How is the IMSI protected ? Carriers usually don't care about the IMEI cause they let you change your phone (my understanding) but the IMSI is your account number which links to your usage, etc... It would probably be easy to find where the IMEI is sent and change it on the fly with some LD_PRELOAD or other techniques, but I'm guessing that the IMSI is in the smart card and has some form of crypto handshake with the provider? Or is this just a receipt for fun^W disaster? EDIT: http://en.wikipedia.org/wiki/IMSI-catcher Also interesting, we should make sure the N900 show that (!) when it's not using encryption! Also interesting: http://www.gsm-security.net EDIT2: Uhm, of course there is a handshake, no multi-IMSI backup for multi-line use hehe (unless someone give you the key stored in the SIM, which, won't happen! ;-) But still, changing the IMEI could be useful for those stuck with data plans tied to a specific device!