AT&T Breach - Worse than expected

Discussion in 'Apple, Inc and Tech Industry' started by belvdr, Jun 14, 2010.

  1. belvdr macrumors 603

    Aug 15, 2005
    No longer logging into MR
    Picked this up on Slashdot, but here's the relevant article.

    Honestly, this guy confuses me by some of the terminology but the security issues do not. If AT&T, T-Mobile, and Cingular are doing this, and I suspect they are, they are in a world of hurt. This isn't just about the iPad incident, but about an insecure architectural design, which could increase their network load, should they decide to fix it.
  2. FX120 macrumors 65816


    May 18, 2007
    I am still cracking up every time I hear "****** Security" mentioned on the nightly news...

    And I really laughed at this comment on SD: "This whole ordeal has turned out to be a real pain in the arse..."
  3. kdarling macrumors P6


    Jun 9, 2007
    First university coding class = 47 years ago
    What that article mainly says is that ATT and T-Mobile to more or less directly correlate the public ICCID and the supposedly secret IMSI. And that the IMSI can be used to query a ton of information.

    So even without the leak of email addresses, a hacker could make up random or targeted IMSIs and get all the info he wanted anyway, from the user's real name to phone number.
  4. benthewraith macrumors 68040


    May 27, 2006
    Miami, FL
    AT&T has 114,000 SIM cards to replace? It sounds like this vulnerability extends to the iPhone as well, or just about any SIM phone.

Share This Page