specs permit an MMU but do not demand one; it looks like some implementations use no hardware security (relying on the virtual machine to catch faults), some use an MMU (which would make this attack difficult.) Some use a setup where they encrypt each program's address space with a different key, no MMU but the assumption would be without knowing the key one may be able to crash another app by writing garbage into it's address space, but not patch it to do nefarious things. Of course if they were using some app key, the SIMs will all have the same apps with same keys, and the apps could in fact be patched since the crypto key is already known.
I'm guessing the JavaCard on these SIMs uses no MMU, and the JavaCard software was simply updated to close whatever exploit was being used to write outside the apps' address space.
Biting the hand that feeds IT
