Stolen Cellphone Databases Switched On In US

alphadogg writes "U.S. cellphone carriers took a major step on Wednesday toward curbing the rising number of smartphone thefts with the introduction of databases that will block stolen phones from being used on domestic networks. The initiative got its start earlier this year when the FCC and police chiefs from major cities asked the cellular carriers for assistance in battling the surging number of smartphone thefts. In New York, more than 40 percent of all robberies involve cellphones and in Washington, D.C., cellphone thefts accounted for 38 percent of all robberies in 2011."

Welcome

[ledow]

Welcome to the 21st Century.

The EU has had this for over a decade.

Re:Welcome

[CuriousGeorge113]

So has Verizon Wireless.

Doesn't prevent someone from flashing new software and using it on another carrier, but VZW uses CDMA. That limits your options to Sprint, Cricket, and a handful of regional carriers.

Re:Welcome

[itsme1234]

Not EU, UK maybe.

Re:Welcome

[Psyborgue]

You could always flash it with a good ESN you got from some other phone -- perhaps an irreparably broken one or an old phone of a different model. There is software that'll do it. That'll get you back on VZW / Sprint, or wherever the phone came from and is likely a lot easier than the full flashing process you're talking about. Look on craigslist. There are plenty of "Bad ESN" phones being sold out there, especially with cracked screens (or badly repaired ones). I'm willing to bet most thieves don't ask you which carrier you're on before they knock your phone out of your hand. They have to offload the CDMA phones somehow and there is a market.

Re:Welcome

[h4rr4r]

I thought Verizon only used that list for people who did not pay their bill?

I don't think they use it for stolen phones.

Re:Welcome

The US will leapfrog over the chip and go directly to NFC, which not coincidentally is the same as "smart card" technology, just with a wireless interface instead of the gold plated electrical contacts.

Re:Welcome

[ThatsMyNick]

How do plan to power the NFC chips? Batteries? Or are you expecting cell phones to become the new credit cards? I would rather steal power from the chip reader, in which case it is easier to use an EU chip card. A few feet difference doesnt make much of a difference to me.

Re:Welcome

[GodfatherofSoul]

Welcome to the United States. If it inconveniences Corporate America, it's bad for America.

Re:Welcome

[jonbryce]

The NFC chip is powered by an induction coil in the reader. In London, the Oyster card is a pre-paid NFC card that can be used to access public transport. There are similar systems elsewhere in the world, including some US cities. We also have some NFC credit cards in circulation, and some places that take them, such as McDonalds, though they are not yet in widespread use.

Re:Welcome

[jonbryce]

Certainly in the UK, it is a common database used by all 4/5[*] carriers, and I believe the database is shared with other countries around the world.

[*] Orange and T-Mobile are now the same company. I'm not sure if they have fully merged their networks yet, if not, they plan to very shortly.

Re:Welcome

You can and I used to have a phone reprogrammed to give me a random IMEI each time I started it. It's just harder to change IMEI and there are also laws against it.

Re:Welcome

[ThatsMyNick]

I know it is good enough to power the radio circuits (like an RFID chip), but it is good enough to perform encryption on chip? The EU chip card, is pretty much a chip that uses the chip reader to communicated with the bank.

Re:Welcome

[ThatsMyNick]

The NFC credit cards in the US do nothing more than the magnetic strip can do, as far as I understand (I have a couple, that I microwaved as soon as I received them). There is not advantage to it, than say swiping your card.

Re:Welcome

[demonlapin]

We pay a pretty significant early adopter price for infrastructure tech here. We installed magstripe readers everywhere over 20 years ago.

Re:Welcome

[jhoegl]

Regardless, what if someone typos your ESN over another. How does one prove they should not be on the list?

Re:Welcome

[viperidaenz]

Backwater New Zealand has NFC, Blacklists and chip cards. Why is the rest of the world so slow to adopt new technology?

Re:Welcome

[Kalriath]

Except 2degrees, who because of their American owner insist they don't need an IMEI blacklist because "stolen phones aren't a problem".

Re:Welcome

[ThatsMyNick]

Interesting. I still, personally, would prefer the contact chip though. I dont see the real advantage of using a contactless one. Other than, 'ohh, wireless, that is cool' factor.

Re:Welcome

[Ksevio]

It cuts down on wear and tear if you don't have to run it through a card reader as much. You also don't have to take it out of your wallet if that's the only NFC card you have - though that works better for other systems.

Re:Welcome

[dougmc]

Regardless, what if someone typos your ESN over another. How does one prove they should not be on the list?

Simply calling the carrier and telling them it's your phone and you did not steal it would probably suffice.

If you bought it on craigslist or ebay, then it probably is stolen, and maybe the police will take it off your hands and return it to the rightful owner.

If you bought it new from the carrier and somebody just fat-fingered the ESN, you'll just show them the receipt (or your carrier will provide proof) that you did buy it and it's not stolen and they'll fix it. It may be that only phones purchased new from the carriers will be so entered anyways, so they're not likely to make such mistakes (as they'll have a record of exactly what phone you bought and have been using.)

Certainly, I would not expect thieves and people who know they have stolen phones to contact the carriers about their phones being disabled (as it's a good way to go to jail), so anybody who contacts them and says the phone wasn't stolen probably could be reasonably trusted. The only exceptions will be people who bought used phones -- and in that case, the serial numbers and ESNs could be verified and if it's the stolen phone, return it, and if not, fix the database.

Re:Welcome

[Cimexus]

Hell, welcome to the 20th century. Some countries had IMEI blocking across GSM networks in the 90s...

Re:Welcome

[jonbryce]

The main advantage is that it is much quicker.

Re:Welcome

[bernywork]

Wear.

Contact chips used in chip and pin cards have to be regularly replaced. Contactless cards last... I'd nearly even say indefinitely. I've had my current Oyster card for 8 or so years now (Lost my last one when I lost my wallet) my chip based cards need replacing at least every 2 years.

Re:Welcome

[bernywork]

There is a cost of change.

The UK banks are a prime example, there is so many inter-dependant systems, not only within the bank, but also with everyone who they interact with. This all needs to change; in NZ with a smaller population, smaller number of customers and subsequently smaller systems and interactions it's a LOT easier to be more nimble.

Re:Welcome

[viperidaenz]

We also have a lot less money. Most big cities have more people than our country. London city alone has nearly twice the population of New Zealand.

Re:Welcome

[dougmc]

You're not thinking like Kevin Mitnick.

Nope, probably not.

"How could one game the system?"

Well, I guess we'll soon find out, won't we? (I don't expect large problems, but we'll see ...)

Re:Welcome

[ledow]

You miss the point.

The EU has had this for ten years and there's never been any problem enough to generate a reputation like you're suggesting.

You think identity theft is any less common in Europe than the US? Don't talk insane. The fact is, mobiles reported as stolen to the police are put on the database and blocked (and thus can't be reused without shipping them to, say, a non-compliant country who don't care about stolen mobiles).

If you want to report a mobile phone as stolen, you think they don't check that you owned it first? And if your mobile is marked as stolen "by accident", it will block calls and you will know instantly and you can prove you own it or not, and discuss it with your carrier.

I've known any amount of people have their phones stolen, blocked, the phones were then dumped AND RETURNED and they were unblocked and never affected by it. I've also had to personally report a phone stolen because it never arrived from the initial order. I had three months of fighting about contracts, etc. but it was listed on the IMEI blacklist within seconds so was useless to any thief (it would have cost more to hack / export than it would have to buy the damn phone).

The IMEI blacklists have been in operation for YEARS and this isn't a problem enough for ANYONE in the countries they operate it to consider worthy of report, and it works so well that people report them voluntarily even if they are just lost in the post, and the police and mobile companies add them the second they are asked to.

If you can false-report a phone as stolen, you have access to order a new phone, cancel the contract, up the contract, order additional services, reroute the number. You're already stuffed. If your number is blocked wrongfully, it takes only minutes to prove who you are to the same extent as modifying your contract itself, and that's enough to remove you from the list.

Not saying that it *can't* be done, but it's *not* a problem.

Re:Welcome

[RockDoctor]

Wireless is cool?

When did that happen? Or is this a marketing aspiration? What is this "cool" thing anyway (I don't think that you're referring to a thermodynamic comparison), and what self-respecting nerd ("News for Nerds ; stuff that matters") gives a shit about it.

Re:Welcome

[RockDoctor]

I'd pity London and Londoners, except for two trhings : it's London, and they're Londoners.

(I grew up in an overspill town ; if London is so great, how come millions are struggling to get out of the place?)

Why

[Shamanin]

The cellphone is less of the cost than the service.

Re:Why

[ArcherB]

The cellphone is less of the cost than the service.

Because they can sell the phone at just below "off contract" prices. Remember, the cost of cell phones if you purchase them outright is about 2-3x what it is if you buy them on contract. If you are on contract and lose your phone, the replacement is full price. Or, people can buy these phones and use them on non-contract networks that tend to be cheaper since they usually don't offer phone discounts.

Re:Why

[Skynyrd]

I sold an iPhone 3s for $175 on eBay, just after the 4s came out. I was due for an upgrade, so I sold my old phone.

I would get the same $$ if I stole yours and sold it. The cost of the service is irrelevant the the thief, as long as he can get good money for a stolen phone.

Re:Why

[Microlith]

the cost of cell phones if you purchase them outright is about 2-3x what it is if you buy them on contract

Nonsense. The cost of a cell phone you buy on contract is usually more, as you repay the subsidy discount and then some in the service fees over the duration of the contract. Losing your phone only means they get to bone you harder.

Re:Why

[demonlapin]

You are obviously unfamiliar with the American mobile market. Other than T-Mobile, none of the majors offer a discount on monthly service if you bring your own phone. Taking the subsidized handset is the logical choice.

Re:Why

[demonlapin]

You're on an English-speaking website based in the US, discussing the US mobile market. The World [sic] is Potentially Interesting But Ultimately Not Germane.

Re:Why

[Cimexus]

Not really - the service includes a large premium used to amortise the cost of the handset. This becomes quite plain when you look at the comparative costs of the handsets and service in other countries where people tend to buy phones outright/don't use contracts/BYO phone.

For instance, an iPhone or higher-end Android device costs typically $500-$1000 outright in most countries. A lot of people buy them outright then put them on a relatively cheap plan (e.g. $15 a month). Losing the handset is a big deal in that scenario ... the service is cheap.

Understood that this has little relevance to the US mobile market where virtually everyone buys phone+plan as a 2 year contract and pays the handset off as part of the plan price. But to simply say that the cellphone 'costs less' than the service isn't really right.

Great! Until....

Carriers decide to start using the exact same technology to block users from re-selling used phones.

Hello?

[mfh]

Yes, hi this is Jonny Law. You can pull over with your hands-free up!

Re:Is "Stolen" really only for stolen?

[TWX]

Even more to the point, are the phones stolen in robberies and other human-confrontations taken because they want the phone, or are they taken so that the victim can't call the authorities instantly?

I'd expect that cell phones stolen face-to-face would fall into the latter more than the former.

ebay should join in

[yurivict]

ebay should join in, since most such phones are probably sold through ebay. They should ask sellers to type in the phone number and block the sale in phone is in the database.

Re:ebay should join in

almost, but not quite. They need the block the MEID or ESN

Re:ebay should join in

[Cramer]

And how the hell are they supposed to validate and enforce this? eBay never has the phone in their possession to check the numbers. One can enter any BS data they want.

Why block them?

[K.+S.+Kyosuke]

And not, say, keep them working and use the traces to eventually find the folks who have them? That would seem much more sensible.

Re:Why block them?

[QuantumRiff]

That is a ton of "man hours" for the police to track someone down for stealing a $100 device. In most states, they can't prove the current holder of the phone stole it, so the best they can do is confiscate the stolen goods. By making them not work at all, it should make the market for stolen phones dry up..

Re:Why block them?

[afidel]

Because the person who has the phone while it's on may not be the party that took it? Yeah you can try to pop them for receiving stolen property, but that requires proving intent which can be difficult and doesn't stop the theft from happening. Now if you take away the profit motive the theft is much less likely to occur.

Re:Why block them?

[Firehed]

Unsubsidized smartphones easily cost $600+, which constitutes grand larceny (often a felony) in most states.

I agree that the current holder of the device is probably not the person who stole it, but over a few data points it probably wouldn't be terribly difficult (yet) to track it back to the original thief, what with everything being location-aware these days. That said, you're right - if we just shut the devices off immediately, the desire to steal phones should drop to nearly zero overnight.

Re:Why block them?

[mrquagmire]

Do you really think cops give two sh*ts about a stolen cell phone? Or stolen anything for that matter? Have you ever had anything stolen? Unless the thief literally falls into their laps, I guarantee they're not going to do anything about it.

Re:Why block them?

[vlm]

Do you really think cops give two sh*ts about a stolen cell phone? Or stolen anything for that matter? Have you ever had anything stolen? Unless the thief literally falls into their laps, I guarantee they're not going to do anything about it.

It depends how wealthy the location is. Think of minor fender bender parking lot-style car accidents. I or my family members have had the following experiences in the last decade:

Very well off "law and order republicans" suburban area: Cop dispatched, takes pics and makes report onsite before we're allowed to leave. Pulls up with lights on but at least left the siren off. Take statement from both parties, breathalyzer both parties (even though both obviously 0.0%) etc.

So so literally borderline area: Cops demand both parties drive to station immediately. Like right now, or go directly to jail. Desk sgt took report. No on site investigation but they did put down the donut and walk into the station parking lot to take pix. Breathalyzer both parties, the other guy unsurprisingly was drunk.

Urban area: I called 911 they said bye bye, come down to the station and make a report if your insurance requires it within the next week. No injury and no accusation of drunkeness means the police are uninterested (This was Milwaukee WI I believe 3rd district?). Showed up 3 days later at the station in rental car, she took my story, I signed, they gave me a "case number" which I sent to insurance, absolutely nothing else was done.

I suspect a stolen cell phone report given bored suburban cops would result in SWAT dispatch, I know for a fact that in the "urban core" if no one is currently shooting or bleeding all they do is write speeding and parking tickets.

Re:Why block them?

I am not a lawyer, but I had someone break into my car and steal a phone. Months later cops arrested someone they suspected, but couldn't prove, was guilty of a ton of break ins. They found my phone on him and traced it back to me even though I never even reported it stolen. I was asked to come in and fill out paperwork and to provide the retail replacement cost of the phone. The in subsidized new retail price was used and he was charged with a felony. All because he wanted to "look like money" walking around with a non-functioning Star Tac with a Mercedes logo on it.

Re:Why block them?

[TubeSteak]

1. The IMEI can be changed
2. Blocked phones can be exported.

Europe has a brisk trade in phones that are country-blocked, but will work anywhere else in the world.

Re:Why block them?

[MNNorske]

Grand larceny is not necessarily based on the resale value of the item. It can also be based on the original purchase price of the item. If I purchased a brand new $600 non-contract cellphone I'm still out $600. I'm not out the $300 that someone else was able to sell the phone for. If on the other hand someone stole a painting from my house that I paid $5 for a garage sale and I later discovered it was an original Monet then that too could be considered grand larceny because the known current value of the item is higher. A good attorney could argue it both ways quite effectively.

Re:Why block them?

[GodfatherofSoul]

Suburban law enforcement is a whole different creature from urban law enforcement. A friend threw a party in the Burbs years ago and a neighbor complained about the noise. Three cop cars showed up.

My GF managed a downtown chain store and cops could hardly be bothered to come pick up the shoplifters they caught. And, even if they did show up for them, they'd often be right back on the street and sometimes come BACK to the store within days to shoplift AGAIN!

Re:Why block them?

[viperidaenz]

You must have pretty shit insurance. I had a $600 phone stolen from my 10 years ago in a bar, it was covered under house contents insurance and I got $500 cash. The $100 was the excess. The claim was for the value on the receipt I gave the insurance company.

Re:Why block them?

[starblazer]

Considering Milwaukee took 45 minutes for a guy walking around an apartment complex shooting off a pistol... I completely understand where you're coming from.

Brookfield Spa anyone? You should have seen how quickly they had Brown Deer locked down after they found out where the guy was from.

Re:Why block them?

[Solandri]

Well if you block them and word gets around that stolen cell phones are useless, people stop stealing cell phones and police won't have to track down who has your phone now. Blocking stolen phones addresses the problem (phones are valuable to steal). Tracking down phone thieves merely addresses the symptom.

38% of crime

[girlintraining]

What I don't understand is why that much crime is going uninvestigated. Why aren't there dedicated law enforcement units working in major metropolitan areas to recover these phones? In most jurisdictions, they are valuable enough to qualify the theft as grand larceny. What's more, each cell phone has a built-in tracking device accurate to within a few meters, and have microphones and cameras built in! These aren't exactly difficult crimes to solve.

Re:38% of crime

[tiberus]

What I don't understand is why that much crime is going uninvestigated.

It would depend on your definition of investigated for one, if the cops know about it, there is at least a record/report and the cop asked you some questions...

The other issue, it that most cell phone thefts are likely considered petty theft (which is why the theft of my iPods will never be investigated) and they are not likely to dust for fingerprints or do other than take a report and update their stats for a petty theft.

Re:38% of crime

[Psyborgue]

They are. It takes time to catch the small fish and work your way all the way to the top. A huge cell phone theft ring was broken up in the DC area last year. YMMV but some police jurisdictions are actually trying to combat this.

Re:38% of crime

[Lumpy]

Thy already took the resources from those for Copyright infringement enforcement.

Re:38% of crime

[viperidaenz]

Copyright infringement is much worse than murder. Didn't you know?

Should have done so a while ago.

They already blacklist imei but it's only on a per carrier basis which is obviously easy to get around simply by using a different carrier with the blacklisted phone. Having a global blacklist database is definitely a great improvement. The only two question is, will phone re-sellers also use the blacklist (like many prepaid companies that rely on the major companies network) and when can we have a global database to prevent sales to out of the country as well.

Re:Should have done so a while ago.

[viperidaenz]

... drop the value of a phone to that of a small-screen tablet. Got a blacklisted 4.8" Galaxy SIII? Nah, its a 4.8" Galaxy Tab WiFi only....

Re:Should have done so a while ago.

[Amouth]

still limits the resale value, even criminals don't want to walk around with an phone that doesn't work as a phone

Now all a robber has to do is?

steal the phone and kill the person with the phone, to have a good chance that the phone will not be reported as stolen.

Also it impacts the used phone market, since you can't be sure that the phone is stolen or not. Unless there is a easy way to match phone with owner, you can never be sure that the used phone you bought today wasn't stolen yesterday and is on the row to be blocked.

Re:Now all a robber has to do is?

[s0nicfreak]

I'm pretty the family of the deceased will report it as stolen. Also just because a phone is blocked doesn't mean it can't be tracked; you'd be giving the police a good track to follow from your murder, even if you sold the phone quickly.

Re:Now all a robber has to do is?

[vlm]

you can never be sure that the used phone you bought today wasn't stolen yesterday and is on the row to be blocked.

Well this has a simple enough protocol. Ask for the IMEI, meet ya second thing tomorrow to make the trade, first thing tomorrow type in the IMEI and see if its stolen, if it is, don't meet.

IMEI blacklist

Wait, isn't this the database for blacklisted IMEI's which supposedly is international?

http://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity

Re:IMEI blacklist

[Andy+Dodd]

The US didn't start using this blacklist until a few months ago.

I'm not sure why TFA says "Wednesday" - over on XDA, people with corrupt IMEIs started complaining 2-3 months ago.

(On Samsung devices, if the EFS partition gets corrupted, it'll be regenerated with a "test IMEI", which all European carriers block but US carriers allowed until recently. The test IMEI is blacklisted. Some shady characters were intentionally corrupting TO the test IMEI to prevent AT&T from detecting their device as a smartphone and all started whining when their hack caused their device to be 100% blocked as stolen.)

Re:Is "Stolen" really only for stolen?

[QuantumRiff]

I think the point is more to prevent the phone from being resold on craigslist and the like. I don't think they care how it got stolen. Last time an article came up on slashdot about it, only the account owner could list the phone as stolen, and only the account owner could unlist it.

Re:So it begins..

[lederhosen]

In Sweden you need to report the phone stolen to the police before blacklisting it. Works like a charm. No problems what so ever.

Wrong: IMEIs are no longer unique

[stephanruby]

The new database blocks the IMEI number, a unique identification number in the cellphone akin to a VIN (vehicle identification number) in a car. The ID number remains with the cellphone no matter what SIM card is used.

10% of IMEI numbers are not unique according to British Telecom. That being said in the UK at least, if your phone gets blocked by accident, there is a procedure to get it unblocked - so all is not lost for you.

Re:Is "Stolen" really only for stolen?

[vlm]

Don't forget the opposite purpose. What if any authentication is required to put a serial number or whatever in the DB as either a prank (ha ha cube mate) or the stereotypical insane spouse going after the other spouse during divorce or whatever?

If its just a web form somewhere, T minus x minutes until some goofball DDOSes the web form to add all serial numbers from 00000000 to 9999999 psuedorandomly to the stolen DB.

Re:Is "Stolen" really only for stolen?

[TWX]

Oh, I know about the resale angle. I was just curious as to how often stolen phones ended up being put into use. I agree with the system blocking the use of reported stolen phones.

iPods Next

[tiberus]

This is great and has been too long in coming, I'd guess most of the challenges were administrative vs. technical.

What's next? How about iPods?

Re:iPods Next

[viperidaenz]

iPods are already blocked from cellphone networks through other means.

Good god why is this even a problem?

[Impy+the+Impiuos+Imp]

Wtf, this wasn't done already? Phones have unique IDs, stolen ones should be tracked down and owners jailed.

If IDs are changed there will be collisions or IDs that don't exist or haven't been released from some pool yet. Somebody pays by CC, track that way. If by generic CC or time card, shut the damned phone off, tough.

Re:Is "Stolen" really only for stolen?

[Psyborgue]

But as it is "Bad ESN" cdma phones are being sold on CL. I can see this making it less lucrative, but not stopping it entirely -- especially since the big phone theft rings like they had in the DC area last year repair the phones and send them overseas to be sold in the middle east.

Re:Great! Until....

[localman57]

What do they care? They'd rather you bring in your old phone than buy a new one, because they subsidize the cost of the new phone. A carrier's favorite customer is the one who's still using his original iPhone 1. Still paying for a data plan, using relatively small amounts of data, and they paid off the subsidy a long time ago.

God help the man...

[MetalliQaZ]

... whose phone gets on this list by accident. Suddenly a good customer becomes a dirty criminal. I'm sure there will be no way to rectify the mistake.

Still not enough.

[Lumpy]

Both android and iphone have the ability to be "rendered useless" by the OS maker. let me be able to set a "stolen flag" that locks the phone in a states that says "STOLEN PROPERTY CALL 1-800-XXX-XXXX to report and return" that cant be easily bypassed. I.E. restoring the iphone will not disable it, etc... this will make the street value of any stolen smartphone $0.00 instantly. THAT will fix the problem and apple could put that in place with a trivial amount of coding as they already have "find my iphone" as a part of the OS. Android on the other hand will take some work as it lacks that feature.

The phone OS makers refuse to put a simple system like this in place because stolen phones make them money.

Re:Still not enough.

[viperidaenz]

How can the OS makers add this feature if I can reflash the entire phone? The phone makers need to add a non-erasable block of flash or some kind of physical fuse embedded in a core part of the phone.

The resale value will always be a significant portion of the value of a replacement screen/anything except the part that has been disabled

Re:Still not enough.

[unk98]

What is to stop that mechanism from being used (and abused) for other purposes?

Re:Is "Stolen" really only for stolen?

Actually you own the phone as you bought it outright. Part of the contract is the early termination fee. If you don't pay the termination fee, the phone company can go after you to collect that, but it's not tied to the phone via a lease, they would have no more ownership of your phone than your car. A house mortgage or car loan is different.

Re:So it begins..

[GuldKalle]

Except carriers typically subsidize a phone, so selling you a phone costs them money. They'd be much happier if you just keep using your old phone or buy second-hand phones.

Re:Is "Stolen" really only for stolen?

[Hotawa+Hawk-eye]

And how do you get your phone OFF the list if someone adds it maliciously or accidentally (types a 2 instead of a 3 when entering the identifier for a phone that's been stolen, for example?) Who do you need to contact (from a different phone or in person, naturally) and what proof do you need to give that you are the owner of the phone?

Misread the title

[neminem]

Thought someone had stolen some "cellphone databases", whatever those were, and had just gotten around to switching on the databases they'd stolen. Clicked because I was curious what a "cellphone database" was.

Re:Misread the title

[viperidaenz]

Thank you for sharing your life story with us.

Re:Misread the title

[hraponssi]

I did the same misreading. And you are most welcome, to having been shared my life story with.

They do care

[Powercntrl]

Carriers want you to sign a new two-year contract. They also aren't entirely thrilled that you can get an inexpensive second-hand phone and activate it on a prepaid plan. T-Mobile already does block a phone's IMEI if the the original owner abandoned their account with an unpaid balance (a matter that should be left to collection agencies, not handled by blacklisting a phone). Worse, T-Mobile is known to block a phone after it's already been sold and is in use by a new owner who had no way of knowing the previous owner didn't make good on their final bill. There's a whole thread about this on HowardForums.

Re:Is "Stolen" really only for stolen?

[retchdog]

probably (hopefully) they will require a police report to be filed, as is required, say, for claims against bank card fraud. you'd have to be a total moron to file a false police report.

Re:Linked article is 10 years old.

[stephanruby]

You're right. Here is a document dating back from July 2011 (the emphasis in bold is mine).

GSMA has launched an initiative to fight mobile theft, and has worked on IMEI security best
practice. GSMA and DIGITAL EUROPE members drafted and approved 2 common
documents:

Technical Principles: intended to strengthen the security of the International Mobile
Equipment Identity (IMEI)
* GSMA Doc Reference: Security Principles Related to Handset Theft 3.0.0
* DIGITAL EUROPE CCIG Doc Reference: DIGITAL EUROPE Doc: 04cc100

Process in place: GSMA and DIGITAL EUROPE have agreed on a process to report alleged
breaches of IMEI integrity and on the introduction of counter-measures to correct and
improve IMEI security.
* GSMA Doc Reference: IMEI Weakness and Correction Process 3.0.0
* DIGITAL EUROPE CCIG Doc Reference: DIGITAL EUROPE Doc: 04cc101

Apparently to the drafters of that document, IMEI integrity and security (whatever that means to them) is something that must be constantly monitored and maintained. And while this does not prove my original point.

As a mobile software developer, until I know what those "counter-measures" are supposed to be in the first place, I'm just going to assume that what was true 10 years ago can still be true today, and I can not completely rely on an IMEI being completely unique. So whatever software I build that takes this assumption to heart, I'll have to leave a process in place to manually override my system if that that particular edge case ever comes up.

More Stupidity from Stupid Lawmakers

[Powercntrl]

A stolen phone database sounds great, doesn't it? Just like how Trusted Computing saved us from malware and viruses and the big content providers would never dream of using such a system against end-users. Oh, right.

Here's what's wrong with this system, in a nutshell...

It does nothing to prevent theft. Fun fact: two carriers in the US already blacklisted stolen phones prior to this database, Sprint and Verizon. Hear much about thieves asking first if you're a Sprint or Verizon customer before they mug you for your phone? Neither have I. eBay is full of phones that are listed as carrier blocked or bad ESN and people still buy them. Let's not forget Craigslist, where it's pretty easy to scam people into buying useless phones (Oh, you wanted to test your SIM? Sorry, I forgot to charge the battery. Better buy this phone quick, I've had three other people interested in it!) Finally, regardless of whether or not a phone can be easily re-sold, it still has value as parts (especially with today's easily breakable huge screens). This database doesn't make stolen phones worthless, it only makes them slightly less valuable - which may actually lead to increased levels of theft.

Wireless companies will use this system to blacklist phones with unpaid balances. Sprint, Verizon and T-Mobile already do this. Now, keep in mind the wireless companies still send you to collections and ruin your credit report, but that's apparently not enough. Naturally, none of the wireless companies in the US make it clear that they have these policies, so plenty of these phones still end up on the used market. You don't have to ask around much to find someone who has a horror story about purchasing an unusable second-hand cell phone, because the previous owner never paid their final bill.

So, now you've got a situation where it's a gamble to buy a used phone. Thankfully, the carriers are your knights in shining armor - they're coming to your rescue with two-year-contract subsidized handsets and full price prepaid handsets. Why would you ever want a used phone anyway, citizen? Don't you know someone had their dirty, disgusting fingers all over it?

Re:More Stupidity from Stupid Lawmakers

[viperidaenz]

You don't need a stolen cellphone database for that. All you need is for cellphone manufacturers to making replacing the battery impossible. A lithium ion battery deteriorates without use. Higher temperatures and high states of charge just increase the rate.

Once all the manufacturers move to sealed units with no battery replacement possible, I don't see why the quality of cells wouldn't mysteriously degrade slowly until they only last at most the two years of your contract.

Re:Is "Stolen" really only for stolen?

[viperidaenz]

Last time I black listed a phone was about 10 years ago. I took the police report to the local Vodafone store and they used my account history to verify the IMEI number I was giving them was the phone I was using.
They required a police report because there was no easy way for them to remove the IMEI from the list, as it was periodically shared with other carriers internationally

Re:leave no broke windows!!!

[viperidaenz]

The career criminal guy who stole the phone probably never put his own sim card in it, or even wasted his time turning it on before selling it to some hooker.

Re:Is "Stolen" really only for stolen?

[TooMuchToDo]

You would think the list would be a simple REST API-backed site.

Carriers submit IMEI, Carrier, Police Report Number, CreatedOn. Upon activating service, their middleware would make a call to the API providing the IMEI. IMEI count > 0? NO SERVICE FOR YOU.

Re:Linked article is 10 years old.

[viperidaenz]

You can probably rely on the IMEI being set by the manufacturer is globally unique. The number is made up from a combination of manufacturer number, a model number, a serial number and a check digit. The ones that come from the grey market and those that have had their IMEI illegally reprogrammed, are the problem causing duplicates.

Re:Is "Stolen" really only for stolen?

[Kalriath]

No, because it's not centralised. Some carriers share them overseas (with Vodafone, they likely share it with other Vodafone Group members and they then share them with other local carriers) but not all. And I imagine most cellphone carriers would be quite resistant to putting that much power in the hands of a third party too.

Push even further

[xushi]

Good starting step, but why are they not pushing this further and making it worldwide? I do recall Europe has one big database already, they can join that and try and extend it further.

That, assuming the telco's actually block the phones in the first place.. As an ex-employer of a telecoms company in UK, I've seen first hand how certain providers ignore customer's calls or requests to block a stolen phone just so they can make money off the next sod who buys it and needs a contract...

Re:Linked article is 10 years old.

[stephanruby]

You can probably rely on the IMEI being set by the manufacturer is globally unique. The number is made up from a combination of manufacturer number, a model number, a serial number and a check digit. The ones that come from the grey market and those that have had their IMEI illegally reprogrammed, are the problem causing duplicates.

I don't believe that's the case.

From what I remember, the problem stems from IMEI spec being changed. At first they had to be unique, then they no longer needed to be unique after a certain year. Now they need to be unique again.

I realize what I'm saying sounds weird, but that's what I remember happened.

Re:Linked article is 10 years old.

[viperidaenz]

According to the GSMA, the IMEI number is globally unique amongst GSM IMEI and CDMA MEID numbers.
http://www.gsma.com/newsroom/ts-06-6-0-imei-allocation-and-approval-guidelines/

cop response

[girlinatrainingbra]

Let say that my parents and I live in a "fancy neighborhood", not gated, it's really San Diego ( but like Dr. Suess' moniker for where he lived) they call it La Jolla instead of San Diego. Anyway, one evening we got a bunch of rowdy teens from a different high-school banging on the door shouting at my parents to return their phone. We ended up calling the police and got an amazing fast response with 2 squad cars and three officers. It turns out that the kid's phone was stolen and they'd tracked it with the "where's my iphone app" to the intersection near our house. They went to the trouble of taking stories from everybody, took my parent's word for it that the stolen iphone wasn't in the house, wouldn't even let the kids wander around our yard looking for it, and essentially told the kids to scram and they wouldn't do anything. Now I don't imagine that a different neighborhood would get any response at all. There's a bus stop for junior high and high-school kids about half-a-block north, and I figure who-ever stole the phone must have thrown it in the bushes on the outer curve of the intersection. We never found any signs of the phone. And that's my only interaction with police thus far.

They refused to give the kids a case number or police report number. In fact, they told the kids that if they wanted a number, they'd be happy to run the kids in for a trespassing and loitering and something about bothering/scaring my parents and then their parents would have to come get them out from being arrested. So I really think the cops were not interested in doing any paperwork at all in that case. But they were obviously bored and unoccupied enough to come out for such a trivial thing.

Re:Is "Stolen" really only for stolen?

[Cimexus]

No, this is overkill.

I live in Australia and had a phone lost/stolen a few years ago (I say lost/stolen because it was my fault I lost it, but when I called the number, some random picked up and talked with me for a minute, until it became obvious that I was the owner of the phone and that I wanted it back, at which point they abruptly hung up). All I had to do was call my provider and report the phone lost and the IMEI was blocked on all Australian networks within a day or two.

Note though that YOU have to provide the IMEI, which usually acts as sufficient proof of purchase/ID. I couldn't just call up and say "please block my phone". I had to call, prove I was the account holder, AND read them the IMEI I wanted blocked (which was on the box the phone came in). They obviously have a record of what IMEIs were used on the account, but I still had to tell them which to block, both as a security measure and because I could have potentially used any number of phones on that account/with that SIM card, so they need to ensure the correct phone is blocked.

If you're looking to purchase a second hand phone in Australia, on the other hand, you should always ask for the IMEI and check it on this site: http://www.amta.org.au/pages/amta/Check.the.Status.of.your.Handset - this allows you to check whether an IMEI is blocked in Australia or not.

Instead of just blocking...

[xenobyte]

If these phone really are stolen, I see no problem if we could make them explode when turned on by the thief, fence or fence customer... When you buy a hot phone, expect to loose your hand, just like what would happen to thieves in Islamic countries...

Re:Is "Stolen" really only for stolen?

In the UK you generally call your provider, request a permanent/temporary block (I have added a temp block when I mislaid my phone until I found it again). They already know the IMEI and the SIM details and phone number, so once you have passed their normal security checks they can block it correctly.

iPod touch

[tepples]

even criminals don't want to walk around with an phone that doesn't work as a phone

Then explain why the iPod touch still sells.

Re:iPod touch

[Amouth]

because it is what it is, and if the phones where being stolen and never used as phones again then your comment would be fully valid and they wouldn't even need to do this because well they arn't being used as phones. But the stolen phones are being used as phones, not ipod's, sure you could use it as such and i'm sure some would, but based on past usage my bet is that if a stolen phone could no longer be used as a phone, it's less likely to be stolen for that purpose.

Re:iPod touch

[tepples]

sure you could use it as such and i'm sure some would, but based on past usage my bet is that if a stolen phone could no longer be used as a phone, it's less likely to be stolen for that purpose.

In other words, it appears you're claiming that stupid criminals will remain stupid and not learn to cover their tracks by flashing a build of, say, CyanogenMod with all references to "phone" removed onto a stolen Android phone. Do I understand you correctly?

Re:iPod touch

[Amouth]

and sell it as what? hey i got the new Samsung Galaxy XYZ tablet, looks like a phone but isn't.

There are few devices out there that are the same visual and label device that are sold in phone and non phone versions.. closest i can think of is the iphone and ipod touch both of which are clearly marked and are noticeably different.

while the criminals might be smart enough to flash it, the device physically would look line a phone, and only an idiot would buy it thinking it wasn't.

Re:iPod touch

[viperidaenz]

Some iPhone users don't know the difference between an iPhone5 and an iPhone4s, even when they own the iPhone4s. http://news.cnet.com/8301-17852_3-57512267-71/kimmel-fools-people-into-believing-iphone-4s-is-iphone-5/

iPod tethering

[tepples]

How exactly are stolen iPod touch products blocked from tethering to a non-stolen phone?

Re:iPod tethering

[viperidaenz]

an iPod by itself is blocked due to lack of a radio. a blocked iPhone could just as easily tether to a non-stolen phone as an iPod can (i don't actually know if an iPhone can, but an Android phone certainly can.)

Re:Is "Stolen" really only for stolen?

[TooMuchToDo]

People put a whole lot of power/trust in third-party non-profits all the time. ARIN, ICANN, etc.

Re:Linked article is 10 years old.

[stephanruby]

I know. I'm the one who linked to that document. That document is dated July 2011, and it has been changed many times.

You don't have to believe my claim below if you don't want to. After all, I don't have the original source for what I'm claiming, so I wouldn't believe myself either if I were you, but the original document had attached an initial expiration date to the requirement of keeping those numbers unique. And for a while, devices with non-unique IMEI number were coming out of Chinese factories, and there was nothing you could do because they were just following the guidelines correctly. These were not grey market devices.

Re:Linked article is 10 years old.

[viperidaenz]

You're right, I don't believe you.

Several countries have already blocked all duplicate IMEI numbers. Kenya did it last month and Dubai did it in May

Galaxy Player

[tepples]

and sell it as what?

The Galaxy Player came out in October 2011. It looks like a Galaxy S and works like a Galaxy S, except for no cellular radio. It's very much like an iPod touch, and it's what I would have bought had it come out a year earlier. (Instead, I bought an Archos 43 Internet Tablet, which is the same thing with no GPS and no multitouch.)

the device physically would look line a phone

Excuse: factory second.

Re:Galaxy Player

[Amouth]

didn't realize that.