lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <44DADBAB.23401.133482F5@stuart.cyberdelix.net>
Date: Thu, 10 Aug 2006 07:09:31 +0100
From: "lsi" <stuart@...erdelix.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Tabloid phone-tapping net widens 

[It seems to me that this may be a global, not UK-specific 
vulnerability which probably affects all of the world's 1 billion 
mobile phones (just a guess) on each of the world's carriers.  My 
question is, what are the vendors doing about it? The usefulness of 
their technology is undermined if it cannot be trusted. The immediate 
remedial step for users appears to be to make their PINs difficult to 
guess.  But this will not help the majority of users who don't catch 
this story, and it does not address the underlying simplistic design. 
- Stu]

http://media.guardian.co.uk/site/story/0,,1840971,00.html

Tabloid phone-tapping net widens 

· Reporter faces nine charges of hacking 
· Politicians may have had messages intercepted 

Ian Cobain and Stephen Bates
Thursday August 10, 2006
The Guardian 

The News of the World's royal correspondent was last night charged 
with hacking into the royal family's mobile phone messages as 
Scotland Yard continued its investigation into alleged illegal 
activities of tabloid newspapers.

Clive Goodman, 48, was jointly charged with Glenn Mulcaire, 35, of 
Sutton, Surrey, with nine counts of intercepting or plotting to 
intercept voicemail messages between January and May this year.

Both have been released on police bail to appear at Horseferry Road 
magistrates' court next Wednesday.

Police also said last night they were broadening the investigation 
after suggestions that David Blunkett, the former home secretary, 
other politicians and Victoria Beckham may also have been targeted. 
Tessa Jowell, the culture secretary, is understood to have been 
potentially targeted.

Two of Goodman's stories last November appear to have alerted palace 
staff that messages may have been intercepted. The first concerned a 
knee injury to Prince William which, it was said, would lead to the 
postponement of a mountain rescue course he was to attend. The 
second, a week later, suggested that he had been lent some 
broadcasting equipment by ITN's then royal correspondent, Tom Bradby, 
to enable him to edit gap year videos and DVDs into "one very posh 
home movie".

Police were said to be analysing a list of phone numbers to discover 
who they belonged to and whether they had been intercepted or their 
messages - though not apparently live conversations - hacked, as part 
of an investigation that has already lasted several months. They were 
said to be liaising with mobile phone companies and the Crown 
Prosecution Service. The investigation is being conducted by the anti-
terrorist squad because of the security implications.

A number of tabloid scoops in recent years appear explicable only if 
messages were accessed, or confirmed by them. Tabloid journalists are 
known to have accessed the phone records of Kimberly Fortier, the 
publisher of the Spectator, after the revelation of her affair with 
Mr Blunkett.

Although royal officials were privately suggesting that the Prince of 
Wales and his wife, the Duchess of Cornwall, had not been victims, it 
is likely that Prince William has been targeted. Media interest in 
his love life, particularly his relationship with his former fellow 
student Kate Middleton, has been intense.

Mobile phone and wire-tapping experts said it was easy to access 
private messages. Simply dialling an unobtainable mobile and being 
put through to voicemail allows the potential tapper to use default 
factory four-digit Pin codes to access their target's messages 
entered when the recorded greeting begins.

Breaking the code is relatively straightforward with defaults for 
service providers ranging from 4444, 1234 to even the last four 
digits of the target phone. Even if users have changed their Pin it 
is often to something little more imaginative than their date of 
birth.

Intelligence specialist Duncan Campbell said: "It is not hugely 
difficult. We are dealing with the royal family - these are not the 
sort of people who instinctively understand this sort of thing, 
unlike the average 17-year-old. There have recently been similar 
scandals in Greece, where the prime minister's phone was tapped, and 
in Italy where they tried to do the same thing. It would be 
straightforward to compromise personal Pin codes."

Bradby, now ITV's political editor, said yesterday that details of a 
meeting he had arranged with Prince William appeared in the News of 
the World before it had taken place."I was due to have a private 
meeting with William and I was pretty surprised to find that not only 
details of the meeting but what we were going to discuss pitched up 
in the News of the World the Sunday before ... We both looked at each 
other and said, 'Well, how on earth did that get out?' and we worked 
out that only he and I and two people incredibly close to him had 
actually known about it.

"Then we started discussing one or two other things that had happened 
recently. There had been a meeting he had had with a knee surgeon, 
and that again only he and his personal secretary and the surgeon had 
known about ...

"Basically the answer we came up with was that it must be something 
like breaking into mobile answering machine messages. His chief of 
staff is a former SAS officer and his attitude was that, 'if this is 
potentially happening to us, who on earth else could it be happening 
to?'. He passed his concerns on to the police, the police had a small 
investigation on to begin with into the localised incident at 
Clarence House. What they discovered then alarmed them enough to hand 
it to the anti-terrorist police who looked at it much more broadly."

Sir Christopher Meyer, the chairman of the Press Complaints 
Commission, told BBC Radio 4's Today programme yesterday: "One hears 
stories and rumours all the time that this may be going on; nobody 
has come to me with hard evidence of this. The Press Complaints 
Commission sets out in clause 10 of its code of practice that the 
press must not intercept private or mobile telephone calls, messages 
or emails and a whole bunch of other things ...

"You have to have a very high bar of public interest to justify this, 
and so that's enshrined in our constitution."

Careful, they might hear you

Tabloid journalists have been hoovering up other people's mobile 
phone messages for many years in their search for scoops. The 
following are some of the public figures who are now known to have 
been targeted:

David Blunkett

After details of the then home secretary's affair with Kimberly 
Fortier were uncovered by the News of the World in August 2004, 
journalists from a tabloid newspaper began to listen to her 
voicemail. They heard a series of messages from Mr Blunkett imploring 
her to call him and even, on one occasion, singing a song.

Richard Kay

The Daily Mail journalist is understood to have been targeted by one 
of his fellow royal correspondents several years ago, at a time when 
he was said to have formed a friendship with Diana, Princess of 
Wales. This journalist is said to have told colleagues that his first 
telephone call every morning would be to Kay's mobile, "just to see 
if Di had called".

Heather Mills 

One story that was hawked around Fleet Street's tabloids recently was 
based upon a message which her estranged husband, Sir Paul McCartney, 
left on her mobile, apparently apologising to her.

Victoria Beckham

According to well-placed Fleet Street sources, Posh Spice became so 
infuriated at the way in which messages on her mobile would be turned 
into gossip column fodder that she changed her outgoing voicemail 
message, requesting, in the clearest terms, that whoever was doing it 
would go away.

---
Stuart Udall
stuart at@...erdelix.dot net - http://www.cyberdelix.net/

--- 
 * Origin: lsi: revolution through evolution (192:168/0.2)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ