Slashdot Mirror
Cell Phone CEOs Marked For Phone Cloning
Saint Aardvark writes "When Sarah Drummond got back from Israel, she found a cell phone bill
for more
than $12,000. She contacted her
cell phone provider to let them know that someone had stolen her
phone, but they weren't interested in helping her and told her she'd
have to pay. In preparing for small claims court, she and her partner
found out that not only does her company have the ability to spot
unusual activity on a cell phone account, the company executives' own phones have
been targeted by a group linked to Hezbollah. From the article: 'They were
using actually a pretty brilliant psychology. Nobody wants to cut off
[CEO] Ted Rogers' phone or any people that are directly under Ted
Rogers, so they took their scanners to our building, like our north
building, where our senior top, top, top executives are. They took
their scanners there and also to Yorkville, where there are a lot of
high rollers and like it would be a major PR blunder to shoot first
and ask questions later. . . . Nobody wants to shut off Ted. Even if
he is calling Iran, Syria, Lebanon, and Kuwait.'"
Sounds like just the sort of thing the USA PATRIOT Act was meant to stop, but somehow I doubt that the FBI is going to step in.
Well, considering the fact that Rogers Wireless is a Canadian company, and as far as I know, doesn't operate in the United States, I'd be deeply disturbed if the FBI stepped in.
God save our Queen, and Heaven bless The Maple Leaf Forever!
Cell phone companies are masters of telling you one thing but getting you to sign a contract that says something else. When I wanted to add my kid to my family share plan, I told my carrier (Verizon) that I wanted to limit the number of minutes that a phone could call in a month in case a friend stole the phone. They told me that they couldn't do that. Then, without asking, the rep said "but if your phone gets stolen then we'll waive the charges." I told her that I'd accept that if she's put it in writing, but she said she couldn't do that.
Here's my advice - never, ever, ever trust a cell phone company. Once they have your signed contract, they have no reason to let you off the hook. They love this kind of stuff because people often just pay the bill rather than taking on the expense of hiring a lawyer. In a case like this, I'd just threaten the cell phone company with a class action lawsuit on behalf of the thousands of people who have had this happen to them in the past. The cell phone company, if they are going to put you on the hook for the bill, then has a fiduciary obligation to protect your interests and do everything in their power to stop this kind of fraud. If they don't then they are negligent and share in responsibility to pay the bill.
If you're really worried about this, get a pay-as-you-go phone. There are plans out there today that compete very well with regular service and some even allow you to use your minutes for more than one or two months.
If you don't want crime to pay, let the government run it.
Well the reason credit ratings are important is they can.
B K12
Prevent you from getting credit, this includes such thing as electric service without substantial deposits.
It could prevent you from getting the loan, or a good rate on a car or mortgage.
You might not get an apartment if you are unable to pay.
Or a job
It could raise your insurance rates.
Quite simply poor credit is a black mark that could affect much of how you live your life.
As for disputing, they have to correct all wrong information upon being informed it's long.
http://www.canlaw.com/credit/creditreportlaw.htm#
Simply ignoring it and hoping it will go away is naive and dumb.
She teaches law, at one of the most prestigious law schools in Canada. I'm sure she can prosecute her case in small claims court, where she filed it.
Ad nausea, I work for a large cell carrier.
I investigate these types of charges on a weekly basis. And when something like this happens, we investigate and write off all the charges no problem.
I am sure her phone was stolen. But where was it stolen from? Her house? Her car?
Note the article said her phone was STOLEN, not cloned, two very different actions.
More than likely she had it with her. It was stolen and she did not notice it gone. And when she got home she had a huge phone bill.
If the phone was stolen in her home country, she could have filed a police report, showed it to rogers and they would have written it off.
If the phone was stolen overseas, when she noticed it gone, should have immediately called and reported in.
As someone who travels internationally, I tend to keep the phone with me on trips. Most people do. The article is very light on these details.
If it was a GSM phone they generally need access to the phone and have to grab and clone the sim. So physical access is needed for the device.
The article mentions that the owners of rogers got scanned and cloned. When was it, soounds like they used TDMA phones, which was probably a few years back when it happened.
Rogers is GSM and I would imagine the pres and his execs would have using gsm for at least 2 if not three years for now.
I googled for info on this and could not find any article about the CEO of rogers being cloned.
A lot of times the maids in hotles, cruise ships, will use the customers phones when they are not around. That is why if you leave a phone in a room that is not your own, lock it, hide the sim. Battery in a different place. Little personal responsibility.
So I think before we pass judgment we should get the rest of the story.
Puto
The Revolution Will Not Be Televised
Firstly, Rogers appears to be running a GSM network, so cloning the phone means NOTHING WHATSOEVER and is actually quite unnecessary -- any 'ol GSM phone will work.
What you need to clone is the SIM - the little chip that is associated with your number. Stick it in any GSM phone (more or less) and off you go, you have that subscriber's identity.
While it is possible to clone a SIM, you need access to the SIM and a smart card reader for several hours to crack the encryption. (At least in the earlier SIMs, they may have improved the situation since, I hope so.) This isn't a matter of reading an identification number off, you need to read off the private key from the SIM - something that was supposed to be imposssible but there are weaknesses in certain versions of the encyption algorithm.)
Anyway, this particular case is not about SIM cloning, merely boring old cellphone being stolen. (It's admitted as such when the article states, "Ms. Drummond quickly determined what had happened: Someone had stolen her phone while she was away. She called Rogers Wireless, which told her there was nothing it could do, and she would have to pay the entire amount".)
The whole misleading piece about phone cloneing is mostly sensational journalism - it seems some employees claimed that some terrorist groups cloned the CEO of the cellphone's company's cellphone. (And remember that the person at the centre of the story - one Ms Drummond - merely had her phone stolen, a much more boring case.)
Anyway, Ms Drummond failed to notify her cellphone provider that her cellphone was stolen and then complained that the theif used it. The fraud detection system didn't detect it and it seems she therefore argues that it's not her fault. Even though I'd guess the cellphone company doesn't owe you anything when it comes to detecting fraudlant use of your phone.
Moral of the story: As soon as you know your SIM is stolen, CONTACT YOUR CELLPHONE COMPANY! They can block outgoing calls on it saving you a lot of money.
(GSM cellphone companies can also block phone IMEI's - stopping a theif from using that phone in the future - but only do this once the phone is known stolen as it's a real pain to get that undone.)
If her phone/SIM had been cloned, then yes, the cellphone company would have an issue on its hands. As it is, all that's happened is silly girl didn't report a stolen phone. Happens all the time, nothing to see here, move along.
Oh, and it's easy for a cellphone company to transfer a number to a new SIM.
The article seems to indicate that she discovered her phone had been stolen after the bill came. The way I read the article, she didn't necessarily have the phone with her. Based on what the article says, she could have easily returned home, picked up her mail (which would naturally be high on the list of things to do when returning home from a long trip), opened the "major" bills, then went looking for the phone after she saw the bill. I'm not saying that's for sure what happened, but it looks that way to me.
If you don't want crime to pay, let the government run it.
Were you reading the same article as the rest of us?
1) Cloning is the process of mimicking a cell phone's identity such that calls you make appear to have been made from your unsuspecting victim's phone.
2) Hezbollah IS a terrorist organization. Where have you been that you do not know this?
3) The CEO is paying for the TERRORISTS' calls, not the other way around!
RTFA!
Absolutely. Those who don't fight for their themselves don't deserve much respect. But then you go so wrong...
It's just as likely that the phone company itself invented this charge out of thin air to buffer its slumping revenues as it is that "hackers" did it.
Wow. You find it just as likely that corporations will invent crimes with no basis in fact (no matter how twisted?). I know Corporations Are Evil (TM) and all ... but isn't this paranoia a little extreme? "I find it just as likely that PETA skins animals alive themselves to make a point about protecting animals." Ok. I can see why someone would propose that - but just as likely? Hardly.
I would not settle for a penny.
Again, perfect. Those who roll over deserve to be trampled on, but...
And I'd start killing executives if they tried to garnish my wages.
Start killing people? Granted I'm a bit of a pacisifist generally, but even the war-mongers amongst us must be pretty alarmed by that. Start suing, ok. Start yelling at - fine. Start punching - sure. But killing?
You may want to seek professional help.
Sarcasm and hyperbole are the final refuges for weak minds
Let me explain why "let things run their course" does not work with credit reports.
Someone I used to work with got an unpleasant surprise when he was applying for a car loan. He was rejected due to bad credit. He got a credit report and found out that he had a bounced check from a gas station in Oregon a year previous. He had never been to Oregon before.
He contacted the station owner to find out that someone with the same first and last name as him had passed a bad check. The account had long since been closed and that name was no longer living at the account's address, so the owner searched the web and found a hit on the name, my coworker, and filed a nonpayment record on his credit report.
Now whether the owner believed him or not that it was not him, it really did not matter. The owner wanted his $28 and was not going to remove the mark until he paid him. This is extortion. And in this case, there's really nothing you can do about it.
He ended up sending a money order for $28 plus bounced check charge to the owner, who then removed the mark from his credit report.
Now in this case the owner had at least something tangible (the check) and at least a very weak reason to point the finger, (same name) but really, he didn't even need that. He could have just decided to thumb through the phonebook and file a false report on anyone he spotted, and really there is no easy recourse for the victim. Eventually the mark on the report will expire, but all you can do is wait if the person really does not want to remove it or is extorting you and you don't feel like paying him off.
Whoever set up the credit reporting system with so weak of safeguards and checks/balances, needs to be slapped repeatedly.
I work for the Department of Redundancy Department.
Yes, the phone does transmit some identifying information once authorised - but identification is not authentication!
To authenticate and authorise the phone/SIM pair to the network, the phone is just a go-between, shuttling information from over-the-air to the SIM and back again. (In case you're not aware, the SIM is a physical chip. In the old days, it was a smart card; these days it's just the chip of a smart card on a piece of plastic just a little larger than the chip.)
The network sends an unique challange to the SIM (via the phone) and the SIM has to respond approproately using shared-secrets and techniques not too dissimilar from private-key / public-key cryptography. Replaying this is of no value to you because next time you want to authenticate, the challange will be different! (And I believe the Network is also authenticated to the SIM as well - I don't know the details that well).
The theory is that the shared secret (Ki) is never transmitted over the air - it's known to the network and to your SIM and that is all - it was designed to it was impossible to retreive it directly from the SIM.
It is an active process involving bidirectional communication, not a passive "this is my number".
Or the phone was cloned without her knowlege. In that case she could be happily using her phone normally, then get home to see the $12,000.00 bill.
"Just because you do not take an interest in politics doesn't mean politics won't take an interest in you." --Pericles
In my opinion, as soon as you're reasonably sure. Most cellphone providers can do a simple block on your SIM (block outgoing calls) that is fairly easy to put on and take off - so as soon as you think it's stolen, I recommend doing that. Just contact their customer service line. This will protect you from this lady's situation of someone running up big bills on your account.
If you find the phone again, ring up the customer services and get the block removed. Not usually a big deal; takes only a few minutes.
If it really seems lost/stolen, blocking the IMEI number (ie: the phone's unique ID, not the SIM card's) is a good idea if your provider can do that. While this is often a lot harder to undo (providers often state that it is impossible to undo or refuse to do so), it means that your theif cannot use their ill-gotten cellphone. (If they steal your cellphone and swap the SIM, they'll have your phone but they'll be using their own account for outgoing calls. Blocking the IMEI will stop them using your phone even if they swap the SIMs.)
This is obivously GSM flavoured advice. I'm unfamilar with other network technologies; some of it may carry over, some may not.