In order to combat rising cases of phone theft, America's Federal Communications Commission (FCC) is planning to create a national database of stolen smartphones with the goal of ensuring that the mobes never work again. FCC chairman Julius Genachowski is meeting police chiefs from New York, Pennsylvania and Maryland and a …
That'll make the muggers quake in their boots...
""For the database to work, it would also become a federal crime to tamper with the unique identifiers on a phone.""
embedded within the phone....
Ok it might work... And it also gives a way in that the government can monitor calls?
So what would be the real reason for this?
Re: embedded within the phone....
Er, what makes you think they need a database to do that. All any police or security organisation needs is an interception warrent. Been that way since phones were invented.
Not already done?
I thought that the IMEI numbers of stolen phones were already being blocked for the past few years? Or is that just in the UK, or is it just a "voluntary" (ie useless) code?
Re: Not already done?
Not in the US. Also very few police dept will take a report for a stolen cell phone unless it was taking through a violent act. Pick pockets don't count. Neither does running up and grabbing it off a table.
Re: Not already done?
Well it is done in the UK and even in South-Africa, but the US hasn't quite figured out how yet.
... anytime soon now
It's a matter of jurisdictions.
Basically, phone theft like this is considered petty theft and therfore a local matter. So usually only the local police gets involved in the case, but as another poster noted, minor crimes like petty theft go low on the police priority list. Plus the US is a pretty big country with 50 states with numerous police jurisdictions inside each one and a hodgepodge of organizational structures that make coordination difficult.
Re: It's a matter of jurisdictions.
"Plus the US is a pretty big country with 50 states with numerous police jurisdictions inside each one and a hodgepodge of organizational structures that make coordination difficult."
I read somewhere that the US has upwards of 50,000 different police forces. That sounds like a lot. Organising that lot must be like herding cats.
Re: Not already done?
Not just the UK, also EU I think.
And can the IMEI even be changed at all? I thought it was hard-coded on a chip inside the phone?
Re: It's a matter of jurisdictions.
I believe that NDEX, the US version of PNC serves 18,000 LEAs.
...it can deter theft, and it also comes in handy at deterring protests. But that's just crazy conspiracy talk right?
If the government wanted to stop protests being arranged, they'd cut off your account or disable your sim - heck, these things are already impossible and more efficient as they don't follow the handset, they follow the account.
So talk about this being used to squash civil liberties is just silly fearmongery.
You do know that right after 9/11 happen telco did turn off ell phones at the request of the US gov. ALso big police dept like NYPD have cell phone jammers.
In the UK cell providers can, as they did for 7/7, suspend service to all but Emergency Service users, spookily they use their cell phones a lot.
Indeed. I thin you need someone of "gold command" status to request that; there are similar provisions in the BT phone network too.
FEMA took over emergency centers of hard hit areas and cut the power lines so that no alternative methods could be used to contact or use said services.
Local ham radio statiosn trying to call HQ would be worthless unless users talking amongst themselves for help. Repairs to stations were over $120k when FEMA left.
Another system, really?
Firstly we have the entire IMEI system which is an 'international' standard, you know like it says in the name, designed for this exact purpose. Then there are manufacturer specific systems. I know certainly with mu hTC there is a system where I can log into my hTC account on their website and remotely disable my phone. Why do we need yet another standard, no doubt at great cost to design, in order to do exactly the same thing?
Re: Another system, really?
Blackberry have a system too where you can wipe / secure (maybe disable) your phone at a distance over the web. But the advantage of the networks blocking a particular IMEI is that it can be done at any time after the loss of the phone, whereas the Blackberry way (maybe HTC too) is something you have to set up in advance. And it works for any phone, regardless of what the manufacturers have put in place themselves.
I'm sure that...
This will hurt the resale value in China...
Won't stop stolen phones being exported, as they already are.
Or the IMEIs being messed with - or the equivalent in non GSM phones (most USA phones aren't)
It's a good thing, but too litle and far too late. Stolen+blocked UK mobes show up in SE Asia, and stolen+blocked USA phones will show up in a market using CDMA protocols. Even worldwide databases of "hot IMEIs" won't help much.
Given all that, I'm quite happy smartphone makers have provided a way of remotely locating and disabling my phone even if its IMEI has been changed and the phone "factory formatted" (although I wouldn't be surprised to find there's a backdoor somewhere)
There is a 3rd hardware key in the GSM standard which isn't supposed to be changable without physically damaging the phone but implementations of this range from passable to non-existant - and none of the networks ever ask for it anyway.
"...disabling my phone even if its IMEI has been changed ..."
A question arising from my own ignorance : if the IMEI has been changed, what unique ID does the phone have to enable them to disable it?
Bad Person: "Hello. My cellphone was stolen! It's number is [insert phone number of enemy here]! Please disable it!"
Police or Phone Co. Rep: "Can you prove you are Josephine Smith?"
Bad Person: "Um no, my purse and ID were stolen as well."
Police or Phone Co. Rep: "Okay."
I'm sure someone will say, "But they could set up a secure, password-protected site for you to use to disable your phone." Secure, uh-huhn, uh-huhn.
It also works to pre-disable a stalking victim's cellphone, reducing the chances they can call the police when they need to.
And for the frosting on the cake...
Victim: "Hey, phone company person, great news! The police recovered my phone and got it back to me! Please unblock it."
Phone Co. Rep: "I'm sorry, we don't do that. It's policy. You have to buy a new phone."
Re: DDoS attack?
Anonymous Coward.... the police or phone company will never just say Okay.....the phone company will do some basic checks...what date does you bill go out of your account, can you name 4 numbers that you call most frequently, what bank account details are they attached on the account etc before they will block the phone if your not giving then full security information.
Re: DDoS attack?
And of course to unblock it you usually set another password when you block it.
The only people who lose here are fences and thieves.
Re: DDoS attack?
Possibly true, but how do you find out someone else's EMEI? AFAIK you need physical access to the phone to type a #code in for it to show the EMEI, and if bad person have physical access to their enemy's phone, he/she might as well just take the phone or throw it in a river or something
Apple already does this
My daughter left her iPhone 3 in a cab. Of course, the driver didn't bother to turn it in. She tracked it, sent a couple of texts to it with her work phone # and a request to call and arrange a return, then it was switched off.
So, she went to the Apple store, they happily wiped and locked it. Next day she gets a call about returning it. She ended up getting it back (with a new bumper case on it) and took it to the Apple store again, where they happily un-bricked it for her. She then restored her backed-up content and was on her way...until one of the buttons dies and she needed to get a new phone!
Welcome to the naughties. Do try and catch up.
I worked as a customer care rep for AT&T back when they were still Cellular One in the San Francisco Bay Area and whenever a phone was lost or stolen, we would disable the ESN (I think it stood for Electronic Serial Number or something like that). If someone tried activating the phone later, the ESN would show as disabled and the phone could not be activated. Did I miss something in the last 10 years of cell phone development or does it sound like somewhere along the line a useful feature was lost? http://www.ehow.com/how_6944678_verify-clean-sprint-esn.html
I remember a decade or so ago when mobile phones were stolen much more in the UK than they are now - and someone had this crazy idea of a total network blackout. Seems to work actually rather well - yes some phones still get robbed and end up going to Africa, but nothing like the volume it used to be when the scrotes could mug you for your phone and use it themselves. Instead of having to find a fence offering a pittance.
You know I still see phones on ebay that say this phone will not activate. People still buy them. So people don't care that they are most likely buying a stolen phone. Ebay does not car either,.
So long as there's a way of challenging a block if you can prove you acquired lawful title to the phone. A favourite scam of certain miscreants is to sell a phone they own on eBay, collect a few hundred quid from an innocent person, then report the phone as stolen and collect a few hundred more from their insurance company. The insurance company then contacts the telcos to block that phone via it's IMEI, rendering the innocent persons new phone a brick. Far as my legal training can tell, the original sale is valid, and the fact that the bad guy afterwards committed insurance fraud has no bearing on the innocent person having valid title to the phone, but try telling the telco's that once it's been blocked... they seem to think that because the guy afterwards reported it stolen and got an insurance payout, it suddenly becomes property of the insurance company and they don't have to lift a finger. Generally the police are uninterested too.
If it's only going to be implemented by 4 companies, wouldn't it make more sense to simply require that they provide access to their stolen-phone-table to the other three? Those that run compatible networks already have roaming agreements...
I don't know how communication between handsets and towers work, but surely every cell phone provider knows exactly which phones are within range of their towers without having to do anything at all, right?
Obviously it isn't this simple, but why does a new database have to be created?
1. For those who note that stolen IMEI/ESN's get blocked now, that is true, but only on that particular carriers network. This plan would allow the other networks to block them too.
2. For those noting the "self reporting" aspect, most carriers allow a person to call, identify their account and put a hold on a "lost or stolen" phone (same restrictions as number 1 though). Also, if the person wants a new phone via insurance, or credit for usage, a police report must generally be filed for a stolen phone, and the report number provided to the carrier/insurer.
3. One problem is restricting input access to the database for someone other than a carrier (e.g. government agency or 3rd party hacker type) to prevent the inclusion of IMEI/ESN's via malice or sinister government activity.
4. Another problem is to ensure that some sort of checks and balances are in place at the carrier level to prevent the same thing (item 3 above) from occurring at the carrier level and propogating upwards.
5. Finally, a method for a "legitimate owner" to challenge and clear inclusion to the list must be in place, and with a lower degree of hassle than removing your identity from the "terrorist no-fly" list.
6. One also wonders why other network providers aren't included initially, or even mentioned.
I think in answer to (6), all the remaining cell carriers are either MNVOs to one of the big four or have too small a coverage area to be of significance.