Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
18 Arrested for Altering Their Mobile Phones
By LEONARD BUDER, c.1987 N.Y. Times News Service
NEW YORK - In a federal attack on a crime made possible by the latest
technology, 18 New Yorkers were arrested Thursday on charges of using
illegally altered memory chips in their mobile telephones so they could
make calls without being charged for them.
Also arrested were seven others who, the authorities said, illegally
reprogrammed the chips and placed them in the mobile telephones. Such
telephones can be installed in vehicles or carried by individuals.
It was the first time anyone in the country had been arrested for this
kind of crime involving cellular telephones, said Thomas L. Sheer, the
assistant director of the Federal Bureau of Investigation who is in
charge of the New York office.
He said the problem of fraud in the cellular telephone industry had
grown significantly in the last six months and that Thursday's arrests
were the result of ''the first of a series of initiatives'' being
undertaken by the bureau and the Secret Service to counter fraud in
emerging technologies.
''Every new technology carries with it an opportunity to invent a new
crime,'' said Laurence A. Urgenson, the chief assistant U.S. attorney
for the Eastern District of New York.
The first commercial cellular mobile telephone service began late in
1983. According to the Cellular Telecommunications Industry
Association, there were nearly 682,000 customers of such phone services
at the end of last year.
Sheer said the government was making ''aggressive use'' of a federal
statute dealing with ''Fraud in Connection with Access Devices,'' that
was originally intended to combat credit card fraud but is now being
interpreted to cover frauds involving all computer-based or
computer-assisted systems. [...]
The 18 people who had the illegally altered chips installed ''awoke
this morning to find that their cellular telephones had been
disconnected'' electronically, Sheer said at a news conference held at
the bureau office at 26 Federal Plaza in lower Manhattan.
''They're going to get one phone call today,'' the FBI official added
- referring to the call a person is permitted to make after being
arrested - ''but it's not going through from a cellular telephone.''
The officials said the arrests followed a six-month investigation that
involved the use of a confidential informer who installed the chip and
federal agents working under cover. The authorities acknowledged the
cooperation of the Nynex Mobile Communications Co. in the
investigation. Sheer said the investigation was assisted by ''recent
technological advances in computerized telephone-switching equipment
and billing systems.'' [NB!!]
Sheer said that the fraud, which was not the product of an organized
conspiracy, cost local mobile telephone companies about $40,000 a month and
that nationwide, carriers of cellular services were losing about $3 million
a year because of frauds.
The authorities gave no details about the alteration of the chips. [...]
The most serious charge that could be brought against each carries a maximum
term of 10 years in prison and a possible fine of $250,000.
Sheer said the installers usually charged $500 to reprogram and
install two memory chips in a cellular phone. The chips, in their
unaltered state, are sold in computer equipment stores at a price of
two for 89 cents, an FBI agent said.
According to the federal authorities, each cellular mobile telephone
has a memory chip containing a mobile identification number, or M.I.N.,
and another containing an electronic serial number, or E.S.N. When a
mobile telephone call is made, the two numbers are automatically
transmitted to the mobile carrier.
The mobile carriers make a computer check of the E.S.N. to see if it
is valid. If it is, the call goes through and the cost is billed to the
billing number provided by the M.I.N. chip.
By using illegally reprogrammed chips, the federal complaint said,
other people were billed for calls made by those participating in the
fraud. [...]
(Martin Minow THUNDR::MINOW ML3-5/U26 223-9922 27-Mar-1987 0916)
To: "risks@csl.sri.com"@src.DEC.COM
Subject: "... and its fate is still unlearned..."; robotic exploration of Mars
From a Boston Globe editorial, 27 Mar 1987, on the local subway system:
Of the MBTA's four lines, only the Orange Line trains now run consistently
on time. In fact, the Orange Line has one of the best on-time records in
the nation — a record that some of the line's old-timers fear will be lost
when the antique manual-switching equipment is replaced by computerized
signals later this spring.
On the same issue's op-ed page, M. R. Montgomery writes about a
geophysicist's proposal for robotic exploration of Mars:
The lowest estimate for getting a robot to Mars and back is $10 billion, and
if you wonder why it's a nice round number, it's because the real cost is an
unknown double-digit billion — and 10 is the lowest one you can float, even
in front of a Mars-starved country.
... A lot of tiresome hogwash being floated about the benefits of
robotic exploration of Mars, of which the worst is the assertion that the
way to make advances in human-serving robots is to build one whose main
function is to go 50 million miles to pick up dirt.
... If you wanted to benefit mankind by improving robotic science,
you should start out with something really complicated, not something
trivial that is only expensive because it's happening 50 million miles away.
You could build a seeing-eye dog robot that understood the difference
between First Street and First Avenue, between the inbound streetcar and the
outbound cars, and never, ever, had to go to the bathroom.
But that would mean spending $10 billion on the visually handicapped, which
is not nearly as much fun as spending it on athletic men and women in silver
suits, and, all in all, even less enjoyable than spending it on our
geophysicists.
[RISKS received a bunch of Host-Unknown BARF messages from DEC. This is the reply I got from Richard when I reported the problem. PGN] The addresses are valid. It just happened that our DECnet node database was being updated at the time the messages were being processed. Due to the size or our database (~173 Kbytes) we have a window of vulnerability around 1:45am each night where some nodes won't be defined. [My reply noted that since Les Lamport now works for DEC SRC, SRC should have found a way to avoid this problem. Perhaps their software was written by a Byzan-tine-ager. (I continue to receive many messages each day resulting from idiosyncratic net software; I really wish it were more robust. I am not looking forward to the 1 April cutover.) PGN]
In RISKS 4.63 David Barto writes about experiences with auto-dialers, then
asks:
>Could this become a major RISK in the future, dialing wrong numbers
>for hours on end?
Scott Watson, the author of the Red Ryder terminal communications program for
the Mac, describes just what can happen when you turn an autodialer loose on
the world without making sure you're dialing the right number. (From the Red
Ryder 8.0 manual, by Scott Watson, reprinted without permission.)
"When I used to operate a BBS in my home, it had the bad habit of
crashing every day or two.... It was easy to tell when the BBS
crashed, because some jerk would then decide to start redialing my
voice line (just to see if there was a BBS connected _there_, I
suppose). Of course, he turned off his modem speaker... and there-
fore couldn't hear me screaming "Hullo?" (or much worse).... One
night, I got _very_ angry and answered the phone - twice per minute -
for over three hours. I suspect he got the message when his phone
bill arrived the next month - I hope he was calling from Boise."
If your modem doesn't have a speaker, (or doesn't respond "NO CARRIER")
you can listen in on a cheap phone plugged into the appropriate jack to
make sure you typed your number in right. Look before you leap.
It actually gets worse. It turns out that many (most?) banks ignore (or at least _used_ to ignore; hopefully they've learned, but I wouldn't bet on it) what's _written_ on the check/deposit stub/whatever if that field is already encoded in the magnetic character information at the bottom. For example, if there's already a "from" account encoded there, the operator isn't ask to enter one. Well, there's a slight bug in that system... What happens if someone goes into a bank branch, walks out with a stack of the blank "courtesy" deposit slips, takes them to a "shady" printer who encodes the person's account into the "to" field at the bottom of the form, and then replaces the forms in the bins in the bank. Eventually (within a few days, usually) this will get noticed, but assuming that all the doctored forms get used within a single day, and that many (most?) of the deposits falsely credited to the crook's account clear within a day or two, one could drop of the forms one day, and withdraw a substantial amount of cash a day or two later... Now, some banks have dealt with this by not offering the "courtesy" forms any more. Others have presumeably (hopefully!) dealt with it in other ways, with which I'm not familiar. But I wouldn't be surprised if this scam would still work with a significant number (5 or 10%? Even 1% would be useful, if one knew which 1%...) of banks... Comments? Is my information out of date? I have an aunt who is a teller for First Interstate Bank (side comment: isn't "FIB" a _wonderful_ acronym for a bank? :-), who told me some of this stuff, and I got other parts of it from several different books on electronic security (unfortunately, I don't remember the titles or authors of any of them..). Brent Chapman chapman@mica.berkeley.edu or ucbvax!mica!chapman
Please report problems with the web pages to the maintainer