[ARTICLE] Virgin Mobile accounts are easy to hack


Last Updated:

  1. ktb83

    ktb83 Well-Known Member This Topic's Starter

    Joined:
    Jun 10, 2012
    Messages:
    653
    Likes Received:
    212

    Advertisement
  2. Petrah

    Petrah Psychotic Female

    Joined:
    Jun 13, 2011
    Messages:
    4,085
    Likes Received:
    1,439
    We already knew VM USA's security was terrible. Where's that other thread...
     
  3. ktb83

    ktb83 Well-Known Member This Topic's Starter

    Joined:
    Jun 10, 2012
    Messages:
    653
    Likes Received:
    212
    It is clearly bad. I wouldn't have guessed it was this bad!

    Rate-limiting relying only on cookies? WTF?
     
  4. rcsrich

    rcsrich Well-Known Member

    Joined:
    Jun 22, 2012
    Messages:
    772
    Likes Received:
    119
    Yeah- and now every idiot in the world knows just how poor their security is.

    Yay.
     
  5. Petrah

    Petrah Psychotic Female

    Joined:
    Jun 13, 2011
    Messages:
    4,085
    Likes Received:
    1,439

    Any company that asks for your pin number in emails, on Facebook, or on Twitter is bad. We tried to warn everyone before (in another thread) but no one would listen.
     
  6. mogelijk

    mogelijk Well-Known Member

    Joined:
    Jun 8, 2012
    Messages:
    1,904
    Likes Received:
    647
    I find it interesting I've been unable to get to the "My Account" page on the VM website since yesterday.
     
  7. hchen42

    hchen42 Well-Known Member

    Joined:
    Mar 15, 2011
    Messages:
    137
    Likes Received:
    16
    I still can. I did get a "service overload, try again" page. Try refresh the page.


    I wouldn't be surprised if the hacking has begun.
     
  8. rcsrich

    rcsrich Well-Known Member

    Joined:
    Jun 22, 2012
    Messages:
    772
    Likes Received:
    119
    Excellent! Uh, I mean bogus... :mad:
     
  9. rcsrich

    rcsrich Well-Known Member

    Joined:
    Jun 22, 2012
    Messages:
    772
    Likes Received:
    119
    ...and still no reply from VM as to if they will fix the issue. Classy.
     
  10. MacFett

    MacFett Well-Known Member

    Joined:
    Mar 28, 2011
    Messages:
    3,236
    Likes Received:
    740
  11. aurora40

    aurora40 Well-Known Member

    Joined:
    May 20, 2012
    Messages:
    376
    Likes Received:
    62
    Someone in the comments noted that they disallow PINs with the same digit repeated 3 times. For anyone else similarly pedantic, that reduces the combinations by 35,919.
     
  12. Petrah

    Petrah Psychotic Female

    Joined:
    Jun 13, 2011
    Messages:
    4,085
    Likes Received:
    1,439
    Doesn't matter. A piece of software can sit there and guess numbers at lightening speed. Only someone who didn't know what they're doing is going to sit there and manually try to guess a 6 digit pin number.


    Try any 6 digit number combination here: How Secure Is My Password?
     
  13. aurora40

    aurora40 Well-Known Member

    Joined:
    May 20, 2012
    Messages:
    376
    Likes Received:
    62
    I didn't suggest a 6 digit PIN was secure. I was simply curious how many of the 1,000,000 combos were excluded by the restriction that you not have 3 of the same digit in a row.

    I'm aware of how quickly a computer can programatically walk through 1,000,000 numbers, as I wrote a quick one-liner to come up with the 35,919 number vs try to recall my days in Discrete Mathematics as an undergrad.

    With the article from the OP using a 1-sec per try, that would save about 9 1/2 hours.
     
  14. Petrah

    Petrah Psychotic Female

    Joined:
    Jun 13, 2011
    Messages:
    4,085
    Likes Received:
    1,439
    My boyfriend is a programmer by trade (works his business from our home)... I honestly dunno how you guys do that math. Just looking at it makes my head implode.
     

Share This Page

Loading...