Received: from buita.bu.edu by buit1.bu.edu (3.2/4.7) id AA22336; Mon, 1 Jun 87 19:53:18 EDT Return-Path: Received: by buita.bu.edu (1.1/4.7) id AA14430; Mon, 1 Jun 87 19:53:25 EDT Message-Id: <8706012353.AA14430@buita.bu.edu> Date: Mon, 1 Jun 87 19:51:14 EDT From: The Moderator (JSol) Reply-To: TELECOM@BUIT1.BU.EDU Subject: TELECOM Digest V7 #9 To: TELECOM@BUIT1.BU.EDU Status: O TELECOM Digest Mon, 1 Jun 87 19:51:14 EDT Volume 7 : Issue 9 Today's Topics: Re: (none) Re: bandwidth of LADS (metallic?) circuit 9600 bps dialups Cellular phone ID's Re: Cellular Fraud confusion about 890 service Re: confusion about 890 service Cellular authentication Interception of cellular ID numbers 890 Area Code?? ---------------------------------------------------------------------- To: cmcl2!uiucdcs!cbatt!comp-dcom-telecom@rutgers.EDU From: ames!pyramid!ncc!lyndon@RUTGERS.EDU (Lyndon Nerenberg) Subject: Re: (none) Date: 29 May 87 17:09:51 GMT > While watching the Indianapolis 500 on TV this Sunday, I saw > them do a feature on one of the car crews that were using a celluar > phone to talk to the driver on the track. > [...] This seemed really strange to > me until I realized that the use of the phone meant that no one > could legally listen in on their conversations. > Everyday someone discovers a new way to use that law. It has *always* been illegal to divulge the contents of any non-amateur or non-broadcast transmission. This has never stopped anyone from listening in to private communications, and I doubt that the new law will make have any significant impact on this practice. I think the primary motivation for using cellular is that it is *technically* much more difficult (for the average person) to intercept a transmission. Lyndon Nerenberg VE6BBM pyramid!ncc!lyndon || pyramid!ncc!lyndon@sun.com ------------------------------ Date: Saturday, 30 May 1987 17:55:14 EDT From: Gene.Hastings@h.cs.cmu.edu To: dyer@harvard.harvard.edu Cc: telecom@buit1.bu.edu Subject: Re: bandwidth of LADS (metallic?) circuit We have several LADS lines in service, all at 56kbs, synchronous. There should be information available from the vendor of an arbitrary short-haul modem telling you what speed it can push how far (longer distance-> lower speed). We were frustrated and slightly amused when we called the person who was the official Point-of-Contact for our campus asking what the milage was on one of our lines and got the reply that they didn't know and had never heard the question before. Gene ------------------------------ Date: Saturday, 30 May 1987 17:59:58 EDT From: Gene.Hastings@h.cs.cmu.edu To: telecom@buit1.bu.edu Subject: 9600 bps dialups I remeber seeing discussion here months ago about 9600 bps dialup modems that were really half-duplex with fast turnaround. Has the game changed any since? I've seen an ad from US Robotics offering one that is full-duplex, but with split speed (9600/300), and turns around which channel gets to talk fast. I don't remeber if anyone said so before, but is there any sort of arbitration in these things to decide which direction gets the high speed? Thanks, Gene ------------------------------ Date: Sat, 30 May 87 15:58:07 PDT From: Mark Crispin Subject: Cellular phone ID's To: Telecom@BUIT1.BU.EDU The "PIN" on the telephone number is NOT assigned by the Cellular Phone company, but rather is the serial number of the radio you are using. Every radio has a unique serial number, supposedly on a chip that is epoxied onto the radio's PC board. The number is in the format XX-0-XXXX where X represents hex digits. The first XX is the manufacturer's code (e.g. for EF Johnson phones it is 83) and the last XXXX is the manufacturer's serial number for your phone. The PROM which has your cellular phone number, features, etc., is removable, of course. The only "security" thing on this PROM (sometimes called a NAM) is the lock-code for your phone, which of course can be easily read (the main purpose of the lock-code is to keep away randoms who might try to use your phone in your car. When your phone initiates a call it transmits the phone number and the radio serial number. They must match for the call to go through. That is why if you change the radio on your phone you (or your dealer) must call your cellular phone company to tell them about the new radio. The weakness in this system is that a thief could get ahold of a phone without a epoxied serial number (either by building one or by buying one of the cheapos that don't epoxy the serial number chip in it) and then change it. I suspect the easiest instance of fraud is to use an out-of-service-area phone number (e.g. a San Diego phone number in San Francisco) that has roamer privileges. Generally, the companies don't have serial number records for roamers (consider the problems of keeping records of some other company's customers!) and rely upon hot-listing known bad guys. So you pick a fraudulant phone number and serial number pair, and change it periodically when the company finds out it ain't real. This must be what the drug pushers and similar slime are doing. They aren't particularly clever, they're relying upon the deregulation mania of the present US regime to guarantee poor communication between telephone service providers. ------- ------------------------------ Date: Sun, 31 May 87 17:36:41 EDT From: Michael Grant To: S.D-REUBEN%KLA.WESLYN%WESLEYAN.BITNET@wiscvm.wisc.edu, Subject: Re: Cellular Fraud Cc: cc004019%brownvm.bitnet@umd2.umd.edu, Excuse me...YOU ARE WRONG! The Electronic Serial Number is an 8 digit Hexidecimal number. It is not easily changed. Both the MIN, (Mobil Id Number, your phone number) and the ESN are sent out when you press the send key. Your MIN is easily changed by reprogramming your phone, but the ESN is not easily changed. To change your phone number, both the phone, and the cell system must be changed. Depending on the cell system you are trying to commit fraud on, you may get several months of free calls, or just one. If you are using one of the systems that participate in the fraud detection systems in use, (the name slips my mind at the moment), your service will be cut off after the first fraudulent call--in all of those systems. You may have gotten the 5 digit code from the lock feature that comes with most cell phones these days. This is just a security feature to keep your phone from being used while it's unattended. It has nothing to do with the cell system itself. My phone only has a 3 digit security code. I usually see this security code set to the last n digits of the phone's phone number. -Mike ------------------------------ Date: Mon, 1 Jun 87 09:25:33 EDT From: prindle@nadc.arpa (Frank Prindle) To: telecom@xx.lcs.mit.edu Subject: confusion about 890 service Cc: cmoore@brl.arpa It seems I've misinterpreted my phone bill insert which talked about 890 service. My AT&T bill is usually at the tail end of my Bell of PA bill, so I assumed this insert was from AT&T, but it was really from Bell of PA. I called them and, though somewhat confused herself, the service rep explained that it was "like 800 service in that you dial 1-890 to use it", but then clarified that the 890 was a prefix, not an area code; i.e. 1-890-1234 would be a toll free number supplied by Bell of PA. That explains why it is not in the format of an area code. Is this prefix (890) universally unused and thus available to the LOCs to use for this service, or is this just a Bell of PA special? Sincerely, Frank Prindle Prindle@NADC.arpa ------------------------------ Date: Mon, 1 Jun 87 9:49:41 EDT From: Carl Moore (VLD/VMB) To: Frank Prindle Cc: cmoore@BRL.ARPA, telecom@BRL.ARPA Subject: Re: confusion about 890 service So you are actually referring to 215-890? I don't know offhand if that is being "used". But 890 is not universally-UNused (I think there is a 617-890 near Boston). ------------------------------ Date: Mon, 1 Jun 87 10:02:37 PDT From: mse%Phobos.Caltech.Edu@DEImos.Caltech.Edu (Martin Ewing) Subject: Cellular authentication To: telecom%Phobos.Caltech.Edu@DEImos.Caltech.Edu I am interested in the recent discussion of cellular protocols. Does anyone know/care to comment on how mobile units convince the Cellular Offices (COs?) they are who they claim to be? The 4-digit "PIN" is fine, but what is to keep me from snooping around for a convenient mobile's ID and using the same numbers for my own call? This seems like a good application for public-key encryption, but I doubt that the world has made so much progress yet. Martin Ewing mse%deimos@Deimos.Caltech.Edu Caltech Radio Astronomy mse@CITPHOBO.bitnet ------------------------------ Date: Mon, 1 Jun 87 10:34 CDT From: Mike Linnig Subject: Interception of cellular ID numbers To: Telecom@BUIT1.BU.EDU If the cellular ID numbers are sent from the car are unencrypted, someone with the right (underground) connections could make quite a fortune by building a box that pulls these numbers "out of the air". Are protocols used by cellular phones published anywhere? Mike ------------------------------ Date: Mon, 1 Jun 87 16:47 EST From: "Scott D. Green, Classroom Services" Subject: 890 Area Code?? To: telecom-request@buit1.bu.edu I understood (from Bell o' PA, I think) that they were setting up 890 as a toll-free exchange for reaching the Business Office, rather that the 800- numbers they had been using. It always seemed a little absurd to use an 800- number to call across town, anyway. Sounds a little like the 950- exchange they set up for no-charge calls to the ALDCo's. -scott ------------------------------ End of TELECOM Digest *********************