;;[[ TELUS MOBILITY; Customer Privacy No More ]];; >> By: The Clone Date: Tuesday January 4, 2000 << ._. "The 'Telus Mobility account information' telephone number is more than just a convenient and easy-to-use service. It's also a vulnerable system open for anyone wanting to snoop on private customer data." ._. Telus believes that *most* of its customers are able to manage their cellular/pager account information with the help of a "friendly" easy-to-use automated self-serve system. So because of this they implemented the... 'Telus Mobility Cellular/Pager Automated Service' telephone number. [quote taken from www.telusmobility.com] "In the future, TELUS Mobility will introduce many technological advances to improve upon the services we offer today. When it comes to wireless communications, the future belongs to... TELUS Mobility." -- There's no doubt in my mind that Telus offers great service. Well of course the only other phone company I've had was ED-TEL from before 1995 and they weren't a terribly technologically advanced phone company. But because of the many services that Telus (Mobility) does offer, they unfortunately tend to ignore the privacy aspect. This is where I come in. When some hoodlum from within the realm of the 'Mah-Bell' Gestapo armed with a telephone, determination, and 198ppm of caffeine can bring important privacy issues to the attention of the phone company and its customers... there's no doubt that there is need for change. Lets say by some rare chance that *does* in fact improve beyond tomorrow, there is no way in hell I'll stop doing what I do. Unless of course if I was bribed by CEO of Telus (George Petty) with a large sum of money and my very own brand new Telus telco-van [heh heh]. ._. D I A L : 7 8 0 - 3 1 0 - 2 2 3 3 . . . RING... RING... (crappy 5 second song) "Good morning/afternoon/evening and thanks for calling Telus Mobility." "To help serve you better, please enter your area code and seven digit cellular or pager number." [enter the vitals] "Please hold while we access your account information..." _________________________________________________________ OPTIONS: [a] - "For account balance and payment information press 1." [b] - "For any other paging or service inquiry press 2." -- [a]: After accessing this menu, you will be given the following options: "You have five selections!" Balance Information (press 1) Credit Card Payment (press 2) Notify Payment or make other arrangements (press 3) Change Billing Information (press 4) Information on how to Read your Bill (press 5) [Tips] To Repeat Messages (press #) To Return to the Previous Menu (press *) To Access the Main Menu (press 9) To speak to a customer service (press 0) - All we want to access is the Balance Information because the other options require a credit card and/or Telus phone bill not to mention options 2, 3, and 4 all connect to a live operator. So you've pressed 1 and you're now in the Balance Information menu. [_What Now?_] ! You're prompted for your "personal identification number." Because Telus loves to help its customers and unknowingly help intruders, it tells us that by default our PIN is a temporary three digit number. The temporary three digit number is the three numbers in our postal-code. For example: Pager #: (780)-480-0839 The pager belongs to Joe Shmoe who registered his pager to his home address. Joe Shmoe's postal code happens to be T5B-1R7. Joe Shmoe's temporary three digit PIN is '517'. -- See, the average "Joe" isn't aware that they can change that vulnerable three digit PIN that can be accessed by anyone with their phone number and postal code. Hell, most people probably didn't even know this system even existed until now. If a malicious person(s) accesses your account information, they'll know what you're billing statement is, what numbers you've called, etc... without you ever knowing it. Not only that, but there's also a way to change that default PIN number so that only THEY would have access to YOUR account info. ** Up to 17 digits in length ** (I'd like to see you bruteforce hack that! *smirk*) -- [b]: This menu is not useful because it connects to a live operator. The last thing we want is help. Though mental help might be what we malicious kittens may need. *purr* ._. Conclusion; It was only six months ago (30.6.99) when I wrote the document 'TELUS; 811 Self-Serve stratagem'. In this document I discussed how anyone with only a phone bill could wreck havoc on unsuspecting victims. Add/delete features... disconnect phone service. Ouch! Now this document. Where I spoke about how one could again wreck havoc. This time on cellular and pager customers. The only requirement is that you have a valid Telus Mobility cellular/pager number and the owners postal code. How can we trust Telus with something as simple as our account information? Having such a vulnerable system that only the three numbers in your postal code make the difference between privacy and possible exploitation is not something to be taken lightly. Either Telus tightens its security in its "automated service systems" or a lot of unhappy customers will switch to another cellular/pager service. Remember kids: Telus Mobility no longer has a monopoly on the local cellular and pager market. =) ._. {Contact;} E-mail: webmaster@nettwerk.hypermart.net Site: http://nettwerk.hypermart.net Group: http://www.hackcanada.com A N E T T W E R K E D P R O D U C T