[colechristensen]

If there was an open standards-compliant protocol it could be implemented open-source and trusted. You could create an entire open operating system and use open hardware to know everything happening on your phone. That is different than having a SIM, which is a piece of mystery hardware the phone company could do anything with.

[Laforet]

They already have control of all your traffic so what's the harm? Take the sim out of your phone in case you are really worried, but that would cut you off the network as well.

I'd be far more concerned with the hundreds of microcontrollers running proprietary code.

[colechristensen]

The SIM, being a physical piece of hardware plugged into my phone, could easily be used as an attack vector for my phone company to root my phone. Hardware plugged into my phone is a much more vulnerable attack surface than control of network traffic.

[EvanAnderson]

The baseband is already at the beck-and-call of your telco provider and has much better access to the hardware than the SIM card.

[infinity0]

The point is your phone (if it were secure enough) could treat your SIM card like any other untrusted device accessory, and only let it do stuff it's allowed to do.

[network] <-> [phone] <-> [SIM card]

In theory. Not sure how well practise matches this though.

[gcb0]

the selling point of the sim is that it it "trusted computing". meaning the user is left out by design.