Dear All,

I wonder if you can help me with something. A lot of you will be so much better informed than me on this issue and I need some advice!

I am writing an article on the new attempts by the main operators in the UK to stem the theft of mobile phones. The question is simple. How effective is this new shared database of stolen IMEI's in combatting fraudulent use of handsets? I would assume that if it is possible to change the IMEI then this would be a bit of a nonsense.

Since the government have made it a criminal offence to change the IMEI of a phone, I would assume that it is relatively easy (technically) to do so. Am I right in making this assumption?

I look forward to your replies

All the best

Neil

You would be correct in making the assumption that it is easy to change the IMEI number, but only on DCT-3 phones; that is any phone that doesnt have GPRS, as this requires an encription on the phone to protect the users details i.e. credit card number for buying servicers over WAP etc. Also the newer nokias require a special chip to be replaced(the IMEI nhumber can only be written once onto these)> i think im right in saying that any way.

But on the DCT-3 phones it is particularly easy to change IMEI number with commonly used software (it does other functions and has IMEI repair, which is needed after 'flashing' files to the phone) and a Mbus/Fbus cable Hence why it has been made illegal as you say.

With IMEI generators, a realistict IMEI number for any make of phone can be created and will be difficult to prove that it has been changed if the sticker on the phone with IMEI number has been removed.

I hope this helps and must say that IMEI changing IS ILLEGAL and i do not condone this in any way, shpe, or form. The imformation here is for educational purposes only.

Hope that helps. Need any other information, just ask. :)

How effective is this new shared database of stolen IMEI's in combatting fraudulent use of handsets? I would assume that if it is possible to change the IMEI then this would be a bit of nonsense.

The current shared database as far as DCT 3(Digital Core Technology) phones are concerned is fairly useless. DCT 3 phones include the Nokia 3310, 3410, 8210 and 5510 to name but a few. These phones in the DCT 3 group are generally older and can are easily customized software wise. The IMEI can be changed in the click of a few buttons, and the software is easily available. This solution is free, and if 99% safe to carry out, all you need is a data cable and software such as Knok.

On DCT 4 the newer generation things are different, Nokia 8310, 6510, 6310, 3510 are all DCT 4. The IMEI is stored on a separate chip which is OTP (One time programmable) which means it cannot be overwritten. This means if you had a blacklisted phone it will not work on any UK network, so your only option was to sell it over forums, this is no longer true. These chips can now be replaced; web sites such as http://www.gsmhacker.com/Product/DC...IMEIrebuild.htm sell these chips for $8 USD. With that you get a selection of 600 IMEI numbers. You then have to unsolder the original chip and fit the new chip. The installing process of the new chip is difficult as a reflow station is mandatory. Once this chip is replaced your phone should work normally. One problem that could arise is the fact that there is only 600 IMEI’s to choose from could result in duplicate IMEI numbers on separate phones which may result in the phone failing to work.

Please feel free to correct me if you find an error in any part of this.

Hope this answers all your questions. If you dont mind me asking where is this article being published. I live here in the UK and I'd be very interested in reading the finished article.

John

Thanks guys, That is indeed very interesting.

When you say DCT 4 is that only for phones that have GPRS i.e does GPRS=DCT4. If so, I beleive that is a very small part of the market... What about the new Java based phones? I heard somebody talking about MIDP the other day and wondered if this would have any impact on security....what is MIDP btw?

Unique....I do freelance work and will happily let you know once I have sold the story......and to whom!

Cheers

Neil

does GPRS=DCT4

No, I think there is at least one DCT 4 phone that doesnt have it. Although I cant find it:rolleyes:. All new phones have GPRS and all new phones are DCT 4. But to be DCT4 it doesnt have to have GPRS and vise versa.

A MIDlet is an application written for the Java 2 Micro Edition (J2METM) Mobile Information Device Profile (MIDP).
MIDP is intended for use on 'connected' devices having limited CPU, memory, keyboard and display capabilities, such as cell phones and pager devices.

The new Java phones allow users to download programs and games. This is on most DCT4 phones. The 6310 does have it yet the 6310i does.

Java programs WILL lead to the spread of viruses. You will soon need be be careful what you download and where you get it from.

John

This might be of interest

http://www.freeserve.com/news/national/story_news6.htm


My opinion is that the new law will have an impact, particularly when a few people have been convicted and sentenced.

Was just looking about and found some information that might help you.


The Law on IMEI Changing (http://www.uk-legislation.hmso.gov.uk/acts/acts2002/20020031.htm)
More Legal Stuff (http://europa.eu.int/comm/justice_home/eucpn/docs/aalborguk1.pdf)
Out of date, yet very informative (http://www.parliament.uk/post/pn064.pdf)


If you need anymore info feel free to contact me on msn or e-mail at [email protected] or on icq 168745780.

John

Thanks Guys, that really is very informative stuff.

Seems to me that as technology takes one step forward, the scumbags aren't far behind.

I would assume that this is a pretty common thing throughout Europe too, with some countries more geared up to combat crime than others.

Many thanks for the help chaps.

Best Wishes



Neil :)

Any luck with this? =)

John

I learned something interesting the other day.

The question of what will happen if two phone have the same IMEI number on the same network at the same time???

The answer - NOTHING

The reason - NEC (the phone manufacture)

This would have really helped the new laws (which I completely agree with as I have demonstrated many times in this forum) if two phones had the same IMEI they could be investigated and action taken, because one of the IMEI's must have been changed.

NEC had a huge computer system problem and for an undisclosed amount of time were producing phones that all have the same IMEI number, the number on the stickers were diffrent and diffrent on the boxes, the the one's programed into the phones were all the same.

I don't know which models or how many but if must be a lot. A I do know that this problem was only discovered when they brought in the new laws.

Thought this might be of interest.

Best Regards


Mark

hi neil just wanted you to assist me i got a nokia 6820 that is blacklisted by my network so is it possible to change the imei number and what software is needed

yea its illegal but what if the fon wasnt stolen and the owner wasnt located and he blacklisted the phone wouldn you try using it mostly coz its really cool

yea its illegal but what if the fon wasnt stolen and the owner wasnt located and he blacklisted the phone wouldn you try using it mostly coz its really cool

altho its illegal how about this. i have a phone that was on contract. and now i have not payed the bill orange have blacklisted the phone.
so i will change imei when i work out how.

ok i have no got all programs that i need.

still looking for a tut on using knok or rollis


any info is much apprciated.


thanks.

Within your first 12 months of contract, the phone still belongs to the network, so by not paying your bill, you are technically stealing it from Orange