Slashdot Mirror
Murdoch Paper Reporters Eavesdropped On Celebrities' Voicemail
Michael_Curator writes "Executives at Rupert Murdoch's News Corp.-owned papers (including current Tory spokesman Andy Coulson) allowed reporters to hack into phone conversations of celebrities and then paid hundreds of thousands of dollars to cover it up. How did famously technologically-challenged reporters manage the feat without BT catching on? Voicemail." The New York Times says a preliminary investigation's been ordered, but the BBC's coverage indicates that a large-scale inquiry is unlikely.
The media will do anything and everything to get a "story" from "celebrities." It is amazing though how much money they spend on such frivolous things, I guess it rakes in the revenue though.
One newspaper alleges that another did this. Why does the summary state, without qualification, that it occurred?
Police say no new evidence means no enquiry.
http://news.bbc.co.uk/1/hi/uk/8143120.stm
One to keep a critical eye on
Signature v3.0, now with 42% less memory usage.
It's not eavesdropping on full conversations - apparently they listened into some people's voicemail accounts by dialing the voicemail and then using default pin codes (eg. 0000 or 1234) to listen to the conversations.
There is not much you can do about it short of either changing your password or disabling voicemail or the carriers could inconvenience their customers by not allowing voicemail from other phone numbers (if that is at all possible)
Custom electronics and digital signage for your business: www.evcircuits.com
about as much as my flatulence is "rocket propulsion"
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
So, they "hacked" in using the default passwords? If someone interested in their privacy can't be bothered to figure out how to change their own password on their phone, why would they be upset when someone else listens?
I clicked on TFA to find out what BT is, but that sentence was just lifted from the link which also doesn't clarify.
That's some nice summerizin'.
Getting diabetes AND salmonella would be a bad weekend.
Fox News, WSJ, other Murdoch properties are sailing along in number 1 slots and relatively profitably. NYT and other media outlets have been looking for a way to dent their rivals for years. One wonders how much of this sort of reporting they do themselves, and how motivated by the public interest this is, or their own.
This is my sig.
When BT eavesdrop on 10,000 of their customers private communications (by way of PHORM) nothing is done, but when 3000 celebs voicemail are involved they scream bloody murder.
either intercepting peoples communication (of any kind) is illegal or its not, and if it is illegal why are there no prosecutions and conspiracy charges brought upon all DPI operators ?
my ADSL internet goes down the same phonelines as voice but somehow its "different"
after all they keep telling us if you have nothing to hide....
This was originally a Guardian Story. It relates to mobile phones, not BT landline.
http://www.guardian.co.uk/media/2009/jul/09/newsoftheworld-newsinternational
According to the media, you are a hacker if you are even aware that default passwords can be used to bypass a security system. You are a hacker if you are capable of doing anything with a computer without a big corporation babying you along.
The media has no clue about hackers. The New York Times is the same paper that has articles about "cool new software" to do things like digital post-it notes -- in the year 2009. Do you really expect them to differentiate between hacking and simply using a default password?
Palm trees and 8
They weren't doing that. RTFA, they'd call the number and then dial the default PIN to try to access the voicemail. If the PIN hadn't been changed from the default, they'd be able to listen to all the messages.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
There is a way of playing back voicemail messages that bypasses all security checks that I found out accidentally using a friends asterisk box. You need a proper telco trunk to it which I don't think is too hard to get (he works for a local phone company). If I remember correctly, it works by setting your trunk ID to the mobile phone or land line number you want to hack on the asterisk box. The phone system thinks it's the mobile itself calling when you dial the same mobile number through the trunk and automatically starts the message bank. was quite fun tho totally illegal since you are forging numbers through the public phone system. great party trick and good way to have some fun with your mates.
Those who can, do. Those who cannot, sue.
Might as well burn a couple books, as well. And while we're at it, we should round up teachers, doctors, artists, the intellectuals and re-educate them.
Hi, I Boris. Hear fix bear, yes?
There are 2 numbers provided with every phone call - the caller ID and the ANI. The caller ID can be changed, the ANI is part of the switching protocol & is inserted by the phone company at the switch & can't normally be changed (it can be blocked/caused to fault). Any company that's using the caller ID & not the ANI to access voicemail without a password should be sued into oblivion for criminal negligence.
I see you left your window open, so I used my sound recording device to make some recordings of your conversations and daily routine.
Illegal on my part, but completely your fault for allowing to happen. Your phone operator is free and clear.
Mit der Dummheit kämpfen Götter selbst vergebens
Mahmoud Ahmadinejad has a 5-digit account number?
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
I expected this typical regurgitation from those not used to thinking.
If you don't do something different you will continue to get the same results.
If you don't want the same results, do something different.
If you don't trump their power, they will continue as usual.
If you continue to spew mantra, you will eventually obscure the problem.
Then you are part of the problem.
If you like taking it up the ass from the media, by all means bend over and grease up.
Don't expect everyone to join you just because you have a pre programed general issue mantra.
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
Hi! This is Pol Pot. Have we met? Because you seem like some I could really dig (a grave for).
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
should be taken out back and shot.
If I were the said "scumbag", I sure as hell wouldn't like you anywhere near my "legal procedure".
Mit der Dummheit kämpfen Götter selbst vergebens
This has been known for a very long time but SIP providers set the ANI to the CID value. Also, every voicemail provider that I've ever seen that does use the caller ID value to authenticate the caller into the voicemail box does not use the ANI value.
Right, so your alternative is to assault the local news guy reporting on the new kitchen being opened up on the corner of broadway and 2nd?
I believe this is a intellectual forum. A forum for intellectuals. Maybe this isn't the best place for you to hang out.
Hi, I Boris. Hear fix bear, yes?
To see who has a problem with this, but is A-OK with connecting to any random unprotected WAP they can find.
The UK mobile network voicemail systems are very very insecure.
Fake your caller ID (very easily done if you have half a clue) and dial into the message centre for whichever network the mobile number's on.
That's it. Simple. We've been doing this since 2004 to enable our customers to retrieve voicemail from their desktops.
It doesn't matter whether there's a PIN on the voicemail or not - none of the networks prompt for PINs if the caller ID is one of theirs.
And, to answer the question, "How did famously technologically-challenged reporters manage the feat without BT catching on?"
1 - It wasn't the reporters who did it, it wasy the PIs they hired
2 - What have BT got to do with it?
Nick.
Not only that, they will get away with it too.
A police inquiry has already been ruled out. The Crown Prosecution Service "review", will amount to just that. Any parliamentary inquiry will likely be muted, and satisfied with only the resignation of the Tory's PR man Andy Coulson (Former News of the World Editor) as a tit for tat retribution for the resignation of Labor's PR man Damian McBride. Those bugged will be paid off(some already have been) with settlements that will hardly dint Rupert Murdoch's News International's $21 billion chest. The press complaints commission is the industry's "self regulation" body, paid for by the newspapers themselves.
They will get away with this.
This skullduggery that News International paid private investigators to carry out; hacking, wire fraud, misrepresentation, etc, has been going on for at least a decade. One of the victims mentioned, Charlotte Coleman's, died in 2001 when they paid for someone to obtain a list of friends and family from her parents phone. Victims include TV celebrities, Royal family members, CEOs and members of parliament. These people paid someone to put a camera in a room where Max Mosley(67) was having sex. They printed some of it next to the regular outrages they print every single day. There is absolutely no limit to what these people will do.
They will get away with this.
The culture that brought this about is worst at the News of the World newsroom, but it is by no means confined to that place. It's pervasive throughout Murdoch's publications, and probably beyond. News International papers, the Mirror, the Daily Mail, the Observer, the list goes on. Steve Whittamore's(the private investigator) papers show over 13,000 from over 300 journalists. And this is all from only one such man. Who knows how many other investigators exist, an industrialized cottage industry for illegal snooping.
They will get away with this. The culture runs too deep, and is too established. Too many newspapers are in on it. Too many people have too much dirt and are all too ready to print it if anyone tries to reign in a media that has grown so grossly over-mighty. Nothing is sacred, no one is safe, and no one can defend themselves from the hounds that the moguls can set upon them. What chance does anyone have if CEOs and MPs phones are being tapped?
Ladies and Gentlemen, I give you, Your Fourth Estate.
May the Maths Be with you!
When I was in highschool and cellphones were just getting big, we used to call our friends phones and hit the button to go straight to voicemail. Then we'd try the default pin to log in. If they didn't change it, we would change the greeting message to something funny(usually disgusting) and change the password on them. It was hilarious.
"I don't have to think. I only have to do it. The results are always perfect, but that's old news." - Meat Puppets
Outside /., I mostly read the Chicago Tribune. Sure, they aren't perfect, but they do a good share of reporting on crooked politians (being in good supply around here). If I had to pick between politicians and the media, I'd trust the media. They are far less harmful, and they can even occasionally be helpful.
My webcomic
No, they share no blame at all. They are victims, lets not blame them.
Lets not buy into the shared fault crap that was started by the insurance companies so they wouldn't ahve to pay out on car insurance claims.
Be default we should be able yo leave our doors unlocks, the keys in our car, our windows open, and not ahve to worry about being a victim of a crime.
The Kruger Dunning explains most post on
I know that Sprint does this, but from what I had read it seemed to be an aberration not the norm. If it's the norm, then the carriers they buy numbers from need to start enforcing their rules.
Hmm, time to warm up the Asterisk server for more than incoming business calls. Might cycle through some outgoing providers & chart who does & who doesn't let you do that.
I fail to understand your point?
If I find a random, unprotected WAP and decide to make use of it, I'm simply getting on the Internet without paying to do so. I have no knowledge of WHY the person providing the connection is doing so - but could reasonably assume they INTENDED to make it freely accessible. (After all, many people do this for the sake of providing their community with a public service. You can find web sites dedicated to it, with tips on the best antennas to place outdoors so people get the best connections, etc. etc.)
If I dial up some celebrity's personal cellphone, go into their voicemail, and enter a default PIN, I'm attempting to listen to their messages ... a totally different thing. I'm not viewing someone's personal email, simply because I'm using an unprotected WAP they provided.
I fail to understand your point?
In both cases, you are accessing someone else's "property" without explicit invitation or permission, simply because you can.
For example, the character Elliot Carver in Tomorrow Never Dies .
I can't be the only one who read this headline and thought, "What, Howling Mad Murdoch runs a newspaper? I thought he was too busy being crazy and flying the A-Team around?"
Bow-ties are cool.
Why is this story tagged "republicans"?
The events in question (assuming they happened) were not in the US, did not involve members of any US political party, etc. The link here is thin; accusations of wrongdoing by a company whose parent company is run by a guy who has another company in another country that has a news show that some democrats think is too cozy with the republicans. I know that some people hate Fox news and think it (and by association, its boss Mr. Murdoch) are in the tank for the Republicans, but by that reasoning any negative news story involving any business units associated with any other US media corp could be tagged "democrats". Murdoch goes where the market takes him (Fox news fills a niche everybody else was ignoring), which is why he was getting so chummy with Hillary Clinton early in last year's presidential cycle.
I interpret their SSID broadcast and lack of encryption to be an invitation. If they had the SSID broadcast turned off, or if they had encryption turned on (and didn't deliberately make the key available to me, e.g. by putting it in the SSID, or posting it on the wall) then I would assume I wasn't invited. Gaining access by monitoring encrypted traffic and doing a brute-force crack on the encryption key would be impolite.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Do you think they will get away with this?!?!
"This is the value of a summer spent and a winter earned"
You actually were making a rather Insightful post until the whole crippling people thing.
I see the mods agreed, and though you have a 5 digit UID, you must be new here, because any exaggeration, especially making any kind of allusion to violence of any kind will immediately get you modded flaimbait.
Shoulda found a way to make it into a car analogy man, then your point would have gotten across a lot better!
"This is the value of a summer spent and a winter earned"
Not only that but (more importantly) GP forgets that these guys were trying to access private data (voicemail). Connecting to an unsecured WLAN generally doesn't involve accessing private data.
The two are similar perhaps, but in slightly different leagues.
If all you have is a grenade, pretty soon every problem looks like a foxhole -- MightyYar
I must have a gigabyte of voicemail backed up (as in blocked sewer) on the mobile phone system that I'm never going to listen and can't delete without listening to first.
Seriously, how hard is it? The cellular providers here actually *DO* this. If I dial somebody who hasn't setup their voicemail, I get a "you have reached an unconfigured voicemail box for 555-555-5555, please let the owner know to configure their mailbox"
For my own inbox, just a couple minutes for the default setup (password, and the provider's default greeting) and all is done.
Not only that but (more importantly) GP forgets that these guys were trying to access private data (voicemail).
What makes it private that doesn't apply equally to an unprotected WAP ?
Connecting to an unsecured WLAN generally doesn't involve accessing private data.
That depends a great deal on what you want to call "private". It certainly involves using someone else's property without permission or invitation.
I interpret their SSID broadcast and lack of encryption to be an invitation.
Ah. So would you also "interpret" a predictable voicemail number and default PIN as an "invitation" ?
Gaining access by monitoring encrypted traffic and doing a brute-force crack on the encryption key would be impolite.
Using anything that belongs to other people without asking is "impolite".
I believe this is a intellectual forum. A forum for intellectuals.
Your arrival at this place of intellectual discourse must be relatively recent.
Finally had enough. Come see us over at https://soylentnews.org/
I had written a fairly long post on how you were wrong, but the more I wrote, the more I realised that everything I believe is at fault.
I lock my car because I expect it to be stolen if left unlocked, and I expect the insurance company to not pay out for the theft because I left it unlocked. Why is this? I should expect the insurance company to pay out for my loss in any eventuality for which I am insured! That's the purpose of insurance!
Finally had enough. Come see us over at https://soylentnews.org/
New Labour - who introduced a series of changes allowing the police to pursue petty crimes with maximum prejudice - have been oddly reluctant to act against private investigators who commit actual real crimes. Possibly because they tend to be ex-police officers?
Not only that but (more importantly) GP forgets that these guys were trying to access private data (voicemail).
What makes it private that doesn't apply equally to an unprotected WAP ?
Firstly, there is a difference in the level of 'private' - an SSID is broadcast on a public frequency. Some configurations will even connect to and use such a network without user intervention. You have to go looking for someone's voicemail inbox.
Secondly, as I say (perhaps unclearly) it is about the data. For example: Alice connects to Bob's unsecured network, and uses that link to send and receive email. At no point in this circumstance does see see any of Bob's data. She could, as I'm sure you are aware, but that is another discussion! In this voicemail case, they are connecting to a person's voicemail inbox, and then accessing that person's data (the voicemails themselves).
I hope that is enough to illustrate that is the difference. It was implied in my short reply, but probably wasn't clear.
Connecting to an unsecured WLAN generally doesn't involve accessing private data.
That depends a great deal on what you want to call "private". It certainly involves using someone else's property without permission or invitation.
I don't want to argue this point particularly. As GGP (Phroggy) says, the broadcast of an SSID in conjunction with a lack of encryption could be interpreted as an invitation. Like I said, in that case some setups will use such a network automatically.
If all you have is a grenade, pretty soon every problem looks like a foxhole -- MightyYar
Murdock. Rupert Murdock? Wasn't Skype taken over by Rupert Murdoch? Skipe having backdoors that allow undetected eavesdropping? I always wondered what he wanted with Skipe. Now I see the whatever billions he paid for Skipe turning out to be just an old man with a toy.
Ah. So would you also "interpret" a predictable voicemail number and default PIN as an "invitation" ?
I have no way to know it's a default PIN unless I attempt to gain access. Requiring a PIN (and not telling me what it is) is an indication that I am not welcome, whether I could guess the PIN or not.
If the voicemail greeting included the PIN in the message, that would be comparable to including a WPA key in an SSID: "Hi, thanks for calling. I'm not home right now, but the PIN for this voicemail box is '1379'. Feel free to poke around!"
Using anything that belongs to other people without asking is "impolite".
Not if they've already indicated that it's OK. Bothering them by asking would then be impolite.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Comment removed based on user account deletion