Thursday, December 18, 2008

Onus on Service Providers

Terror is a phenomenon which is increasingly relying on the use of sophisticated technology to lead investigative agencies astray. Aiding this is the proliferation of mobile handsets from our neighbors which are often made without encoding IMEI numbers and use stolen/ copied technology.

These can be bought at second hand or "chor" Bazaars and come without IMEI numbers or serial numbers. How then are investigative agencies supposed to track them when any call is made using these phones to promote terror.

The IMEI number appears on the operator’s network whenever a call is made. DoT has asked the service providers to equip networks with Equipment Identity Register (EIR) to check whether calls are made from genuine handsets.

IMEI is a unique 15 digit code that identifies a mobile. It prevents the use of stolen handsets for making calls and allows lawful interception to prove the use of a particular device.

“In the interest of national security, all cellular mobile service providers in unified access service licences (UASL) are hereby directed to make provisions for EIR so that calls without IMEI or with IMEI consisting of all zeroes are not processed or rejected,” DoT said in a letter to operators on October 6.

“If switches do not have such a facility, the necessary hardware and software should be put in place within three months of the issue date of this letter and compliance reported,” it added.

Indian Cellular Association (ICA), the industry body for handset makers, believes that illegal IMEI handsets are being used as there is no validation of IMEI numbers in mobiles entering the country either through sea or air.

Moreover, there is no central mechanism to prohibit the use of stolen phones. The bulk of grey market phones, predominantly originating from China, do not have genuine IMEI numbers. ICA estimates around 25 million such handsets in the country.

However, some operators ET spoke to expressed their inability to meet the DoT deadline due to technical reasons. “What the DoT is trying to do is to block all calls with zeroes as IMEI numbers or from blacklisted numbers. That adds an extra load on networks. There are so many combinations of non-genuine IMEI numbers that it is extremely difficult to block them. Network upgradation is required to block all such calls and not all our multiple equipment vendors are equipped to do it,” a senior official told ET.

He further explained that interrogating all calls would delay call set-up time. “Switches will interrogate most of the time and may not be able to process any calls,” he added.

Another top official at a telecom firm said the move will affect customers who unknowingly bought mobiles without IMEI or whose numbers have been duplicated by others. “The duplicate devices currently being used will not last beyond two-three years. The way out is to check imports to stop entry of handsets without genuine IMEI into India,” he added.

This as we all know is quite impossible since India has entry points from Bangladesh, Srilanka and Nepal, all of which do not have any policies in place to check such things.

After all, we do want a world which is a safer place. Since tracking an IMEI number will not amount to an invasion of privacy, it can be implemented by service providers. So the onus is on serive providers to get off their backs and upgrade to such processes which will allow better tracking.

Monday, December 8, 2008

A .303 is no match for VoIP

The terrorists who struck this city last month stunned authorities not only with their use of sophisticated weaponry but also with their comfort with modern technology.

The terrorists navigated across the Arabian Sea to Mumbai from Karachi, Pakistan, with the help of a global positioning system handset. While under way, they communicated using a satellite phone with those in Pakistan believed to have coordinated the attacks. They recognized their targets and knew the most direct routes to reach them in part because they had studied satellite photos from Google Earth.

And, perhaps most significantly, throughout the three-day siege at two luxury hotels and a Jewish center, the Pakistani-based handlers communicated with the attackers using Internet phones that complicate efforts to trace and intercept calls.

Those handlers, who were apparently watching the attacks unfold live on television, were able to inform the attackers of the movement of security forces from news accounts and provide the gunmen with instructions and encouragement, authorities said.

Our security forces surrounding the buildings were able to monitor the terrorists’ outgoing calls by intercepting their cellphone signals. Their usage, however,of a Voice over Internet Protocol (VoIP) phone service, has complicated efforts to determine their whereabouts and identities.

VoIP services are those in which conversations are carried over the Internet as opposed to conventional phone lines or cellphone towers.This is increasingly popular with people looking to save money on long distance and international calls. Many such services, like Skype and Vonage, allow a user to call another VoIP-enabled device anywhere in the world free of charge, or to call a standard telephone or cellphone at a deeply discounted rate.

But the same services are also increasingly popular with criminals and terrorists, a trend that worries some law enforcement and intelligence agencies.

In mid-October, a draft United States Army intelligence report highlighted the growing interest of Islamic militants in using VoIP, noting recent news reports of Taliban insurgents using Skype to communicate. The unclassified report, which examined discussions of emerging technologies on jihadi Web sites, was obtained by the Federation of American Scientists, a Washington-based nonprofit group that monitors the impact of science on national security.

VoIP calls pose an array of difficulties for intelligence and law enforcement services, according to communications experts. Thats because the phone-tapping techniques that work for old traditional interception don’t work.

An agency using conventional tracing techniques to track a call from a land line or cellphone to a VoIP subscriber would be able to get only as far as the switching station that converts the voice call into Internet data. The switch, usually owned and operated by the company providing the VoIP service, could be located thousands of miles from the subscriber.

The subscriber’s phone number would also likely reveal no information about his location. For instance, someone in Bangalore could dial a local phone number but actually be connected via the Internet to a person in New York. Or, as in the case of the terrorists, dial a local number in Pakistan and be connected to the terrorists in Taj/ Oberoi.

To determine the location of a VoIP caller, an investigating agency has to access a database kept by the service provider. The database logs the unique numerical identifier, known as an Internet Protocol (I.P.) address, of whatever device the subscriber was using to connect to the Internet. This could be a computer equipped with a microphone, a special VoIP phone, or even a cellphone with software that routes calls over the Internet using wireless connections as opposed to cellular signals.

It would then take additional electronic sleuthing to determine where the device was located. The customer’s identity could be obtained from the service provider as well, but might prove fraudulent.

Getting the I.P. address and then determining its location can take days longer than a standard phone trace, particularly if service providers involved are in a foreign country.

Further complicating this task is the fact that I.P. addresses change frequently and are less tied to a specific location than phone numbers.

While these challenges are formidable, none are insurmountable. VoIP calls leave a far richer data trail for investigators to mine than someone calling from an old-fashioned phone. As one door closes — traditional wire line tapping — other doors open in the internet telecom world.

Ashoka Chakra - life in movement and death in stagnation.

The National flag is a horizontal tricolor of deep saffron (kesari) at the top, white in the middle and dark green at the bottom in equal proportion. The ratio of width of the flag to its length is two to three. In the centre of the white band is a navy blue wheel which represents the chakra. Its design is that of the wheel which appears on the abacus of the Sarnath Lion Capital of Ashoka. Its diameter approximates to the width of the white band and it has 24 spokes.

National Flag:

On 15 August 1947 India and Pakistan were created. India adopted the tricolor of orange, white, and green with a blue Ashoka Chakra at the center. Unofficially this tricolor had been the flag of the Indian National Congress.

Flag Adoption:

The design of the national flag was adopted by the Constituent Assembly of India on 22 July 1947.

Colors Of The Flag:

In the national flag of India the top band is of Saffron colour, indicating the strength and courage of the country. The white middle band, indicates peace and truth with Dharma Chakra. The last band is green in colour shows the prosperity , growth and auspiciousness of the land.

The Chakra:

The spoked Ashoka Chakra in the center of the flag replaced the Gandhian spinning wheel to add historical "depth" and separate the national flag from that of the Indian National Congress.
This Dharma Chakra depicted the "wheel of the law" in the Sarnath Lion Capital made by the 3rd-century BC Mauryan Emperor Ashoka. The chakra intends to show that there is life in movement and death in stagnation.

Preamble To The Flag Code of India:

The following is an extract from the preamble to the flag code of India as posted on the official Home Ministry website of the Indian government:

"The significance of the colors and the chakra in the National Flag was amply described by Dr. S. Radhakrishnan in the Constituent Assembly which unanimously adopted the National Flag. Dr. S. Radhakrishnan explained - "Bhagwa or the saffron colour denotes renunciation of disinterestedness. Our leaders must be indifferent to material gains and dedicate themselves to their work."
"The white in the centre is light, the path of truth to guide our conduct."
"The green shows our relation to soil, our relation to the plant life here on which all other life depends."
"The Ashoka Wheel in the centre of the white is the wheel of the law of dharma. Truth or satya, dharma or virtue ought to be the controlling principles of those who work under this flag. Again, the wheel denotes motion. There is death in stagnation. There is life in movement. India should no more resist change, it must move and go forward. The wheel represents the dynamism of a peaceful change."

Flag Code:

On 26th January 2002, the flag code was changed. After 52 years, the citizens of India are free to fly the Indian flag over their homes, offices and factories on any day. Now Indians can proudly display the national flag any where and any time.

There are some rules and regulations upon how to fly the flag, based on the 26 January 2002 legislation. These include the following:

The Do's:

1. The National Flag may be hoisted in educational institutions (schools, colleges, sports camps, scout camps, etc.) to inspire respect for the Flag. An oath of allegiance has been included in the flag hoisting in schools.
2. A member of public, a private organization or an educational institution may hoist/display the National Flag on all days and occasions, ceremonial or otherwise consistent with the dignity and honour of the National Flag.
3. Section 2 of the new code accepts the right of all private citizens to fly the flag on their premises.

The Don'ts:

1. The flag cannot be used for communal gains, drapery, or clothes. As far as possible, it should be flown from sunrise to sunset, irrespective of the weather.
2. The flag cannot be intentionally allowed to touch the ground or the floor or trail in water. It cannot be draped over the hood, top, and sides or back of vehicles, trains, boats or aircraft.
3. No other flag or bunting can be placed higher than the flag. Also, no object, including flowers or garlands or emblems can be placed on or above the flag. The tricolour cannot be used as a festoon, rosette or bunting.