Jump to content

Phone hacking

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 99.181.153.29 (talk) at 05:40, 29 December 2011 (Karsten Nohl ... de:Karsten Nohl and/or es:Karsten Nohl resources). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Phone hacking is a term used to describe the practice of intercepting telephone calls or voicemail messages, often by accessing the voicemail messages of a mobile phone without the consent of the phone's owner. The term came to prominence during the News International phone hacking scandal, in which it was alleged (and in some cases proved in court) that the British tabloid newspaper the News of the World had been involved in the interception of voicemail messages of the British Royal Family, other public figures, and the murdered schoolgirl Milly Dowler.[1]

Techniques

Phone hacking often involves unauthorized access to the voicemail of a mobile phone.

Since the early days of mobile phone technology, mobile phones have allowed access to voicemail messages via a landline telephone, requiring the entry of a Personal Identification Number (PIN) to listen to the messages. As many mobile phones were supplied with a factory default PIN that was rarely changed by the owner, it was easy for a person who knew the phone number and the default PIN to access the voicemail messages. Following controversies over phone hacking, some mobile phone companies have changed their systems so that remote access to voicemail messages and other phone settings cannot be achieved via a factory default PIN.[2]

Caller ID spoofing allows a caller to pretend that a call has been made from another number. During the mid-2000s, it was discovered that this would allow unauthorized access to the voicemail on some mobile phone networks, as calls that spoofed the number of the handset were put straight through to voicemail without the need for a PIN code to be entered.[3][4]

An analysis of PIN codes suggested that ten numbers represent 15% of all iPhone passcodes, with "1234" and "0000" being the most common, with years of birth and graduation also being common choices.[5] To prevent hacking, some mobile phone companies disallow the use of consecutive or repeat digits in PIN codes.[6]

Social engineering may be used to reset the PIN code to the factory default, by impersonating the owner of the phone during a call to a call centre.[7][8]

Other techniques for phone hacking include tricking a mobile phone user into downloading malware which monitors activity on the phone, or bluesnarfing, which is unauthorized access to a phone via Bluetooth.[8][9]

There are also flaws in the implementation of the GSM encryption algorithm which allow passive interception. The equipment needed is available to government agencies or can be built from freely available parts.[10]

In December 2011, German researcher Karsten Nohl revealed that it was possible to hack into mobile phone voice and text messages on many networks with free decryption software available on the Internet. He blamed the mobile phone companies for relying on outdated encryption techniques in the 2G system, and said that the problem could be fixed very easily.[11]

Legality

Phone hacking is a form of surveillance, and is illegal in many countries unless it is carried out as lawful interception by a government agency. In the News International phone hacking scandal, private investigator Glenn Mulcaire was found to have violated the Regulation of Investigatory Powers Act 2000. He was sentenced to six months in prison in January 2007.[12] Renewed controversy over the phone hacking claims led to the closure of the News of the World in July 2011.[13]

In December 2010, the Truth in Caller ID Act was signed into United States law, making it illegal "to cause any caller identification service to knowingly transmit misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value."[14]

See also

References

  1. ^ Davies, Nick; Hill, Amelia (4 July 2011). "Missing Milly Dowler's voicemail was hacked by News of the World". The Guardian. Retrieved 13 July 2011.
  2. ^ Who, What, Why: Can phone hackers still access messages?, BBC News, 6 July 2011
  3. ^ Cell phone voicemail easily hacked, MSNBC, 28 February 2005
  4. ^ Kevin Mitnick shows how easy it is to hack a phone, interview with Kevin Mitnick, CNET, 7 July 2011
  5. ^ Rooney, Ben (15 June 2011). "Once Again, 1234 Is Not A Good Password". The Wall Street Journal. Retrieved 8 July 2011.
  6. ^ Grubb, Ben (8 July 2011). "Vulnerable voicemail: telco-issued PINs insecure". The Sydney Morning Herald. Retrieved 9 July 2011.
  7. ^ Voicemail hacking: How easy is it?, New Scientist, 6 July 2011
  8. ^ a b Milian, Mark (8 July 2011). "Phone hacking can extend beyond voice mail". CNN. Retrieved 9 July 2011.
  9. ^ How easy is it to hack a mobile?, BBC News, 7 September 2010
  10. ^ McMillan, Robert. "Hackers Show It's Easy to Snoop on a GSM Call". IDG News Service.
  11. ^ O'Brien, Kevin J. (25 December 2011). "Lax Security Exposes Voice Mail to Hacking, Study Says". The New York Times. Retrieved 28 December 2011.
  12. ^ "Pair jailed over royal phone taps ", BBC News, 26 January 2007
  13. ^ News of the World to close amid hacking scandal, BBC News, 7 July 2011
  14. ^ Truth in Caller ID Act of 2010, December 22, 2010, accessed 7 July 2011
Retrieved from "https://en.wikipedia.org/w/index.php?title=Phone_hacking&oldid=468218277"