Murdoch Paper Reporters Eavesdropped On Celebrities' Voicemail

Michael_Curator writes "Executives at Rupert Murdoch's News Corp.-owned papers (including current Tory spokesman Andy Coulson) allowed reporters to hack into phone conversations of celebrities and then paid hundreds of thousands of dollars to cover it up. How did famously technologically-challenged reporters manage the feat without BT catching on? Voicemail." The New York Times says a preliminary investigation's been ordered, but the BBC's coverage indicates that a large-scale inquiry is unlikely.

Re:Surprised?

[Hijacked Public]

Guess what the intended market for this [bhphotovideo.com] is.....and that is the used price.

Hilarious

[Anonymous Coward]

When BT eavesdrop on 10,000 of their customers private communications (by way of PHORM) nothing is done [theregister.co.uk], but when 3000 celebs voicemail are involved they scream bloody murder.
either intercepting peoples communication (of any kind) is illegal or its not, and if it is illegal why are there no prosecutions and conspiracy charges brought upon all DPI operators ?
my ADSL internet goes down the same phonelines as voice but somehow its "different"

after all they keep telling us if you have nothing to hide....

Re:Not much news here

[K. S. Kyosuke]

I say let's call them "PIN kiddies" :-)

Re:FTFA - default passwords

[PolygamousRanchKid]

So why didn't the police notify the general public that reporters were using this trick, and advise all cell phone users to set their PINs properly? I mean, aren't the police there to "protect and serve?"

Or, are the police using this trick, as well, and didn't want to go public with a method that they are using to snoop on people, without any tap warrant?

Re:FTFA - default passwords

[DigitAl56K]

The carriers voicemail system should do four things:

1.When you first get a phone, auto-dial you once a day during business hours and prompt you to set a PIN until you do so

2.Do not allow you to retrieve any queued voice mail until a PIN has been set, require that PINs can only be set from the number they are attached to (without the aid of customer service)

3. Require PIN entry when dialed from other numbers. When you enter your PIN successfully it should say, "Thanks! You last logged in x ago", and if appropriate "Since then there have been x unsuccesful attempts to log in".

4. If too many bad PINs are entered by default lock voicemail and redirect to customer service.

Items #1&2 are a one time inconvenience when you get a new phone number. #3 adds 5 seconds to your call only when you use a different phone to check your voicemail. #4 just makes sense, and in the case that someone is getting DOS'd there could be a flag on the account customer service could set to use longer PINs that don't auto-lock.

I don't buy into the "there is not much you can do about it line" since by this time anyone competent enough to design a voice-mail system for use by a large carrier ought to have enough experience with computers to understand fundamental guidelines for basic security. I came up with the above list in under 30 seconds.

Re:Everyones Enemy

[BigJClark]

Might as well burn a couple books, as well. And while we're at it, we should round up teachers, doctors, artists, the intellectuals and re-educate them.

More like...

[denzacar]

I see you left your window open, so I used my sound recording device to make some recordings of your conversations and daily routine.

Illegal on my part, but completely your fault for allowing to happen. Your phone operator is free and clear.

Re:Surprised?

[jeffmeden]

Sports photographers, even for Soccer, use a 300mm to 400mm lens at most. A 1200mm lens would only be effective at taking pictures of things half a mile away or more (depending on the size of the thing, of course). The minimum focus distance for that bad boy is 46 feet, practical only if you're the poor photographer who is deprived of a sideline pass and are forced to take pictures from the nosebleeds. But then again, why would you spend $90,000 (the actual MSRP) on one if you were?

Re:Everyones Enemy

[flyneye]

I expected this typical regurgitation from those not used to thinking.
If you don't do something different you will continue to get the same results.
If you don't want the same results, do something different.
If you don't trump their power, they will continue as usual.
If you continue to spew mantra, you will eventually obscure the problem.
Then you are part of the problem.
If you like taking it up the ass from the media, by all means bend over and grease up.
Don't expect everyone to join you just because you have a pre programed general issue mantra.

Be interesting

[drsmithy]

To see who has a problem with this, but is A-OK with connecting to any random unprotected WAP they can find.

Re:FTFA - default passwords

[Locke2005]

While I agree with points 1, 2, and 3, as you point out, locking accounts after X number of invalid PIN/password attempts leads to a very well known DoS attack. Best to just disable access for an hour or less after 3 bad PINs; requiring customer service intervention for something that happens all the time can get very expensive. I would also point out that most small company voice mail system don't have a customer service representative to redirect to (like the company I work for, for example. The best you can do is redirect to the receptionist, who doesn't have admin access to the Cisco phone system.)

Re:Allegedly.

[chrb]

Or maybe it's because an editor and a private investigator have already been jailed for their part in the hacking?

Or maybe because News International has already paid out over £1 million to settle court cases brought by some of the people they listened in on, on the condition that they can't say anything about the case or settlement to anybody else, ever? And News International has not denied any of the allegations?

The fact that a single, unelected individual can become as powerful as Murdoch is worrying in this day and age. After Tony Blair flew out to Australia to breakfast with Murdoch, the British tabloids switched overnight and Blair won the next election. According to the Independent, Murdoch is "so powerful that no politician dare take him on." [independent.co.uk] According to Business Week:

"his satellites deliver TV programs in five continents, all but dominating Britain, Italy, and wide swaths of Asia and the Middle East. He publishes 175
newspapers, including the New York Post and The Times of London. In the U.S., he owns the Twentieth Century Fox Studio, Fox Network, and 35 TV stations that reach more than 40% of the country...His cable channels include fast-growing Fox News, and 19 regional sports channels. In all, as many as one in five American homes at any given time will be tuned into a show News Corp. either produced or delivered."

So Murdoch owns many of the most influential TV stations and newspapers in the UK and US, and yet he pays almost no tax, [bbc.co.uk] only 6% [bbc.co.uk]. Murdoch even had a special tax credit for himself written into a US bill during the Clinton era [independent.co.uk]. In the UK it was revealed that News International pays only 1.2% tax, and the governing Labour party refused to say anything on the issue. [independent.co.uk]

It is worrying that, in a democratic society, any single individual can influence public opinion so convincingly that even the governing left-leaning politicians, who would be his traditional enemies, must do underhand deals in order to gain his support and stay in power.

Re:According to the media...

[interkin3tic]

The media has no clue about hackers.

Add that to the list if there's room. I know they're likewise clueless about basic biology, let alone stem cells, genetics, evolutionary theory, or microbiology. A friend of mine who is an ordained priest once pointed out to me that they're usually off on religious issues as well. General news services aren't really good at anything it seems besides celebrity gossip. Of course, it's a reflection of society's ignorance, which is even more depressing. Ask some guy off a street what a hacker is, I bet you'd be dissapointed. Hell, you'd probably be dissapointed in MY answer as to what a hacker is.

For both our sakes, I won't answer, nor will I start quizing you about biology.

Re:Not much news here

[S7urm]

It's a bit more like complaining that somebody went through your luggage when you never changed the code on the lock from the default 1234.

The fact that person A was stupid and made it easy for person B doesn't make person B any less a scumbag who should be taken out back and shot.

Though I agree with your statement, I think it's also rather hypocritical (not neccessarily of you) for people on Slashdot to defend people from having their stuff stolen because their "secutiry" sucks, while in the same breath, lambaste Microsoft for poor security and lauding the people who break into their systems to exploit the holes (which you CAN NOT say doesn't happen here) I've been running across this again and again here lately where people have a double standard that if One person/group/OS/hax0r does one thing it's ok, so long as it doesn't impact the new "Kool-Aid flavor of the month" here. Yet it is supposedly inherently wrong for anyone at anytime to break into ANYTHING just because it was "easy" to do so.

Re:Basic security

[L4t3r4lu5]

I had written a fairly long post on how you were wrong, but the more I wrote, the more I realised that everything I believe is at fault.

I lock my car because I expect it to be stolen if left unlocked, and I expect the insurance company to not pay out for the theft because I left it unlocked. Why is this? I should expect the insurance company to pay out for my loss in any eventuality for which I am insured! That's the purpose of insurance!