The RISKS Digest
Volume 4 Issue 69

Friday, 27th March 1987

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Cellular phone fraud busts
thanks to Geoff Goodfellow
"... and its fate is still unlearned..."; robotic exploration of Mars
Martin Minow
Re: Returned mail — "Host unknown"
Richard Schedler and PGN
Re: Phone problems
Larry E. Kollar
Re: ATM experience
Brent Chapman
Info on RISKS (comp.risks)

Cellular phone fraud busts

the tty of Geoffrey S. Goodfellow <Geoff@CSL.SRI.COM>
Fri 27 Mar 87 08:22:15-PST
18 Arrested for Altering Their Mobile Phones
By LEONARD BUDER, c.1987 N.Y. Times News Service

    NEW YORK - In a federal attack on a crime made possible by the latest
technology, 18 New Yorkers were arrested Thursday on charges of using
illegally altered memory chips in their mobile telephones so they could
make calls without being charged for them.
    Also arrested were seven others who, the authorities said, illegally
reprogrammed the chips and placed them in the mobile telephones. Such
telephones can be installed in vehicles or carried by individuals.
    It was the first time anyone in the country had been arrested for this
kind of crime involving cellular telephones, said Thomas L. Sheer, the
assistant director of the Federal Bureau of Investigation who is in
charge of the New York office.
    He said the problem of fraud in the cellular telephone industry had
grown significantly in the last six months and that Thursday's arrests
were the result of ''the first of a series of initiatives'' being
undertaken by the bureau and the Secret Service to counter fraud in
emerging technologies.
    ''Every new technology carries with it an opportunity to invent a new
crime,'' said Laurence A. Urgenson, the chief assistant U.S. attorney
for the Eastern District of New York.
    The first commercial cellular mobile telephone service began late in
1983. According to the Cellular Telecommunications Industry
Association, there were nearly 682,000 customers of such phone services
at the end of last year.
    Sheer said the government was making ''aggressive use'' of a federal
statute dealing with ''Fraud in Connection with Access Devices,'' that
was originally intended to combat credit card fraud but is now being
interpreted to cover frauds involving all computer-based or
computer-assisted systems.  [...]
    The 18 people who had the illegally altered chips installed ''awoke
this morning to find that their cellular telephones had been
disconnected'' electronically, Sheer said at a news conference held at
the bureau office at 26 Federal Plaza in lower Manhattan.
    ''They're going to get one phone call today,'' the FBI official added
- referring to the call a person is permitted to make after being
arrested - ''but it's not going through from a cellular telephone.''
    The officials said the arrests followed a six-month investigation that
involved the use of a confidential informer who installed the chip and
federal agents working under cover. The authorities acknowledged the
cooperation of the Nynex Mobile Communications Co. in the
investigation. Sheer said the investigation was assisted by ''recent
technological advances in computerized telephone-switching equipment
and billing systems.''                                            [NB!!]
    Sheer said that the fraud, which was not the product of an organized
conspiracy, cost local mobile telephone companies about $40,000 a month and
that nationwide, carriers of cellular services were losing about $3 million
a year because of frauds.
    The authorities gave no details about the alteration of the chips. [...]
The most serious charge that could be brought against each carries a maximum
term of 10 years in prison and a possible fine of $250,000.
    Sheer said the installers usually charged $500 to reprogram and
install two memory chips in a cellular phone. The chips, in their
unaltered state, are sold in computer equipment stores at a price of
two for 89 cents, an FBI agent said.
    According to the federal authorities, each cellular mobile telephone
has a memory chip containing a mobile identification number, or M.I.N.,
and another containing an electronic serial number, or E.S.N. When a
mobile telephone call is made, the two numbers are automatically
transmitted to the mobile carrier.
    The mobile carriers make a computer check of the E.S.N. to see if it
is valid. If it is, the call goes through and the cost is billed to the
billing number provided by the M.I.N. chip.
    By using illegally reprogrammed chips, the federal complaint said,
other people were billed for calls made by those participating in the
fraud.  [...]

Fri, 27 Mar 87 06:30:39 PST
      (Martin Minow THUNDR::MINOW ML3-5/U26 223-9922  27-Mar-1987 0916)
To: ""@src.DEC.COM
Subject: "... and its fate is still unlearned..."; robotic exploration of Mars

From a Boston Globe editorial, 27 Mar 1987, on the local subway system:

  Of the MBTA's four lines, only the Orange Line trains now run consistently
  on time.  In fact, the Orange Line has one of the best on-time records in
  the nation — a record that some of the line's old-timers fear will be lost
  when the antique manual-switching equipment is replaced by computerized
  signals later this spring.

On the same issue's op-ed page, M. R. Montgomery writes about a
geophysicist's proposal for robotic exploration of Mars:

  The lowest estimate for getting a robot to Mars and back is $10 billion, and
  if you wonder why it's a nice round number, it's because the real cost is an
  unknown double-digit billion — and 10 is the lowest one you can float, even
  in front of a Mars-starved country.

  ... A lot of tiresome hogwash being floated about the benefits of
  robotic exploration of Mars, of which the worst is the assertion that the
  way to make advances in human-serving robots is to build one whose main
  function is to go 50 million miles to pick up dirt.
  ... If you wanted to benefit mankind by improving robotic science,
  you should start out with something really complicated, not something
  trivial that is only expensive because it's happening 50 million miles away.
  You could build a seeing-eye dog robot that understood the difference
  between First Street and First Avenue, between the inbound streetcar and the
  outbound cars, and never, ever, had to go to the bathroom.

  But that would mean spending $10 billion on the visually handicapped, which
  is not nearly as much fun as spending it on athletic men and women in silver
  suits, and, all in all, even less enjoyable than spending it on our

Re: Returned mail — "Host unknown"

Richard Schedler <schedler@src.DEC.COM>
Fri, 27 Mar 87 11:32:03 PST
   [RISKS received a bunch of Host-Unknown BARF messages from DEC.
   This is the reply I got from Richard when I reported the problem.   PGN]

The addresses are valid.  It just happened that our DECnet node database was 
being updated at the time the messages were being processed.  Due to the 
size or our database (~173 Kbytes) we have a window of vulnerability around
1:45am each night where some nodes won't be defined.

   [My reply noted that since Les Lamport now works for DEC SRC, SRC should
   have found a way to avoid this problem.  Perhaps their software was
   written by a Byzan-tine-ager.  (I continue to receive many messages each
   day resulting from idiosyncratic net software; I really wish it were more
   robust.  I am not looking forward to the 1 April cutover.)  PGN]

Re: Phone problems (RISKs in auto-dialers)

Larry E. Kollar <ucbcad!ames!seismo!gatech!dcatla!mclek@ucbvax.Berkeley.EDU>
Wed, 25 Mar 87 09:00:46 EST
In RISKS 4.63 David Barto writes about experiences with auto-dialers, then
       >Could this become a major RISK in the future, dialing wrong numbers
       >for hours on end?

Scott Watson, the author of the Red Ryder terminal communications program for
the Mac, describes just what can happen when you turn an autodialer loose on
the world without making sure you're dialing the right number.  (From the Red
Ryder 8.0 manual, by Scott Watson, reprinted without permission.)

     "When I used to operate a BBS in my home, it had the bad habit of
     crashing every day or two....  It was easy to tell when the BBS
     crashed, because some jerk would then decide to start redialing my
     voice line (just to see if there was a BBS connected _there_, I
     suppose).  Of course, he turned off his modem speaker... and there-
     fore couldn't hear me screaming "Hullo?" (or much worse)....  One
     night, I got _very_ angry and answered the phone - twice per minute -
     for over three hours.  I suspect he got the message when his phone
     bill arrived the next month - I hope he was calling from Boise."

If your modem doesn't have a speaker, (or doesn't respond "NO CARRIER")
you can listen in on a cheap phone plugged into the appropriate jack to
make sure you typed your number in right.  Look before you leap.

Re: ATM experience [Bruce McKenney, RISKS-4.66]

Brent Chapman <chapman%mica.Berkeley.EDU@BERKELEY.EDU>
Thu, 26 Mar 87 23:14:35 PST
It actually gets worse.  It turns out that many (most?) banks ignore (or at
least _used_ to ignore; hopefully they've learned, but I wouldn't bet on it)
what's _written_ on the check/deposit stub/whatever if that field is already
encoded in the magnetic character information at the bottom.  For example,
if there's already a "from" account encoded there, the operator isn't ask to
enter one.

Well, there's a slight bug in that system...  What happens if someone goes
into a bank branch, walks out with a stack of the blank "courtesy" deposit
slips, takes them to a "shady" printer who encodes the person's account into
the "to" field at the bottom of the form, and then replaces the forms in the
bins in the bank.  Eventually (within a few days, usually) this will get
noticed, but assuming that all the doctored forms get used within a single
day, and that many (most?) of the deposits falsely credited to the crook's
account clear within a day or two, one could drop of the forms one day, and
withdraw a substantial amount of cash a day or two later...

Now, some banks have dealt with this by not offering the "courtesy" forms
any more.  Others have presumeably (hopefully!) dealt with it in other ways,
with which I'm not familiar.  But I wouldn't be surprised if this scam would
still work with a significant number (5 or 10%?  Even 1% would be useful, if
one knew which 1%...) of banks...

Comments?  Is my information out of date?  I have an aunt who is a teller
for First Interstate Bank (side comment: isn't "FIB" a _wonderful_ acronym
for a bank?  :-), who told me some of this stuff, and I got other parts
of it from several different books on electronic security (unfortunately,
I don't remember the titles or authors of any of them..).

Brent Chapman or ucbvax!mica!chapman

Please report problems with the web pages to the maintainer