About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Learning Curve » Red Hat Diaries


Weakest link?

Get It

Try It

Quoting 'alansky' at Macslash.

AT&T isn't fit to lick Apple's boots, much less play in the same sandbox. But what to do? Apple needed a mobile network for the iPhone and Verizon is no better than AT&T. However, if AT&T thinks they can get away with treating Apple customers the way they treat their regular customers, they may be heading for a rude awakening. By virtue of their association with Apple, AT&T is now on center stage and looking pretty stupid tripping all over itself when the music has already started playing.

What's the big deal? Quoting Nitesh Dhanjani at O'Reilly.

I just got myself an iPhone and I'm extremely pleased with it. I think it's the best cell phone on the market - a sheer pleasure to use.

So far so good. But there's more.

The purpose of this post is to alert new iPhone customers about a security vulnerability in AT&T's voicemail system that has not been fixed for more than a year. As soon as I got my new AT&T number, I tested for this vulnerability and I can confirm that it still exists for new AT&T accounts (at least for iPhone customers). I can't force AT&T to fix this issue - but I can tell you about it so you know what to do to protect yourself from this vulnerability.

Dhanjani explains.

  1. Buy a calling card from Spoofcard. This service lets you spoof your caller ID.
  2. Use another phone and call your cell phone using Spoofcard. When the Spoofcard asks you what number you want to spoof, enter your number again.
  3. Do not pickup your cell phone. When the call goes into voicemail, if you are able to listen to your messages without being prompted for a password, then you are vulnerable.

Dhanjani winds up.

I sincerely hope AT&T get around to fixing this huge security hole in their voicemail system.

The progenitors of Unix, working as AT&T employees at least at that time, must be rolling restlessly in their graves. Except none of them are in their graves - and odds are they just don't give a hoot anymore anyway. But if they did they'd skip dinner tonight.

And it's ironic when so much work has gone into making such a securable system that's Internet ready to boot, that helped build the very infrastructure the Internet works on, that things like this occur - from the very company that fostered the technology in the first place.

See Also
iPhone OS X System Architecture

Thanks to Devon at Pixel Groovy for the excellent artwork.

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.