Forgot your password?
typodupeerror
Security It's funny.  Laugh. Wireless Networking Hardware

Tracking Down a Cell Phone Thief 254

Posted by Zonk
from the not-a-good-move dept.
Zone-MR writes "Last Saturday, MoDaCo (the world's largest smartphone community) held a get-together for their forum members. Unfortunately the positive community spirit was soured by an individual who decided to steal one of the charity raffle prizes - a C550 mobile phone. Check out the story of how we tracked the thief down, got the phone back, and secured the thief's place in the interweb's hall-of-shame."
This discussion has been archived. No new comments can be posted.

Tracking Down a Cell Phone Thief

Comments Filter:
  • Interweb? (Score:3, Funny)

    by MrYotsuya (27522) on Saturday August 27, 2005 @11:09PM (#13419030)
    Who the hell says interweb?
  • by fgl (792403) <daniel@notforsale.co.nz> on Saturday August 27, 2005 @11:11PM (#13419035) Homepage Journal
    That has to be the dumbest thing ever. Stealing something guarenteed to broadcast its presence. And from within a tech convention?
    • Happened to me (Score:3, Interesting)

      by drgonzo59 (747139)
      I was asleep in the library at my school and someone stole my backpack with my cell phone in it. I found my backpack later in another part of the library with my cell phone missing.

      I went to the campus police and filed a report. They said they'll get their detective to work on it later that day. I fought it was just a waste of time at first but then I slowly realized how stupid it is to steal a cell phone. Any call from that phone can be traced by the phone company. And sure enough that evening the police

      • I checked his court records and he has like 10 convictions on his record for theft, drug charges and some smaller things.

        Pardon me for being ignorant but how can you check someones court records? Isn't that private info?
        • Re:Happened to me (Score:3, Insightful)

          by drgonzo59 (747139)
          The court proceeding are usually public, you can just go to your court house in your county and sit through the whole day and make fun of stupid criminals that steal phones.

          Now in most states (not in Ohio, Hamilton county yet), there are companies that will compile and publish the records online for a fee. Some counties just publish it themselves. It is always fun to check out your professors' or co-worker's traffic tickets and other run-ins with the law.

      • by ImaLamer (260199) <john.lamarNO@SPAMgmail.com> on Sunday August 28, 2005 @02:58AM (#13419726) Homepage Journal
        Someone stole my sisters phone in high school (just about a year and a half ago). I just kept sending the phone text messages like:

        "This is the Cincinnati Police. This is a stolen phone."

        "Cincinnati Bell Telephone Theft Tracking Services - LAST CELL TOWER CONTACTED: #28302"

        "THEFT NOTICE: ALL CALLS ARE MONITORED AND RECORDED"

        And so forth... The next day she got it back before her first class started. It passed through six hands all with the note: "Return this to Sadie XXXXXXX"
        • You know what's funny? I am from Cincinnati too. It was a Cinci Bell phone too that was stolen. Maybe it was the same guy that was making rounds through all the libraries ;-)

        • Re:Happened to me (Score:3, Insightful)

          by drsquare (530038)
          You're supposed to take the sim card out. That's what normally happens. If your phone's stolen you've got about a 0.001% chance of getting it back.
          • Re:Happened to me (Score:2, Insightful)

            by orkysoft (93727)
            That makes it impossible to just call that phone, yes. But the phone's IMEI number doesn't change, and that's what can be used to track it as well.
          • You're supposed to take the sim card out. That's what normally happens.

            Yes but this is only valid for GSM phones. With CDMA phones there is no SIM card. This is the thing that makes changing a CDMA phone complicated, since you have to call up to transfer the account, and I know that phone company support lines have a great reputation ;)
    • It was Windows mobile phone event. Hardly surprising there is pond life there.
  • That is kick-ass. Congrats on getting the phone back. More power to the interweb !!!
    • Right now this [slashdot.org] is just above your post.

      How I wish they could stay together forever!

  • text of the article (Score:4, Informative)

    by Anonymous Coward on Saturday August 27, 2005 @11:12PM (#13419037)
    http://zone-mr.net/?act=entry&id=36 [zone-mr.net]

    Last Saturday, MoDaCo (the world's largest smartphone community) held a get-together for their forum members. Unfortunately the positive community spirit was soured by an individual who decided to steal one of the charity raffle prizes - a C550 mobile phone.

    On Monday, Paul O'Brien (MoDaCo founder) contacted me with information on the stolen phone's IMEI number. I operate the SPV-Developers community which offers the free online SPV-Services unlock tool for this type of phone. It seemed likely that the thief would attempt to remove the SIMLock using this service in order to switch the phone to a non-UK network - bypassing the UK's IMEI blacklist which renders stolen phones useless.

    Initially it seemed like there was little I could do to help. The SPV-Services server was not programmed to log the IMEI numbers of it's users. It seemed like a dead end, until I remembered something. When a user unlocks their phone, our server keeps a backup of the phone's first flash block (kept for a few days, in case the changes need to be reversed). This block contains 64kB of RSA-encrypted data such as the phone's SIMLock state, Carrier ID, and other concealed information - it seemed likely the IMEI would be buried within it. Shortly my suspicion was confirmed - after decrypting the block, the IMEI can be found inside (albeit scrambled with a simple transposition).

    I started writing a short script - which would check each backup in turn to see if it originated from the stolen phone. After 30 minutes of writing, testing, and running the script - we had a match! The stolen phone had been unlocked. The creation timestamp on the backup file gave us an exact time - August 21, 2005, 10:18:32 PM.

    The next step was cross-referencing this information with our web server logs. When a user uses our software to unlock their phone the software uploads the encrypted block to our server, which sends back a list of modifications which need to be made in order to remove the SIMLock. As we knew the exact time when this happened, we could find the corresponding web server entry :

            2005-08-21 22:18:32 POST /services/simlock_2.php - 82.163.137.156

    Bingo! I passed this IP address back to Paul who cross-referenced it with Modaco's database. From this, he was able to identify the guilty member. A quick lookup confirmed that the IP was used by the account "Cocky" - a member which had attended the get-together. The event registrations contained the name of our theif, and his mobile number. The next day, Cocky (AKA Krassen P.) received a short phone call:

            Paul: Hi, this is Paul from MoDaCo.
            Cocky: Er, Hi.
            Paul: You have something of mine, and I want it back.

    Not surprisingly, Paul could hear the faint sound of the guy crapping himself at the other end of the line. The phone was returned, via special delivery, the following day. Moral of the story - even if you're enough of a cunt to steal from a charity raffle, don't be fucktarded enough to steal a phone from a community of phone experts.
    • by shirai (42309) * on Sunday August 28, 2005 @02:20AM (#13419631) Homepage
      Another slightly more detailed account of the same event:

      Detailed Account [modaco.com]

      Mono, Orange and Microsoft arrived early, and set out all of the stuff for the event... including the raffle prizes. The prizes were, foolishly it seems, laid out in the corner... footballs, kites, goodies and an SPV C550!

      We are not entirely sure at which point the phone was stolen... but a number of people witnessed what appeared to be the C550 being wrapped in a cardigan and placed in a bag along with a couple of other items including an Orange football, and a kite that was apparently discarded.

      At some point, probably prior to the raffle, the thief or his companion probably left the building, and took the C550 somewhere for safe keeping.

      As those present at the event will know, when the theft was discovered, Monolithix (who should be commended for staying calm!) offered the thief every opportunity to return the phone with no comeback, pointing out the phone would be useless anyway as it would be blocked on all UK networks... but nobody came forward. Having spoken to 'cocky', he said he was afraid to come forward.

      At this point, there was not a lot more we could do... we liaised with the staff at the Microsoft building, and determined that although there was no CCTV in the room, there was CCTV in the foyer.

      On the following Monday, I contacted Orange to ask for the IMEI of the stolen phone so that we could conduct investigations, which Orange duly provided. I also investigated whether we could determine whether the stolen phone had been used with an Orange SIM (99% necessary if the thief unlocks the phone), and Orange confirmed that they could do this, albeit with a 1 week delay. This provided us with one possible avenue... although for Data Protection reasons, pursuing this route would have required the action to be taken with the Police.

      I considered it very likely that the thief would have tried to unlock the phone... so armed with the IMEI of the stolen phone... I contacted the key players in the C550 unlock scene, Florin from IMEI-check and zone-mr from SPV-Developers.

      Florin confirmed that the phone had not been unlocked with IMEI-check... however zone-mr couldn't confirm immediately, as he only retains an temporary backup of encrypted data from the phone, which he wasn't sure included the IMEI

      A couple of hours later, on Monday evening, zone-mr contacted me to let me know he WAS storing the IMEI... and we had a match! Our thief HAD unlocked his C550... at 10:30pm on Saturday in fact! Even better news... careful analysis of the server logs on the spv-developers unlock server gave us the IP address of our thief!

      The next step was to find out as much information as possible about the thief. We determined their ISP and some other information, and thought about how to proceed. On an off chance that the thief was foolish enough to unlock the phone from the same connection they used to browse MoDaCo... I checked out the MoDaCo logs, and the MoDaCo sessions table.

      Success!

      Our thief was logged on, and the logs were full of the IP address in question... all pointing to one user.... COCKY!

      Cross matching this address with the Event registration list confirmed that cocky HAD attended the event... and not only that... upon further consultation we determined that cocky was the person that witnesses had cast suspicion on.

      The next step was how to decide how to proceed, armed with the evidence that we were sure conclusively led us to our thief. I stayed up late on Monday night and prepared a dossier of evidence, with excerpts from server logs, witness statements etc. to pass to the Police. After a late night... I decided to sleep on it before deciding how to proceed.

      Tuesday came, and I decided that I was going to contact the Police... and spoke to both our contacts at Orange, and a contact at Orange security, about how to proceed. As the morning prog
  • by wcitech (798381) on Saturday August 27, 2005 @11:12PM (#13419038)
    ...and a little luck.

    While some good detective work was done by the MoDaCo admin(s?), a lot of thanks can be given to chance, because the cultprit was stupid enough to unlock his phone a) from a source well known to MoDaCo and b) from the same IP address. I'm calling it 25% good sleuthing, 75% dumb criminal.
    • by jeblucas (560748) <{jeblucas} {at} {gmail.com}> on Saturday August 27, 2005 @11:27PM (#13419102) Homepage Journal
      I'm calling it 25% good sleuthing, 75% dumb criminal.
      You just figured out about 95% of police work. Despite what shit-shows like CSI, Profile, &c., would have you believe; catching most criminals usually comes down to finding the dipshit dumb enough to leave his stuff all over the scene.
    • by Alex P Keaton in da (882660) on Saturday August 27, 2005 @11:28PM (#13419106) Homepage
      Most crimes are solved because the criminal tells someone, or does something stupid. (I don't mean miniscule stupid things like you see on TV with CSI, I mean really dumb things...)
      Sure there are some good, and thus rich criminals out there. But the majority of them are fairly dumb.
      • Nor is this coincidence. Smart people can usually find a better way to make a living than crime. (There are rare exceptions, of course.)
      • Sure there are some good, and thus rich criminals out there. But the majority of them are fairly dumb.

        Yup, the majority of people who find themselves in the "life of crime" don't do it because they're criminal masterminds looking to build their great underground lair, but because they're dumbasses who fall into the "lowest common denominator" of how to survive in a world with no marketable skills and few personal assets. Of course there are a lot more that do it to support drug habits and such.

        N.
      • by rzebram (828885) on Sunday August 28, 2005 @12:41AM (#13419336)
        You mean to tell me that real police officers can't zoom in on footage taken from a $5 security camera and enhance it enough to read the room number off the keycard in someones hand? Or that they can't pull up a guy's life story and his current location based on a fingerprint left on a furnace in Bangladesh?Blasphemy!
        • "You mean to tell me that real police officers can't zoom in on footage taken from a $5 security camera and enhance it enough to read the room number off the keycard in someones hand?"

          ...including looking around the back if the card is flipped over.

          • Every hotel I have stayed at in the past 10 years has NOT put the room number on the keycard. Some have some kind of code number, not the room number, but most are blank. They have a stack of cards at the front desk; when you check in, they pick one up and scan it, then write your room number on a piece of paper separate from the card. I only need to know the number to find the room the first time, then I just find it by physical location and usually forget the number quickly.

            I always assumed this is done

      • by empvirus (881998) <empvirus@hotmail.com> on Sunday August 28, 2005 @02:25AM (#13419642)
        Reminds me of a story a retired officer told me. Here's how it goes: A guy goes to rob a quickie mart with a plastic bag over his head, yet forgot something seriously critical to the "mission". He forgot to make an air hole so he could breathe. And while attempting to rob, he began to suffocate. The officer got there just in time to save his life. He would not stop thanking the officer as he was arrested. It's amazing how stupid some people are.
    • I'm calling it 25% good sleuthing, 75% dumb criminal.
      In the end, isn't all good sleuthing just waiting for the criminal to do something dumb?
      • Most of the time.

        There are many nearly perfect crimes that are solved due to one single clue... like leaving residue of specialty clay used to make masks when there is only one theatrical shop worldwide that makes and sells that specific mix, something the criminals did not know beforehand.
  • by XplosiveX (644740) on Saturday August 27, 2005 @11:16PM (#13419062)
    oh the reasons you couldn't steal.. It is worth a laugh.

    http://www.longislandpress.com/bb/viewtopic.php?p= 2037& [longislandpress.com]
  • from the article

    "...even if you're enough of a cunt to steal from a charity raffle,..."

    uhm... and why is it geeks don't get laid?

    • by GreenHell (209242) on Saturday August 27, 2005 @11:37PM (#13419139)
      cunt
            noun (vulgar slang) 1. a woman's genitals. 2. an unpleasant or stupid person.

      You've obviously never heard UKers insult someone before.
  • by coldmist (154493) on Saturday August 27, 2005 @11:25PM (#13419093) Homepage
    to somewhere by an old dry lake bed, where they are guarded by a warden with a chip on her shoulder, who is in search of old, stolen booty, and makes you dig a 5' hole every day.
  • by Anonymous Coward on Saturday August 27, 2005 @11:28PM (#13419107)
    ...if it weren't for those lousy kids.
  • by Goldenhawk (242867) on Saturday August 27, 2005 @11:28PM (#13419112) Homepage
    Good thing this was in the UK... seems like decrypting the info to retrieve the IMEI information would violate the DMCA here in the states.
    • Good thing this was in the UK... seems like decrypting the info to retrieve the IMEI information would violate the DMCA here in the states.

      No, because the encryption is not for the purpose of controlling access to copyrighted material. DMCA is about copyright, not encryption.

  • The rat speaks (Score:5, Interesting)

    by Anonymous Coward on Saturday August 27, 2005 @11:29PM (#13419114)
    Here is the turd making a comment on the thread regarding the event and the missing phone.

    http://www.modaco.com/Event_pictures_and_a_plea_-t 225214-s15.html [modaco.com]

    What an idiot.

    • Re:The rat speaks (Score:2, Informative)

      by permaculture (567540)
      Here, Paul posts a fuller account of the story including some details about Orange, and other involved parties.

      http://www.modaco.com/MoDaCo_Summer_Event_2005_C55 0_theft_SOLVED_-t227175.html [modaco.com]

      Excerpt:

      Me: Hi, this is Paul from MoDaCo.
      Cocky: Er, Hi.
      Me: You have something of mine, and I want it back.
      Cocky: So what do we do now?
      Me: Do you still have the phone? Have you sold it?
      Cocky: I still have it - minus the box. What are you going to do?
      Me: I'm giving you one chance... send me the phone, via Special Delivery,
      • if i was him i would have demanded the phone plus $500 to avoid a prison term. make it his most expensive theft ever.

        excerpt:

        A short email exchange followed, where Cocky had the cheek to question if he could trust me not to go to the Police (I told him I am a man of my word, and he really wasn't in a position to question my integrity).

        My reply would have been:
        ok, now its $600 plus my phone back, or its prison time for you. any more questions?

  • by Anonymous Coward


    Howard forums are MUCH larger than modaco, re: smartphones. See for yourself.

    http://smartphone.modaco.com/index.php [modaco.com]

    has:

    414 user(s) active in the past 30 minutes
    379 guests, 35 members 0 anonymous members

    while

    http://howardforums.com/ [howardforums.com]

    has:
    Currently Active Users: 3410 (1128 members and 2282 guests)

    This 7+ minute wait between replys is excessive. I'll contact my councilwoman... when she gets back from her vacation.
  • by ff1324 (783953) on Saturday August 27, 2005 @11:38PM (#13419143)
    "...don't be fucktarded enough to steal a phone from a community of phone experts..."

    HERE'S YOUR SIGN
  • I'm serious whats up with british people and their need to make and have dossiers?
    I mean look blair did it, the idiot who lost his phone did it...
    dossier this dossier that, if you call me names i'm going to make a dossier on you and present it somewhere of little importance :)

    get over it already!

    Arash
    • One thing that bothers me is the interweb definition on Wikipedia giving this reference to us Brits:

      "In the BBC2 Top Gear programme, two of the presenters use this word frequently when mentioning their website. This is partly to do with their own personas, pretending to be reactionary in a self-mocking way - which is why they also describe a particular mp3 player as an 'ipp-odd' - but is also part of a more general English character trait of pretending to know less than you really do."

      Do what?
  • by f4phaedrus (735610) on Sunday August 28, 2005 @01:57AM (#13419574)
    If this had happened at the US Department of Homeland Security, they would have raised the alert level to Orange and we would be told to be on the lookout for slightly overweight middle-aged men with glasses, wearing dockers, using a cellphone.
    Anyone seen using a cellphone in a dark corner or putting a cellphone in an inside pocket (trying to conceal it!) will be immediately taken in for questioning.

    Henceforth, all cellphone usage will require a licence at the county courthouse, and people must submit valid reasons for having one, and give their fingerprints and DNA for registration.

  • "Yer criminals are mostly stupid."

Mommy, what happens to your files when you die?

Working...