A sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor U.S. Secret Service e-mail, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities, SecurityFocus has learned. :erm: :erm: :erm:

Im not sure if this includes UK customers (would they share the same server databases?)

Edit :::: Forgot the link http://www.securityfocus.com/news/10271

Wow.........cool! :shocked:

Now that is scary.

Sweet move...

Lucky sod.

woah reading that i must say highly impressive by an individual, i can see why the secret service want to hire him!

Scary. I suspect our Data Protection Law would stop any UK customer's details being on that server though (assuming the server wasn't in Europe).

Scary. I suspect our Data Protection Law would stop any UK customer's details being on that server though (assuming the server wasn't in Europe).
Not if the T&C said information may be transferred outside the EU though (most do).

Wasn't it the servers for a particular device called a 'Sidekick'? Not sure if that exists over here, I've not heard of it.

Anyway, very interesting and instructive.

Sweet move...

Lucky sod.

Indeed!

I wonder what he knows :)

ir raises the question whether security services should hire people like him, instead of doing jail time he will help fellow security experts in looking for holes in products/servers.

ir raises the question whether security services should hire people like him, instead of doing jail time he will help fellow security experts in looking for holes in products/servers.
Well it would be a question of can they trust hackers to secure a system when all a large percentage want to do is find the security holes and see what they can do that would benefit them personally. There are already a number of ex-hackers who work to help secure systems now but there are a lot more still trying to break systems :(

Well it would be a question of can they trust hackers to secure a system when all a large percentage want to do is find the security holes and see what they can do that would benefit them personally. There are already a number of ex-hackers who work to help secure systems now but there are a lot more still trying to break systems :(

When I studied security* as part of my degree, we were told that employing hackers is a bit of a dilemma. On the one hand, they are in the best position to know how to get into a system illegally (and think like other hackers). On the other hand, can you trust them?

* The subject was fun, but rather embarassing as I was already working part time in the Labs, and every time the lecturer told us about a new trick, he pointed me out and said "but don't try it here as you'll have him (meaning me) to deal with". This happened at least once a week..

What a boy :D :D

On the other hand, can you trust them?

If you give them enough interesting work to do, yes. Most smart boy hackers like him are doing it for the kick and the excitement, rather than financial gain. So if you give them that kick and excitement in a white hat context, they should be absorbed enough in that.

And of course, if they do stray, you smack them with that and whatever they did initially that you waived to give them a job.

It looks like the hacker who obtained Paris Hilton's contacts obtained a little more.

Apparently he was able to access a lot of customer's details and even Secret Service emails (which is more worrying).


http://www.theregister.co.uk/2005/01/12/hacker_penetrates_t-mobile/

Still, he is working for the Secret Service now..

An absolutely fascinating read...

i read this days ago......he is one clever guy and it looks like some security firm is going to offer him a job.

whether thats ethical or not...

i read this days ago......he is one clever guy and it looks like some security firm is going to offer him a job.

whether thats ethical or not...


Actually, I read an article on that a while back. The article basically pointed out that the best security consultants to hire (from a technical point of view) would be ex or current hackers, but would you want to trust a hacker?

It looks like the hacker who obtained Paris Hilton's contacts obtained a little more.

Apparently he was able to access a lot of customer's details and even Secret Service emails (which is more worrying).


http://www.theregister.co.uk/2005/01/12/hacker_penetrates_t-mobile/

Still, he is working for the Secret Service now..
Situations like this remind me of a saying...
who polices the police??
We now have ex hackers protecting systems that they have helped to hack or indeed have hacked. These people are also working with very sensitive data and systems, you can only wonder just how closely they are watched :erm:

you can only wonder just how closely they are watched :erm:

an example of not forgiving, and refusing to give people a second chace at life eh?

It looks like the hacker who obtained Paris Hilton's contacts obtained a little moreI've seen what purports to be the stolen piccys :naughty: :D

Situations like this remind me of a saying...
who polices the police??
We now have ex hackers protecting systems that they have helped to hack or indeed have hacked. These people are also working with very sensitive data and systems, you can only wonder just how closely they are watched :erm:

There was the film recently where you had Leonardo Caprio (not sure bout spelling) and Tom Hanks I think. One of them was a forger, other FBI. The forger impersonated pilots, doctors, and made huge sums from cheque fraud. The FBI apparently made a deal with him and as a result the forger has made a mint legally helping bnking to be much more secure. That's if you beleive everything you see at the movies ;)

There was the film recently where you had Leonardo Caprio (not sure bout spelling) and Tom Hanks I think. One of them was a forger, other FBI. The forger impersonated pilots, doctors, and made huge sums from cheque fraud. The FBI apparently made a deal with him and as a result the forger has made a mint legally helping bnking to be much more secure. That's if you beleive everything you see at the movies ;)

This is the guy... http://www.abagnale.com/index2.asp

'Catch me if you can' was the name of the film

I've seen what purports to be the stolen piccys :naughty: :D


So have I...

Wether they are the real photos or not, they are quite nice...

where ? linkies ? in pm if it contravenes rules blah blah.... :)

This is the guy... http://www.abagnale.com/index2.asp



He cashed $2.5 million in fraudulent checks in every state and 26 foreign countries over a five-year period. Between the ages of 16 and 21, he successfully posed as an airline pilot, an attorney, a college professor and a pediatrician. Apprehended by the French police when he was 21 years old, he served time in the French, Swedish and U. S. prison systems. After five years he was released on the condition that he would help the federal government, without remuneration, by teaching and assisting federal law enforcement agencies.

.
.
.
Mr. Abagnale has been associated with the FBI for over twenty-five years. He lectures extensively at the FBI Academy and for the field offices of the Federal Bureau of Investigation.




...so where did he make his money... the poor chap is serving a life sentance of none-payment at the hands of Tom Hanks! Imagine working for the FBI..and lecturing at the FBI academy for 25 years..and not getting paid!

..what a genious! :dunce: ;)


:p:

...so where did he make his money... the poor chap is serving a life sentance of none-payment at the hands of Tom Hanks! Imagine working for the FBI..and lecturing at the FBI academy for 25 years..and not getting paid!

..what a genious! :dunce: ;)


:p:

I imagine he makes his money from private companies and books he has written on fraud.