Forgot your password?
typodupeerror
Privacy Security United Kingdom News Your Rights Online

News Corp. Hacking Scandal Spreads To Government 105

Posted by samzenpus
from the fox-in-the-house-of-commons dept.
wiredmikey writes "The scandal revolving around the News Corporation's now defunct British tabloid, News of the World, has entered a new phase with news that the hacking extended into areas of national security, as detectives working for the Murdoch media empire may have hacked into the computer of a government minister responsible for Northern Ireland. Scary stuff, yet the enterprise security community seems strangely quiet on the topic, aside from showing other journalists how easy it is to do. Potentially, if you know the correct mobile number and you can guess four digits, you too can be listening to your elected leaders' personal messages. The chances are pretty good that it could be their birthday."
This discussion has been archived. No new comments can be posted.

News Corp. Hacking Scandal Spreads To Government

Comments Filter:
  • by Anonymous Coward

    >if you know the correct mobile number and you can guess 4 Digits

    Would that be any 4 digits, or some particular ones?

  • Well, well.. (Score:5, Interesting)

    by ackthpt (218170) on Wednesday November 30, 2011 @02:58PM (#38217276) Homepage Journal

    Will a contrite Rupert Murdoch make a tearful visit to No. 10? MI5?

    Really not surprised, when the people in News International (NI) were going for a story they let nothing get in their way. And the juicier the story, the more Big White Letters on the cover of NotW or Sun. Drunk with it, they were, the idea of digging where they should not and getting away with it.

    Another round of review for suitability of the Murdoch Clan by stock holders? Might just be enough to dislodge the old goat and his son.

    • by dkleinsc (563838)

      Will a contrite Rupert Murdoch make a tearful visit to No. 10? MI5?

      If things work out correctly, he should be spending significant amounts of his time in the near future at the Old Bailey.

      • Too bad it's not the Old Baily of old.
        • Re:Well, well.. (Score:5, Insightful)

          by Hazel Bergeron (2015538) on Wednesday November 30, 2011 @03:36PM (#38217698) Journal

          To treat him exactly as any other criminal would be necessary, sufficient and unlikely.

    • by smellotron (1039250) on Wednesday November 30, 2011 @10:19PM (#38222220)

      Drunk with it, they were, the idea of digging where they should not and getting away with it.

      I've always wanted to hear Yoda's take on the Mines of Moria. Thank you.

  • by Don_dumb (927108) on Wednesday November 30, 2011 @03:09PM (#38217408)
    Alastair Campbell - (Press Secretary for Tony Blair) not someone who I would normally believe on anything. Wrote a pretty comprehensive witness statement outlining how far the problems goes and how much it affects the running of the country and to be fair he understands the media more than most. It is worth a read - http://www.levesoninquiry.org.uk/wp-content/uploads/2011/11/Witness-Statement-of-Alastair-Campbell.pdf [levesoninquiry.org.uk]
    • by The Askylist (2488908) on Wednesday November 30, 2011 @04:54PM (#38218630)
      Bear in mind when reading Campbell's statement that this is the man who brought us the dodgy dossier and the 45 minutes to WMD claims. He's a master of selective statement and a propagandist worthy of Goebbels himself.
      • by Don_dumb (927108) on Wednesday November 30, 2011 @05:11PM (#38218852)
        But yet, he researched his statement and provided several references for each assertion, exactly what is missing from journalism. Like I said, I wouldn't usually take his word for much. But I did read the entire statement and have to say that there is many a good point.

        Bear in mind, he knows more than almost everyone about the relationship between the press and the government. For better or worse.
        He didn't call for regulation by government but concluded that self paid regulation was pointless and self serving. Which I think is fair.

        If I am honest I think it has given me a small amount of new found respect for the man who sold the world a terrible war.
        • by The Askylist (2488908) on Wednesday November 30, 2011 @07:14PM (#38220662)
          He circulated his statement around various friends and ex-colleagues before publication, so I doubt whether all of the references were his. One copy found its way to the Guido Fawkes website on Sunday, which caused Leveson to issue instructions on Monday that evidence to the inquiry was not to be circulated beforehand. Leveson was threatening to force the owner of the site to give evidence tomorrow on how he came to be in possession of Campbell's statement, but backed down this afternoon when it became clear that Campbell had circulated it widely.

          .

          Be very careful how much respect you gain for both Campbell and Leveson - the inquiry has one aim and one aim only, and that is to come up with a framework for press and internet reporting restrictions. Campbell is only one of the chosen witnesses whose statements will be used to this end.

          • by shilly (142940)

            Who are you, Askylist? Paul "the twat" McMullan? You seem ever-so-eager to read this as entirely political, despite the large numbers of apolitical figures, public and private alike, whose privacy has been invaded and whose lives have been damaged by tabloids acting with the most atrocious viciousness.

            • If it isn't political, kindly explain why none of the accusations against the Mirror have been widely reported, while every titbit about the News of the World is slavered over by the BBC and the non-Murdoch press.

              Most people didn't give a monkeys about the "hacking" until the Millie Dowler thing came out - the whole inquiry is a sop to Labour but has at its root a desire to regulate free speech. I wouldn't bank on Leveson leaving the internet alone if I were you.

              And no - I'm not McMullan, who in any cas

  • by Anonymous Coward on Wednesday November 30, 2011 @03:10PM (#38217418)

    About 6 years ago when this all originally flared up, it became clear people were simply not changing their default voicemail pin-codes from the network supplied default. All you needed to do was call the mobile number, listen for which operator it was that was which was responsible for the voicemail, then punch in the default pin-code for that network operator.

    At the time, this caused a few MNOs to change their systems so that you could not use remote voicemail until the user had set a new pin-code other than the default. In fact, its sad that operators were not somehow made partially liable for all this in the first place!

    • by ackthpt (218170) on Wednesday November 30, 2011 @03:26PM (#38217584) Homepage Journal

      While its good you are up on the Phone Hacking. This is about hacking a server... I don't know everything about servers, but I don't think you call many of them and retreive voicemail on them with a PIN. This was about going in and learning things of a highly sensitive nature. Documents. Names. Etc.

      We'd probably applaud Wikileaks for publishing some of this stuff. But since it's the weasels at News International (NotW, Sun) you should wonder what they're doing this for.

    • by kqs (1038910)

      That's all true, but so what? Are people allowed to wander along a road, trying all of the doors, and entering when one is unlocked? Voicemail PINs, like locks on luggage, will never be terribly effective; they're to keep the honest people from making honest mistakes. When someone dishonest tries to break the system, the correct action is legal plus jail time.

    • by zonky (1153039)
      This is not correct. It's even simpler- they spoof the callerid to be the mobile's number. Most people have voicemail set to not require PIN from their own phone. Instant access, no pin guessing required.
  • by Anonymous Coward on Wednesday November 30, 2011 @03:14PM (#38217454)

    They'll can some middle and upper middle management types, but Murdock and his cronies that created and encouraged a corporate culture of amoral lawbreakers will continue to walk off, rich and happy, after a few carefully crafted statements full of empty sentiment, and dropping more guilt on top of the scapegoats of the day.

    Of course, if there was less government regulation, the field would be level, and countless competitors would exist to force Murdock's News Corp to actually be honest and... aww, damn it, I can't keep a straight face and finish that crap.

  • Leveson (Score:5, Informative)

    by Spad (470073) <slashdotNO@SPAMspad.co.uk> on Wednesday November 30, 2011 @03:15PM (#38217466) Homepage

    Watching the Leveson inquiry over the last couple of weeks has been one of the most depressing things I've ever done; the lowlight was probably former NOTW journalist Paul McMullen saying the following on the subject of privacy:

    In 21 years of invading people's privacy I've never actually come across anyone who's been doing any good. Privacy is the space bad people need to do bad things in.

    Privacy is evil; it brings out the worst qualities in people.

    Privacy is for paedos; fundamentally nobody else needs it.

    Basically the papers are full of amoral arseholes (Not just NI papers either, it's clear that the Daily Mail and others have been up to it as well), the Police and the ICO have been shamefully complicit and the government didn't want to look into it in case it upset Murdoch and he told his papers not to support them any more.

    Makes you proud to be British really...

    • by Luyseyal (3154)

      Came here to say this as I heard that on NPR this morning. Has the transparent society begun?

      -l

    • I was wondering if anyone would point out that this scandal isn't just the Rupert Murdoch papers. The others have done it as well, there just isn't as much effort to get to the bottom of those stories.
    • by elrous0 (869638) *

      I wonder if he would say those things if someone were spying on *HIS* wife or kid.

      • Re: (Score:3, Funny)

        by rtfa-troll (1340807)
        He's a British tabloid journalist. He's probably already spying on his wife and child and selling it on the internet.
    • Re:Leveson (Score:5, Insightful)

      by ackthpt (218170) on Wednesday November 30, 2011 @03:42PM (#38217780) Homepage Journal

      Makes you proud to be British really...

      But now McMullen and all his awful associates have been dragged out into the daylight and they can't hide anymore. Yes, it is ugly. Yes, it is depressing. But. It will eventually get better. First, there must be the full investigation. Second, there must be the corrective measures. Hopefully they don't wedge a new government agency into the pressroom. For all the rot, there has been some good and press need ability to hold government to account, something which would be difficult if the government vetted news.

    • by debrain (29228)

      Any debate on privacy always draws me to The Right to Privacy, by Warren and Brandeis Harvard Law Review. Vol. IV December 15, 1890 No. 5 [mit.edu]:

      Of the desirability -- indeed of the necessity -- of some such protection [for privacy], there can, it is believed, be no doubt. The press is overstepping in every direction the obvious bounds of propriety and of decency. Gossip is no longer the resource of the idle and of the vicious, but has become a trade, which is pursued with industry as well as effrontery. To satisfy a prurient taste the details of sexual relations are spread broadcast in the columns of the daily papers. To occupy the indolent, column upon column is filled with idle gossip, which can only be procured by intrusion upon the domestic circle. The intensity and complexity of life, attendant upon advancing civilization, have rendered necessary some retreat from the world, and man, under the refining influence of culture, has become more sensitive to publicity, so that solitude and privacy have become more essential to the individual; but modern enterprise and invention have, through invasions upon his privacy, subjected him to mental pain and distress, far greater than could be inflicted by mere bodily injury. Nor is the harm wrought by such invasions confined to the suffering of those who may be the subjects of journalistic or other enterprise. In this, as in other branches of commerce, the supply creates the demand. Each crop of unseemly gossip, thus harvested, becomes the seed of more, and, in direct proportion to its circulation, results in the lowering of social standards and of morality. Even gossip apparently harmless, when widely and persistently circulated, is potent for evil. It both belittles and perverts. It belittles by inverting the relative importance of things, thus dwarfing the thoughts and aspirations of a people. When personal gossip attains the dignity of print, and crowds the space available for matters of real interest to the community, what wonder that the ignorant and thoughtless mistake its relative importance. Easy of comprehension, appealing to that weak side of human nature which is never wholly cast down by the misfortunes and frailties of our neighbors, no one can be surprised that it usurps the place of interest in brains capable of other things. Triviality destroys at once robustness of thought and delicacy of feeling. No enthusiasm can flourish, no generous impulse can survive under its blighting influence.

      The relationship between this 120 year old paper and modern society is illuminating.

    • Lol. This Paul guy is such a turd.

      Privacy is the part of life where your personal ethics are found and expressed; and it is shared, smartly, with those who agree with said ethic and are included in the privacy.

      In all of us, we have thoughts, acts, and materials in private, that if made public, would be construed to be 'evil' or 'wrong' in some form. There is no absolute ethic, though many genius minds like John Rawls have tried (and I agree with him, but some don't).

      The big kicker for privacy is that the

  • by Anonymous Coward on Wednesday November 30, 2011 @03:18PM (#38217508)

    Social Engineering.

    I hate to be the bearer of obvious news, but the DEFAULT password on everyones voicemail is usually 1234, 1111 or something. Every place I worked it was the same. Every cell carrier, landline and VoIP... they use the same default password, not random ones.

    Plus there are people who have the voicemail password programmed into their cell phone. That sets the stage for hacking the voicemail without doing much at all. Just call in via a landline and try the defaults first, then try their birthday and family birthdays. You'll get most peoples PIN's this way.

    The only reason there isn't large amounts of chip+pin/ATM pin fraud is because ATM's eat cards after 3 wrong answers, but if you have access to a POS system to keep trying, keep trying PIN's. Keep buying sticks of gum from gas stations and 711's until you guess the pin.

    In voicemail systems, the voicemail retrieval number is easily found, and everyone STUPIDLY puts their full name in the voicemail greeting. NEVER DO THIS. Your voicemail message should not be in your voice, and should not have your full name in it. Better yet, only list the extension. The reason is that you make yourself a voicemail hacking target for social engineering by having your name on the voicemail.

    Say I'm a hacker wanting to get the PIN to someone elses voicemail. I keep trying voicemail boxes until I find someone with a name that works their. Next thing I do is get ahold of the technical service desk and ask for them to reset the voicemail PIN and say I'm the person on the voicemail greeting. Oversimplified (if they're doing their job they'll ask for the employee badge number, but oh, that can be socially engineered too.)

    When I worked for (CELL PHONE CARRIER), it's easy to reset passwords, just call in, verify the SSN and the password will be reset. Such horrible abuse of personal information.

    When I worked for (INTERNET SERVICES), someone tried to social engineer me using the voicemail. Fortunately my name isn't easy to spell. Someone went through the phone directory and left messages asking to be called back to deal with their account. As the customer was in the US and I was not handling US customers it raised a red flag right away.

  • "The chances are pretty good that it could be their birthday."

    Is that the so-called 'birthday attack' ?

  • I'm shocked! Shocked, I tell you!

  • by wisebabo (638845) on Wednesday November 30, 2011 @04:16PM (#38218208) Journal

    Look, it's bad enough that Fox News is owned by a man who allegedly changed his nationality to get around foreign ownership laws of media outlets (how come the Aussies and Brits don't have those laws? That way he'd only influence ONE country's media).

    But aren't there laws in the U.S. against the blatant use of the public airwaves to push a particular viewpoint or even "hatemongering" (just as one example: look at the number of times Fox accidentally spelled "Obama", "Osama" and mentioned his middle name "Hussein")? For a detailed look at this bias watch the documentary "Outfoxed".

    Even if you were to claim that this is protected free speech (yes but not using public spectrum! Use a satellite like Howard Stern!) couldn't there be a case made for shutting the network down for the public interest? Several recent studies have shown that Fox viewers are not only less informed than viewers of other network/media, but they are less informed than people who WATCHED NOTHING AT ALL (don't know exactly the comparisons, google it).

    Until then I didn't know that ignorance could be a negative value. Wow.

    Of course, if there is any proof to the allegations that his company spied on Americans, perhaps some form of justice will be done.

    • by jpapon (1877296)

      yes but not using public spectrum

      I don't like Fox news, and I hate defending them, but they don't use public spectrum. They're a cable/satellite channel. Outside of inciting violence (and various libel laws I'd imagine) they can pretty much say what they want.

      • Thanks for not thoroughly trashing me. I didnt realize they weren't on public airwaves. I got confused when I saw the local Fox affiliate (which IS broadcast I think) and thought it was tied to the Fox cable news network (it isn't is it?).

        Anyway, my only excuse is I've been out of the country for 5 years and I'm at my uncle's place. He's got his A/V setup as a mishmash of satellite, cable (and terrestrial?) and I'm not sure where I'm getting ech feed from.

        Definitely the restrictions on what he has to say

        • by jpapon (1877296)
          Right, there IS a FOX channel which is broadcast in most areas, but it is entirely distinct (in terms of content, anyways) from the Fox News channel, which is essentially the "right wing CNN".
    • For one thing, you'd have to prove it's "hatemongering" - easier said than done. I know I once spelled it " Osama" by accident. I'm not an Obama fan, but it was not intentional -it made the meaning of what I was saying much less clear. It's not beyond the realm of belief. Years of Al Queada news coverage might make it habitual for the ticker typer to type, though it was still a sloppy thing to do; especially more than once; the second time is perhaps suspect. I haven't seen the "Hussein" thing though.
  • by cirby (2599) on Wednesday November 30, 2011 @04:27PM (#38218286)

    The thing people keep ignoring in this ongoing story is how most of the "hacking" happened with the assistance of one or more people working for the government: police officers (some of them have already been nabbed for this) and political appointees, along with the standard-issue public employee bureaucrats.

    The official who had his computer "hacked?" BS. He sold the information to someone, and when he got caught, he lied.

    That's what happens when you give bureaucrats the power to tap phones and other private communications: they sell it to people who would get arrested for doing it, or who are too dumb to do it themselves.

    It's not just NewsCorp, too - half of the tabloids in the UK have been caught in this affair.

  • At least a decade ago you didn't have it, and I doubt it has changed. All you need is to change your caller id to that of the phone (easy to do), then the voicemail system doesn't ask for your password. It is why you can always check your voicemail from your own phone without entering the password.
  • It is called *espionage*.

    Many countries frown upon spying on government officials, even to the extent of imposing life imprisonment or execution.

    Given corporations' statuses as people, it would seem logical to try them based on the laws of the country in which they operate.

    I'm not a proponent of the death penalty, so would instead ask that News Corp, if/when found guilty, simply be locked up for life, just as any other "person" would be.

    I defy anyone to challenge that logical conclusion.

    • When you hear "Corporations are People", your perception is wrong.

      Try thinking more along the lines of Soylent Green.

      And with that, putting them through a tree chipper is a perfectly viable solution. With food coloring added before packaging, of course.

  • Why is there no discussion of requiring the network operators to improve security?

    After all, it's fairly easy for them to know who is placing a call, and to bill the right user: I can't spoof someone else's phone and make them get the bill for my call. So why can't the carriers lock voicemail to the device by default?

    I don't want the hassle of using a PIN every time I dial my voicemail, but I am quite happy for my cellphone with my SIM to be the trusted token. Yes, if I'm unlucky enough to have my phone st

  • Every phone call and text message I make are monitored and recorded. The websites I visit are recorded. My emails are read. My posted packages and letters are opened and read. My car number plate is recorded as I move across the country. My credit card transactions are watched, and the movements I make on public transport with my oyster card is recorded and logged. My medical records are routineley examined, as are records of any dealings I may have had with the police. This is done without my knowlege or c

The first Rotarian was the first man to call John the Baptist "Jack." -- H.L. Mencken

Working...