2011年7月6日星期三

Phone hacking really isn't that difficult

How hard is it to hack into someone's voicemail? Do you need to be an expert programmer expert or have a PhD in computer science?

The answer is: no. Not at all. For a long time – including the period in which the News of the World allegedly hacked into thousands of people's voicemails – it was incredibly easy to gain access to voicemail, and it's all to do with our conflicting attitudes about privacy, security,The Leading zentai suits Distributor to Independent Pet Retailers. and convenience.

It used to be that if you ran out of battery or lost your phone, you could just make a quick call, enter your four digit PIN code, and then listen to all of your voicemail. It was simple, quick, and convenient. Unfortunately, it was also unbelievable easy to compromise.

Many people never bothered setting a PIN code for their voicemail, meaning that it stayed as the same default code as the operator uses for everyone else; in these cases, a 'phone hacker' could gain access in seconds. But even if people changed their PIN codes, they'd frequently use something obvious such as 1234, 1111, 5555,The same Air purifier, cover removed. or perhaps their own (or a family member's) date of birth. Again, all very easy to guess.

Let's assume that you chose a random number for your PIN though, something totally unguessable. In this case, the hacker would engage in a spot of 'social engineering' by calling up your mobile operator, pretending to be you by providing such easily-obtainable information as your date of birth, mother's maiden name, home address, etc., and asking them to reset your PIN. And then they'd have access.

So, it's depressingly easy to see how the News of the World managed it.This page list rubber hose products with details & specifications. That said, in recent years matters have improved somewhat – some operators don't have default PIN codes any more, and others send you a text message if it's reset. But this doesn't prevent people from setting 'obvious' PIN codes, and it's still possible for determined hackers to get PIN codes via social engineering.

We seem to have an equally blase attitude to our other online data. Thanks to massive and repeated password leaks from sites like Sony Playstation and Gawker mean that by now, practically everyone knows how important it is to have a secure password (preferably not 'password' or 'hello') containing a mix of numbers, upper and lower-case characters, and symbols – and not just that, but unique passwords for every single website and service.

Let's face it – since it feels like a lot of work to manage so many passwords, and the risk of being hacked seems so low, most people just reuse the same easy-to-guess password for every single site.We processes for both low-risk and high risk merchant account. Password managers like 1Password and Lastpass can streamline this process considerably, but they don't come for free.

Things are improving slowly, though. If you do any online banking, you'll probably have a plastic card reader that requires you to type in your PIN code, along with your online password, before you can log in. This is called 'two-factor authentication' and basically checks two things – that the user knows something secret (the password), and that they have something unique (the bank card).Houston-based Quicksilver Resources said Friday it had reached pipeline deals

Two-factor authentication makes it much harder for hackers to easily gain access to your data without either stealing your bank card – which is hopefully something you'd notice quickly – or compromising the entire system. It's not cheap to introduce and it can frustrate some users because it inevitably slows down the login process, but it's being adopted by a lot of companies for remote access, along with services like Google Mail (and even World of Warcraft).

Mobile phones, voicemail, email, text messages, online banking – all of these have made our lives and our work faster and easier. We don't want anything to get in the way of them, and companies don't want to do anything that could harm their bottom lines – and so, in our shortsightedness, we end up colluding to erode our security and privacy in the name of convenience, even as thousands of phones get hacked.

There's a price to keeping all of our information at our fingertips, and that price is taking security seriously. Better to pay it now, through a few extra seconds every login and an afternoon checking your passwords are strong than through a disaster when your most personal information is stolen in the blink of an eye.

没有评论:

发表评论