PDA

View Full Version : Listen up...


Wally
16th February 2016, 09:31 AM
Hack lets phones 'eavesdrop and make premium calls'

Security researchers have hacked a phone to show how it is possible to eavesdrop on conversations and make premium calls on someone else's line.

The problem affects voice-over-internet-protocol (Voip) phones, commonly installed by businesses, when default passwords are used.

Snom, the manufacturer whose phones were used in the research, has said the attack affects outdated software.

A spokesman said the tested firmware was "never in wide circulation".

The researcher carried out tests on a phone that was reset to "default" factory settings.

Full story -> http://www.bbc.co.uk/news/technology-35579273] (http://[URL="http://www.bbc.co.uk/news/technology-35579273%5D%5Bb%5D%5Bcolor=red")

DerekW
16th February 2016, 09:43 AM
More Info on El REg
http://www.theregister.co.uk/2016/02/15/voip_insecurity_snom_phones/

BBC link is

http://www.bbc.co.uk/news/technology-35579273

Daveart
16th February 2016, 10:12 AM
Nothing new their lads, GCHQ have been doing that for years now, it was called phone tapping then.

shenstone
16th February 2016, 01:43 PM
when default passwords are used.

that's the key phrase ... Always change default passwords

Mind you I had need to hack my next door neighbors wireless router (with his agreement) last week when he had issues and we needed to read the logs and find where the issue was and it was really good that he had not done so

I connected my phone to his wireless and just brought up his router details by guessing the IP address of the router and entering a "default" username and password - he was amazed how easy it was for me to guess it, His router password is no longer the default !

regards
Andy

OM USer
16th February 2016, 07:06 PM
I have my routers set so you can only login to the admin account by a wired connection.

skids
16th February 2016, 07:35 PM
Nothing new their lads, GCHQ have been doing that for years now, it was called phone tapping then.

A few years ago I was working with the Govt. Liaison team at one the biggest UK TelCo providers (the team work with Law Enforcement Agencies / Spooks). Was told of the calls that came in from Cheltenham when the mobile providers moved from analogue to digital 'You need to lower your encryption, we can't get in'.