Sonar Cellphones

I’m sure you’ve watched Dark Night and were blown away by the awesome Phone Mr Fox develops which can emit sound pulses.

A sonar image of surrounding area of the phone gets reconstructed by the reflections of these pulses. And you’re like WTF, is this even possible. Well, its not impossible, difficult but not impossible.

You know that submarines use it to detect their surrounding areas and ultrasound machines are used to check on unborn babies. These surroundings however, aren’t cluttered with noise. Move back to Batman, how does he do this in a crowded place? Low frequencies cant see around corners. They cannot bend around obstacles. You need to have a direct and unobstructed path to be able to see something.Just like a sonogram.

 

A cell phone frequency is faced with multiple obstacles and hence a clear picture might not be possible. As frequency increases the wavelength keeps getting thinner. At high frequencies cause severe reductions which limits your cell range terribly.

 

And if you’re an avid cellphone user, you will agree, signaling isn’t real time. And your phone wll never pick up the direction of the wave or even send information in the direction of the wave.

Now Batman, like our Rajnikanth, also arranges for his program code to be installed in every cellphone in Gotham city. This turn every bloody cellphone into a spy detector, which continuously listens to its surrounding areas and transforms them into sonar signals which is ultimately sent to this Giant computer. This computer scans for the Jokers voice just to find his location.

Well this it seems is reality. Apparently after the 9/11 attacks, the US government has installed these tracking software in every cellphone(Yea right!). There are rumors that the NSA’s ECHELON program can pick out voices from millions of calls. Read more onhttp://en.wikipedia.org/wiki/Echelon_(signals_intelligence)

 

Hmmm….i hate the idea of “Someone Somewher is WATCHING”

Sonar Cellphones

I’m sure you’ve watched Dark Night and were blown away by the awesome Phone Mr Fox develops which can emit sound pulses.

A sonar image of surrounding area of the phone gets reconstructed by the reflections of these pulses. And you’re like WTF, is this even possible. Well, its not impossible, difficult but not impossible.

You know that submarines use it to detect their surrounding areas and ultrasound machines are used to check on unborn babies. These surroundings however, aren’t cluttered with noise. Move back to Batman, how does he do this in a crowded place? Low frequencies cant see around corners. They cannot bend around obstacles. You need to have a direct and unobstructed path to be able to see something.Just like a sonogram.

 

A cell phone frequency is faced with multiple obstacles and hence a clear picture might not be possible. As frequency increases the wavelength keeps getting thinner. At high frequencies cause severe reductions which limits your cell range terribly.

 

And if you’re an avid cellphone user, you will agree, signaling isn’t real time. And your phone wll never pick up the direction of the wave or even send information in the direction of the wave.

Now Batman, like our Rajnikanth, also arranges for his program code to be installed in every cellphone in Gotham city. This turn every bloody cellphone into a spy detector, which continuously listens to its surrounding areas and transforms them into sonar signals which is ultimately sent to this Giant computer. This computer scans for the Jokers voice just to find his location.

Well this it seems is reality. Apparently after the 9/11 attacks, the US government has installed these tracking software in every cellphone(Yea right!). There are rumors that the NSA’s ECHELON program can pick out voices from millions of calls. Read more onhttp://en.wikipedia.org/wiki/Echelon_(signals_intelligence)

 

Hmmm….i hate the idea of “Someone Somewher is WATCHING”

Bluejacking

I believe everyone has played at least 1 prank in the entire life not necessarily on April Fools day. If you haven’t, then I’m sure someone has most definitely played a prank on you. The most common prank I can think of are blank calls. Although it might just get you into trouble, if you have a cranky called party its  quite harmless I’d like to think.

 

For the more technically inclined original pranksters – Prank Phone calls = BlueJacking. You would need to have Bluetooth technology though. BlueJacking just takes advantage of the loophole in the messaging system of Bluetooth technology. It allows a user to send unsolicited message to other Bluetooth users in the nearby area.

 

A bluejacker will find his victims in crowded locations, like malls, railway stations, airports, even in his own office. Basically areas with higher potential of Bluetooth users.

 

So how is bluejacking actually done? What is the loophole?

 

 

You might be aware that Bluetooth technology generally operates via low power radio waves @ a frequency of 2 GHZ. This is also known as the ISM band- which is an open, unlicensed band which is actually supposed to be used for industrial, scientific and medical devices( check DOT for more info).

 

So, in the same area multiple Bluetooth devices share the same ISM band and are able to locate and communicate with each other.

 

That’s how you can share music, pictures, text messages etc. Here your device will search for the other device it needs to connect to and tap into its resources. Bluejackers have devised a very simple technique to trick their victims. Instead of creating a legitimate name in the address book, the bluejacker's message takes the place of the name. The prank essentially erases the "from" part of the equation, allowing the Bluejacker to send anything he wishes without indentifying himself.

 

For example imagine yourself at Café Coffee day, you notice a pleasant couple (Bluetooth users)sipping on some hot chocolate. You can set up a contact as “Is your chocolate hot enough?” After choosing to send the SMS via Bluetooth, your mobile will search for Bluetooth devices in its vicinity.

What follows is a mixed expression of confusion and fear much to the Bluejackers delight.

 

IN - Blocking of prepaid subscribers white UAT

I always felt configurations at the IN were as follows while testing your prepaid cards in other networks.

SCP: CAMEL phase and VLR address

SDP: Rates and profile

HLR: CAMEL phase

VLR : CAMEL Phase

The camel phase in all 3 nodes had to be equal or back compatible.

I also felt that there was no way of restricting usage on the VLR. As the VLR wouldn’t be able to identify if the inroamer is prepaid or postpaid and before you have a CAMEL tie-up you need to first have a postpaid( GSM ) launch. In other words, your postpaid customers should be able to roam first. So, if a network is open for postpaid subscribers, it is by default it is open for prepaid guys.

The restriction has to be done at your HLR. So, if they opened a particular VLR, they would allow every prepaid guy to make usage in the network that VLR supports.

Today, I learnt that you can create a separate profile for only those test IMSIs and allow only them to roam on another network.

You might wonder why this concept isn’t used for HNIs and why you need a hub like Roamware to determine preference settings when your HLR can so perfectly restrict usage to a particular network.

The HLR can restrict not determine 1^st and 2^nd preference.

History of GSM

First Networks were MTS (Mobile Telephone Service)

· Pre cellular radio service

· There had to be operator assisted at all times on both sides ie. If you called from a landline, the operator would answer and transfer the call to another operator who would transfer the call to the recipient

· Channels are prone to network congestion & Interference

0G:

· IMTS (Improved Mobile Telephone Service)

· Links PSTNs( Public switched Telephone network) commonly known as Landlines

· No need for an operator

· Used only for voice calls

· Analog Mode

· Most common IMTS phone was the Motorola TLD 1100

· It uses two circuit boards to perform channel scanning and digit decoding

· All logic is performed with transistors

· In a given city, one IMTS base station channel is marked Idle by the transmission of a steady 2000 Hz "idle" tone. Mobiles would scan the available frequencies and lock on to the channel transmitting the idle tone.

· When a call is placed to a mobile, the idle tone would change to 1800 Hz "channel seize" tone, and the 7 digit mobile number (3 digits of area code and 4 digits of subscriber number) would be sent out as rotary dial pulses, switching between 2000 and 1800 Hz to represent digits.

· Any mobile recognizing that the call was for someone else would resume scanning for marked idle tone, while the called mobile would then transmit 2150 Hz "guard" tone back to the base station. This would also initiate ringing at the mobile, and when the mobile subscriber picked up the phone, 1633 Hz "connect" tone would be sent back to the base station to indicate answer supervision and the voice path would be cut through. When the mobile hung up, a burst of alternating 1336 "disconnect" and 1800 Hz "seize" tones would be sent to allow the base station to service another call.

· Mobiles would originate calls by sending a burst of connect tone, to which the base station responded with a burst of seize tone. The mobile would then respond with its identification, consisting of its area code and last four digits of the phone number sent at 20 pulses per second, just as in inward dialing but with the addition of rudimentary parity checking. Digits are formed with a pulsetrain of alternating tones, either connect and silence (for odd digits) or connect and guard (for even digits). When the base station received the calling party's identification, it would send dialtone to the mobile. The user would then use the rotary dial, which would send the dialed digits as an alternating 10 pps pulse train (originally, directly formed by the rotary dial) of connect and guard tones.

1 G:

· AMPS ( Advanced Mobile Phone system)

· Single Frequency was used for a single user

· Similar to 0G but it uses more computing power to select frequencies, hand off to PSTNS, handle billing and Call set-up