Belfast Telegraph

Home Opinion Letters

Too easy to hack into phones

Leaving to one side the question of the identity and character of the people who colluded in accessing the voicemails of various public figures, two more questions seem far more important.

Why was this technically possible? And knowing that it is technically possible, why do potential victims persist in not taking elementary precautions?

Most mobile phone service providers permit a subscriber to access their voice messages using their telephone number as authentication. If the subscriber is calling from the associated mobile phone then no PIN is required to listen to any messages. This is a severe security weakness, as it is possible for a criminal to spoof the caller ID and so appear to the voicemail system to be calling from the subscriber's mobile phone.

That weakness is well known. In partial mitigation of it, the service providers offer subscribers an option to set a PIN code to be required whenever their voice messages are accessed. Anyone who cares about the privacy of their messages should set this feature using a non-obvious PIN code.

It astounds me that, as reported in The Independent on 4 September, Tessa Jowell should fall victim to this attack 28 times and apparently not realise it. However, it appears that first the police and then her service provider finally advised her to increase her security. Thank goodness our Cabinet ministers are so well advised.

Mike Cherry, Aylesbury, Buckinghamshire

Belfast Telegraph


From Belfast Telegraph