Phone hacking: the telco angle
Roger Hayter
roger at hayter.org
Thu May 2 15:46:58 BST 2013
On 2 May 2013, at 12:50, Chris Edwards <chris-ukcrypto at lists.skipnote.org> wrote:
> On Wed, 1 May 2013, Roger Hayter wrote:
>
>> They told us we needed to set a PIN to make it secure. They, probably
>> correctly, calculated that more people would be annoyed by having to set
>
> There's a difference between retrieving voicemail on the handset itself,
> versus being able to dial in and access it from any phone (which I gather
> is what the newspapers were abusing).
>
> Back in the day, I recall Orange would only allow access from the handset,
> UNLESS a PIN was set, in which case access was allowed from anywhere.
>
> I imagine most of their customers never knew about the remote access
> option, never set a pin, yet weren't vulnerable.
>
Well, on O2 I was given remote access enabled by default 10+ years ago, with a default PIN of 0000. And I got the email saying they were going to disable remote access unless I set a new PIN a couple of years back when the scandal became more intense.
--
Roger Hayter
More information about the ukcrypto
mailing list