T-Mobile Says Let Them Eat Passwords

from the thanks-for-that dept

While the hack on Paris Hilton's Sidekick data got most of the attention, someone quickly used an old, but fairly well-known, hack to get into her voicemail as well. This news went around the blogworld for a bit and is now reaching the mainstream press as well. The hack isn't new at all -- it just involves spoofing the caller ID. Many mobile phones to make things more convenient for users have an option where you can listen to voicemail just by hitting the voicemail button -- rather than having to punch in a PIN. T-Mobile (and possibly others) do this just by having the phone note the caller ID of the caller. That is, it's really "calling" your own number, but if the caller ID matches the number, it automatically lets you in to voicemail. So, to break in, you just need to use one of the increasingly easy to use caller ID spoofing services. Simple. So, using this "hack" someone broke into Paris' voicemail and a few other names and numbers from her address book. T-Mobile was slow to respond -- even though this issue has been brought to their attention many times before (in fact, we pointed it out last October). Today they finally responded by saying: use a password. That's it. They don't point out that they encouraged people not to use passwords by showing them how easy it was to get into voicemail without one. Instead, they just say "hey, you should use a password." Very helpful. Random aside: Last time I used the "let them eat..." reference, John Dowdell correctly pointed out that it's usually used out of context. Indeed, I'm guilty of doing so again... but it has become the common usage for the phrase.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.