PTA is telling us that their new initiative to curb cell phone crime will be active from 30th September 2006.
Chairman PTA said that the mobile operators have already been directed to install Equipment Identity Register (EIR) system which enables a stolen or snatched cell phone to be blocked through its International Mobile Equipment Identity (IMEI) which is a unique number of every cell phone in the world. The Chairman said that once this system starts functioning, the magnitude of this menace will be decreased significantly.
Given the extent of the problem, the media is also building high expectation of this announcement which needs some scrutiny. The effort relies on two concepts:
- That everyone will press *#06# and will record the unique IMEI number of his/her cell number and that he/she shall be able to retain it in a safe place and report it to the police when/if the phone gets stolen
- That everyone owning a cellular phone is comfortable in registering his/her cell phone loss with the local police
- That the IMEI is something that cannot be changed on the phone
International Mobile Equipment Identity or IMEI for short is supposed to be unique on each of the GSM phone in the world. However, as it turns out, IMEI can be forged. Given the expertise of the local cell phone market wizards, the EIR set up is going to be of little use.
An old entry of Setp 2004 of ITU Daily, an article titled ‘Crime Prevention for Mobile Networks’ makes interesting reading. While noting that SIM cards are hard to replicate (i.e. reproduced illegally) because of the advanced encryption algorithms employed in the formation of SIM, IMEIs can be re-programmed and forged easily.
When an attempt is made to connect a stolen phone to any network, the IMEI can be interrogated and, if the operator is connected to the CEIR, it will register as stolen and the handset barred from making or receiving any calls. However, a major weakness of this approach has been the fact that some IMEIs are are neither unique nor as secure as they could be.
BBC’s news archive of 2002 record comments from all top cellular companies (BT, Vodafone, Organe, Virgin Mobile etc) confirming that we should not bind high expectations from the EIR (or the CEIR as it is called elsewhere) set up. The BT-Cell rep says “New IMEIs can be programmed into stolen handsets and 10% of IMEIs are not unique.”
Because of the way the IMEI is stored on cell phones (permanent vs writable memory space), phones may or may not be reprogrammed to change their original IMEI. Bad news: Most of the models from Nokia (most popular brand in Pakistan) can be re-programmed.
Nokia phones that can be unlocked: 1100, 1101, 1110, 1600, 2100, 2300, 2600, 2650, 2652, 3100, 3120, 3200, 3220, 3210, 3230, 3300, 3310, 3330, 3410, 3510, 3510i, 3650, 3660, 5100, 5110, 5130, 5140, 5146, 5210, 5510, 6020, 6021, 6030, 6100, 6101, 6110, 6111, 6130, 6150, 6170, 6210, 6220, 6230, 6230i, 6250, 6260, 6310, 6310i, 6510, 6600, 6610, 6610i, 6650, 6670, 6800, 6810, 6820, 6822, 7110, 7200, 7210, 7250, 7250i, 7260, 7270, 7280 7600, 7610, 7650, 7700, 7710, 8210, 8310, 8800, 8810, 8850, 8890, 8910, 8910i, 9110, 9110i, 9210, 9210i, 9300, 9300i, 9500, and N-Gage, N-Gage QD
Someone please show PTA the worldwide marketplace of GSM Phones Programming and Reverse Engineering.