[<prev] [next>] [day] [month] [year] [list]
Message-ID: <44DADBAB.23401.133482F5@stuart.cyberdelix.net>
Date: Thu, 10 Aug 2006 07:09:31 +0100
From: "lsi" <stuart@...erdelix.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Tabloid phone-tapping net widens
[It seems to me that this may be a global, not UK-specific
vulnerability which probably affects all of the world's 1 billion
mobile phones (just a guess) on each of the world's carriers. My
question is, what are the vendors doing about it? The usefulness of
their technology is undermined if it cannot be trusted. The immediate
remedial step for users appears to be to make their PINs difficult to
guess. But this will not help the majority of users who don't catch
this story, and it does not address the underlying simplistic design.
- Stu]
http://media.guardian.co.uk/site/story/0,,1840971,00.html
Tabloid phone-tapping net widens
· Reporter faces nine charges of hacking
· Politicians may have had messages intercepted
Ian Cobain and Stephen Bates
Thursday August 10, 2006
The Guardian
The News of the World's royal correspondent was last night charged
with hacking into the royal family's mobile phone messages as
Scotland Yard continued its investigation into alleged illegal
activities of tabloid newspapers.
Clive Goodman, 48, was jointly charged with Glenn Mulcaire, 35, of
Sutton, Surrey, with nine counts of intercepting or plotting to
intercept voicemail messages between January and May this year.
Both have been released on police bail to appear at Horseferry Road
magistrates' court next Wednesday.
Police also said last night they were broadening the investigation
after suggestions that David Blunkett, the former home secretary,
other politicians and Victoria Beckham may also have been targeted.
Tessa Jowell, the culture secretary, is understood to have been
potentially targeted.
Two of Goodman's stories last November appear to have alerted palace
staff that messages may have been intercepted. The first concerned a
knee injury to Prince William which, it was said, would lead to the
postponement of a mountain rescue course he was to attend. The
second, a week later, suggested that he had been lent some
broadcasting equipment by ITN's then royal correspondent, Tom Bradby,
to enable him to edit gap year videos and DVDs into "one very posh
home movie".
Police were said to be analysing a list of phone numbers to discover
who they belonged to and whether they had been intercepted or their
messages - though not apparently live conversations - hacked, as part
of an investigation that has already lasted several months. They were
said to be liaising with mobile phone companies and the Crown
Prosecution Service. The investigation is being conducted by the anti-
terrorist squad because of the security implications.
A number of tabloid scoops in recent years appear explicable only if
messages were accessed, or confirmed by them. Tabloid journalists are
known to have accessed the phone records of Kimberly Fortier, the
publisher of the Spectator, after the revelation of her affair with
Mr Blunkett.
Although royal officials were privately suggesting that the Prince of
Wales and his wife, the Duchess of Cornwall, had not been victims, it
is likely that Prince William has been targeted. Media interest in
his love life, particularly his relationship with his former fellow
student Kate Middleton, has been intense.
Mobile phone and wire-tapping experts said it was easy to access
private messages. Simply dialling an unobtainable mobile and being
put through to voicemail allows the potential tapper to use default
factory four-digit Pin codes to access their target's messages
entered when the recorded greeting begins.
Breaking the code is relatively straightforward with defaults for
service providers ranging from 4444, 1234 to even the last four
digits of the target phone. Even if users have changed their Pin it
is often to something little more imaginative than their date of
birth.
Intelligence specialist Duncan Campbell said: "It is not hugely
difficult. We are dealing with the royal family - these are not the
sort of people who instinctively understand this sort of thing,
unlike the average 17-year-old. There have recently been similar
scandals in Greece, where the prime minister's phone was tapped, and
in Italy where they tried to do the same thing. It would be
straightforward to compromise personal Pin codes."
Bradby, now ITV's political editor, said yesterday that details of a
meeting he had arranged with Prince William appeared in the News of
the World before it had taken place."I was due to have a private
meeting with William and I was pretty surprised to find that not only
details of the meeting but what we were going to discuss pitched up
in the News of the World the Sunday before ... We both looked at each
other and said, 'Well, how on earth did that get out?' and we worked
out that only he and I and two people incredibly close to him had
actually known about it.
"Then we started discussing one or two other things that had happened
recently. There had been a meeting he had had with a knee surgeon,
and that again only he and his personal secretary and the surgeon had
known about ...
"Basically the answer we came up with was that it must be something
like breaking into mobile answering machine messages. His chief of
staff is a former SAS officer and his attitude was that, 'if this is
potentially happening to us, who on earth else could it be happening
to?'. He passed his concerns on to the police, the police had a small
investigation on to begin with into the localised incident at
Clarence House. What they discovered then alarmed them enough to hand
it to the anti-terrorist police who looked at it much more broadly."
Sir Christopher Meyer, the chairman of the Press Complaints
Commission, told BBC Radio 4's Today programme yesterday: "One hears
stories and rumours all the time that this may be going on; nobody
has come to me with hard evidence of this. The Press Complaints
Commission sets out in clause 10 of its code of practice that the
press must not intercept private or mobile telephone calls, messages
or emails and a whole bunch of other things ...
"You have to have a very high bar of public interest to justify this,
and so that's enshrined in our constitution."
Careful, they might hear you
Tabloid journalists have been hoovering up other people's mobile
phone messages for many years in their search for scoops. The
following are some of the public figures who are now known to have
been targeted:
David Blunkett
After details of the then home secretary's affair with Kimberly
Fortier were uncovered by the News of the World in August 2004,
journalists from a tabloid newspaper began to listen to her
voicemail. They heard a series of messages from Mr Blunkett imploring
her to call him and even, on one occasion, singing a song.
Richard Kay
The Daily Mail journalist is understood to have been targeted by one
of his fellow royal correspondents several years ago, at a time when
he was said to have formed a friendship with Diana, Princess of
Wales. This journalist is said to have told colleagues that his first
telephone call every morning would be to Kay's mobile, "just to see
if Di had called".
Heather Mills
One story that was hawked around Fleet Street's tabloids recently was
based upon a message which her estranged husband, Sir Paul McCartney,
left on her mobile, apparently apologising to her.
Victoria Beckham
According to well-placed Fleet Street sources, Posh Spice became so
infuriated at the way in which messages on her mobile would be turned
into gossip column fodder that she changed her outgoing voicemail
message, requesting, in the clearest terms, that whoever was doing it
would go away.
---
Stuart Udall
stuart at@...erdelix.dot net - http://www.cyberdelix.net/
---
* Origin: lsi: revolution through evolution (192:168/0.2)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists