Results 1 to 3 of 3

Thread: TMobile HotSpot Security

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002

    TMobile HotSpot Security

    TMobile has begun setting up wireless networking called Hot Spot at various retail locations such as Starbuck's and Borders Books.

    TMobile provides the user with a login name and password that cannot be changed by the user. The problem is that the login name is the user's TMobile phone number and the password is the last 4 of their SSN.

    They do provide some CYA wording explaining that their networks do not guarantee security and that its your job to secure your data (see TMobile Security Statement).

    The FAQ states that their sites do not use WEP because they feel its impractical to have a shared secret password for a publicly available network. I can't say I disagree with that.

    With an inherently insecure system though, they may want to consider allowing other login names and passwords. Once someone intercepts your phone number and last 4 of your sSN, they can call TMobile and get a variety of other information (address, birth date, other phone numbers, email address, etc.) because those are the keys that verify your identity to them.

  2. #2
    Senior Member
    Join Date
    Mar 2003
    this is definitely bad, becuase tmobile will allow you to change billing plans, etc. with the ssn of a person. on top of that, you can even change which sim card you are using, so you can have a sim-based phone, call up t-mo's service number, change the account to your sim and get the crazy service plan, and talk for hours. or just cancel their services... not fun.

  3. #3
    Join Date
    Nov 2002
    You never know what, you will start in a T-Zone!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts