From what you say, and have suggested in previous posts, it would appear in the US neither sections of your law enforcement and the private sector have access to data. I got the impression this was down to (a) knowledge by the individual as to what was/is available or (b) data known to be available came down to cost in the obtaining.
I do not understand what you are trying to convey in this paragraph. oops
Greg,
I’m not trying to suggest the data from a SIM/USIM is junk science and I don’t believe anyone has expressed those concerns. The data is the data! The question is how the data is calculated and how it is interpreted by LE.
We love the data when it is used to find lost kids, hikers and the elderly, but in those common scenarios no jeopardy attaches. We’re not trying to take away someone’s liberty or freedom of movement for the next 5 or 50 years.
When LE steps into the arena to put someone’s tail feathers behind bars based upon an assumed location of a handset derived from historical communications detail records I believe there should be a National Standard or some sort of guidelines. I actually know of one individual that claims to have a certification that doesn't even exist.
These cellular providers have spent Billions to make sure their networks operate efficiently. They’re not idiots and they didn’t set up these networks just so they could be Junior Deputies for the NSA.
Obviously the more calls the better, but let’s talk about 1 call for starters. Let’s say I make 1 call on the Sprint network and in doing so my handset starts/ends the call on the North side of Tower A. Seeing how I got my preservation letter off within 14 days I was able to get PCMD data back with my return.
I don’t have my notes in front of me, but in the CDMA world there are 13.4 or 13.6 (I’ll call them timing chips) where the RF signal shoots out from the mast to the handset and back to provide this round trip measurement. That places the handset, with a fairly small error rate, at some point out within the coverage area of the sector. Good to know, but the sectors can overlap, expand and pull back in (breath)
Some of the carriers will also provide a Lat/Long coordinate along with their enhanced ranging data. BUT, how does the network create that data? I don’t know how things on your side of the pond are, but over here the RF engineers are well shielded from LE’s questions.
I have no evidence to back this up, but my perception is that LE in the U.K has greater access to cellular data than we do here in the U.S. Is it because they have better working relationships? Maybe all you chaps trust each other? Maybe the courts on your side have mandated the disclosure of the data?
The idea of the Operational Audit Checks is great. I believe everyone should be doing it, but if those records are not kept within the normal course of business it will cost me money to obtain it. Is it a nominal fee or will I have to go to the tower manufacturer, who is now masquerading as a third party vendor, and get raked over the coals for something that could be generated with a few mouse clicks?
If I ever make it over to England for a family vacation I’m sure my wife and I will get into a heated verbal argument. While she wants to take the kids to see Big Ben I’ll want to run off to Scotland Yard and ask questions about how call detail records are introduced in court D
This is apples and oranges, but we need licenses to drive right? At least legally? Along with that one should have received some degree of training right? Was it 8 hours, 40 or 400? The instructor said “Keep it between the lines.” I asked why? He said “Because outside those lines is the danger zone.” Outside those lines is the idea of “junk science.”
The system we have now is inadequate. We’re asking LE, of which I am one, to police itself. The telco’s aren’t rolling out the info freely and the private sector doesn’t have the access to the data so that they could drive a certification standard. It's all good for discussion.
Just my 3 cents
This is apples and oranges, but we need licenses to drive right?
OT 😯 , but JFYI, that is perfectly OK, this particular point has been debunked scientifically wink
http//
jaclaz
From what you say, and have suggested in previous posts, it would appear in the US neither sections of your law enforcement and the private sector have access to data. I got the impression this was down to (a) knowledge by the individual as to what was/is available or (b) data known to be available came down to cost in the obtaining.
I do not understand what you are trying to convey in this paragraph. oops
OK, no worries. From what I understand in this and other posts at this forum the suggestion is being made that information about US operators installation (masts) deployments and the technical arrangement for each of those masts (a) is not kept or at least not readily available (b) information that is available is denied to certain 'sections' of LEA and the private sector are unlikely to get any info and © or it is too expensive to obtain anyway. This is I take it is hampering e.g. the task of Operational Audit Check.
I’m not trying to suggest the data from a SIM/USIM is junk science
Ed I didn't suggest and had no intention to imply you had said that. I want to highlight to forum visitors (members or the lurk to learn browser) that a myth is and has continued to be promulgated about SIM/USIM for some years that because data has not been found in particular EFs that, figuratively speaking, there is not much going on under the hood. Perhaps it has come about due to a heavy reliance on automated tools to read handsets etc that mobile, computer and digital forensics only requires users to operate tools with a minimum knowledge level. From a mobile forensics perpective SIM/USIM are perpetually changing in productions runs and year-on-year new EFs are being added. It is therefore a mistaken approach to generalise about the importance or lack of it with SIM/USIM.
These cellular providers have spent Billions to make sure their networks operate efficiently. They’re not idiots and they didn’t set up these networks just so they could be Junior Deputies for the NSA.
Firstly, the fact that the operators spent billions is why they are required to keep detailed info about their installation deployments. Secondly, the US Government Department would not have issued licences to use US radio sprectrum if operators were being perceived as "idiots" at first instance. Thirdly, operator licences are governed by certain duties and obligations. I have no knowledge of how the NSA view operators. "Junior Deputies" is not a requirement nor has it been a requirement of the licence in order that the operators comply with the law and the legal rules governing their licences.
Obviously the more calls the better, but let’s talk about 1 call for starters. Let’s say I make 1 call on the Sprint network and in doing so my handset starts/ends the call on the North side of Tower A. Seeing how I got my preservation letter off within 14 days I was able to get PCMD data back with my return.
I don’t have my notes in front of me, but in the CDMA world there are 13.4 or 13.6 (I’ll call them timing chips) where the RF signal shoots out from the mast to the handset and back to provide this round trip measurement. That places the handset, with a fairly small error rate, at some point out within the coverage area of the sector. Good to know, but the sectors can overlap, expand and pull back in (breath)
Some of the carriers will also provide a Lat/Long coordinate along with their enhanced ranging data. BUT, how does the network create that data? I don’t know how things on your side of the pond are, but over here the RF engineers are well shielded from LE’s questions.
I have no evidence to back this up, but my perception is that LE in the U.K has greater access to cellular data than we do here in the U.S. Is it because they have better working relationships? Maybe all you chaps trust each other? Maybe the courts on your side have mandated the disclosure of the data?
The idea of the Operational Audit Checks is great. I believe everyone should be doing it, but if those records are not kept within the normal course of business it will cost me money to obtain it. Is it a nominal fee or will I have to go to the tower manufacturer, who is now masquerading as a third party vendor, and get raked over the coals for something that could be generated with a few mouse clicks?
I can see how it all appears frustrating. In the UK we have numerous ways to investigate. In the US the operators do hold databases and by identifcation of the Mast (Tower) to them your analogy about 'click of a mouse' is not far off, in this paperless society. Sourcing other avenues is a bit like a jigsaw; it takes time to put the right pieces in the right place if you are starting from scratch.
My comments about cell site are separate to those comments about SIM/USIM.
I was forwarded this article by one of our prosecutors back in May, who I have testified several times for as an expert in cellular technology and forensics.
After reading the article I fully agree with the statement, that historical cell site data is not pin point accurate and trying to extrapolate the exact position of the phone with the data available is inaccurate and foolish. Analysis of the data provides general locations for the target device.
I have read numerous emails on several forums about people who claim to be able to place the bad guy in a very small area with the data provided. I have been unable to reliably replicate their findings using the same data they had. Even with Per Call Measurement Data for the device, pin pointing the exact locations without the ability to access the GPS data from a device (if it has the ability), is not possible. The information from the Per Call Measurement Data is informative and probative for investigative purposes but that is its limit.
I concur with Imwinkelried’s statements; I can tell what side of the tower the phone connected to and show the operable range of that tower along with the other operable ranges of the other towers in the vicinity placing the device in a general area. As long as external factors like terrain and obstacles are taken into consideration.
This article suggests the expert they used for the records was not very knowledgeable in regards to what the data can show, and has been provided some urban myths about how a cell phone tower works.
Testimony like that stated in this case is what makes this job more difficult each day. We are tasked with being knowledgeable on a wide range of subjects, and have the ability to use immerging technology to assist in solving crimes; however, we are continually fighting a budget battle for training and equipment. Along with trying to educate the courts about the technologies we use. Law enforcement is evolving into a very technological laden endeavor and the further down the rabbit hole we go the harder this job will get.
A couple of notes about cellular analysis in the USA. Tremate's comments and postings are always informative and interesting. However, in the US, cellular companies are under no legislative rule to retain the type of data that Tremate can get his hands on for technical analysis of cellular call data.
Here in the USA, the technical data simply is not available to analysts. Also, since much of the information held by the cellular carriers is considered proprietary information, they are not required to give it to LE or anyone else.
It is misinformed to think that historical cellular data is not available to civil attorneys, as it in fact is available via subpoena. Yes, the carriers charge for the data extraction, but you can get it.
In some cases, the subscriber can get their own call detail records from the carriers by requesting it, no subpoena required.
Regarding PCM or Per Call Measurement data, I would be cautious in relying on it for location of a cell phone considering it is used by the carriers for load management and not for locating phones. Nor does it necessarily "pinpoint" a phone within the range of a particular tower.
Also, people misuse the term triangulation a lot. You cannot triangulate a phone by any means except in real time. To get real time locations for a cell phone in the USA requires either a warrant, or an exigent circumstances request to a carrier. Exigent circumstances is where there is immediate need for the information to locate a missing person, etc.
Having been doing this type of analysis for some time now, both for the defense and for prosecutors, there are limits to what you can say about the location of a phone based on the data available here in the USA; Historical Call Detail Records and Cell Site Location Records, which is typically all anyone gets from the carriers.
And there is the issue where a phone does not create records if the phone is powered off, or simply not in use.
Couple that with the fact that each carrier records information differently in their call detail records, where there will be no location information for text messages, only phone calls.
And bear in mind, that even live tracking of a phone is still dependent on multiple factors here in the USA. Not all areas are E911 Phase 2 compliant, and there are still times where the location may not be within the legally proscribed range of accuracy.
The networks here in the USA are rapidly evolving as new load management technology comes on line; call detail records are changing and becoming more difficult to properly interpret.
Larry interesting feed back thanks. Just a point are you sure i said those points you say that i am misinformed?
Larry interesting feed back thanks. Just a point are you sure i said those points you say that i am misinformed?
I think you may have misread my post. In the first paragraph, I am complimenting you on your posts. Then I change the subject to "It is misinformed", referring to various comments made in the thread, not comments by you.
Larry interesting feed back thanks. Just a point are you sure i said those points you say that i am misinformed?
I think you may have misread my post. In the first paragraph, I am complimenting you on your posts. Then I change the subject to "It is misinformed", referring to various comments made in the thread, not comments by you.
Hi Larry, then I had misread your comments. My apologies.
Some further updates
Tracing Packet Switch (PS) Users - http//
Location Tracking in the US - http//
CSA related items - http//