Man
Professional
- Messages
- 3,070
- Reaction score
- 606
- Points
- 113
There are a huge number of myths and speculations about how exactly they can find an anonymous mobile phone number. We know the truth and will share it now.
There are three common versions: they take a bearing, i.e. determine the source of the radio signal, they calculate with special equipment at the base stations of the cellular network, and they calculate through various hidden capabilities, supposedly specially available in each phone.
We took part in a real investigation of a real case, where the criminal was identified by his mobile phone. And we will say the following: the first version contains a little truth, but the main method of capture has nothing in common with all three.
Generally speaking, investigators and forensic experts only use cool special means and expensive equipment in the movies. In reality, the main tool of the investigator is his head and papers. And the main method - the language will not turn to say "deduction" - let's call it "search for patterns" or "statistics". And there is such a thing as Time. Time is always against anonymity: we do something too timely, and something completely at the wrong time. And if there are logs of our activities with time stamps somewhere, we can't hide. And logs in mobile communications are kept for every byte. More details below.
HOW DO THEY CALCULATE WHO IS WORKING WITH THE LEFT SIM CARD?
You won't believe it: by the "leading" phone - your real one. After carefully reading the next paragraph, you will understand how easy, simple and fast everything is. The description uses the term "switching on" - this is the moment when the "anonymous" device went online. So, let's go, let's look at different situations:
Situation one: You use an "anonymous" mobile phone, and the real one is nearby and turned on. Investigators request logs of the entire cell in which the "anonymous" device is (was) working. This is all they need to track you down (and not only "hot on the heels", but also a week or a month later, leisurely, in your office chair over a cup of coffee). They make recursive selections by the intervals of switching on and look at who else was in the cell besides the "anonymous" device. For example, in one cell there were 1000 more switched on phones. The next time you switch on, 500 of those that were there the first time. The next time, 20 of those who were there the first and second time. Most often, from the logs of three or four switches, you can find exactly a couple of phones that do not leave the cell. Less often, more switches are required: in such cases, you can try to check the history by the numbers of the sets of matches, as well as their owners. If this is a 90-year-old granny, of which she has had the number for 10 years and has not left her apartment for 5 years, then this option is clearly out of the question. In this way, investigators quickly find the real phone number, the call history alone of which will reveal all the cards. Often, special services are lucky with the 2nd inclusion: quickly study and discard hundreds of numbers - it's only a matter of the number of employees. It even happens that they find the real number with the first and only inclusion of the "anonymous" one! Don't believe me? In vain. The dynamics in the cell, the behavior of other devices, weekdays / holidays can significantly simplify the work of the security forces. While the "anonymous" mobile phone is working, all the others can leave the cell except yours (well, the other people took it and moved somewhere) or make outgoing calls, send SMS. Now is the time when everyone is not without a minute without a mobile. And this exposes you: you cannot simultaneously make outgoing calls from two phones. So, while you are "working" from "anonymous", everyone who calls in your cell - comes out from under suspicion and narrows the ring around you. In addition, Mr. Chance is not on your side: the special services have logs with all the data from and to, and you have an ordinary life with all the unpredictability. Example: you are surfing "anonymously" on the Internet and then you get a call on your real phone. You start talking and the data traffic on the Internet drops for a time statistically different from the time between average page loads. To compare all the calls in the cell for an exact match with the traffic drop is a matter of seconds - and your number is found. It may, of course, be that you just went to the toilet, but it is not difficult to check whether the right number is "found". And what if they call you twice?
The criminal turned on the device, sent an SMS demanding a ransom, turned it off. A day later he turned it on, called to discuss the ransom terms, turned it off. The third time he turned it on - said the meeting place and time, turned it off. We studied the logs for three "switches on" - who was in the cell at that moment all three times. Four numbers remained from the second "check",from the third - one.
Situation two: You use an "anonymous" mobile phone, and prudently turn off the real one in advance. Incredibly, you only simplified the task for the investigators. They will simply look at who turned off - yes, turned off (the phone transmits a signal to the network about the disconnection), and did not leave the network shortly before the "anonymous" appeared. It is safe to say that there will be only a few of them in the cell, or even you are the only one. To clarify the data, you can compare who turned on after the "anonymous" one turned off. And, also, check for grannies and others. As you can see, turning off the real device when using the "left" one only worsens anonymity.
Situation three: You leave the real phone at home turned on, and you go to another cell, and only there turn on the "anonymous" one. Do you think this is a cunning plan? But no way. Three factors still give away your real device. Firstly, the same scheme is worked out as in the first situation, only not for one cell, but for several. First one by one, then by the neighboring ones, and so on until they come to comparing the "anonymous" cell with the real cell. Secondly and most importantly: your device is at home without an owner and cannot answer calls. Therefore, sooner or later there will be missed calls, which will also be visible in the logs. You just need to compare on which device there were missed calls at all times when the anonymous one was "on". Do you think many of the subscribers constantly do not pick up the phone just at the time when you leave the anonymous one? No one, except your real phone! In addition, this method helps well in a general search: investigators can very quickly call the numbers that remain after comparing the cell logs. And if the phone is not picked up, they are suspects. Thirdly, you cannot leave the real device anywhere - each time in a different place. Most likely, it is at your home. That is, in one place for each turn on. On this, you can build an additional sample for the filter: how many of the same devices were in the same cell. In general, all this will lead to a quick, though slightly slower than in the previous cases, exit to the real number.
Situation four: You turn off the real phone at home, and go to another cell, and only there turn on "anonymous". See situation #3 + situation #2
It turns out that the whole scheme works on the fact that several inclusions are made from one number. That is, if you exit the number only once and then throw away the SIM card and phone, it will be impossible to find?
This will only help if your "case" is a one-time thing and there have been no other similar cases and will not be any more. That is, in the reality of all real "cases" - it will not help. Changing numbers will not complicate the task of finding a real phone. For example, in the same example about blackmail: how will changing the number help - after all, the same victim is being called. Investigators will simply check not for one number 3 inclusions, but three inclusions of different numbers. Similarly, "dark deeds" on the Internet - numbers are easily combined under a common "case". Let's say more - frequent changes of numbers only worsen security because investigators will receive groups of numbers and will be able to easily check, for example, where the SIM cards are from. And catch you red-handed while purchasing new ones or contact the "seller" who will make a "robot" or leak the number from which you called him. Anonymity is not the absence of data for identification. This simply cannot happen in the modern world. Anonymity is a good imitation of an ordinary, but not real person.
WHAT WILL A REAL PHONE NUMBER GIVE THE SPECIAL SERVICES?
We have considered how easy and simple it is to "punch" the security forces with a suspect's real number using his "anonymous" one. But what will information about a real phone give? Everything. In addition to information about who the number is registered to, investigators will see who you called. Surely, there are many among them who know you personally. They will see who and how replenished the account. Most likely, there are payments from a real card through an ATM or from a real WebMoney wallet, etc. That is, in fact, you have arrived.
HOW DO THEY FIND A MOBILE PHONE?
An operational group with a hand-held direction finder is sent to the area of the cell in which the suspect's phone is located. This is not a screen with a dot, as they show in movies, but a simple radio receiver with an arrow that shows the signal strength and an antenna in the shape of the letter H, the letter Zh, a tricky tube or a hyperbolic / parabolic dish (often several antennas for different operating conditions are included). Information on what exact frequency the desired device is currently operating is available at the base station. The operative tunes the receiver to this frequency, rotates the antenna around himself and looks at the arrow. The signal goes from where the strongest. He enters the entrance, goes up the stairs and measures the signal. In this way he finds the desired floor, then the apartment and that's it, the "anonymity" is over. In the case we observed, the time from the entrance of the operatives' "gazelle" to the exit under white hands was 25 minutes. Considering how much of this time was spent on the recommendation "open up because we will open in any case", gathering and exiting the suspect - you can estimate how long it took to find the right one among dozens of houses, hundreds of entrances and thousands of apartments.
SO WHAT TO DO? ANONYMITY - A MYTH?
Above we have considered in detail that having a real personal mobile phone we will never be anonymous even with a new phone we just bought and a SIM card we just bought in a back alley without registration. As we have already said, accessible anonymity is a good imitation of an ordinary, but not real personality. And the absence of personality in general in our modern information realities is simply impossible. After all, you, a personality, are sitting right here and reading this article. And down below are the LifeInternet counters and others.
Real hackers, whose freedom, and perhaps even life, depends on anonymity, do not use mobile phones in everyday life. They do not use them at all. Only one-time calls, Skype, etc. And they do not have an "everyday" life. Eternal darkness, non-existence. No friends, no relatives, no habits and "favorite" places. That is what anonymity is. But, in fact, on the Internet there is a full-fledged other life, other friends and other "places". And, often, not only no worse, but even better than in real life. So, not everything is so sad. Just not like most people. However, this is no longer "anonymity". You have a name, albeit a nickname, but it is you who is known by it, you have Internet friends and places where you can be found online. You can even be "punished", albeit without a trip to Siberia. Thus, it is easy to understand that not only anonymity is conditional, but also freedom, and "crime" and "laws" are not united, but relative to society. And "societies" are different.
Having learned a little about the methods of work of investigators, you can take measures to improve security in each specific case: for example, in situation #3, you can install an answering machine on a real phone or ask a friend to answer if they call. Register a real phone to a real grandmother, in order to pass the "granny filter". Try to randomly combine situations, leave the phone in different places, etc. This will complicate the work of investigators somewhat, but it will also complicate your "dark activity". But will it help at the "hour X"? Far from certain.
So think carefully, my young friend with criminal inclinations, is the game worth the candle or, perhaps, after one or two successful cases it would be better to buy an apartment, a car, some kind of white business and tie up with the "dark side" forever?
There are three common versions: they take a bearing, i.e. determine the source of the radio signal, they calculate with special equipment at the base stations of the cellular network, and they calculate through various hidden capabilities, supposedly specially available in each phone.
We took part in a real investigation of a real case, where the criminal was identified by his mobile phone. And we will say the following: the first version contains a little truth, but the main method of capture has nothing in common with all three.
Generally speaking, investigators and forensic experts only use cool special means and expensive equipment in the movies. In reality, the main tool of the investigator is his head and papers. And the main method - the language will not turn to say "deduction" - let's call it "search for patterns" or "statistics". And there is such a thing as Time. Time is always against anonymity: we do something too timely, and something completely at the wrong time. And if there are logs of our activities with time stamps somewhere, we can't hide. And logs in mobile communications are kept for every byte. More details below.
HOW DO THEY CALCULATE WHO IS WORKING WITH THE LEFT SIM CARD?
You won't believe it: by the "leading" phone - your real one. After carefully reading the next paragraph, you will understand how easy, simple and fast everything is. The description uses the term "switching on" - this is the moment when the "anonymous" device went online. So, let's go, let's look at different situations:
Situation one: You use an "anonymous" mobile phone, and the real one is nearby and turned on. Investigators request logs of the entire cell in which the "anonymous" device is (was) working. This is all they need to track you down (and not only "hot on the heels", but also a week or a month later, leisurely, in your office chair over a cup of coffee). They make recursive selections by the intervals of switching on and look at who else was in the cell besides the "anonymous" device. For example, in one cell there were 1000 more switched on phones. The next time you switch on, 500 of those that were there the first time. The next time, 20 of those who were there the first and second time. Most often, from the logs of three or four switches, you can find exactly a couple of phones that do not leave the cell. Less often, more switches are required: in such cases, you can try to check the history by the numbers of the sets of matches, as well as their owners. If this is a 90-year-old granny, of which she has had the number for 10 years and has not left her apartment for 5 years, then this option is clearly out of the question. In this way, investigators quickly find the real phone number, the call history alone of which will reveal all the cards. Often, special services are lucky with the 2nd inclusion: quickly study and discard hundreds of numbers - it's only a matter of the number of employees. It even happens that they find the real number with the first and only inclusion of the "anonymous" one! Don't believe me? In vain. The dynamics in the cell, the behavior of other devices, weekdays / holidays can significantly simplify the work of the security forces. While the "anonymous" mobile phone is working, all the others can leave the cell except yours (well, the other people took it and moved somewhere) or make outgoing calls, send SMS. Now is the time when everyone is not without a minute without a mobile. And this exposes you: you cannot simultaneously make outgoing calls from two phones. So, while you are "working" from "anonymous", everyone who calls in your cell - comes out from under suspicion and narrows the ring around you. In addition, Mr. Chance is not on your side: the special services have logs with all the data from and to, and you have an ordinary life with all the unpredictability. Example: you are surfing "anonymously" on the Internet and then you get a call on your real phone. You start talking and the data traffic on the Internet drops for a time statistically different from the time between average page loads. To compare all the calls in the cell for an exact match with the traffic drop is a matter of seconds - and your number is found. It may, of course, be that you just went to the toilet, but it is not difficult to check whether the right number is "found". And what if they call you twice?
The criminal turned on the device, sent an SMS demanding a ransom, turned it off. A day later he turned it on, called to discuss the ransom terms, turned it off. The third time he turned it on - said the meeting place and time, turned it off. We studied the logs for three "switches on" - who was in the cell at that moment all three times. Four numbers remained from the second "check",from the third - one.
Situation two: You use an "anonymous" mobile phone, and prudently turn off the real one in advance. Incredibly, you only simplified the task for the investigators. They will simply look at who turned off - yes, turned off (the phone transmits a signal to the network about the disconnection), and did not leave the network shortly before the "anonymous" appeared. It is safe to say that there will be only a few of them in the cell, or even you are the only one. To clarify the data, you can compare who turned on after the "anonymous" one turned off. And, also, check for grannies and others. As you can see, turning off the real device when using the "left" one only worsens anonymity.
Situation three: You leave the real phone at home turned on, and you go to another cell, and only there turn on the "anonymous" one. Do you think this is a cunning plan? But no way. Three factors still give away your real device. Firstly, the same scheme is worked out as in the first situation, only not for one cell, but for several. First one by one, then by the neighboring ones, and so on until they come to comparing the "anonymous" cell with the real cell. Secondly and most importantly: your device is at home without an owner and cannot answer calls. Therefore, sooner or later there will be missed calls, which will also be visible in the logs. You just need to compare on which device there were missed calls at all times when the anonymous one was "on". Do you think many of the subscribers constantly do not pick up the phone just at the time when you leave the anonymous one? No one, except your real phone! In addition, this method helps well in a general search: investigators can very quickly call the numbers that remain after comparing the cell logs. And if the phone is not picked up, they are suspects. Thirdly, you cannot leave the real device anywhere - each time in a different place. Most likely, it is at your home. That is, in one place for each turn on. On this, you can build an additional sample for the filter: how many of the same devices were in the same cell. In general, all this will lead to a quick, though slightly slower than in the previous cases, exit to the real number.
Situation four: You turn off the real phone at home, and go to another cell, and only there turn on "anonymous". See situation #3 + situation #2
It turns out that the whole scheme works on the fact that several inclusions are made from one number. That is, if you exit the number only once and then throw away the SIM card and phone, it will be impossible to find?
This will only help if your "case" is a one-time thing and there have been no other similar cases and will not be any more. That is, in the reality of all real "cases" - it will not help. Changing numbers will not complicate the task of finding a real phone. For example, in the same example about blackmail: how will changing the number help - after all, the same victim is being called. Investigators will simply check not for one number 3 inclusions, but three inclusions of different numbers. Similarly, "dark deeds" on the Internet - numbers are easily combined under a common "case". Let's say more - frequent changes of numbers only worsen security because investigators will receive groups of numbers and will be able to easily check, for example, where the SIM cards are from. And catch you red-handed while purchasing new ones or contact the "seller" who will make a "robot" or leak the number from which you called him. Anonymity is not the absence of data for identification. This simply cannot happen in the modern world. Anonymity is a good imitation of an ordinary, but not real person.
WHAT WILL A REAL PHONE NUMBER GIVE THE SPECIAL SERVICES?
We have considered how easy and simple it is to "punch" the security forces with a suspect's real number using his "anonymous" one. But what will information about a real phone give? Everything. In addition to information about who the number is registered to, investigators will see who you called. Surely, there are many among them who know you personally. They will see who and how replenished the account. Most likely, there are payments from a real card through an ATM or from a real WebMoney wallet, etc. That is, in fact, you have arrived.
HOW DO THEY FIND A MOBILE PHONE?
An operational group with a hand-held direction finder is sent to the area of the cell in which the suspect's phone is located. This is not a screen with a dot, as they show in movies, but a simple radio receiver with an arrow that shows the signal strength and an antenna in the shape of the letter H, the letter Zh, a tricky tube or a hyperbolic / parabolic dish (often several antennas for different operating conditions are included). Information on what exact frequency the desired device is currently operating is available at the base station. The operative tunes the receiver to this frequency, rotates the antenna around himself and looks at the arrow. The signal goes from where the strongest. He enters the entrance, goes up the stairs and measures the signal. In this way he finds the desired floor, then the apartment and that's it, the "anonymity" is over. In the case we observed, the time from the entrance of the operatives' "gazelle" to the exit under white hands was 25 minutes. Considering how much of this time was spent on the recommendation "open up because we will open in any case", gathering and exiting the suspect - you can estimate how long it took to find the right one among dozens of houses, hundreds of entrances and thousands of apartments.
SO WHAT TO DO? ANONYMITY - A MYTH?
Above we have considered in detail that having a real personal mobile phone we will never be anonymous even with a new phone we just bought and a SIM card we just bought in a back alley without registration. As we have already said, accessible anonymity is a good imitation of an ordinary, but not real personality. And the absence of personality in general in our modern information realities is simply impossible. After all, you, a personality, are sitting right here and reading this article. And down below are the LifeInternet counters and others.
Real hackers, whose freedom, and perhaps even life, depends on anonymity, do not use mobile phones in everyday life. They do not use them at all. Only one-time calls, Skype, etc. And they do not have an "everyday" life. Eternal darkness, non-existence. No friends, no relatives, no habits and "favorite" places. That is what anonymity is. But, in fact, on the Internet there is a full-fledged other life, other friends and other "places". And, often, not only no worse, but even better than in real life. So, not everything is so sad. Just not like most people. However, this is no longer "anonymity". You have a name, albeit a nickname, but it is you who is known by it, you have Internet friends and places where you can be found online. You can even be "punished", albeit without a trip to Siberia. Thus, it is easy to understand that not only anonymity is conditional, but also freedom, and "crime" and "laws" are not united, but relative to society. And "societies" are different.
Having learned a little about the methods of work of investigators, you can take measures to improve security in each specific case: for example, in situation #3, you can install an answering machine on a real phone or ask a friend to answer if they call. Register a real phone to a real grandmother, in order to pass the "granny filter". Try to randomly combine situations, leave the phone in different places, etc. This will complicate the work of investigators somewhat, but it will also complicate your "dark activity". But will it help at the "hour X"? Far from certain.
So think carefully, my young friend with criminal inclinations, is the game worth the candle or, perhaps, after one or two successful cases it would be better to buy an apartment, a car, some kind of white business and tie up with the "dark side" forever?
