Reader Comments

Subscribe: RSS

View by: Time | Thread

• 

  nonuser, 22 Feb 2005 @ 8:51pm

  
  

  the joke may be on Hilton

  but the real culprit are service providers who rely on such an insecure backdoor that gets hacked when customers use it the way they suggest.

  [ link to this | view in chronology ]

• 

  Precision Blogger, 23 Feb 2005 @ 6:59am

  
  

  Bruce Schneier wrote just recently about this secu

  Bingo! Bruce Schneier wrote just recently about how the backup question weakens password protection. He says when forced to supply a Q&A, he hitsrandom keys that he won't remember for the answer. See:
  http://www.schneier.com/blog/archives/2005/02/the_curse_of_th.html
  
  
  - The Precision Blogger
  http://precision-blogging.blogspot.com
  

  [ link to this | view in chronology ]

  • 

    Anonymous Coward, 23 Feb 2005 @ 7:38am

    
    

    Use " other " ? & make one up

    
    Use the " oter " question catagory.
    Ask yourself a question that NOONE would understand BUT you.
    Works for me & even if the system were hacked, my question wouldn't even make sense to the hacker.
    
    Problem solved.

    [ link to this | view in chronology ]

    • 

      seth, 23 Feb 2005 @ 8:31am

      
      

      Re: Use

      I always just enter a lot of gibberish whenever I am required to have a reminder question. Then I just don't forget my password or I have it emailed to me if I do forget. I always distrusted the back-up password.

      [ link to this | view in chronology ]

      • 

        Ranger, 24 Feb 2005 @ 10:26am

        
        

        Re: Use

        Am I the only one suspicious of her getting hacked in the first place? I mean, isn't she due for some scandalous web-activity about now?
        
        I mean, who keeps perfect naked pictures of themselves on their mobile camera? For what possible reason? "Hey, I want to see if I've gained any extra weight from eating that ice cream sundae?"
        
        
        

        [ link to this | view in chronology ]

  • 

    Tim, 23 Feb 2005 @ 8:16am

    
    

    Re: Bruce Schneier wrote just recently about this

    Do it jeopardy-style:
    
    secret reminder question: meow
    reminder answer: What do dogs say?
    
    That's one heck of a long passphrase for no extra work ;)

    [ link to this | view in chronology ]

• 

  Nick, 25 Feb 2005 @ 8:19am

  
  

  T-Mobile Password Hacking

  ... another likely theory was given in this post over at Kevin Rose's site.

  The hack is a simple one that I duplicated easily. If you have Sprint or T-Mobile and have auto voicemail login enabled, you are vulnerable to this type of attack. I have auto voicemail login enabled because I hate entering my voicemail PIN number each time I want to check my messages. The voicemail authentication system is simple. It uses caller ID to validate the originating number – if the caller ID matches your cell phone number (ie. your cell phone calling in to check your voicemail messages), it will log you in automatically. This system has worked great for the last few years. Well, that is until the advent of commercial caller ID spoofing systems such as CovertCall and Telespoof. For those not in-the-know, caller ID spoofing allows you to change your caller ID number to anything you like. To hack myself, I simply logged into CovertCall and placed a spoofed call to my cell phone. The spoofed call was to my cell phone, from my cell phone, forwarded to a pay phone. Sprint (my provider) thought I was calling from my cell, and automatically logged me in (even though I was performing this from a pay phone down the street).

  [ link to this | view in chronology ]

• 

  Katie, 30 Oct 2006 @ 6:50am

  
  

  Paris Hilton

  Finally her stupidity is realized!!!

  [ link to this | view in chronology ]

• 

  chester.., 23 May 2008 @ 9:23am

  
  

  paris hiltoon

  There is NOTHING iconic about Paris Hilton..

  [ link to this | view in chronology ]