Hacker Penetrates T-Mobile Systems 396
An anonymous reader writes "SecurityFocus.com reports 'a sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor U.S. Secret Service e-mail, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities.' Demi Moore and Paris Hilton are involved."
Get Moore !?! (Score:5, Interesting)
Q: If I were a customer and I found out that my identity has been stolen, could I sue T-Mobile for any damages since they knew of the problem, or perhaps for just having breakable security?
BTW, the Black Hat's email address (and online identity) is ethics@netzero.net [mailto] and at one point was looking for work as a security administrator. Not a big surprise that he was interested in the field, but 'Ethics'!
Not-so Secret Service (Score:4, Interesting)
Secret Service Mail Encryption (Score:3, Interesting)
Re:Get Moore !?! (Score:5, Interesting)
As I read even more of the FA:
It appears the feds knew about this months ago.
Gets ya thinking... (Score:3, Interesting)
I think he let his greed / ego get in the way when trying to offload this information that he obtained.
This really makes you wonder about the guys you never hear about, the ones that don't get caught.
Re:Hmm... (Score:4, Interesting)
If you think the Secret Service won't use his skills in exactly the same way he was offering to the public before he got busted, you are mistaken. That is to say (explicitly), the Feds will use this guy to break into private computer networks and steal information of interest to them. They will keep him at arms length in case he gets caught. This is the way law enforcement (unfortunately) works...
uh, blackmail? (Score:3, Interesting)
Um...you do realize they're blackmailing him, right?
Honestly, I can't decide if being blackmailed is better or worse than him rotting in jail. We don't let people off the hook for robbing convenience stores "for fun" or "for the challenge", unless they're insane enough that they don't understand it's wrong (in which case, they go to a mental institution, not jail) and people intelligent enough to do the hacking are intelligent enough to understand breaking into something that doesn't belong to you is wrong; anything else is just creative ass-covering by hackers and their lawyers.
In case you hadn't figured it out by now, I'm not a Mitnick fanboy, which I know isn't very popular even today...
Re:Secret Service Mail Encryption (Score:5, Interesting)
Yep, the guy was stupid (Score:5, Interesting)
The guy crossed the line when he went to sell personal information to identity theives. Looking at famous people's candid photos is pretty harmless (as long as he's not selling them to some tabloid or spreading them around). Reading the SS's email is the ultimate in poetic justice; they should be more aware of just how insecure email is than just about anyone. It's inexcuable for the frelling SS to have been sending sensitive documents around in unencrypted emails.
In the end, it sounds like the guy got caught because of his own hubris. Which, when you think about it, is typical... criminals get busted not because the cops are spectacuarly competant, but because they run their mouths off.
Re:Get Moore !?! (Score:2, Interesting)
Re:Are you new here? (Score:2, Interesting)
The problem is the governments willingness to use criminals.