Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
AT&T Cellphones Crime The Almighty Buck The Courts

AT&T Says Malware Secretly Unlocked Hundreds of Thousands of Phones 123

alphadogg writes: AT&T said three of its employees secretly installed software on its network so a cellphone unlocking service could surreptitiously funnel hundreds of thousands of requests to its servers to remove software locks on phones. The locks prevent phones from being used on competing networks and have been an important tool used by cellular carriers to prevent customers from jumping ship.
This discussion has been archived. No new comments can be posted.

AT&T Says Malware Secretly Unlocked Hundreds of Thousands of Phones

Comments Filter:
  • by aussersterne ( 212916 ) on Friday September 18, 2015 @03:44PM (#50551789) Homepage

    Just sayin.

    Or at least, stretches the definition of "malware" to the breaking point.

    • Apparently, malware:patch::weed:flower
    • by jbmartin6 ( 1232050 ) on Friday September 18, 2015 @03:58PM (#50551923)
      "Malware" is a matter of perspective. From this perspective of the AT&T lock mafia, this is malware.
      • by aussersterne ( 212916 ) on Friday September 18, 2015 @05:41PM (#50552549) Homepage

        I guess I tie the idea of "malware" to two concepts:

        1) Mal, as in harmful to the user.
        2) Ware, as in software.

        To me, "malware" as a concept is basically about end users. It is software that is installed by endusers that does something contrary to what they expect, possibly without their knowledge, that is harmful to them. Malware is inherently deceptive, and the method of its deception is posing as something else. It is directed from bad actors toward strangers that these actors wish to exploit. It is a numbers game, a volume game.

        This was not installed by end users, it did not pose as something else, and the harm was directed at an organization by individuals within the organization. It was not distributed widely, but was a single instance. I'd call this a "hack" or a "sabotage" or an "embezzlement" of some kind before I'd call it malware. Maybe a new term is needed.

        But it seems a big jump from the widespread distribution of a Windows wizard to millions of hapless end users all the way to the willful and direct modification of company equipment by employees for gain.

        • I guess I tie the idea of "malware" to two concepts:
          1) Mal, as in harmful to the user.
          2) Ware, as in software.

          You're using the wrong interpretation. "Mal" is a short form of the German "Einmal", sometimes. "Ware" is goods or commodities or a product. So AT&T's service is "sometimes product", i.e. you pay for their phone service and sometimes the product is delivered.

    • by Anonymous Coward

      Sounds more like what might be termed "beneware" rather than "malware".

    • My first thought as well. I guess malware is in the eye of the beholder.

    • It's malware that was installed on the company's servers. It's for a "good" purpose, but it's malware just like the malware installed in Office Space to funnel fractions of pennies off of transactions.

  • by wardrich86 ( 4092007 ) on Friday September 18, 2015 @03:44PM (#50551795)
    If only the idea of a carrier-locked phone could be made illegal... It would put more pressure on the companies to actually come up with decent pricing and plans to secure their customers!
    • Re: (Score:3, Informative)

      by sexconker ( 1179573 )

      In the US, carriers are now required by the FCC to unlock a phone on request, if the phone is not still on a subsidy contract.
      It's been like this for about 2 years now.

      • by Anonymous Coward on Friday September 18, 2015 @03:50PM (#50551843)

        In the US, carriers are now required by the FCC to unlock a phone on request, if the phone is not still on a subsidy contract.
        It's been like this for about 2 years now.

        Yeah, have fun going through that "request" with AT&T. It is damn near impossible to get them to unlock a phone.

        • All you have to do with ATT is get hit with their "malware"
        • Re: (Score:3, Informative)

          by Anonymous Coward

          What? I've done this with AT&T several times. You go to their website, enter your phone information (and it includes details on how to get it), and it sends you an email with exactly what to type on your phone to unlock it. The whole process only takes a few minutes.

        • by Scoth ( 879800 ) on Friday September 18, 2015 @04:01PM (#50551959)

          This, pretty much. I went round and round with AT&T trying to get an off-contract iPhone 4 unlocked for over a year before I ended up trading it in for double-credit on a iPhone 6 for my wife for far more than it would have sold for on eBay or the like even unlocked. They just kept declining it with no explanation, and the customer service reps were no help.

          • Re: (Score:2, Interesting)

            by Anonymous Coward

            Honestly bet those customer service reps have the instructions available to help with unlocking a phone but instead claim ignorance when asked because it usually takes time to explain over the phone to someone not already somewhat technically adept.

            They do this to avoid higher average handling time metrics so they dont get churned out of the call center.

            setting the system up like this is a brilliant means around the requirements of the FCC if this is malice rather than just accidental.

          • In Australia they used to do something similar. Then we got the Telecommunications Industry Ombudsman, and that organisation had teeth. Not only do they ensure that companies comply with the law in ways the FCC simply lacks the balls to do, but they also bill the telecom companies per complaint for their services regardless if they have merit.

            Pretty soon the companies found out it was cheaper to unlock a customer's phone rather than get a bill for a TIO investigation into a complaint, not even taking into c

            • Some people do pay more than one company - especially if you travel a bit and have a dual-band/sim phone. I know when I visit relatives in Canada, I have a SIM I got just for the provider in their area (prepaid), while the other slot holds the SIM I use here at home (contract).

              I imagine it's much the same going from the US to Europe or Asia and vice versa.

              • Yes but that is by necessity. You wouldn't do the same thing in the same area. And even if you did what difference does it make to the company which contracted you the phone? I don't magically get to stop paying the first company just because another company's SIM card is in the phone.

        • by dbraden ( 214956 ) on Friday September 18, 2015 @04:08PM (#50552019)

          I had at&t unlock my iphone a few months ago and it couldn't have been simpler. I did it from their web site with a very simple form and it was unlocked within 2 days.

          Maybe I was just lucky, I don't know, I'm just a sample of one. I have no love for AT&T, but at least that worked well for me.

          • by Anonymous Coward

            i think the website process works, calling their "help" to get it done old fashioned way, you know with customer support!! is a nightmare.
            i wonder if they make it such a miserable process because they know older people will be doing it the call-in method and if frustrated enough will just stick around till dead anyway.

        • by b0bby ( 201198 )

          I got Cricket (owned by AT&T) to unlock a freebie phone after the required 4 months (I think they now raised it to 6). Just went to their chat support, made the request, no problems.
          This may be just another example of prepaid being better than postpaid.

          • With tmobile, the same exact phone and data amounts cost substantially less with prepaid than with billed payment.

            The salesperson tried to upsell me so I asked her what it would cost... about $30 more. I showed her and she gave a rueful smile and dropped the subject.

            I'm retired and going to a Tmobile prepaid phone from Sprint has given me a free hotspot, a gig of data a month (which I never use even tho I play a lot of boom beach in odd places), and saved me $73 per month vs Sprint. I have unlimited music

        • I just went into a store and asked them, and they did it. It was about the farthest thing from "damn near impossible".
    • If only the idea of a carrier-locked phone could be made illegal... It would put more pressure on the companies to actually come up with decent pricing and plans to secure their customers!

      Having all phones unlocked would have no effect on plan pricing in the US. There are already reasonably priced plans out there from MVNOs. You just have to pay full price for your phone and sacrifice some on customer service. It might have some effect on the price of the phones themselves but the only sure result is that you would have to pay full price for your phone up front all the time, and only those with the very best credit would be able to use installment plans to pay for phones.

  • by Anonymous Coward on Friday September 18, 2015 @03:46PM (#50551803)

    I was out of contract over a year ago, but I'm still fighting to get mine unlocked.

  • by Anonymous Coward

    To unlock out of contract phones then this probably wouldn't have happened.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      Just go in a physical store and refuse to leave until they agree to do it. I've gotten five iPhones that my family has owned unlocked by doing that. They'll tell you that you have to call 611 to get that done, but keep fighting.

  • by Anonymous Coward

    Sounds more like this to me "3 employees saved hundreds of thousands of phones from AT&T's network".

    • "Sounds more like this to me "3 employees saved hundreds of thousands of phones from AT&T's network"."

      Saving is no use to you if you don't notice it.

  • by 140Mandak262Jamuna ( 970587 ) on Friday September 18, 2015 @03:55PM (#50551891) Journal
    The practice of AT&T and other carriers to force people who have completed the contract and paid off all the subsidies they got when they signed on is malafide. They make people jump through hoops to use something they have bought and paid for. This software that unlocked the phones is reversing the bad action by the carriers. This software is bona fide. So we need to coin a word for software that is the antonym of malware, May be bonaware or goodware or niceware. Or Ghandhiware because this software is a freedom fighter.
    • Software?
    • Gandhi was sort of the opposite of a freedom fighter, not sure you knew that.
    • The software was running on AT&T systems, making AT&T the user. From the user's perspective, the software was malware. Therefore, the headline is accurate.

      If it were running on the phones themselves, making the phone owner the user, then it would not have been malware.

    • by Anonymous Coward

      How about bonware? The mal in malware comes from the Latin word malus, which is an adjective for evil. The Latin adjective for good is bonus. So let's call this bonware.

    • In this case, perhaps "liberationware".

    • Naw, we just need a law that carriers must AUTOMATICALLY unlock a phone that was paid for. So when your contract is up, your phone gets unlocked w/o you having to ask for it.

    • de-ransomware = liamneesonware

    • Malevolent : Benevolent
      Malware : Benware
    • by rtb61 ( 674572 )

      The reality is the whole mess makes no sense at all. They have you on a contract where you agree to pay a set amount each and every month whether you use their phone (theirs until you finish the contract) whether you use it on their network or someone elses (they save money if you use it on someone elses). Stop making payments on that contract and after some warning they can report the phone as stolen. In many countries that means they can block the phone from connecting to any network. So it makes no sens

    • This reminds me of the Nachi worm. It infected computers using the same attack vector as Blaster and then proceeded to patch against Blaster and move on without a destructive payload.

      Kind of like Windows 10 forced updates but in worm form and from a company less shady than MS :-)

  • One man's insurgent is another man's patriot.
  • What do we call this now? Is it white hat malware?

  • Now this is some malware I can get behind.

    Someone should start a Kickstarter to fund some malware like this.

  • playing the AT&T theme song

  • I don't believe it .. what really happened ?
  • For some reason, I'm hearing the AC/DC song Jailbreak [wikipedia.org] running through my head.
  • This is clearly not malware, but i think its not what ATT really meant to say either. The people who are still under contract shouldn't be using this program until they have paid off the phone or whatever contract they have that legally prevents them from unlocking the phone. That still doesn't make it malware. And i would think ATT can easily see who is unlocking a phone who shouldn't be unlocking it. Being we live in an age where we have zero privacy and all.
  • If i have a contract, i can't cancel it before the contract allows me to without a penalty, so, why do you lock my phone?, i'd still be under the obligation of paying for the service?. Phone network locking shouldn't be a thing, it's beyond stupid.
    • If i have a contract, i can't cancel it before the contract allows me to without a penalty, so, why do you lock my phone?, i'd still be under the obligation of paying for the service?. Phone network locking shouldn't be a thing, it's beyond stupid.

      Money.

      First, they don't want you to switch services. If they make it harder, or make it more likely you'll wait till a certain time and then forget, they make more money.

      Second, they won't collect that penalty. They will collect it from some people and then collect a percentage of it by selling it to a debt collector.

  • So I need to cheer for malware this time?
  • Does the world really have room for multiple superheros? I'd hate to forget about Mr. Snowden, but these guys certainly did something a bit more practical, which is always a bit plus in my book.

    In any case, I think a Nobel prize is in order. If there's any debate about which Nobel prize, I say we just award them prizes in multiple categories.

  • Most of those people with the unlocked phones will never know the difference so what's the big deal?
  • an important tool used by cellular carriers to prevent customers from jumping ship.

    Handset locks don't stop anything, it is contract law which ensures people pay for the remainder of their contract terms... Handset locks just decrease the usefulness and resale value of the handset, while creating an artificial grey market in unlocking methods.

    I intentionally avoid any operator who supplies locked handsets.

    • an important tool used by cellular carriers to prevent customers from jumping ship.

      Handset locks don't stop anything, it is contract law which ensures people pay for the remainder of their contract terms... Handset locks just decrease the usefulness and resale value of the handset, while creating an artificial grey market in unlocking methods.

      I intentionally avoid any operator who supplies locked handsets.

      The purpose of locked phones isn't to keep people from switching carriers. Having similar plan pricing, focusing on "best coverage" in specific areas, employer discount programs, retention offers, different network technology and most importantly individuals own reluctance to change does that.

      Lots of people want to believe that the big companies lock phones to trap them but the real reason is fraud. Cell phone fraud is a lot bigger than most people think.

      It works like this: Company A sells phones and se

  • boo freaking hoo, spying, lying no good AT&T.

A person with one watch knows what time it is; a person with two watches is never sure. Proverb

Working...