« Blossoming Vase | Home | Speed Dial Padlock ends lock stress »

August 21, 2010

Voicemail — Episode 2: A Visit to the dark side

6a00d8341c5dea53ef01156f8668a4970c-800wi

Yesterday's account of my bumbling journey through AT&T's voicemail wilderness occasioned two particularly instructive comments, which follow.

The first was from Mark Bernay of Phone Trips, who wrote:

•••••••••••••••••••••••••••••••

There actually is a legitimate security reason why the default of voicemail is to make you enter a password. That's because the voicemail system doesn't have any special way of identifying that it is YOU calling, other than the standard caller ID system.

The system sees YOUR cell phone number as the caller ID calling in. A call to voicemail is a regular phone call to a regular phone number that is well-known, even if you are able to dial some abbreviated code instead of the complete phone number to retrieve your voicemail.

The problem is that caller ID can be faked, and is actually quite easy for non-technodolts nowadays to do it using very little equipment and free software. I can do it from my home, for example. So if I fake my caller ID to be your cellphone number, and then I call into the phone number of your voicemail system, then the system will think I am you and will let me listen to your messages. But if you had to enter a password, then I would be blocked. The phone companies know that caller ID can be faked, and that's why they encourage the use of a password.

In the real world, this probably isn't something you need to worry about, because it isn't well known by the general public how to do this, and someone would need to know your cellphone number.

If you would like me to demonstrate this, and you trust me enough to give me any phone number you have that has the caller ID feature, I can call that number and fake the caller ID to be any number you like.

•••••••••••••••••••••••••••••••

The second comment came from foofdawg who wrote, "Unfortunately, a friend of mine uses this trick [bypassing the password] on his girlfriend's cell phone to listen to her messages...."

August 21, 2010 at 02:01 PM | Permalink


TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a00d8341c5dea53ef0133f33a8b85970b

Listed below are links to weblogs that reference Voicemail — Episode 2: A Visit to the dark side:

Comments

"Unfortunately" is right. If I caught someone doing this, I wouldn't be their girlfriend anymore, that's for sure. Although, don't most voicemail boxes mark voicemails as listened to once they've been... listened to? I'd think that'd be a big clue...

Posted by: Kitten | Aug 23, 2010 4:55:20 PM

"Unfortunately, a friend of mine uses this trick [bypassing the password] on his girlfriend's cell phone to listen to her messages...."

That would be a *major* felony. See, http://bit.ly/Qjev0

Posted by: 6.02*10^23 | Aug 21, 2010 5:58:06 PM

The comments to this entry are closed.