The Uncle SMS case has taught us an important lesson: Never let your phone out of your sight
The recent controversy over the Uncle SMS case has raised a new concern among mobile users as the international mobile equipment identity (IMEI) number was used as solid evidence to convict the owner of a phone.
Apart from ID cards, passports and driver's licences, we all know that other personal items such as bank books and credit cards can be used to identify someone in a court of law. And now the IMEI number has joined the club as something we must not let out of our sight.
Late last month, the Criminal Court handed down a 20-year jail term for 61-year-old Ampon after it established that his mobile had been used to send four text messages (SMSs) insulting the monarchy to Somkiat Krongwattanasuk, the personal secretary of then prime minister Abhisit Vejjajiva, in May 2010. This was deemed in violation of computer law as well as Section 112 of the Criminal Code, which covers lese majeste{aac}, a crime punishable by a prison term of 3-15 years. The court regarded each SMS as one count and prescribed five years each.
Even after the ruling, Ampon continued to deny the charge, insisting he did not even know how to send an SMS and that the mobile the messages were sent from was not his. Although the IMEI number gathered from mobile network operators' records matched his, his lawyer argued an IMEI number could be changed or forged. In its ruling the court concluded that even though there was no iron-clad proof Ampon did it, there was no evidence he did not do it either.
Whether the IMEI number of his phone had really been forged or used to commit the crime without his permission, information-technology (IT) experts pointed the Uncle SMS case should serve as a wakeup call for all mobile users to keep the IMEI numbers and handsets to themselves, as you never know what other people might do with them.
"You should bear in mind there is a simple tool that can forge or change an IMEI number," said one IT expert.
Even though a forged IMEI number can be detected by computer forensic tools, there is other circumstantial evidence that could have been used to support Ampon's argument in court.
Stephen Chantel, a technical mobile phone expert in the areas of repairs, device unlocking and software, suggested Thailand should have a special court dedicated to technology crime with specialists to give advice.
"It takes only unlocking and software flashing boxes to forge or change an IMEI number. Imagine if somebody wants to defame someone _ what's a better way than sending SMS messages that contravene the law in Thailand from a handset which had the IMEI changed to that person's IMEI from his personal handset," said Mr Chantel, who runs the UK-based Mad4mobiles.
There are many types of software boxes available in the market, each one compatible with a number of handset brands. For example, the UST Pro 2 only works with Samsung phones, while Universal Box is compatible with Nokia.
Not all handset brands allow IMEI modifications due to phone manufacturers' different security and software platforms. For example, for now it is impossible to change the IMEI numbers of an iPhone and Nokia's smartphones.
Old Samsung models are very easy to change IMEI numbers, while the brand's newer models are much more difficult to alter.
Mr Chantel said all one needs to do is to connect a phone via a cable to the UST Pro box and the whole process takes less than five seconds.
In some countries including the UK it is illegal to change the IMEI number on a mobile handset, a crime punishable by a maximum two-year jail term. Before the law took effect, IMEI crime cases were rampant.
But the reason for changing an IMEI number in the UK is much simpler. The handset owner may want to use his handset again after it has been blocked by his network operator for unpaid bills. Some changed their IMEI numbers to prevent people from tracing them.
The UST Pro 2 box sold in the UK calls the IMEI rewrite function "IMEI repair function" as it was invented to allow phone users to unlock handsets by themselves.
"Sometimes when you unlock a handset, the process can corrupt the IMEI number. If this happens, an IMEI that should be '345345345345345' can appear as '000000000000000' instead after unlocking and the handset is inoperable. The IMEI repair function can correct the IMEI number and make the handset work again, but of course users could use the function to write any IMEI number their wish to the phone," he explained.
Phone manufacturers could certainly play their part by making the IMEI numbers impossible or at least very difficult to change. Hackers, however, always seem to find a way around the security.
"Even though a country may ban this [unlocking and IMEI-rewriting] equipment by law, users can buy the box in the UK. It's very difficult to stop them. The world has changed, but the laws globally have been left behind," said the British expert.
Paiboon Amonpinyokeat, a cyber law specialist and the founder of P&P Law Firm, said he was aware a long time ago that it is technologically possible to change IMEI numbers. In the Uncle SMS case, the crucial mistake is the defendant failed to seek the advice of experts to back up his argument.
Apart from the IMEI number that traced back to Ampon's phone, the court took into consideration the fact that the SMS was sent from the cell site near Ampon's home.
Ampon also conceded he was the only person using the phone but claimed that at that time the messages were sent, he did not have it with him, because he had left it with a shop to be repaired. When pressed to identify the shop, he said he had forgotten where it was.
Mr Paiboon said even though there are tools that can forge or change IMEI numbers, computer forensics technology can prove whether a handset has been modified.
Under Thai law, forging or changing an IMEI number is a crime under the Criminal Code, which prohibits changes to "legal documents", which include IMEI numbers.
Moreover, the person who produces the instruments for counterfeit or alternation or for acquiring that data in counterfeit and import those forge equipment also breaches the Criminal Code.
Under the 2007 Computer Crime Act, changing IMEI numbers is considered "illegal access" under Sections 5 and 7 and "illegal modification" under Section 9. Forging them is also regarded as "exploiting data" under the Telecommunications Act.
Mr Paiboon pointed out that if anything, the lesson learned from the Uncle SMS case is that once a device belongs to one person, the law will assume any activity on that device is the owner's responsibility.
"The burden of proof will be on the owner to show he/she did not have the device with him/her at the time the crime was committed," he said.
He agreed with the British expert that like Singapore, Thailand should have a special court and procedures for this crime. It should also be manned by judges, lawyers, prosecutors who are knowledgeable about technology.
Prawit Leesatapornwongsa, a member of the National Broadcasting and Telecommunications Commission, said in this case the defendant was unable to prove that at the time the SMS was sent, the phone was not with him.
A legal principle is that any action done on a mobile phone will be assumed to have been done by the owner unless he can prove otherwise.
Ampon has decided to appeal and the case is far from over, but it has already taught us that once you let someone get his hands on your phone, you could be at risk of being locked up.
Reference : Bangkok Post
Loading
Services
Computer Forensic, Internet Investigation and IT Consultant