http://catless.ncl.ac.uk/go/risks/22/72/7 [ http://accounts.hotspot.t-mobile.com/security.htm - T-Mobile doesn't support WEP, and from the URL above, a small number of legacy sites don't encrypt your username and password. - WK] Conrad Heiney <conrad (at) fringehead.org> Thu, 8 May 2003 16:20:34 -0700 I just signed up for T-Mobile Wireless' "Hot Spot" service, which provides wireless Internet access via Starbucks Coffee, Borders Books, and many other semi-public places in the U.S. As a current T-Mobile telephone subscriber I was given a good deal. I was also given a user name and a passphrase, neither one of which can be changed. The user name is my telephone number and the pass phrase is the last four digits of my social security number. The obvious RISK of using the phone number and SSN in this manner is pretty awful (identity theft, etc.) but what's also quite funny is that those are the two things you need to identify yourself to T-Mobile for any other purpose, too. Try again, guys. Conrad Heiney conrad (@) fringehead.org http://fringehead.org - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon May 12 2003 - 04:15:18 PDT