Below is the text of an email that I sent to someone to post on a forum that I didn’t feel like signing up for that already had a thread going on cloned Treo phones.
Enjoy!
I will apologize up front here as I’m tired and this is mostly just a
way to get past being pissed off at VZW for not watching out for the
customer.
I have a Treo 700p and it was cloned Friday night, just in time for the
weekend. If you’re wondering how to tell if your phone has been cloned,
it’s really easy. Call yourself from another phone. If you get no
indication whatsoever of that call happening, including voicemail
notification, you’re in trouble. If you periodically get through, it’s
likely due to the other phone having been turned off and your phone is
termporarily winning.
I just went through the process of getting my phone back from being
cloned. The most awesome part of this is the complete lack of support
that VZW gives to prevent the inconvenience of having your phone cloned.
The sequence of events:
- Drive to Vegas for a weekend conference on a Thursday
- Friday evening, no calls or text messages are getting through to my phone
- Sunday, while driving back, I have eleven (11) voice mails with no evidence of a missed call or that I might have a voicemail.
- Sunday night, contact VZW help (611) and find out that:
A) support will try to help you and tell you they believe that
your phone has been cloned. Once they believe that your phone
has been cloned, they will tell you that something is wrong
with the device and you should hard reset it.
This will do you no good, whatsoever. However, I’m pretty sure
that they have a pool running on the other end of the phone to
see how many customers they can stroke out by zapping all of
the data on their phones “on accident.”
B) The cloning and fraud department at VZW only works M-F,
0500-1800 PST. Obviously, this is because your phone can only
get cloned during banker hours. *SIGH*
C) Nobody at VZW can actually look at your account and tell you if
there are weird charges on the bill. In my case, there was no
indication of misuse during the episode and the one phone call
that I did get from the DR was from a local area code.
- Monday morning, call VZW cloning/fraud department. I had to speak to two separate people to complete my phone transaction.
The first person was very kind and genuinely wanted to help me but
was an idiot. “Yes, Mr. HalfDime, I’m going to send you a text
message with the URL you can use to update your phone firmware
with.”
“But my phone has been cloned.”
“Right. Did you get the text message?”
The second person was pissed off to be alive. They cut me off
every time I started to say something and then seemed to think
that it was obvious that doing a complete restore from backup to
the device would not overwrite the settings just downloaded from
Palm.
Anyway, the information that you will need to get your phone uncloned,
or that you should use to keep from having it get cloned in the first
place:
- Go here
- Follow the directions on updating your phone firmware.
- After the 35 minutes it takes the software to install, call cloning/fraud at the number below:
Cloning/Fraud Dept.
888 483-7200
Hours: M-F, 0500 - 1800 PST only
- They will “verify” your phone via the following process:
- Dial #2539 - Authorization from verizon host, they send programming to phone.
- Turn phone radio off
- Tell support person when it’s off
- Turn phone radio on
- Tell support person when it’s on
NOTE: It’s very likely that over the air programming ( *228, option 1 )
will not work at this time since your phone has been flagged in
the system as being cloned. It may take a day or more for this to
clear. However, updating roaming ( *228, option 2 ) works.
After updating your phone, the firmware version displayed for the phone
firmware is Treo700p_-1.10-VZW.
According to a treocentral article on the interweb [0] and the Verizon
tech, this flaw is due to there being no AKEY shipped with the phone
firmware and has been known for quite some time. It’s just now coming
up in numbers as it’s been discovered at large. Most of the phone
numbers are being cloned to the Dominican Republic.
The importance of the A-Key is described well by this quote:
“Security of the A-Key is critical in a CDMA system. Over-the-Air
provisioning uses Diffie-Hellman algorithm, making it the best choice
for A-Key programming from the alternatives mentioned above.
Diffie-Hellman algorithm is used for secure key exchange between two
entities so that a third party cannot deduce the value in the process
of exchange.” [1]
What this basically boils down to is that all the information required
to clone a phone is being broadcast unencrypted over the air for anyone
to partake of with very little effort.
Thank you so much, Verizon.
Adding insult to injury, not only did I lose use of my phone for an
entire weekend because my phone got nabbed on a Friday night and VZW
fraud/cloning works banker hours, but I had to perform a 90 minute hokey
pokey to get the new software installed, call back to VZW and then do
the hokey pokey, turn the phone off and on with VZW on the phone.
–HalfDime
[0] http://discussion.treocentral.com/showthread.php?p=1477412
[1] Over-The-Air Provisioning in CDMA, Rohini P.P., Gemplus Technologies, October 2004
http://www.cdg.org/resources/white_papers/files/Gemplus%20Over-The-Air%20Provisoning%20in%20CDMA%20Oct%2004.pdf
I got yer comments here...