<div class='os_post_top_link'><a href='http://www.drudgereport.com/flash3fd.htm' target='_blank'>http://www.drudgereport.com/flash3fd.htm</a><br /><br /></div>Apparently not content to disrupt the Hollywood actor types only, the so-called T-Mobile Terrorist (I added the ? because as we all know, a true nickname must be earned - he appears to have simply selected it himself... ;) ) has released a 3-minute video in which Limp Bizkit's Fred Durst is supposedly shown engaging in a somewhat graphic sexual act. The point we find interesting is the quote from the Drudge piece which states the following attributed to a website hosting the hack:<br /><br />"The previous information was obtained using social engineering tactics."<br /><br />Social Engineering Tactics :? Sounds like this hacker might not be all that tech savvy, but may have some secret psychological weapons to lob at unsuspecting celebrities. Now don't everyone start looking at me.... :devilboy:

Re: Social Engineering Tactics --

Actually, I noted from the Engadget site, that they had figured out it that the 'hacking' of Paris Hilton's Sidekick may have been no more sophisticated than figuring out that the answer to the question 'What's your favourite pet's name?' on T-mobile's site, to allow access to read/change the password -- was the already well known 'Tinkerbelle'.
Thus, the 'hacker' was able to go in, change the password to whatever he/she wanted, and achieve full access to all of Paris' information.

(Don't get me started on why she felt the need to have someone take semi-nude pictures of her on her cameraphone.) I have my suspicions that this is a rather elaborately staged publicity stunt.

Anyway, this guy may have used the same simple technique to get at mr. durst's information as well.

Social Engineering Tactics :? Sounds like this hacker might not be all that tech savvy, but may have some secret psychological weapons to lob at unsuspecting celebrities.

Hacking/Cracking is 70% Social Engineering 30% 1337 2ki11z and 120% caffeine. I could be off on those figures though. It might be 180% caffeine. :wink:

Celebrities disgust me.

The "hacker" got it by screwing with the form POST on a page on the T-Mobile site. There is a page where you can request to have your password sent to your phone. He just screwed with it so the password went to his phone instead. Bingo!

Celebrities disgust me.

No more than some "regular" people ;)

1 - And?
2 - Setup?
3 - Who cares?
4 - But the girls fit!
5 - So whats Freds favorite pet?

Social Engineering is one of the most important toolz to a hacker, at least a talented hacker...lets just hope they are using there skills for white hat purposes...like exposing celebs :wink:

Good book that talks about many aspects of hacking including ethics: http://www.amazon.com/exec/obidos/tg/detail/-/1559501065/qid=1109438391/sr=1-1/ref=sr_1_1/002-6982835-5247249?v=glance&amp;s=books (non-affiliate)

or search ISBN: 1559501065

--Bill

Yep, it's amazing what you can 'hack' without any tools whatsoever. Take.. something like hotmail for instance. Say I want to read my colleagues mail. I already know their address because they gave it to me. Or I could just ask someone. Now, i don't have the password, but I know you fairly well. You talked about your pet, didn't you? We celebrated your birthday last week... I know your mother's name... I know a lot more about you then you think.

If questions like these are your last line of defense, you are sitting on a ticking time bomb. I make sure my secret question or password is something that I and only I could possibly know. Something so strange it would never come up in casual conversation.

"unsuspecting celbrities"? Sounds like Ashton is up to it again. Oh wait, he got punk'd on this too.