Slashdot Mirror
Murdoch Paper Reporters Eavesdropped On Celebrities' Voicemail
Michael_Curator writes "Executives at Rupert Murdoch's News Corp.-owned papers (including current Tory spokesman Andy Coulson) allowed reporters to hack into phone conversations of celebrities and then paid hundreds of thousands of dollars to cover it up. How did famously technologically-challenged reporters manage the feat without BT catching on? Voicemail." The New York Times says a preliminary investigation's been ordered, but the BBC's coverage indicates that a large-scale inquiry is unlikely.
The media will do anything and everything to get a "story" from "celebrities." It is amazing though how much money they spend on such frivolous things, I guess it rakes in the revenue though.
One newspaper alleges that another did this. Why does the summary state, without qualification, that it occurred?
Police say no new evidence means no enquiry.
http://news.bbc.co.uk/1/hi/uk/8143120.stm
One to keep a critical eye on
Signature v3.0, now with 42% less memory usage.
It's not eavesdropping on full conversations - apparently they listened into some people's voicemail accounts by dialing the voicemail and then using default pin codes (eg. 0000 or 1234) to listen to the conversations.
There is not much you can do about it short of either changing your password or disabling voicemail or the carriers could inconvenience their customers by not allowing voicemail from other phone numbers (if that is at all possible)
Custom electronics and digital signage for your business: www.evcircuits.com
about as much as my flatulence is "rocket propulsion"
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
So, they "hacked" in using the default passwords? If someone interested in their privacy can't be bothered to figure out how to change their own password on their phone, why would they be upset when someone else listens?
Someday people will catch on that the popular press is nothing more than charlatans out to make a buck at everyones expense.
You can't read anything and believe it. The necessity of news is replaced with eye catching lies to sell ads. The necessity of privacy is pushed aside by judges paid off by their large coffers. As long as they can push it by the editor they will write anything whether it is more destructive than its value or not.
Next time you see a news clown, throw a rock! Mug them! Take their cameras and cripple them permanently. Make it a job no one wants. This includes television and radio. No news is better than the problems associated with the bullshit the general public has to put up with. You can flush this industry down the toilet along with the music industry , movie industry, television and radio. These are some of the true enemies of mankind. Just let it die.
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
I clicked on TFA to find out what BT is, but that sentence was just lifted from the link which also doesn't clarify.
That's some nice summerizin'.
Getting diabetes AND salmonella would be a bad weekend.
Not sure if I would classify changing your caller ID to the number of the victims phone number and then calling the victims voicemail (most are configured without password) to listen to voicemail messages, "hacking". This is a common feature of all outbound SIP providers.
Fox News, WSJ, other Murdoch properties are sailing along in number 1 slots and relatively profitably. NYT and other media outlets have been looking for a way to dent their rivals for years. One wonders how much of this sort of reporting they do themselves, and how motivated by the public interest this is, or their own.
This is my sig.
I'm sure dozens of celebrities are now changing their pin TO the default, so media outlets can "accidentally" find out juicy details about them.
When BT eavesdrop on 10,000 of their customers private communications (by way of PHORM) nothing is done, but when 3000 celebs voicemail are involved they scream bloody murder.
either intercepting peoples communication (of any kind) is illegal or its not, and if it is illegal why are there no prosecutions and conspiracy charges brought upon all DPI operators ?
my ADSL internet goes down the same phonelines as voice but somehow its "different"
after all they keep telling us if you have nothing to hide....
This was originally a Guardian Story. It relates to mobile phones, not BT landline.
http://www.guardian.co.uk/media/2009/jul/09/newsoftheworld-newsinternational
According to the media, you are a hacker if you are even aware that default passwords can be used to bypass a security system. You are a hacker if you are capable of doing anything with a computer without a big corporation babying you along.
The media has no clue about hackers. The New York Times is the same paper that has articles about "cool new software" to do things like digital post-it notes -- in the year 2009. Do you really expect them to differentiate between hacking and simply using a default password?
Palm trees and 8
I'm a level 6 dwarf, you insensitive clod! If you listened to my voicemail you'd already know this!
There is a way of playing back voicemail messages that bypasses all security checks that I found out accidentally using a friends asterisk box. You need a proper telco trunk to it which I don't think is too hard to get (he works for a local phone company). If I remember correctly, it works by setting your trunk ID to the mobile phone or land line number you want to hack on the asterisk box. The phone system thinks it's the mobile itself calling when you dial the same mobile number through the trunk and automatically starts the message bank. was quite fun tho totally illegal since you are forging numbers through the public phone system. great party trick and good way to have some fun with your mates.
Those who can, do. Those who cannot, sue.
I see you left your window open, so I used my sound recording device to make some recordings of your conversations and daily routine.
Illegal on my part, but completely your fault for allowing to happen. Your phone operator is free and clear.
Mit der Dummheit kämpfen Götter selbst vergebens
should be taken out back and shot.
If I were the said "scumbag", I sure as hell wouldn't like you anywhere near my "legal procedure".
Mit der Dummheit kämpfen Götter selbst vergebens
Not changing your voicemail PIN is pretty much equivalent to having one of those bathroom locks that can be opened with a penny on your front door. If somebody breaks in it's still illegal, but you share some blame because you're stupid.
Porquoi?
To see who has a problem with this, but is A-OK with connecting to any random unprotected WAP they can find.
The UK mobile network voicemail systems are very very insecure.
Fake your caller ID (very easily done if you have half a clue) and dial into the message centre for whichever network the mobile number's on.
That's it. Simple. We've been doing this since 2004 to enable our customers to retrieve voicemail from their desktops.
It doesn't matter whether there's a PIN on the voicemail or not - none of the networks prompt for PINs if the caller ID is one of theirs.
And, to answer the question, "How did famously technologically-challenged reporters manage the feat without BT catching on?"
1 - It wasn't the reporters who did it, it wasy the PIs they hired
2 - What have BT got to do with it?
Nick.
Not only that, they will get away with it too.
A police inquiry has already been ruled out. The Crown Prosecution Service "review", will amount to just that. Any parliamentary inquiry will likely be muted, and satisfied with only the resignation of the Tory's PR man Andy Coulson (Former News of the World Editor) as a tit for tat retribution for the resignation of Labor's PR man Damian McBride. Those bugged will be paid off(some already have been) with settlements that will hardly dint Rupert Murdoch's News International's $21 billion chest. The press complaints commission is the industry's "self regulation" body, paid for by the newspapers themselves.
They will get away with this.
This skullduggery that News International paid private investigators to carry out; hacking, wire fraud, misrepresentation, etc, has been going on for at least a decade. One of the victims mentioned, Charlotte Coleman's, died in 2001 when they paid for someone to obtain a list of friends and family from her parents phone. Victims include TV celebrities, Royal family members, CEOs and members of parliament. These people paid someone to put a camera in a room where Max Mosley(67) was having sex. They printed some of it next to the regular outrages they print every single day. There is absolutely no limit to what these people will do.
They will get away with this.
The culture that brought this about is worst at the News of the World newsroom, but it is by no means confined to that place. It's pervasive throughout Murdoch's publications, and probably beyond. News International papers, the Mirror, the Daily Mail, the Observer, the list goes on. Steve Whittamore's(the private investigator) papers show over 13,000 from over 300 journalists. And this is all from only one such man. Who knows how many other investigators exist, an industrialized cottage industry for illegal snooping.
They will get away with this. The culture runs too deep, and is too established. Too many newspapers are in on it. Too many people have too much dirt and are all too ready to print it if anyone tries to reign in a media that has grown so grossly over-mighty. Nothing is sacred, no one is safe, and no one can defend themselves from the hounds that the moguls can set upon them. What chance does anyone have if CEOs and MPs phones are being tapped?
Ladies and Gentlemen, I give you, Your Fourth Estate.
May the Maths Be with you!
When I was in highschool and cellphones were just getting big, we used to call our friends phones and hit the button to go straight to voicemail. Then we'd try the default pin to log in. If they didn't change it, we would change the greeting message to something funny(usually disgusting) and change the password on them. It was hilarious.
"I don't have to think. I only have to do it. The results are always perfect, but that's old news." - Meat Puppets
I fail to understand your point?
If I find a random, unprotected WAP and decide to make use of it, I'm simply getting on the Internet without paying to do so. I have no knowledge of WHY the person providing the connection is doing so - but could reasonably assume they INTENDED to make it freely accessible. (After all, many people do this for the sake of providing their community with a public service. You can find web sites dedicated to it, with tips on the best antennas to place outdoors so people get the best connections, etc. etc.)
If I dial up some celebrity's personal cellphone, go into their voicemail, and enter a default PIN, I'm attempting to listen to their messages ... a totally different thing. I'm not viewing someone's personal email, simply because I'm using an unprotected WAP they provided.
I fail to understand your point?
In both cases, you are accessing someone else's "property" without explicit invitation or permission, simply because you can.
For example, the character Elliot Carver in Tomorrow Never Dies .
I can't be the only one who read this headline and thought, "What, Howling Mad Murdoch runs a newspaper? I thought he was too busy being crazy and flying the A-Team around?"
Bow-ties are cool.
Why is this story tagged "republicans"?
The events in question (assuming they happened) were not in the US, did not involve members of any US political party, etc. The link here is thin; accusations of wrongdoing by a company whose parent company is run by a guy who has another company in another country that has a news show that some democrats think is too cozy with the republicans. I know that some people hate Fox news and think it (and by association, its boss Mr. Murdoch) are in the tank for the Republicans, but by that reasoning any negative news story involving any business units associated with any other US media corp could be tagged "democrats". Murdoch goes where the market takes him (Fox news fills a niche everybody else was ignoring), which is why he was getting so chummy with Hillary Clinton early in last year's presidential cycle.
I interpret their SSID broadcast and lack of encryption to be an invitation. If they had the SSID broadcast turned off, or if they had encryption turned on (and didn't deliberately make the key available to me, e.g. by putting it in the SSID, or posting it on the wall) then I would assume I wasn't invited. Gaining access by monitoring encrypted traffic and doing a brute-force crack on the encryption key would be impolite.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Do you think they will get away with this?!?!
"This is the value of a summer spent and a winter earned"
You actually were making a rather Insightful post until the whole crippling people thing.
I see the mods agreed, and though you have a 5 digit UID, you must be new here, because any exaggeration, especially making any kind of allusion to violence of any kind will immediately get you modded flaimbait.
Shoulda found a way to make it into a car analogy man, then your point would have gotten across a lot better!
"This is the value of a summer spent and a winter earned"
I used to "hack" the voice mail of some high level administators at one of the educational institutions I attended... because this person never changed the default voicemail pass (which was the same as the last 4 digits of their voice mail extension)
Good example of social engineering? Yes.
A hack? Not in my opinion. I like to think of a "hack" as being something more than clever exploitation of basic psychology.
Not only that but (more importantly) GP forgets that these guys were trying to access private data (voicemail). Connecting to an unsecured WLAN generally doesn't involve accessing private data.
The two are similar perhaps, but in slightly different leagues.
If all you have is a grenade, pretty soon every problem looks like a foxhole -- MightyYar
> In both cases, you are accessing someone else's "property" without explicit invitation or permission, simply because you can.
Really? Because I don't have to deceive a WAP. I ask it for access and it gives me access. There are many which people deliberately configure to provide their neighbors, or even random strangers, with access. There's no reasonable expectation that the voicemail should be "open" which is not at all the case for WAP.
With voicemail, you're pretending to be me by guessing my PIN. That's more analogous to cracking someone's WEP key, then logging their traffic. Anyhow, if you run a sniffer even on an open WAP, I'll say they're the same thing. But supposing that an open WAP is supposed to be closed isn't reasonable. The only person who knows is the owner, and they should be responsible for their own property, which is handing out invitations to anyone who asks for one. Contrasted with voicemail, which is blocking out anyone who doesn't have the right password.
I must have a gigabyte of voicemail backed up (as in blocked sewer) on the mobile phone system that I'm never going to listen and can't delete without listening to first.
Seriously, how hard is it? The cellular providers here actually *DO* this. If I dial somebody who hasn't setup their voicemail, I get a "you have reached an unconfigured voicemail box for 555-555-5555, please let the owner know to configure their mailbox"
For my own inbox, just a couple minutes for the default setup (password, and the provider's default greeting) and all is done.
Not only that but (more importantly) GP forgets that these guys were trying to access private data (voicemail).
What makes it private that doesn't apply equally to an unprotected WAP ?
Connecting to an unsecured WLAN generally doesn't involve accessing private data.
That depends a great deal on what you want to call "private". It certainly involves using someone else's property without permission or invitation.
I interpret their SSID broadcast and lack of encryption to be an invitation.
Ah. So would you also "interpret" a predictable voicemail number and default PIN as an "invitation" ?
Gaining access by monitoring encrypted traffic and doing a brute-force crack on the encryption key would be impolite.
Using anything that belongs to other people without asking is "impolite".
New Labour - who introduced a series of changes allowing the police to pursue petty crimes with maximum prejudice - have been oddly reluctant to act against private investigators who commit actual real crimes. Possibly because they tend to be ex-police officers?
Not only that but (more importantly) GP forgets that these guys were trying to access private data (voicemail).
What makes it private that doesn't apply equally to an unprotected WAP ?
Firstly, there is a difference in the level of 'private' - an SSID is broadcast on a public frequency. Some configurations will even connect to and use such a network without user intervention. You have to go looking for someone's voicemail inbox.
Secondly, as I say (perhaps unclearly) it is about the data. For example: Alice connects to Bob's unsecured network, and uses that link to send and receive email. At no point in this circumstance does see see any of Bob's data. She could, as I'm sure you are aware, but that is another discussion! In this voicemail case, they are connecting to a person's voicemail inbox, and then accessing that person's data (the voicemails themselves).
I hope that is enough to illustrate that is the difference. It was implied in my short reply, but probably wasn't clear.
Connecting to an unsecured WLAN generally doesn't involve accessing private data.
That depends a great deal on what you want to call "private". It certainly involves using someone else's property without permission or invitation.
I don't want to argue this point particularly. As GGP (Phroggy) says, the broadcast of an SSID in conjunction with a lack of encryption could be interpreted as an invitation. Like I said, in that case some setups will use such a network automatically.
If all you have is a grenade, pretty soon every problem looks like a foxhole -- MightyYar
Murdock. Rupert Murdock? Wasn't Skype taken over by Rupert Murdoch? Skipe having backdoors that allow undetected eavesdropping? I always wondered what he wanted with Skipe. Now I see the whatever billions he paid for Skipe turning out to be just an old man with a toy.
Ah. So would you also "interpret" a predictable voicemail number and default PIN as an "invitation" ?
I have no way to know it's a default PIN unless I attempt to gain access. Requiring a PIN (and not telling me what it is) is an indication that I am not welcome, whether I could guess the PIN or not.
If the voicemail greeting included the PIN in the message, that would be comparable to including a WPA key in an SSID: "Hi, thanks for calling. I'm not home right now, but the PIN for this voicemail box is '1379'. Feel free to poke around!"
Using anything that belongs to other people without asking is "impolite".
Not if they've already indicated that it's OK. Bothering them by asking would then be impolite.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
I have no way to know it's a default PIN unless I attempt to gain access.
You mean like you don't know it's an open WAP unless you attempt to use it ?
Requiring a PIN (and not telling me what it is) is an indication that I am not welcome, whether I could guess the PIN or not.
I would have thought not explicitly telling you it's OK to use someone else's property would have been sufficient indication that you may not be welcome to, but maybe I'm old fashioned in assuming that someone else's stuff is exclusively someone else's stuff unless they say otherwise.
Not if they've already indicated that it's OK.
But they haven't. Any more than a front door left open is an invitation to come in, drink some beer and watch TV.
As I said elsewhere, not explicitly keeping you out is in no way the same thing as implicitly inviting you in.
Comment removed based on user account deletion