There was a great Defcon talk about this called The Secret Life of SIM Cards that I can recommend watching (they release the video for these some time after the conference).
The talk itself was about a group that had an enormous camping trip (I hope that phrasing doesn't diminunise it) called Toorcamp of a few thousand people that thought it would be fun to also put together their own cell network for just them. They bought and programmed SIM cards and hid puzzles in the programs on them.
But the amount of programming that can be done on the SIM card alone without involving the main processor at all was really quite fascinating and there's a lot of detail in the talk if you can track it down. Here are the slides at least https://speakerdeck.com/codebutler/the-secret-life-of-sim-ca...
I did some JavaCard development on a project probably ten years ago - and the highlight was meeting the "Head of SIM" at a major network, being told how many times a day everyone's SIM card 'crashes'.
I wrote my Master's thesis on software platforms for smartcard applications in 1999. An interesting platform running javacard apart from SIMs is/was the Java iButton from Maxim (then Dallas Semiconductor).
Also, all ATM cards which are smartcards (i.e. almost all of them in countries such as France, Norway) can also hold several applications. The banks just doesn't allow it. In theory you could, even with today's technology, buy a blank card (say, with a David Bowie picture if that's your thing) and have the bank, visa, mastercard, grocery loyalty programme, library card, frequent flyer applications etc on it. Just carry one card! But no, everyone wants to own the card have their logo in it. Sigh.
I'm in London and they are rolling out contactless applications for certain things now. Subway sandwiches all take them. London buses you can pay by swipign your debit card and there is one bank that has a debit card/oyster card(oyster card is use on all London transport).
We used to have them in Poland for a few years now, virtually every single place has contactless terminals. In the UK I managed to use mine at Greggs,and the lady working there had absolutely no idea what I've just done, they were very confused after I told them that they have contactless terminals. Other than that, Subway and McDonalds have them.
AFAICT, the neo900 has a plain old closed baseband processor.
So you can "root" it and control the OS all you want, your carrier still owns you and your phone, what with (potentially) DMA level access to your CPU.
neo900 is interesting, but it is not any more open in this regard than any other handset.
This is what Java Card was developed to run on.
If you are interested in getting lower level access to your radio, you could look at the defunct http://openmoko.com/freerunner.html project or the resurrection of the Freeruner, http://www.openphoenux.org/