[devops99]

Basically this.

And, hopefully your USB stack, or your phone's equivalent to SIM interface, doesn't have vulnerabilities that the small computer that is the SIM card could exploit.

Operating systems that center their efforts on protecting high risk users like Qubes dedicated a whole copy of Linux running in a Xen VM to interface with USB devices.

It'd be great if more information were available on how devices like Google's Pixel devices harden the interface for SIM cards.