Phone hacking: the telco angle

Roland Perry lists at
Thu May 2 14:06:13 BST 2013

In article <E1UXs1U-0002Jn-PE at>, Chris Edwards 
<chris-ukcrypto at> writes
>> They told us we needed to set a PIN to make it secure.  They, probably
>> correctly, calculated that more people would be annoyed by having to set
>There's a difference between retrieving voicemail on the handset itself,
>versus being able to dial in and access it from any phone (which I gather
>is what the newspapers were abusing).
>Back in the day, I recall Orange would only allow access from the handset,
>UNLESS a PIN was set, in which case access was allowed from anywhere.
>I imagine most of their customers never knew about the remote access
>option, never set a pin, yet weren't vulnerable.

Most people probably found out about "remote" access when they went 
abroad - I don't think any of the networks trusted (and some probably 
didn't get, at least in the early days) CLI delivered to them. The sort 
of people whose PIN might be hacked are very likely to have gone abroad 
at some stage.
Roland Perry

More information about the ukcrypto mailing list