blue-merle: generate a temporary IMEI before the the SIM switch

After shutting down the modem and before replacing the SIM, we generate a temporary random IMEI to prevent accidental disclosure of the new IMSI under the old IMEI. It should not happen but we do not control the modem as much as we'd like, e.g. fully power it down. So it may not be necessary but we consider it defense in depth.
srlabs · Oct 18, 2023 · 03c262a · 03c262a
1 parent fe4021f
commit 03c262a
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/files/usr/bin/blue-merle b/files/usr/bin/blue-merle
@@ -44,6 +44,14 @@ while [[ "$answer" -eq 1 ]]; do
 	fi
 done
 
+## We have just disabled the modem so it should not log on to any network.
+## We set a random IMEI now only to have it overwritten very soon after
+## the SIM card has been replaced. We intend to prevent an accidential
+## leak of the new SIM's IMSI with the old IMEI just in case the modem
+## accidentally tried to log in to the network.
+python3 /lib/blue-merle/imei_generate.py -r
+
+
 echo -n "Please now replace the SIM card and press any key to continue. "
 read answer
 

diff --git a/files/usr/bin/blue-merle-switch-stage1 b/files/usr/bin/blue-merle-switch-stage1
@@ -61,6 +61,12 @@ while [[ "$answer" -eq 1 ]]; do
 	fi
 done
 
+## We generate a random IMEI to prevent a leak of the
+## new SIM's IMSI under the old IMEI in case the modem
+## still talks to the network
+python3 /lib/blue-merle/imei_generate.py -r
+
+
 mcu_send_message "Replace the SIM card. Then pull the switch."
 
 echo done > /tmp/blue-merle-stage1