Cellular Technology For Newbies
Introduction
There are currently two analogue cellular service providers operating in the UK, Vodafone and Cellnet.
For years they have had many problems with phone cloneing. However just recently Vodaphone have stamped most this out by using authentication codes. This means that when a person makes a call on the Vodaphone network a PIN number is also required along with the ESN/MIN pair.
Cellnet do not currently have the facility to implement this with their exisiting hardware and they are unlikely to upgrade as the ETACS licence expires in 1999. All analogue phones will then be phased out.
The new digital phones supposedly offer greater security against cloneing and evesdropping but already the rumours are flying.
What exactly happens when you makes calls over the cellular network ?
When you make a call the phone transmits its Electronic Serial Number, Mobile Identification Number and its Station Class Mark in a short stream of data. This can occasionaly be heard as a short buzz when the phone is adjusting power levels. This data is used by Cellnet/Vodaphone to decide whether the called will be allowed or not. If the ESN/MIN is a valid pair the call will be allowed to go ahead.
OK, so how do we clone the phone then ?
Well, the most important numbers you need are the ESN/MIN pair of a valid phone on the cellnet network. The ESN is burnt into an EPROM inside the phone when it is manufactured. This number is supposedly unchangeable, but of course it isn't. The MIN plus an number of other parameters like roaming and home area for example are normally programmed at the phone dealer before it is purchased. The MIN is basically your telephone number, with a slight change. The 4 digit number you know as the area code is changed to a different 4 digit number. Here is a conversion chart for MIN numbers.
The MIN is programmed through the NAM in the phone. The process is fairly straightforward, it has to be becuase dealers have to reprogram the NAM. To access programming mode on most phone requires a programming adapter which usually just grounds a pin on the data connector on the bottom of the phone. Some of the newer phone don't even need an adapter, just the right sequence of keys. All of these call be found back here along with the necessary cables and software to reprogram the ESN.