AMPS was a first-generation cellular technology that uses separate frequencies, or "channels", for each conversation (see FDMA). It therefore required considerable bandwidth for a large number of users. In general terms, AMPS was very similar to the older "0G" Improved Mobile Telephone Service, but used considerably more computing power in order to select frequencies, hand off conversations to PSTN lines, and handle billing and call setup.
What really separated AMPS from older systems is the "back end" call setup functionality. In AMPS, the cell centers could flexibly assign channels to handsets based on signal strength, allowing the same frequency to be re-used in various
locations without interference. This allowed a larger number of phones to be supported over a geographical area. AMPS pioneers fathered the term "cellular" because of its use of small hexagonal "cells" within a system.[4][5]
It suffered from some weaknesses when compared to today's digital technologies. Since it was an analog standard, it is very susceptible to static and noise and has no protection from eavesdropping using a scanner. In the 1990s, "cloning" was an epidemic that cost the industry millions of dollars. An eavesdropper with specialized equipment could intercept a handset's ESN (Electronic Serial Number) and MIN (Mobile Identification Number, aka the telephone number). An Electronic Serial Number is a packet of data which is sent by the handset to the cellular system for billing purposes, effectively identifying that phone on the network. The system then allows or disallows calls and or features based on its customer file. If an ESN/MIN Pair is intercepted, it could then be cloned onto a different phone and used in other areas for making calls without paying.
Cell phone cloning became possible with off-the-shelf technology in the '90s. Three key items were needed. The first was a radio receiver, such as the Icom PCR-1000, that could tune into the Reverse Channel, which is the frequency that the phones transmit data to the tower on. The second item was PC with a sound card and a software program called Banpaia, and the third item was a phone that could easily be used for cloning, such as the Oki 900. By tuning the radio to the proper frequency, it would receive the signal transmitted by the cell phone to be cloned, containing the phone's ESN/MIN Pair. This signal would be fed into the sound card audio input of the PC, and Banpaia would decode the ESN/MIN pair from this signal and display it on the screen. The person could then input that data into the Oki 900 phone and reboot it, after which the phone network could not distinguish the Oki from the original phone whose signal had been received. This gave the cloner, through the Oki phone, the ability to use the mobile phone service of the legitimate subscriber whose phone was cloned just as if that phone had been physically stolen instead, except that the subscriber was not without his or her phone and was not aware that the phone had been cloned--at least until that subscriber received his or her next bill.
The problem became so large that some carriers required the use of a PIN before making calls. Eventually, the cellular companies initiated a system called RF Fingerprinting, where it could determine subtle differences in the signal of one phone from another and shut down some cloned phones. Some legitimate customers had problems with this though if they made certain changes to their own phone, such as replacing the battery and/or antenna. The Oki 900 was the ultimate tool of cell phone hackers because it could listen in to AMPS phone calls right out of the box with no hardware modifications.
AMPS was originally standardized by ANSI as EIA/TIA/IS-3. This was later superseded by EIA/TIA-553 and TIA interim standard IS-91. AMPS has been replaced by newer digital standards, such as Digital AMPS, GSM, and CDMA2000 which brought improved security as well as increased capacity. Though cloning is still possible even with digital technologies, the cost of wireless service is so low that the problem has virtually disappeared
What really separated AMPS from older systems is the "back end" call setup functionality. In AMPS, the cell centers could flexibly assign channels to handsets based on signal strength, allowing the same frequency to be re-used in various
locations without interference. This allowed a larger number of phones to be supported over a geographical area. AMPS pioneers fathered the term "cellular" because of its use of small hexagonal "cells" within a system.[4][5]It suffered from some weaknesses when compared to today's digital technologies. Since it was an analog standard, it is very susceptible to static and noise and has no protection from eavesdropping using a scanner. In the 1990s, "cloning" was an epidemic that cost the industry millions of dollars. An eavesdropper with specialized equipment could intercept a handset's ESN (Electronic Serial Number) and MIN (Mobile Identification Number, aka the telephone number). An Electronic Serial Number is a packet of data which is sent by the handset to the cellular system for billing purposes, effectively identifying that phone on the network. The system then allows or disallows calls and or features based on its customer file. If an ESN/MIN Pair is intercepted, it could then be cloned onto a different phone and used in other areas for making calls without paying.
Cell phone cloning became possible with off-the-shelf technology in the '90s. Three key items were needed. The first was a radio receiver, such as the Icom PCR-1000, that could tune into the Reverse Channel, which is the frequency that the phones transmit data to the tower on. The second item was PC with a sound card and a software program called Banpaia, and the third item was a phone that could easily be used for cloning, such as the Oki 900. By tuning the radio to the proper frequency, it would receive the signal transmitted by the cell phone to be cloned, containing the phone's ESN/MIN Pair. This signal would be fed into the sound card audio input of the PC, and Banpaia would decode the ESN/MIN pair from this signal and display it on the screen. The person could then input that data into the Oki 900 phone and reboot it, after which the phone network could not distinguish the Oki from the original phone whose signal had been received. This gave the cloner, through the Oki phone, the ability to use the mobile phone service of the legitimate subscriber whose phone was cloned just as if that phone had been physically stolen instead, except that the subscriber was not without his or her phone and was not aware that the phone had been cloned--at least until that subscriber received his or her next bill.
The problem became so large that some carriers required the use of a PIN before making calls. Eventually, the cellular companies initiated a system called RF Fingerprinting, where it could determine subtle differences in the signal of one phone from another and shut down some cloned phones. Some legitimate customers had problems with this though if they made certain changes to their own phone, such as replacing the battery and/or antenna. The Oki 900 was the ultimate tool of cell phone hackers because it could listen in to AMPS phone calls right out of the box with no hardware modifications.
AMPS was originally standardized by ANSI as EIA/TIA/IS-3. This was later superseded by EIA/TIA-553 and TIA interim standard IS-91. AMPS has been replaced by newer digital standards, such as Digital AMPS, GSM, and CDMA2000 which brought improved security as well as increased capacity. Though cloning is still possible even with digital technologies, the cost of wireless service is so low that the problem has virtually disappeared
Digital AMPS
Later, many AMPS networks were partially converted to D-AMPS, often referred to as TDMA (though TDMA is a generic term that applies to many cellular systems). D-AMPS is a digital, 2G standard used mainly by AT&T Mobility and U.S. Cellular in the United States, Rogers Wireless in Canada, Telcel in Mexico, Vivo S.A. and Telecom Italia Mobile (TIM) in Brazil, VimpelCom in Russia, Movilnet in Venezuela. In Latin America, AMPS is no longer offered and has been replaced by GSM and new UMTS networks
No comments:
Post a Comment