Interesting People mailing list archives
Flawed Security Lets Sprint Accounts Get Easily Hijacked
From: David Farber <dave () farber net>
Date: Tue, 8 Apr 2008 21:39:08 -0400
Begin forwarded message: From: Rich Kulawiec <rsk () gsp org> Date: April 8, 2008 6:54:54 PM EDTTo: Richard Forno <rforno () infowarrior org>, Dave Farber <dave () farber net>, Fergie <fergdawg () netzero net>
Subject: Flawed Security Lets Sprint Accounts Get Easily Hijacked Courtesy of the Consumerist: Flawed Security Lets Sprint Accounts Get Easily Hijacked http://consumerist.com/376845/flawed-security-lets-sprint-accounts-get-easily-hijacked Excerpt: "We found you can hijack a Sprint user's account as long as you know their cellphone number, just a smidge about them, and have half a brain. Once inside, you have total access to their account. You could change their billing address, order a whole bunch of cellphones sent to a drop location, and leave the victim paying the bill. There's also the stalker's wet dream: add GPS tracking to their cellphone and secretly watch their every movement from any computer. Reader Jim told Sprint about this 2 months ago but they ignored him, so I tested it out and am publishing the results in the hope of getting Sprint to fix this exploit. I'll show you we cracked into a Sprint account and just how much damage I could have done, inside..." ---Rsk ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Flawed Security Lets Sprint Accounts Get Easily Hijacked David Farber (Apr 08)