TIP: BlackBerry PIN Security - Specifically here on CrackBerry!
- There was a thread a few days ago that really struck me in a personal way. No, I wasn't affected by it as far as my BlackBerry was concerned, but I was affected by it because of what I do for a living.
Please, if you are concerned about receiving communication from spammers or scammers on your BlackBerry via PIN messaging or BlackBerry Messenger, read the following paper I wrote on the subject.
If I can save just one member of CrackBerry from getting unsolicited spam via their PIN, then I have served my purpose with this paper.
If a moderator feels like moving this into the BlackBerry Tips, How To & FAQ Section, please do! Or if this is too controversial, please delete it. I'm just trying to help.
Thank you.
CrackBerry.com Forums: User PIN Security09-04-09 05:57 AMLike 0 - OMG he uses wget and regex to recurse through a site to get public information! He is so 1337!
I ph34r j00 so much, teach me how to hax0rz n00bs plz!
Oh wait, if you SPAM someone over PIN then you are easily traceable, and RIM would no doubt disable your PIN after complaints leaving you with a useless device.
Would you not be better using the same idea to harvest emails like regular spammers and using free systems to spam us all?
Oh and it's not like BBM even works most of the time.09-04-09 06:24 AMLike 0 - OMG he uses wget and regex to recurse through a site to get public information! He is so 1337!
I ph34r j00 so much, teach me how to hax0rz n00bs plz!
Oh wait, if you SPAM someone over PIN then you are easily traceable, and RIM would no doubt disable your PIN after complaints leaving you with a useless device.
Would you not be better using the same idea to harvest emails like regular spammers and using free systems to spam us all?
Oh and it's not like BBM even works most of the time.09-04-09 06:34 AMLike 0 - Thanks for the article. It's very informative. I have a landline at home, and I just contacted my carrier and told it that if the telemarketing calls didn't stop immediately (particularly the ones from the auto dialers) I would be canceling my service and getting another cell. I authorized the removal of one service which I didn't use and the addition of one other (so the cost of the new service would be a wash). I told the customer service rep that I would try out her suggestion, but, if the situation didn't drastically improve in short order I would be gone anyway. So far, miraculously, the telemarketing calls have stopped, lol. So, I do think your suggestion of contacting RIM and someone else's suggestion of complaining to one's carrier (found in another topic) has merit and can be effective.
As far as the PINs go here on the site, I wonder if perhaps the forum administration could set it up so that the PINs are only visible to members, and only when a member has reached a predetermined number of posts, like 10 or 20. Perhaps this would make it more difficult for the automatic (script type) harvesters to obtain the data. It would be almost like when one has to enter a captcha code to join a site. Of course, this wouldn't prevent a spammer from pretending to be a good member by making the required number of meaningful posts and then running his script, but maybe it would add an extra layer to frustrate him so he doesn't bother.
Posted from my CrackBerry at wapforums.crackberry.com09-04-09 06:47 AMLike 0 - When I had a land line I had a package called "call reveal" which meant the person was stopped before dialing through to my number if they hid any of their personal details.
It would prompt the user to dial 1 to reveal their info or hang up. Loved that service, almost no telemarketers after that.
Posted from my CrackBerry at wapforums.crackberry.com09-04-09 09:06 AMLike 0 - As far as the PINs go here on the site, I wonder if perhaps the forum administration could set it up so that the PINs are only visible to members, and only when a member has reached a predetermined number of posts, like 10 or 20. Perhaps this would make it more difficult for the automatic (script type) harvesters to obtain the data. It would be almost like when one has to enter a captcha code to join a site. Of course, this wouldn't prevent a spammer from pretending to be a good member by making the required number of meaningful posts and then running his script, but maybe it would add an extra layer to frustrate him so he doesn't bother.
Posted from my CrackBerry at wapforums.crackberry.com
Posted from my CrackBerry at wapforums.crackberry.com09-04-09 10:13 AMLike 0 -
- So you're saying if I post something on the internet in a public forum, that information might be seen and/or harvested by others?09-04-09 11:06 AMLike 0
- There was a thread a few days ago that really struck me in a personal way. No, I wasn't affected by it as far as my BlackBerry was concerned, but I was affected by it because of what I do for a living.
Please, if you are concerned about receiving communication from spammers or scammers on your BlackBerry via PIN messaging or BlackBerry Messenger, read the following paper I wrote on the subject.
If I can save just one member of CrackBerry from getting unsolicited spam via their PIN, then I have served my purpose with this paper.
If a moderator feels like moving this into the BlackBerry Tips, How To & FAQ Section, please do! Or if this is too controversial, please delete it. I'm just trying to help.
Thank you.gavinn likes this.09-04-09 11:08 AMLike 1 -
- Has anyone ever got PIN spam?
I think OP was in a rush to prove that something can be done, to think about if it would be done.
Until I hear that everyone in Nigeria has a BB, I'm hardly going to be concerned.09-05-09 03:50 AMLike 0 -
I'm not in any rush. I'm just attempting to open people's eyes to a problem. Some BlackBerry newbies might not know about this, nor think about putting their information on a public website. I need not prove a thing. The proof that this is happening is already known.
If you are not concerned, that's fine. It's not my place to make anyone concerned. I just showed what's possible. It's up to the reader to make their own decision about what they want to do.
But, it's documented that spammers have indeed used PIN messaging before, and will continue to do so.Last edited by danoh; 09-05-09 at 06:26 AM.
09-05-09 06:21 AMLike 0 - I've heard there are those in indonesia who can change the PIN of their devices at will. This would be a wonderful way to get a list of good PIN numbers to program phones with. Never pay for BB service again, just hijack a PIN.
Posted from my CrackBerry at wapforums.crackberry.com09-05-09 07:00 AMLike 0 -
- Again, thanks for the info. I've found, in many cases when I've sounded the alarm about something, those in denial have reacted as follows:
1. Disbelief, often accompanied by anger
followed by
2. Ridicule ("Get him a tinfoil hat!")
finally coming around full circle to
3. "We knew it all along." (That's the part where they repeat to me a year later what I told them two years ago as if they discovered it first.)
Posted from my CrackBerry at wapforums.crackberry.comLast edited by T�nis; 09-05-09 at 07:47 AM.
09-05-09 07:44 AMLike 0 -
- PIN spam? PIN cloning? We all going to have our BB's cloned and then have our identities stolen?
FUD is a great marketting tool, why not create a Blackberry Security Suite?09-10-09 08:50 AMLike 0
- Forum
- BlackBerry OS Phone Forums
- BlackBerry OS
TIP: BlackBerry PIN Security - Specifically here on CrackBerry!
« Leaked: BlackBerry Bold 9780 OS 6.0.0.668
|
Is it possible to get a virus or anything harmful from accepting a BBM request from a »
LINK TO POST COPIED TO CLIPBOARD