Sign in with
Sign up | Sign in
Your question

They got Paris Hilton's contacts, and could get yours, too

Last response: in Network Providers
Share
Anonymous
March 1, 2005 3:04:38 AM

Archived from groups: alt.cellular.verizon (More info?)

Cell phone voicemail easily hacked

They got Paris Hilton's contacts, and could get yours, too


The attack is simple, according to Bob Egan of MobileCompetency.com, who
wrote the report. Most cell phone providers offer a service called "skip
passcode," which allows mobile subscribers to enter their cell phone
voicemail and select other administrative options without entering a numeric
password. Callers are sometimes told the service is safe, because cell phone
providers ensure the call is initiated from the handset owned by the
consumer -- making the password unnecessary.

But Eagan discovered that services use caller ID to authenticate the cell
phone, and months ago, hackers learned how to spoof, or "trick" the caller
ID system. Using such a service, a hacker can dial the mobile account
holder's telephone system and immediately access their voice mail and other
services.

www.passpoirt.net

More about : paris hilton contacts

March 1, 2005 10:23:17 AM

Archived from groups: alt.cellular.verizon (More info?)

"NewsGuy" <john-os@excite.com> wrote in message
news:ECSUd.41309$u87.39261@bignews6.bellsouth.net...
> Cell phone voicemail easily hacked
>
> They got Paris Hilton's contacts, and could get yours, too
>
>
> The attack is simple, according to Bob Egan of MobileCompetency.com, who
> wrote the report. Most cell phone providers offer a service called "skip
> passcode," which allows mobile subscribers to enter their cell phone
> voicemail and select other administrative options without entering a
numeric
> password. Callers are sometimes told the service is safe, because cell
phone
> providers ensure the call is initiated from the handset owned by the
> consumer -- making the password unnecessary.
>
> But Eagan discovered that services use caller ID to authenticate the cell
> phone, and months ago, hackers learned how to spoof, or "trick" the caller
> ID system. Using such a service, a hacker can dial the mobile account
> holder's telephone system and immediately access their voice mail and
other
> services.
>
> www.passpoirt.net
>
>
Your information may be possible but they got her info because tmobile isn't
very interested in the security of their customers personal information.
They didn't bother to patch a known hole in the Weblogic app they use
enabling a kiddie to "own" their system.

http://www.wired.com/news/privacy/0,1848,66735,00.html
March 1, 2005 10:31:39 AM

Archived from groups: alt.cellular.verizon (More info?)

On Tue, 1 Mar 2005 07:23:17 -0500, "George" <george@nospam.invalid>
wrote:

>Your information may be possible but they got her info because tmobile isn't
>very interested in the security of their customers personal information.
>They didn't bother to patch a known hole in the Weblogic app they use
>enabling a kiddie to "own" their system.

And you are smug in the knowledge that Verizon could never be hit by
such an exploit, eh? Don't laugh too hard when Verizon gets hacked as
well. Honestly be real. If you think any company can't be hit with a
hack and be exploited you are extremely naïve.

- - - - - - - - - - - - - - - - - - - - - - - - - -
Related resources
Anonymous
March 1, 2005 11:15:29 AM

Archived from groups: alt.cellular.verizon (More info?)

On Tue, 1 Mar 2005 00:04:38 -0500, "NewsGuy" <john-os@excite.com>
wrote:

>But Eagan discovered that services use caller ID to authenticate the cell
>phone, and months ago, hackers learned how to spoof, or "trick" the caller
>ID system. Using such a service, a hacker can dial the mobile account
>holder's telephone system and immediately access their voice mail and other
>services.

Hey, if someone wants to check my voice mail and listen to my family
or friends pester me about bullshit things they ought to be handling
themselves, I say go for it.
March 1, 2005 3:02:22 PM

Archived from groups: alt.cellular.verizon (More info?)

"Joseph" <JoeOfSeattle@yahoo.com> wrote in message
news:8i29215cb94ne2ng2m91jfktu2ep6ol04p@4ax.com...
> On Tue, 1 Mar 2005 07:23:17 -0500, "George" <george@nospam.invalid>
> wrote:
>
> >Your information may be possible but they got her info because tmobile
isn't
> >very interested in the security of their customers personal information.
> >They didn't bother to patch a known hole in the Weblogic app they use
> >enabling a kiddie to "own" their system.
>
> And you are smug in the knowledge that Verizon could never be hit by
> such an exploit, eh? Don't laugh too hard when Verizon gets hacked as
> well. Honestly be real. If you think any company can't be hit with a
> hack and be exploited you are extremely naïve.
>

Sure, anything can get hacked. In this case tmobile left their and their
customers pants down by not implementing a patch for something noted as a "
high-severity vulnerability". Also some carriers are not known for having a
very solid infrastructure/backend with VZW not being in that list.
!