Pages

2005/02/22

Paris Hilton Gets Been p\/\/n3d

Poor Paris Hilton. First her father named her after one of his hotels. Then everyone she ever fucks videotapes it and sells it online. And now her cell phone's been hacked.

Kevin Rose has exclusive details from an anonymous source. (Yeah, right. We know he's the one who figured it all out).

    The voicemail authentication system is simple. It uses caller ID to validate the originating number – if the caller ID matches your cell phone number (ie. your cell phone calling in to check your voicemail messages), it will log you in automatically.

    This system has worked great for the last few years. Well, that is until the advent of commercial caller ID spoofing systems such as CovertCall and Telespoof. For those not in-the-know, caller ID spoofing allows you to change your caller ID number to anything you like. To hack myself, I simply logged into CovertCall and placed a spoofed call to my cell phone. The spoofed call was to my cell phone, from my cell phone, forwarded to a pay phone. Sprint (my provider) thought I was calling from my cell, and automatically logged me in (even though I was performing this from a pay phone down the street).


So after we get done sniggering at Hilton and her candid snaps, we're still left with a serious issue.



What sort of idiot would design a system that relies on caller ID for authentication? At the very least, the auto-login should transparently send the access code.

Okay, now back to laughing at Paris and her pals. Here're some MP3s from a guy having fun with her address book. His call to Eminem is pretty funny.