7

I recently had my phone stolen (Galaxy S8) and have done the following:

  • Wiped it remotely
  • Reported the theft to network operator, who have allegedly blocked the IMEI

I have tried searching for details on what actually holds this IMEI number, to see whether thieves are changing it, and have found conflicting bits of information:

  • IMEI number and firmware version are directly encoded in the baseband chip (the only chip due to which you are able to get network). If you even dare to replace the baseband chip, there would be no network, no IMEI number, the firmware number will be visible, and the battery will start to drain faster. (Battery backup would drop to 20–30%.)

and

  • this jolly video of someone using an aptly named "Best Smart Tools" software to literally type in the new IMEI after clicking on a few buttons.

I am sure this depends on the manufacturer, but what is the state of affairs with the two giants - Samsung and Apple? Is IMEI actually hard-coded into a chip of some sort, or is it changeable without replacing a single bit of hardware?

Glorfindel
  • 2,235
  • 6
  • 18
  • 30
Tony Sepia
  • 173
  • 6
  • 3
    It can be changed without changing hardware, but generally manufacturers try to prevent that. Modified phones or phones with exploited basebands may be able to have their IMEI changed. I believe this is illegal in some countries. – forest Jun 23 '18 at 21:55
  • @forest so the bit of information that I found about the way basebands work is False? They don't have anything hard-coded? – Tony Sepia Jun 23 '18 at 22:01
  • 2
    @TonySepia What's hardcoded is what the IMEI _should_ be. A hacked baseband can use a different IMEI without changing the hardcoded one. – forest Jun 23 '18 at 22:16
  • @forest that makes sense. And, I assume, the baseband is then a non-secure ROM. Are there any documents/articles out there confirming it? – Tony Sepia Jun 23 '18 at 22:47
  • 2
    @TonySepia The baseband itself is a processor. IMEI might be encoded as ROM internal to the processor, or maybe as OTP (one-time programmable) fuses, or maybe even as EEPROM external to the baseband. I'm sure there are datasheets giving more information, but I know effectively nothing about baseband hardware. – forest Jun 23 '18 at 22:49
  • @forest, very interesting, thank you for the info! Sounds like a typical arms race: manufacturers vs hackers ;( – Tony Sepia Jun 23 '18 at 22:50
  • 2
    To be fair, I think they only prevent IMEI from changing due to federal regulations. It's not difficult to build a phone with a modified or hacked baseband that allows for arbitrary IMEI changes, and there are phones (usually bootlegs) which provide the ability to change IMEI from the user interface. – forest Jun 23 '18 at 22:51
  • Think of it as the MAC of a phone. You can certainly change it. – Overmind Jun 20 '19 at 06:51
  • "If you even dare to replace the baseband chip, there would be no network, no IMEI number, the firmware number will be visible, and the battery will start to drain faster." Source? – Joseph Sible-Reinstate Monica Jun 20 '19 at 22:46
  • @JosephSible-ReinstateMonica I've copy-pasted it from somewhere, but even a Google search can't bring up the source, apologies – Tony Sepia Feb 13 '20 at 16:53

1 Answers1

1

IMEI are hackable/changeable. There is a company called PhoneSec that does IMEI hacking research on smartphones.
Above all, I suggest that you request the device to be blocked at all the operators of your country. If the operators have an agreement with GSMA, those blocked IMEI will be shared with the GSMA DB, and the phone won't work in operators that have agreement with GSMA and have access to the GSMA DB.

Glorfindel
  • 2,235
  • 6
  • 18
  • 30
Coding_A_Nation
  • 86
  • 8