Mobile Phone Theft: An unsolvable problem?

Copyright © 2011 Copper Horse Solutions Limited. All rights reserved

MOBILE PHONE THEFT: AN UNSOLVABLE PROBLEM?OXFORD UNIVERSITY INFORMATION SECURITY & PRIVACY SEMINAR SERIES

David Rogers, Copper Horse Solutions Ltd.

26th October 2011

http://www.mobilephonesecurity.org


About Me 12 years in the mobile industry Hardware and software background Head of Product Security at Panasonic Mobile

Worked with industry and government on IMEI and SIMlock security Pioneered some early work in mobile phone forensics Brought industry together on security information sharing

Director of External Relations at OMTP Programme Manager for advanced hardware security tasks Chair of Incident Handling task

Head of Security and Chair of Security Group at WAC Owner and Director at Copper Horse Solutions Blog: http://blog.mobilephonesecurity.org, Twitter: @drogersuk

About Copper Horse Solutions Ltd. Established in 2011 Software and security company

Focussed on the mobile phone industry Services:

Mobile phone security consultancy Industry expertise Standards representation Mobile application development

http://www.copperhorsesolutions.com

SOME INFORMATION


http://blog.mobilephonesecurity.org/

http://twitter.com/#!/drogersuk

http://twitter.com/#!/drogersuk

http://www.copperhorsesolutions.com/


THE PROBLEM

Millions of mobile phones are stolen each year globally Some countries have not recognised it as a problem

UK has led the way 2001 Home Office study:

710,000 phones stolen in the UK every year Large percentage of this was likely to be insurance fraud

Despite many technical measures, it is still a problem today



TYPES OF THEFT

Street theft / theft from user Individual handsets (muggings etc.)

Theft from shops Multiples (burglaries)

Bulk theft Pallet loads (truck theft etc.)



YOUTH ON YOUTH CRIME

School bag in 2011 is £000s different to 1991 Issues with bullying, theft, abuse of service and re-sale of

stolen handsets Education is key:



CRAVED

Six elements that make products attractive to thieves: Concealable Removable Available Valuable Enjoyable Disposable

Report argues that “how much depends on ease of disposal”


From: Ron Clarke - ‘Hot Products: understanding,anticipating and reducingdemand for stolen goods’ http://www.popcenter.org/problems/shoplifting/PDFs/fprs112.pdf

http://www.popcenter.org/problems/shoplifting/PDFs/fprs112.pdf


ROOT CAUSES

Value of device Can be shipped and sold overseas where it will still work

Features and commodities on device Apps, music, money WiFi enables device to continue to be used Theft of service – still an issue e.g. calls abroad

Possession It is just something else someone is carrying (belts have been stolen

in the past!) not allowing user to call for help



CAR CRIME V PHONE CRIME

Analogy everyone uses in government:

“we solved car crime by putting pressure on the manufacturers to introduce security, we can do the same for mobile phones”

Mobile is different! Remember CRAVED Users need to access device very regularly – ease of access is very

important Much lower cost device than a car Easy to lose, then subsequently stolen Small, easy to export High youth on youth crime

Attention to car crime has reduced it significantly but: Increases in carjacking and aggravated burglary (for keys) Hacking of wireless ignition systems



Explanation of how a phone is disabled after theft



HOW BLOCKING WORKS

Blacklisting (whitelists and greylists exist too)

Also: in UK - NMPR – Police database of property can be checked while on patrol


CEIR

357213000000290357213000000128357213000030123

EIREIREIREIR

SEIR

Operator

GSM AssociationCountry

EIREIREIR


INDUSTRY STEPS OVER 10 YEARS

Vastly improved IMEI security Manufacturers have fought a long battle with embedded systems

hackers Industry “IMEI Weakness and Reporting and Correction

Process” 42 day reporting for fixes

Progress reported regularly to European Commission UK charter on mobile phone theft and UKSEIR Operators still lagging with CEIR sign-up

Very few connected National governments need to take the lead Some operators not investing in EIRs



MOBILE TELEPHONES (RE-PROGRAMMING) ACT (2002)

http://www.legislation.gov.uk/ukpga/2002/31/contents Offences:

Change a unique device identifier Interfere with the operation of a unique device identifier Possession (with intent) of tool and offering to re-program

Maximum 5 years imprisonment

In the last 2 years, 5 investigations, no convictions*

Problem – most tools were dual use (maintenance, SIMlock removal AND IMEI change). Very difficult and costly to prove

Other offences involved are often more serious e.g money laundering

Deterrent effect?


* Source: National Mobile Phone Crime Unit

http://www.legislation.gov.uk/ukpga/2002/31/contents


RECYCLING AND EXPORT

Lots of stolen phones are exported, re-sold abroad through the web or “recycled”

Recyclers Charter and Code of Practice Check incoming phones are not stolen

Some foreign recyclers offering to take blocked phones from the UK

Very difficult to work out exactly how many stolen phones are exported as they just disappear Each network looks after their own data Evidence to suggest that stolen phones are exported to classic shipment

hubs overseas such as Dubai



REGIONAL THEFT GUARD

Investigated at length by industry An alternative method of disabling mobiles as not all

operators were using the CEIR 3 solutions were investigated but proved to be at issue:

Could be subverted by other means once in place High threat of collusion at a low level Tough to prove originating operator / owner – e.g. whether stolen Not a panacea by any means



SITUATION NOW


From: http://www.dailymail.co.uk/news/article-2051414/iPhone-BlackBerry-phones-targetted-thieves-leads-7-rise-knifepoint-robbery.html?ito=feeds-newsxml

http://www.dailymail.co.uk/news/article-2051414/iPhone-BlackBerry-phones-targetted-thieves-leads-7-rise-knifepoint-robbery.html?ito=feeds-newsxml




CURRENT STATS IN UK

Mobile phone theft is increasing (FY 2010/11)

Nationally mobile phone thefts in all crime: +9.7% Nationally mobile phones stolen during personal robbery:

+13.4% And in London during robbery: +21.4%

60% of all mobiles stolen in personal robbery in London are Blackberry or iPhone



COUNTERFEITS


From: http://reviews.ebay.com/Avoid-Buying-Fake-Nokia-Cell-Phone-Battery-On-eBay_W0QQugidZ10000000001916166And: http://www.slashgear.com/uk-could-become-key-counterfeit-route-after-trademark-ruling-1452340/

http://reviews.ebay.com/Avoid-Buying-Fake-Nokia-Cell-Phone-Battery-On-eBay_W0QQugidZ10000000001916166



http://www.slashgear.com/uk-could-become-key-counterfeit-route-after-trademark-ruling-1452340/


COUNTERFEITS (2)


From: http://www.littleredbook.cn/2009/07/06/obamas-sponsorship-of-shanzhai-blockberry-chinese-netizens-reactions/

http://www.littleredbook.cn/2009/07/06/obamas-sponsorship-of-shanzhai-blockberry-chinese-netizens-reactions/




GLOBAL BLACKLISTING PROBLEMS


Jurisdictional Differences

Is the IMEI “personal data”?

What about other features of the phone that are not disabled?

Counterfeit devices deliberately copying

legitimate IMEIs

User error – wrong IMEI

Human error in call centres

Lost then found

Blacklisting for other

reasons such as fraud

Network Operator A cannot trust data

from Network Operator B

Mass duplicates of IMEIs from

counterfeit devicesNot blacklisting quickly enough

Social engineering of call centre staff


NEAR FIELD COMMUNICATIONS

Samsung, RIM, Google Wallet and others…

Another reason to steal a phone

Demo application developed for capturing credit card numbers

Numerous attack scenarios outlined already Peer-to-peer payments

From: http://www.retroworks.co/scytale.htm


http://www.retroworks.co/scytale.htm


Access control is becoming much more important


From: http://news.bbc.co.uk/1/hi/world/asia-pacific/4396831.stm

http://news.bbc.co.uk/1/hi/world/asia-pacific/4396831.stm



BIOMETRICS

Still immature on mobile devices Early solutions easy to defeat (e.g. gummy finger etc.) Requires significant processing power May see some kind of cloud-based solution emerge (e.g. voice

biometrics) Android 4.0 has facial recognition based on acquisition of Pittsburgh

Pattern Recognition Increased risk for the user

User as unlock key means user becomes the target of attack Same issue as car crime






CHALLENGES FOR BIOMETRICS

False negatives:

Eyelashes too long Long fingernails Arthritis Circulation problems People wearing hand cream People who’ve just eaten greasy foods People with brown eyes Fingerprint abrasion, includes: Manual labourers, typists, musicians People with cuts Disabled people



BIOMETRICS (2)






RESULT OF: “USER IS THE KEY”

Sources: ITV, Evening Standard, BBC



HELPFUL TECHNOLOGY

“Cloud” and 3rd party client applications: Offline backup Lock and wipe functionality Locate my phone Traditional anti-virus vendors are providing packaged functionality Parental controls

Not just technology – also consumer awareness and education

Mobile industry is still well aware of the problem and willing to help



TRACKING STOLEN PHONES

Being introduced as standard on many handsets Privacy concerns if misused

What good is it if your phone appears abroad?


From: http://www.apple.com/iphone/built-in-apps/find-my-iphone.htmlAnd: http://www.samsungdive.com/DiveMain.do

http://www.apple.com/iphone/built-in-apps/find-my-iphone.html

http://www.apple.com/iphone/built-in-apps/find-my-iphone.html

http://www.samsungdive.com/DiveMain.do


3RD PARTY SOLUTIONS

Traditional AV vendors can finally add real value Packaged, holistic apps:


From: https://www.mylookout.com/features/missing-device/

https://www.mylookout.com/features/missing-device/


3RD PARTY SOLUTIONS (2)

Design Out Crime Competition Usual “detect if user walks away” etc

Over The Air event – Competition sponsored by NMPCU Winner: “Freeze Punk”

Motion sensor using camera – e.g. in hotels / on tables

Another app for users without PINs: dummy banking app which initiates a tracking feature as it connects to the web can inform friends nearby to the phone

Real life usage is often not compatible with anti-theft solutions Barrier to disable feature – e.g. PIN

Not easy to design something useful



POINT OF SALE REGISTRATION?

http://www.immobilise.com



WILL THE POLICE BE OVERWHELMED?

Problem could become not one of theft, but of recovery Users are able to track and identify the location of their

stolen goods No lawful way of users recovering them Users expect Police to do something

Recovery of the phone is the most important thing Detection of crime is becoming extremely successful

Need to think more carefully about how to manage theft and robbery problems

Prevention becomes an imperative



THE ENGINEERING REQUIREMENTS OF AN UNSOLVABLE PROBLEM?

Design a phone that is usable but immediately useless when stolen The phone may have multiple bearers and functions

A phone that can be locked but reactivated if lost and found A global blocking system which is accurate and that works

around the world for every phone A phone that keeps users’ data private and safe from

disclosure if stolen or lost

From: http://www.retroworks.co/scytale.htm


http://www.retroworks.co/scytale.htm


DISCUSSIONhttp://www.mobilephonesecurity.org

Contact

Email: [email protected]: @drogersukBlog: http://blog.mobilephonesecurity.org

mailto:[email protected]

http://www.twitter.com/drogersuk

http://www.twitter.com/drogersuk



Mobile Phone Theft: An unsolvable problem?

Technology

copper horse solutions

copper horse solutions

mobile phone theft

theft street theft theft

mobile phones mobile

theft copyright

rights reserved demand

stolen goods http