Update on Overleaf.

Chapters/RelatedWork.tex

@@ -44,6 +44,18 @@ Using their emulation framework, the authors discovered multiple high-impact mem
 
 SPTP introduces two new entities: a private index service for managing \glspl{imsi}, and a transparency ledger that logs profile provisioning actions. Formal security analysis of the SPTP protocol using \texttt{ProVerif}, alongside a functional prototype, demonstrates that such an approach can mitigate the identified risks without significant architectural changes to the existing infrastructure.
 
+% osmocom euicc manual
+% collection of technical information about euiccs -> collaborative effort
+% collects information related to the SGP.22 specification
+% offers information about available LPA implementations, known euicc cards, ATRs of some cards, known test profiles, etc
+
+% Markus vervier took perspektive of RED team: how to leverage the esim as a c2 channel
+% did not find vulnerability to use as a c2 channel
+% proposes phishig via the CAT -> use proactive commands to display input and messages
+% proposes maliciouse applet as feasible attack vector -> writes custom applet to fuzz proactive commands on user equipment side
+% custom applet prevents user from leaving the STK until the next factory reset -> not a real vulnerability since this is intended behaviour
+% proposes c2 OOB channel via sms: PoC which would allow attackers to controle a windows pc via SMS OOB 
+
 \section{Software Implementations}
 
 \paragraph{pySim}