Sunday, July 01, 2012

The Art of Mobile Jamming Pt 1 (c)2012

The Art of Mobile Jamming Pt 1 (c)2012

Bill 15 introduced to the House of Commons on 20 June 2012 is titled PRISONS (INTERFERENCE WITH WIRELESS TELEGRAPHY) BILL and can be downloaded here:

The aim of this Bill sets out the intention to seek legislations that enables prisons to lawfully use jamming devices to prevent inmates making 'unauthorised' calls. The proposed objective, therefore, would be to reduce or prevent further crime being perpetrated by inmates whilst serving their detention.  

I ran an internet search to see whether any of the respected sources had highlighted this Bill and noted that Martin Beckford (Home Affairs Editor) of The Telegraph on 29 June 2012 wrote a very helpful column about [it] titled Prisons-to-be-given-mobile-phone-jamming-devices:
My understanding of RF inhibitors goes back to my 'type approvals' days in the 1980s/1990s, and in the last 12 years I have investigated whether jammers could be used to assist mobile phone examination and in relation to jamming devices used in crime. I am by no means a world authority, but this is a subject I do feel I know something about and therefore contribute some observations on the subject. I have also referred on a couple of occasions to jamming at my blog:

Mobile Phone Sniffer -
CSA - R&TTE Directive -

RF Jamming and RF monitoring occurring at the same time are not comfortable bed-partners. For monitoring to take place requires unfettered access to signalling taking place in two-way (uplink/downlink) communications: e.g. to/from mobile device and base station. Jamming, on the other hand, pollutes the uplink/downlink in order to prevent something happening. Thus, for a window of opportunity for both to coexist might be a solution that may require strict management controls. Permanent and interval jamming are two fairly obvious active states to consider.

Permanent jamming, usually associated with fixed jamming devices drawing energy from a permanent power source, and required to be always ON might be problematical in at least two areas. The first area is the propagation generated in the ether (the polluting footprint) and the common sense issues associated with the double-edged sword 'interference': (a) hindrance to lawful communications and (b) natural and manmade phenomenon acting as an inhibitor to the effective operation of the pollutant - a sort of jammers’ jammer if you will. The second area, permanent jamming doesn't work too well with handheld mobile jammers because these devices are battery charged and thus battery discharge is to be anticipated within a given timeframe. Moreover, handheld jammers have a range issue to be considered that should correspond to the proximity of a particular mobile phone.

One would need to look, too, quite carefully how a permanently-on jammer could still allow monitoring to take place? Any attempt, for instance, by a user of a mobile phone to make a call, the mobile user would naturally see on the screen of the handset that no radio signal strength (no bars etc) is available at the point when viewing the handset screen which the user notices when dialling or sees a message stating 'emergency' call or service only. The latter may occur with handsets due to pre-programming of algorithms or active 'state' indicators are active in the handset. I am not suggesting that jamming shall or should be intended to be intentional operated under clandestine conditions, and even if such a suggest were relevant the handset user would more than likely have some inkling that no services was available.

Consideration could, of course, be given to a situation where a mobile phone user dials a number anyway and presses the send button. The mobile phone might still conduct a call attempt procedure, making the necessary 'access request bursts' (RACH attempts) and disseminate the called party's number (maybe?). It may be possible to pick out wanted signalling from unwanted interference noise, which might be possible, but then again 'scrambled' is a counter-argument to that observation.

Interval jamming can be applicable in the instance of timed-period jamming (morning/afternoon/night etc) and could be deployed using fixed or mobile jamming devices. Handheld jamming devices might be problematical in relation to output power of the device where its power needs to be greater that the mobile phone power output. Such a jamming device running at full power for several hours, whilst being held by a prison guard, might require assessment of pertinent rules associated with health and safety.

The position may, in addition, need to be weighed up with respect to permanent programmable jammers vis-à-vis non-programmable handheld jammers that just pollute all the time whilst switched ON, until they are switched OFF. The handheld may face difficulties in doing its job because it won’t be able to detect when a mobile phone is switched 'ON', idle state or attempting to make a call. In this regard there are some salutary lessons that might be learned from experience vehicle and asset tracking, which by analogy the lessons lend themselves well to handheld jammers.

In an article for VEHICLE & ASSET TRACKING SYSTEMS – JAMMERS its author (Platt, I; 17/02/2009) identified a useful scenario that would need to be taken into consideration as it identifies important criteria to be considered. Platt stated:

“Leading GSM Tracking devices tend to be battery powered with a long ‘sleeping’ period, typically 6 hours, and a short ‘wake up and transmit period’ - typically 70 seconds thus making them extremely difficult to block – as a criminal a) has to know the device is fitted (they tend to be highly covert) and b) has to find the 70 seconds in 6 hours that it transmits.”

Interval jamming may though lend itself to reversing the dark arts of man-in-the-middle-attack to be put to good use that commonly is perceived to be associated with clandestine activity. Moreover, it could open the door to more discussion about evidence obtained by interception. I have already discussed various issues in my articles on the Art of Mobile Interception (c) 2011 so I do not propose to rehearse all of my observations again, here, in this discussion. It can be put quite simply though by pointing out that by running an on-site quasi-BTS this might assist in collection of dialled numbers, but not necessarily the content of a call, during the period when jamming is switched OFF.     
In Pt 2 the discussion highlights some confusing legal issues that this Bill may need to resolve if it is to be transformed into legislation such that the technical criteria and application of testing jammers can be adopted.

The Art of Mobile Jamming Pt 2 (c)2012 -

No comments: