|
|
|
Dr. Mabuse
Septic Fiend
Sweden
9688 Posts |
 Posted - 07/20/2007 : 13:56:51 [Permalink]
|
Another thing...
In order to download new firmware into a cell phone, you need to know exactly what model it will be downloaded to. And not just what model, but which hardware revision.
The same model of phone may have several different hardware setups, which will require different firmware in order to work. Old GSM phones by Ericsson used a Z80 processor. What Sony-Ericsson use today I can't say for sure but a qualified guess is PowerPC. However, Nokia phones may use another processor which means that the program language will be totally different. Memory structure will differ, as will access to ADCs and DACs. All this as to be accounted for when creating firmware for a hacked phone.
|
Dr. Mabuse - "When the going gets tough, the tough get Duct-tape..."
Dr. Mabuse whisper.mp3
"Equivocation is not just a job, for a creationist it's a way of life..." Dr. Mabuse
Support American Troops in Iraq:
Send them unarmed civilians for target practice..
Collateralmurder. |
 |
|
|
HalfMooner
Dingaling
Philippines
15831 Posts |
Posted - 07/20/2007 : 14:44:08 [Permalink]
|
Originally posted by Dr. Mabuse
Another thing...
In order to download new firmware into a cell phone, you need to know exactly what model it will be downloaded to. And not just what model, but which hardware revision.
The same model of phone may have several different hardware setups, which will require different firmware in order to work. Old GSM phones by Ericsson used a Z80 processor. What Sony-Ericsson use today I can't say for sure but a qualified guess is PowerPC. However, Nokia phones may use another processor which means that the program language will be totally different. Memory structure will differ, as will access to ADCs and DACs. All this as to be accounted for when creating firmware for a hacked phone.
|
I would imagine that all of this information could come (especially with a court order) from the service provider.
|
“Biology is just physics that has begun to smell bad.” —HalfMooner
Here's a link to Moonscape News, and one to its Archive. |
|
|
|
JohnOAS
SFN Regular
Australia
800 Posts |
Posted - 07/21/2007 : 06:34:37 [Permalink]
|
Originally posted by Dr. Mabuse
Most phones only have about 2 hours battery life while actively using the phone.
If you want to use the phone as a listening device, you have to make the phone dial out to your listening post. When it does, the time starts ticking... |
Actually, it was usually done the other way, setting the target phone to answer, albeit silently.
Originally posted by Dr. Mabuse
The power consumption will practically be the same as for a regular call, perhaps a little less if you know the phone's location and can use a parabolic receiver to get a good reception of a weaker signal. |
Not quite sure what you're getting at with the regard to the Dish, Mab, the carrier(s) infrastructure does all the "listening", no dishes are generally used at all.
Originally posted by Dr. Mabuse
I seriously doubt that a recording can be used in court to identify speaking people. |
My experience is with the tech support and infrastructure stuff, not the criminal law, but I believe that identification is almost never done by voice alone. Typically the law enforcement agencies involved will have the phone details for all the call participants, although this too, can be a weak point.
The people who have the job of listening to ours on end of droll rubbish, trying to stay alert for that 4 seconds worth of good info that's actually relevant to a case, really earn their money. It's a horrible, soul destroying job.
Originally posted by Dr. Mabuse
I've heard that JPEG photos can be dismissed as evidence in court because the lossy compression of the photo means that the pic will not show an exact representation of what was being photographed.
Is this really true? |
I'm sure this varies from place to place, but in Australia at least, it's not the lossy nature of a particular image technology that's the weak point, it's often the authenticity. A low quality image with a good timestamp/watermark will be more useful than a high quality image that could easily have been edited.
A related, and somewhat amusing story. Many years ago, before I was actually involved in law enforcement, I caught a guy on camera stealing stuff. Pretty good footage from a camera on a bookshelf in my office, him going through my drawers and cupboards and pocketing my walkman. I made a copy of the video on CD for the police. It was an AVI file. When I handed it to the officers, one said:
"We can't take that, it's digital, and might have been edited"
So I made a VHS copy, from the CD and they were happy.
|
John's just this guy, you know. |
| Edited by - JohnOAS on 07/21/2007 06:35:25 |
|
|
|
Dave W.
Info Junkie
USA
26022 Posts |
Posted - 07/21/2007 : 09:53:04 [Permalink]
|
Originally posted by JohnOAS
Actually, it was usually done the other way, setting the target phone to answer, albeit silently. |
Even answering, the phone has to transmit, and the act of transmitting is the largest drain on cell phone batteries.| Not quite sure what you're getting at with the regard to the Dish, Mab, the carrier(s) infrastructure does all the "listening", no dishes are generally used at all. |
If you did point a highly directional antenna at a cell phone, you could theoretically use much less transmitting power at the phone end, extending battery life maybe to the point where the subject failed to notice that his battery was going dead far more quickly than it used to. |
- Dave W. (Private Msg, EMail)
Evidently, I rock!
Why not question something for a change?
Visit Dave's Psoriasis Info, too. |
|
|
|
Dr. Mabuse
Septic Fiend
Sweden
9688 Posts |
Posted - 07/21/2007 : 14:01:35 [Permalink]
|
Originally posted by JohnOAS
Originally posted by Dr. Mabuse
Most phones only have about 2 hours battery life while actively using the phone.
If you want to use the phone as a listening device, you have to make the phone dial out to your listening post. When it does, the time starts ticking... |
Actually, it was usually done the other way, setting the target phone to answer, albeit silently. |
Well, ofcourse that would work too, provided that the firmware is set up to recognize incoming calls from the listening post. I mean, the criminal's boss may want to phone the criminal being tapped, and we wouldn't want the "bug" to send to the "bugged" guy's boss...
Originally posted by Dr. Mabuse
The power consumption will practically be the same as for a regular call, perhaps a little less if you know the phone's location and can use a parabolic receiver to get a good reception of a weaker signal. |
Not quite sure what you're getting at with the regard to the Dish, Mab, the carrier(s) infrastructure does all the "listening", no dishes are generally used at all. |
The GSM system is set up to keep a minimum signal quality. If the base station is getting lower quality, it orders the phone to crank up the transmitter power to get a better signal. More power in the phone's transmitter means shorter battery life.
With the right equipment you can set up a mobile "testing" base station in your listening post across the street, and then use a parabolic antenna to get a better signal. Then your listening post's base station can tell the cell phone to transmit at the lowest level of power to extend battery life.
There's a 30dB power difference between max and min power levels on GSM phones. If the phone is behind steel-reinforced concrete walls or inside an elevator, you really want to get any edge you can...
Edited to add:
Eh. Just like Dave said...
|
Dr. Mabuse - "When the going gets tough, the tough get Duct-tape..."
Dr. Mabuse whisper.mp3
"Equivocation is not just a job, for a creationist it's a way of life..." Dr. Mabuse
Support American Troops in Iraq:
Send them unarmed civilians for target practice..
Collateralmurder. |
| Edited by - Dr. Mabuse on 07/21/2007 14:02:22 |
|
|
|
JohnOAS
SFN Regular
Australia
800 Posts |
Posted - 07/22/2007 : 21:38:36 [Permalink]
|
Originally posted by Dave W.
Originally posted by JohnOAS
Actually, it was usually done the other way, setting the target phone to answer, albeit silently. |
Even answering, the phone has to transmit, and the act of transmitting is the largest drain on cell phone batteries. |
Oh sure, I never intended to imply that initiating the call from the network (as opposed to the handset) side was a power saving measure.
I believe, and I'm talking about older methods which are no longer used, and with which I have little first-hand experience, it was done this way as it was easier to mod the phone to answer silently for specific incoming numbers than to have it initiate it's own call at some predetermined time, or on demand via some other means of initiation.
Originally posted by Dave W.
Originally posted by JohnOAS
Not quite sure what you're getting at with the regard to the Dish, Mab, the carrier(s) infrastructure does all the "listening", no dishes are generally used at all. |
If you did point a highly directional antenna at a cell phone, you could theoretically use much less transmitting power at the phone end, extending battery life maybe to the point where the subject failed to notice that his battery was going dead far more quickly than it used to. |
While this is true in principle, from an operational perspective, this is a bit of nightmare. Emulating a base station, in order to initiate/receive the call can cause havoc with other service users, is easily noticed by the target themselves and is really difficult to maintain, as people with mobile phones tend to be mobile, meaning you have to be able to track the target and keep your directional antenna pointed in the right direction, and competitive with other base stations.
It's also rather problematic legally, in many locations. It certainly is here. The way most of this gear works is to act as a cell base station, and having enough power to convince handsets to talk to them rather than the "real" network. If you know the targets number, the gear may be able to interrogate every handset that tries to talk to it, and reject all but the target back to the other networks. Even so, other handsets may lose service, or experience other communications difficulties.
At present, "interfering with a telecommunications service" is a rather serious offence. Apart from compromising the job itself, it would only be a matter of time before someone sues because their emergency call was interfered with or stopped from getting through. That's not to say it can't or hasn't been done, but to do it for purely intelligence/fishing expeditions is questionable for a number of reasons.
Mab I haven't quoted your comments directly, but I believe I've addressed those I meant to, especially considering your "Just like Dave said..." comment.
 |
John's just this guy, you know. |
|
|
 |
|
|
|
FBI Spying From Your Cell Phone
