Vulnerability Development mailing list archives
Re: Phone Switches + telephone banking etc
From: quentyn () fotango com
Date: Fri, 07 Jun 2002 17:22:56 +0100
"Kayne Ian (Softlab)" wrote:
->I know many banks ( at least in the UK) will say not to use their service through cordless phones, maybe they should increase to includeWhy's that? I've never heard of a bank making that statement. A cordless phone is pretty much a minor risk anyway, if someone wanted to go to the trouble of listening in to your call to the bank, they'd be better off splicing the phone line outside your house. IIRC DECT fones are scrambled in some way, so you can't just tune in with a reciever. Non-DECT fones have enough trouble finding the base station and making a clear call through even paper thin walls, so someone sitting outside your house is unlikely to get anything through a few layers of concrete...
if you phone HSBC in the UK and ask to change your "security number" they will ask you if you are on a cordless phone or a mobile. Remember the "old" cordless phones that could be eaves dropped accidentally ? ( or with a scanner from maplins ) Now DECT phones are all the rage I suppose the question is irrelevant ( also GSM mobiles are supposedly encrypted anyway) I just phoned HSBC's telephone banking division and their policy is that "you should not use cordless or mobile phones when setting or resetting security features" though they couldn't tell me where to find a doc on this. My original take on this issue was merely that the key press records are a hell of a load more sensitive than people believe. Q -- ##################### Quentyn Taylor Sysadmin - Fotango ##################### "With hindsight, the decision sucked. But that's the benefit of hindsight. When you use it, all decisions suck." Giles Todd
Current thread:
- Phone Switches + telephone banking etc quentyn (Jun 06)
- RE: Phone Switches + telephone banking etc Kit (Jun 06)
- <Possible follow-ups>
- RE: Phone Switches + telephone banking etc Kayne Ian (Softlab) (Jun 07)
- Re: Phone Switches + telephone banking etc quentyn (Jun 07)
- Re: Phone Switches + telephone banking etc hellNbak (Jun 07)
- Re: Phone Switches + telephone banking etc KF (Jun 10)
- Re: Phone Switches + telephone banking etc digitalFX (Jun 07)
- Re: Phone Switches + telephone banking etc quentyn (Jun 07)
- RE: Phone Switches + telephone banking etc ash (Jun 08)
- RE: Phone Switches + telephone banking etc Jacek Lipkowski (Jun 10)
- RE: Phone Switches + telephone banking etc Vachon, Scott (Jun 07)
- Re: Phone Switches + telephone banking etc Dave Booth (Jun 07)
- RE: Phone Switches + telephone banking etc Tony Camp (Jun 07)
- RE: Phone Switches + telephone banking etc Mike Theriault (Jun 09)
- RE: Phone Switches + telephone banking etc ash (Jun 09)