Reply to post:

Wanted – have you seen this MAC address: f8:e0:79:af:57:eb? German cops appeal for logs in bomb probe

JetSetJim Silver badge

*if* the manufacturer retained this mapping (and presumably it would be the chipset manufacturer, and not the phone manufacturer as all this stuff is on a single system-on-a-chip like Snapdragons or MediaTek chips), then you can get an IMEI.

IEMI *is* used to authenticate a device when it attaches to the network, and certainly in the EU it is checked against a list of stolen devices so that in theory these are blocked from making calls, and so makes a stolen phone less valuable. I'm not sure how often this check is performed.

However, while IMEI is used to authenticate, it may not actually be stored anywhere - this may be implementation specific, although functionality should be present to do this in a standard EIR. Operators used to forbid non-locked-in phones on their networks, and so they'd need to use IMEI for that, however that's no longer the case, so it may well be that IMEI is no longer reliably stored at the operator for a subscriber. But you may well be able to set a watch for the IMEI so that when it is next used some lights flash, or whatnot, and that would get you the IMSI, and then, if it's not an anonymous pre-pay SIM, subscriber info follows, and call trace/legal intercept/geolocation can be activated for that device, and SWAT teams can swoop on locations...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020