- TalkBack 1 of 1:
- Thread View
- Flat View
- Snapvine is INSECURE
-
Pinger and Snapvine are highly INSECURE!!!!
What this means: I can break into your Pinger and Snapvine phone accounts. I can listen to your messages. I can send out messages as you.
How do I do this? Easy. I mask / spoof CALLER ID / ANI. Anyone can do this, amateur hacks, etc.
Well, there are others, but suffice to say that these companies are doing new things with social networking sites and phones that help to connect people.
The problem is that these companies have a scalability problem based on inbound calling.
You see, if you have hundreds of thousands or millions of users, you can?t give everyone a unique dial in phone number.
SECURITY PROBLEM
What these companies have done is based user identification on Caller ID / ANI ? meaning that you call their service, and their systems recognize your phone via Caller ID.
The problem is that Caller ID is highly insecure and can be faked.
The problem that these ?dial in? companies are trying to solve is one of scalability. They simply cannot have enough dial in numbers for each user.
Therefore, they have architected a way to recognize each caller by Caller ID and to base the entire user authentication system on this insecure method.
This can easily be hacked.
SOLUTION
The solution is funny ? both Pinger and SnapVine make you enter in a PIN CODE when you dial in without validating your phone.
After you validate your phone, you no longer need to enter the PIN CODE.
So in effect, when you validate your phone, you make your account INSECURE.
What Pinger and SnapVine need to do is always require the PIN CODE. - Posted by: calleridspoofy Posted on: 01/03/07 You are currently: a Guest | Members login | Terms of Use
Snapvine is INSECURE
calleridspoofy | 01/03/07
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
- Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
- Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- Business Value of Windows Server 2008 R2 Hyper-V and Live Migration.
-
Today's IT departments are under increasing pressure to manage and support expanding computer resources while reducing costs. See how Windows Server 2008 R2 is making this process seamless.
- Click to download >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer >>
-
-
Smart Tech
Expert advice on innovations in healthcare and the green technologies that make it happen.
Find out more
-
Smart Business
Discussion and advice on management issues that revolve around making your world smarter and more useful.
More Smart Advice
-
Smart People
The best and worst moves in the management and strategy trenches.
Learn More
