G
Guest
Guest
Archived from groups: alt.cellular.cingular (More info?)
The attack is simple, according to Bob Egan of MobileCompetency.com, who
wrote the report. Most cell phone providers offer a service called "skip
passcode," which allows mobile subscribers to enter their cell phone
voicemail and select other administrative options without entering a numeric
password. Callers are sometimes told the service is safe, because cell phone
providers ensure the call is initiated from the handset owned by the
consumer -- making the password unnecessary.
But Eagan discovered that services use caller ID to authenticate the cell
phone, and months ago, hackers learned how to spoof, or "trick" the caller
ID system. Using such a service, a hacker can dial the mobile account
holder's telephone system and immediately access their voice mail and other
services.
www.passpoirt.net
The attack is simple, according to Bob Egan of MobileCompetency.com, who
wrote the report. Most cell phone providers offer a service called "skip
passcode," which allows mobile subscribers to enter their cell phone
voicemail and select other administrative options without entering a numeric
password. Callers are sometimes told the service is safe, because cell phone
providers ensure the call is initiated from the handset owned by the
consumer -- making the password unnecessary.
But Eagan discovered that services use caller ID to authenticate the cell
phone, and months ago, hackers learned how to spoof, or "trick" the caller
ID system. Using such a service, a hacker can dial the mobile account
holder's telephone system and immediately access their voice mail and other
services.
www.passpoirt.net