Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cell Phone Records for Sale

Posted by Zonk on from the privacy-is-for-congressmen dept.

tabdelgawad writes "The Washington Post has a good writeup on how 'data brokers' use various techniques to obtain cell phone records of individuals then offer them for sale to anyone who will pay. The data is obtained by either bribing phone company employees, or 'pretexting', or accessing unregistered customer accounts online. Although phone companies are the only source of this information (unlike, say SSNs which are available from many sources), one Cingular spokesman was quoted as saying that this is 'an infinitesimally small problem'."

25 of 124 comments (clear)

  1. Cell phone records by Anonymous Coward · · Score: 5, Funny

    Those are like mini-vinyl discs that you can plug into your phone for ringer tunes, right? I bet DJs will love them!

  2. "Infinitesimally" by kihjin · · Score: 5, Insightful

    This is basically a candied way of saying "there's only a few ways they can do it, so don't worry about it."

    Wrong. Compromise is as easy as one... that's right, one point of failure.

    It's still a vulnerability.

    --
    This slashdot-related signature is a stub. You can help kihjin by expanding it.
    1. Re:"Infinitesimally" by blixel · · Score: 2, Insightful

      one Cingular spokesman was quoted as saying that this is 'an infinitesimally small problem'.

      Sounds to me more like they are saying the problems of individual persons are of infinitesimally small importance. If it happens to a lot of people, then - maybe - we'll care.

  3. net 10 by Lehk228 · · Score: 4, Interesting

    i signed up with net 10 and i never even gave them my name, just pick up the phone at walmart, go online or call from a payphone to actiuvate it. wait 30 minutes to 1 day (varies) and it's active. i can buy refill cards with cash and activate them by phone or internet, all without giving out so much as my name. though it's a bit more expensive than standard cell plans at .10/min and .03/outgoin SMS they give me free incoming sms (Verizon are whores, they give everyone free outgoing sms and charge for incoming sms so you cann't control your spending)

    Net 10 runs on the tracphone/cingular GSM network and has a nice quick voicemail system (verison i swear took me over 30 seconds to even start hearing voicemail)

    no affiliation just a happy customer
    verizon sucks

    --
    Snowden and Manning are heroes.
    1. Re:net 10 by Fulcrum+of+Evil · · Score: 3, Insightful

      Disposable mobile phones that aren't attached to anyone's personal information sound like they'd be superb for terrorists. I hate acting like the alarmist, hypersensitive newsmedia, but it's true. A communications device which cannot be traced back to a person and can also be used as a very handy little detonator...

      So what? Who gives a damn what is useful to terrorists? I don't - spazzing out over what terrorists could do is the most batshit crazy thing you could do. While you're banning things left and right, making a mockery of the USA, all those bad guys are running around totally unfettered. I'd rather have one city a month bombed, just like london, than deal with the TSA and the homeland security bullshit.

      --
      "We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
    2. Re:net 10 by jcr · · Score: 2, Interesting

      Disposable mobile phones that aren't attached to anyone's personal information sound like they'd be superb for terrorists.

      Yeah, so are air, public roads, and sunshine. What's your point?

      -jcr

      --
      The only title of honor that a tyrant can grant is "Enemy of the State."
  4. define:pretexting by carambola5 · · Score: 4, Informative

    Calling the cell company and pretending to be the owner of the account. Since SSNs are apparently easy to acquire, access via pretexting should not be all that difficult. Of course, it is illegal.

    --
    IWARS.
    People, in general, disappoint me. Politicians even more so.
  5. It is a tiny problem for them by Nf1nk · · Score: 4, Insightful

    It is a tiny problem for them, because it hasn't started to cost them money. They could give half a crap if my info was sold to anyone, it doesn't effect them at all.
    There is quite a bit that could be done with this data, from it you can build social webs, For example Bob bought a brand new *foo* Brad is his friend, so perhap we can intrest Brad in a loan to also purchase a *foo*.
    I am sure there are dozens of other things that could be found from this info.
    I say make the company who releases my personal information pay me a hefty chunk of change, and it will stop being a tiny problem for them.

    --
    I used to have a cool sig, back when I cared
    1. Re:It is a tiny problem for them by k4_pacific · · Score: 4, Funny

      Where can I buy this "foo" you speak of? Suddenly I want one now tha Bob and Brad have one.

      --
      Unknown host pong.
  6. "This is an infintesimally small problem" by Space+cowboy · · Score: 2, Interesting


    Yes, for them, it is. Let's make it not so.

    It's about time that companies were brought to book for being criminally stupid (not used in the legal sense, although I'd guess it's a grey area...)

    Simon.

    --
    Physicists get Hadrons!
  7. I've been wondering about this for some time by suitepotato · · Score: 5, Interesting

    In certain circles, it is far from unknown that with a little grease to the palm and massage of the ego that you can get the weakest link in IT security, the human personnel, to compromise security and integrity of databases. It's been done for many years. Should it really surprise us that it happens with cell companies full of people who figure themselves underpaid for the work they do and having no real loyalties?

    People who purposely reveal any customer personal account information should be punished for it, and given what incentives they need to testify against those who put them to it, and those who did made examples of. We know it's been done for years in IT, we certainly don't need it to spread in the cell world. A solid shout of intolerance for this from the public is needed.

    Typically, this means that some politicians will make much, do little on topic, and load it with pork and rights abuses. So I'm not holding my breath.

    At the telecom place I work, even without strict rules in place, I have always practiced a challenge based system to get information that the real customer should know about their company account off the top of their head. Until we have two-part authentication, it's the best I can do. Too bad so many others see no problem in farking over other people.

    --
    If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
  8. Throw the criminal in jail, or fine the company? by John+Seminal · · Score: 3, Insightful
    What is the proper laws that should be passed?

    Is the cell phone company guilty for releasing your call history? What was on your cell phone history for last month? Did you call your psychiatrist to reschedule? Did you call an aborition clinic? Did you call your mistress? And do you want anyone knowing this information.

    What I can't figure out is, how does a firm keep updating the call history?

    Or should the laws punish the people who steal the data? For example, if a private investigator obtains your phone history, should that PI go to jail?

    The new world of no privacy anywhere is getting ridiculous. Between having all your private information made public, having cell phones with cameras, websites with upskirt photos, and maps that image your house from space, there is nothing personal anymore. What is next, video cameras in toilet stalls to make sure thieft is not happening?

    --

    Rosco: "If brains were gunpowder, Enos couldn't blow his nose."

  9. Here's a curious thing you can do with this by exp(pi*sqrt(163)) · · Score: 4, Interesting

    You can do the equivalent of google page ranking for people. People who make many calls or are frequently called are well connected nodes in the graph of all phonecalls. These are likely to be influential people. So if you're trying to market something, say, then these are the people to call.

    --
    Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.
    1. Re:Here's a curious thing you can do with this by gad_zuki! · · Score: 4, Funny

      > These are likely to be influential people.

      My god, its full of teenage girls.

  10. Wake Up Call by Doc+Ruby · · Score: 2, Interesting

    VoIP allows anonymizer services that delete the records of the middleware proxy upon call completion, before they can be read by anyone. Callers still have to trust that the anonymizer will delete the records. But callers can also put another proxy at their endpoint, connecting to yet another endpoint somewhere else. And end-to-end public-key encryption is also available.

    Will this "infinitesimal problem" explode into distrust of telcos, destroying their brands' tremendous value in "privacy"? That would really drive a lot of people into VoIP.

    --

    --
    make install -not war

  11. Typical corporate attitude by dal20402 · · Score: 2, Insightful

    This is a security hole, as TFA sort of mentions in passing, that makes it easy for domestic-violence perpetrators and stalkers to victimize people...

    ... and what do we get from those responsible? "Infinitesimal problem."

    Think maybe it's time to stop trusting these companies to regulate themselves?

    1. Re:Typical corporate attitude by fermion · · Score: 2, Interesting

      We don't trust companies to regulate themselves. That is why conservatives want to kill all the lawyers. They are the only ones that will protect us from the usurpers of power, Dick and Cade. The lawyers and compentent judges have done too well a job ensuring the rights of the American People.

      --
      "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
  12. Social Engineering by Jeet81 · · Score: 2, Insightful

    Social Engineering will always be a security issue no matter how secure we get with hardware and software. Someone will always have access to all the records and keeping his mouth shut is not something computer geeks can do.

    --
    What does your Credit Report look like?
  13. Be afraid, be VERY afraid by Dorsai42 · · Score: 4, Informative

    Check out these guys
    http://www.datatraceusa.com/products.asp/

    You can get pretty much anything related to cell phones. Expensive, but available.

    AND, they're not hiding at all. They must think it's legal.

    --
    If you forget about the future, the future will forget about you.
    1. Re:Be afraid, be VERY afraid by amembleton · · Score: 4, Informative
      Check out these guys
      http://www.datatraceusa.com/products.asp/

      You can get pretty much anything related to cell phones. Expensive, but available.

      AND, they're not hiding at all. They must think it's legal.

      A working link.

    2. Re:Be afraid, be VERY afraid by DrunkenTerror · · Score: 2, Funny

      I'd watch what I said about these really nice people, if I were you. :)

  14. Do Not Call registry for cell phones by AnalogDiehard · · Score: 2, Insightful

    By coincidence, today's paper had an article on the Do Not Call Registry, in which your cell phone stays on record for five years.

    --
    Eternity: will that be smoking, or non-smoking? I Corinthians 6:9-10
  15. Just change their billing address... by oneiros27 · · Score: 3, Informative

    In 1999, I had an account with Sprint PCS.

    My company went and merged with another one, and the new company contacted Sprint, and had my personal cell phone bill redirected to them -- without my giving them permission to do so.

    Needless to say, I was pissed. (It was one of many reasons that I got pissed off at the new management, and quit shortly after). And when I called up Sprint PCS to bitch, they wanted me to give them my pin, and a whole bunch of other identifying info, which to the best of my knowledge, my company didn't have... I bitched them out, and told them they changed it once without it, and they were damned well going to change it back without me giving it this time.

    (I'm not sure if their willingness to change it back just from my bitching them out, without proving who I was is a good thing, or a bad thing ... them changing it the first time was definately a bad thing, though).

    --
    Build it, and they will come^Hplain.
  16. Please, not Jeff Rense... by Old+Man+Kensey · · Score: 2, Insightful

    There's no conspiracy theory so wacky Rense won't give it a favorable writeup.

    --
    -- Old Man Kensey
  17. infinitesimally by Assmasher · · Score: 2, Funny

    I do not think that word means what you think it means...

    --
    Loading...