After reports that people in the public eye have had their phones hacked, here are my ramblings on the matter from a technological view point. I am not suggesting for one minute that these claims are not true but I just question how this happened.
Most voicemail systems and answering machines have a remote access feature, which you would have to enable using the menu system and set at the very least a 4 digit pin of which there are over 10,000 combinations. The only reason I could think that someone would set this up is if they had a PA or other people who needed to access their voicemails – if this feature is not disabled by default and the pin is set to 1234 for example then it really is a security issue with the mobile provider or manufacturer that should be corrected.
Even if you have this set-up, when you dial in to your voicemail from a remote location you would be asked for your mobile number and then your pin code (or in the case of an answering machine on a landline just the pin code). If for example you have 5 new voicemails, when you have entered your details the system would say “You have 5 new messages”. The key word here is ‘new’ and not ‘saved’. If your PA had listened to your voicemails and weeded out the rubbish it would say “You have 5 saved messages”. There is a big difference here and you usually have to press a menu option to listen to them where as new messages are usually played straight away – how did people not spot this?
The remote access feature must be enabled for this to work in the first place, I know that some old answering machines had default pin codes of ‘0000’ and the remote access feature enabled by default – but this is not the case with mobile phone voicemail systems or modern answering machines.
Listening to the stories on the news I have found myself doubting the fact that someone has been able access these systems because you would need to start with the mobile number or landline number of the person, then find the mobile network operator and just brute force pin codes until one works – which you would hope would lock out after 5 or 10 tries and need resetting?
So maybe the people who carried out these attacks had a differrent approach using fake mobile base stations for a man-in-the-middle kind of attack (see hack-a-day article with vodafone singal boost boxes). However that kind of attack would involve sitting outside the home or work place of the target and waiting for them to dial the number for their voicemail and then monitoring the call – but with this sort of kit you would you not just monitor all calls? and also this sort of equipment is usually used by the government or army.