The Telecom Digest

29 Years of the Digest ... founded August 21, 1981

Add this Digest to your personal or



The Telecom Digest for February 17, 2011
Volume 30 : Issue 42 : "text" Format

Messages in this Issue: 
Lost iPhone? Lost Passwords! (Monty Solomon)
Anonymous speaks: the inside story of the HBGary hack (Monty Solomon)
Apple's Big Subscription Bet: Brilliant, Brazen, Or Batsh*t Crazy? 
(Monty Solomon)
Re: Cell phone texting spam--article (tlvp)
Re: A Cordless Phone That Plays Nice With Wireless Phones   
(Barry Margolin)
Metro hangs up on pay phones (David Lesher)


====== 29 years of TELECOM Digest -- Founded August 21, 1981 ======
Telecom and VOIP (Voice over Internet Protocol) Digest for the
Internet.  All contents here are copyrighted by Bill Horne and
the individual writers/correspondents. Articles may be used in other
journals or newsgroups, provided the writer's name and the Digest are
included in the fair use quote.  By using -any name or email address-
included herein for -any- reason other than responding to an article
herein, you agree to pay a hundred dollars to the recipients of the
email.

               ===========================

Addresses herein are not to be added to any mailing list, nor to be
sold or given away without explicit written consent.  Chain letters,
viruses, porn, spam, and miscellaneous junk are definitely unwelcome.

We must fight spam for the same reason we fight crime: not because we
are naive enough to believe that we will ever stamp it out, but because
we do not want the kind of world that results when no one stands
against crime.   Geoffrey Welsh

               ===========================

See the bottom of this issue for subscription and archive details
and the name of our lawyer, and other stuff of interest.

Date: Sun, 13 Feb 2011 01:19:53 -0500
From: Monty Solomon <monty@roscom.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Lost iPhone? Lost Passwords! 
Message-ID: <p062408d2c97d27ffb5cc@[10.0.1.2]>

Lost iPhone? Lost Passwords!

Practical Consideration of iOS
Device Encryption Security

Jens Heider, Matthias Boll
Fraunhofer Institute for
Secure Information Technology (SIT)
February 9, 2011

Abstract

The paper highlights risks that accompany losing a locked iOS device
regarding conÞdentiality of passwords stored in the keychain. It
presents results of hands- on tests that show the possibility for
attackers to reveal some of the keychain entries. For the described
approach, the knowledge of the user's secret pass- code is not
needed, as the protection provided by the passcode is bypassed.

http://www.sit.fraunhofer.de/en/Images/sc_iPhone%20Passwords_tcm502-80443.pdf

Date: Wed, 16 Feb 2011 08:09:32 -0500
From: Monty Solomon <monty@roscom.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Anonymous speaks: the inside story of the HBGary hack 
Message-ID: <p0624080fc9817ce5e311@[10.0.1.2]>

Anonymous speaks: the inside story of the HBGary hack

By Peter Bright

It has been an embarrassing week for security firm HBGary and its
HBGary Federal offshoot. HBGary Federal CEO Aaron Barr thought he had
unmasked the hacker hordes of Anonymous and was preparing to name and
shame those responsible for co-ordinating the group's actions,
including the denial-of-service attacks that hit MasterCard, Visa,
and other perceived enemies of WikiLeaks late last year.

When Barr told one of those he believed to be an Anonymous ringleader
about his forthcoming exposé, the Anonymous response was swift and
humiliating. HBGary's servers were broken into, its e-mails pillaged
and published to the world, its data destroyed, and its website
defaced. As an added bonus, a second site owned and operated by Greg
Hoglund, owner of HBGary, was taken offline and the user registration
database published.

Over the last week, I've talked to some of those who participated in
the HBGary hack to learn in detail how they penetrated HBGary's
defenses and gave the company such a stunning black eye-and what the
HBGary example means for the rest of us mere mortals who use the
Internet.

...

http://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars/

Date: Wed, 16 Feb 2011 08:14:25 -0500
From: Monty Solomon <monty@roscom.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Apple's Big Subscription Bet: Brilliant, Brazen, Or Batsh*t Crazy? 
Message-ID: <p06240810c9817db0127f@[10.0.1.2]>

Apple's Big Subscription Bet: Brilliant, Brazen, Or Batsh*t Crazy?

MG Siegler

We all knew it was coming, but the details of the App Store 
subscription model, which Apple outlined today, are fascinating on a 
number of levels. Simply put: this is one of the boldest bets Apple 
has ever made. And it could backfire. Or it could be huge beyond 
belief. Either way, it's going to be very controversial.

We've already gone over the basics, but as a quick recap: any service 
offering an app with any sort of subscription component must now 
offer it within the app using the new in-app subscription options. 
Those companies are welcome to offer subscriptions outside of the app 
as well, but they must also have the option to do it in-app and it 
must be for the same price (or cheaper) than the out-of-app option. 
If a subscriber signs up in-app, Apple keeps 30 percent of those 
revenues. If they sign up outside of the app (still granting them 
accesses to the app), the company keeps 100 percent of the revenues.

...

http://techcrunch.com/2011/02/15/apple-in-app-subscriptions/

Date: Tue, 15 Feb 2011 23:28:01 -0500
From: tlvp <tPlOvUpBErLeLsEs@hotmail.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Cell phone texting spam--article  
Message-ID: <op.vqzaozojitl47o@acer250.gateway.2wire.net>

On Mon, 14 Feb 2011 01:42:09 -0500, Lisa or Jeff <hancock4@bbs.cpcn.com> wrote:

> This is an issue that bugs me--spam sent to cell phone as text
> messages that the recipient must pay for, and the lack of
> responsiveness from the cell phone carriers. ...
> ...
> Can't the cell phone carriers use ANI to trace back to the offending ...

Some SMS arrive at a cell phone after going through an email-to-SMS gateway.
For example, any internet email client can send email to 2123334444@tmomail.net
(to illustrate with a made-up T-Mobile email addie), and if 212-333-4444 is
the cellular number of a T-Mobile subscriber, the first (roughly) 150 characters
of that email are sent to that subscriber's handset as an SMS.

I've had spam like that -- even the "Sender:" data was spoofed, appearing
to be a Verizon cellular customer -- but the actual message was relayed
to T-Mobile's SMS gateway by a server in the .ru TLD :-) .

Moral: there ain't necessarily no ANI to use for tracing back the offending ... .

> source?  If the caller spoofed their callback number (as I suspect
> they do), couldn't they be prosecuted for that?

And if ANI were present, but spoofed, whom would you prosecute, exactly?

Cheers, -- tlvp
-- 
Avant de repondre, jeter la poubelle, SVP

Date: Tue, 15 Feb 2011 23:58:43 -0500
From: Barry Margolin <barmar@alum.mit.edu>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: A Cordless Phone That Plays Nice With Wireless Phones   
Message-ID: <barmar-77C6AD.23584315022011@62-183-169-81.bb.dnainternet.fi>

In article <p062408f9c97fb09588bb@[10.0.1.2]>,
 Monty Solomon <monty@roscom.com> wrote:

> A Cordless Phone That Plays Nice With Wireless Phones
> 
> By SAM GROBART
> FEBRUARY 8, 2011
> 
> You can go without a land line and just use your smartphone. People 
> do it all the time.
> 
> It didn't work for me. I tried - really - but the my house and AT&T's 
> wireless signal were like Elizabeth Taylor and Richard Burton: a 
> paroxysm of affection, only to then pull away in bitterness, 
> ultimately separating for good.
> 
> So it came time to return to the world of the land line. And while I 
> was out gallivanting with my smartphone, some interesting 
> developments were happening in old-style telephony, it turns out.
> 
> The most intriguing of which is Panasonic's Link-to-Cell feature, 
> found on some of its cordless handsets. Link-to-Cell allows your 
> cordless phone to answer calls placed to your mobile phone. If 
> someone dials your mobile when you are at home, all the handsets in 
> the house will ring and you can answer the call from any of them. The 
> feature uses Bluetooth to establish a wireless connection between up 
> to two mobiles and however many compatible cordless handsets you have.

But if you're in a wireless dead zone, as mentioned in the second 
paragraph, this won't work.  What's needed for that is to forward your 
wireless phone number to your land number.  But that's not how this 
system seems to work -- the article says it's using Bluetooth to forward 
the signal from the wireless handset to the cordless base station.

-- 
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

Date: Wed, 16 Feb 2011 05:41:59 +0000 (UTC)
From: David Lesher <wb8foz@panix.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Metro hangs up on pay phones 
Message-ID: <ijfo37$fjo$1@reader1.panix.com>

The 10 year contract between WMATA ("Metro") and Verizon [Let's
see, what WAS it named when they signed it?] expires in March;
and look like Verizontal will not renew.

Metro stations have been one of the last places in the DC area
to actually find a pay phone, as every station entrance has them
inside and outside the faregates.

For some unspecified period, WMATA will pay for one TTY equipped
phone at each entrance.

http://www.wmata.com/about_metro/news/PressReleaseDetail.cfm?ReleaseID=4798

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433

TELECOM Digest is an electronic journal devoted mostly to telecom-
munications topics. It is circulated anywhere there is email, in
addition to Usenet, where it appears as the moderated newsgroup
'comp.dcom.telecom'.

TELECOM Digest is a not-for-profit, mostly non-commercial educational
service offered to the Internet by Bill Horne. All the contents
of the Digest are compilation-copyrighted. You may reprint articles in
some other media on an occasional basis, but please attribute my work
and that of the original author.

The Telecom Digest is moderated by Bill Horne.

Contact information:    Bill Horne
                        Telecom Digest
                        43 Deerfield Road
                        Sharon MA 02067-2301
                        781-784-7287
                        bill at horne dot net

Subscribe:  telecom-request@telecom-digest.org?body=subscribe telecom
Unsubscribe: telecom-request@telecom-digest.org?body=unsubscribe telecom

This Digest is the oldest continuing e-journal about telecomm-
unications on the Internet, having been founded in August, 1981 and
published continuously since then.  Our archives are available for
your review/research. We believe we are the oldest e-zine/mailing list
on the internet in any category!

URL information: http://telecom-digest.org

Copyright (C) 2009 TELECOM Digest. All rights reserved.
Our attorney is Bill Levant, of Blue Bell, PA.

 ---------------------------------------------------------------

Finally, the Digest is funded by gifts from generous readers such as
yourself who provide funding in amounts deemed appropriate. Your help
is important and appreciated. A suggested donation of fifty dollars
per year per reader is considered appropriate. See our address above.
Please make at least a single donation to cover the cost of processing
your name to the mailing list. 

All opinions expressed herein are deemed to be those of the
author. Any organizations listed are for identification purposes only
and messages should not be considered any official expression by the
organization.
End of The Telecom Digest (6 messages)

Return to Archives ** Older Issues