How to protect yourself from phone hackers (Yahoo! News)

Is your voicemail secure from unwanted guests?

Personal security is on everyone's mind these days, and there's likely no single device that holds more of your information than your mobile phone. Today, British tabloid The News of the World announced that Sunday's paper would be its last as a result of a lengthy investigation into illegal phone-hacking methods employed by its reporters. In this case, the hackers used simple techniques to gain access to the inboxes of newsworthy citizens — such as members of the Royal Family to a teenaged murder victim — in order to search for potential scoops. Would your phone be protected from a potential intrusion?

You may not be a hot shot executive or a well known politician, but should you become the target of an insidious hacking attempt, your mobile device will likely be a top priority. Is your phone — and the sensitive information in your voicemail — protected from unwanted intruders? Here are a few simple precautions you can take that will go a long way to giving you peace of mind.

Change your default passcode
When calling from an outside line, you can check the voice mailbox of most mobile phones simply by pressing "0" or "#" when the recorded greeting begins playing. This means that even if you remain in possession of your phone the entire time, your voicemail could still potentially be accessed by an anonymous party. 

When you first set up a new voicemail account — whenever you get a new phone or switch service providers — your voicemail password almost always defaults to a simple set of digits. This code can range from hacker-friendly combinations like "1111" and "1234" to the last 4 digits of your Social Security number. Whatever the case, this is when you inbox is the most vulnerable, as anyone attempting to access your account without your knowledge will certainly try codes like these before all others.

The best thing you can do is change your code before you even leave the store. When getting your new handset or setting up a new account at a carrier location, make sure that you take the time to learn how to change your passcode. This is a service that the store associate will be happy to assist you with, as making sure your account is secure makes them look good as well.

Picking the right passcode is important

Pick a hard-to-guess code
When choosing a new code, be as unpredictable as possible. There's no point in changing your combination if you end up picking "8888" as the new one. Here is a list of things to avoid when choosing your new passcode:

• Numbers in sequence (1234)
• Dates, years (7611, 1989)
• Repeating numbers (8888, 1122)
• Spelling out words (LOVE = 5683)
• Social Security Numbers (This one should be obvious)

The best passwords are ones that hold no significance to you whatsoever, so be as random as possible.

Keep your phone locked
Misplacing your phone can be a scary experience indeed, and new smartphones are particularly at risk when they fall into the wrong hands. Built-in voicemail apps allow you to simply touch a new message in order to check it without having to sign in or verify your identity.

Because of this, ensuring your phone is always kept locked is more important than ever. All smartphones include some type of locking feature, and most allow you to program complex letter and number combinations to secure your device. As was stated above, randomness is key, and locking your phone with the year you graduated college or the name of your first born child simply won't cut it.

Most non-smartphones will still require you to call in to a voicemail number and provide a passcode before allowing access to the inbox. This makes older phones somewhat more secure in this regard, but locking these devices will provide yet another level of security as well.

Call your wireless company
Perhaps you already have a secure passcode and your phone is locked down tighter than Fort Knox. If you assume those precautions make you completely immune to the tricks of phone hackers, you might want to think again. A simple call to your phone carrier could have your voicemail code reset to an easy-to-guess default combination in just minutes.

Most carriers require passwords or other personal information in order to access your account and reset your phone, but this info can be even easier to obtain than your code itself. A quick call to your wireless company will reveal what information is needed to confirm identity, and most will allow you to set additional codes or levels of confirmation that will keep you from being victimized by individuals claiming to have clearance.

Learn from their mistakes
The techniques used by the journalists at the now-defunct News of the World would have been completely useless if the victims had simply taken the time to make their accounts less vulnerable. According to police documentation, default codes and account breaches were the key weak points that allowed hackers to glean information from the inboxes of the unsuspecting mobile phone users.

The security measures detailed above are things you can do right now to protect yourself from the same type of breach, and will ensure that your information remains secure at all times.

More from Tecca:

• How to choose powerful passwords
• A beginner's guide to the iPhone
• How to set a security lock on your Android phone

Hackers school next generation at DEFCON Kids (AFP)

SAN FRANCISCO (AFP) – DEFCON hackers will share their skills with the next generation at a first-ever children's version of the infamous gathering of software renegades, lock pickers and social engineers.

DEFCON Kids will take place in Las Vegas on August 6-7 during the 19th annual DEFCON started by hackers such as "Dark Tangent" when they were young computer coding or hardware cracking rebels.

"Hackers are getting older and having kids," said Joe Grand, a DEFCON veteran known as 'Kingpin' who has wowed attendees with event badges made of circuit boards that could be hacked to serve as radios or other gadgets.

"It is interesting to follow the process of other people's backup units; how they are coming along."

Grand, 35, recalling teen years in which his electronics skills got him benefits such as free telephone calls and trouble like an arrest for "computer-related stuff" he didn't detail.

"I was scared straight and there was nobody there to guide me straight," said Grand, who will teach hardware hacking at DEFCON Kids, which is open to children ages eight to 16.

"It feels nice to have an opportunity to be a mentor for kids who might be outcasts at school for having skills that aren't cool; that other kids don't understand."

Grand's two-and-a-half-year-old son has his own work space in dad's lab where he excitedly looks forward to being old enough to solder circuits.

A hacker conference for children is controversial even in the DEFCON community.

Prime targets for criticism include lock picking and social engineering, the art of manipulating people into revealing sensitive information.

"Everyone is up in arms that we are going to teach kids to be evil, but that is not the case," said Chris Hadnagy, who trains companies to guard against slick-talking hackers and runs the website social-engineer.org.

"Think critically, think objectively -- that is what this industry teaches people," continued Hadnagy, a DEFCON Kids mentor.

"The Internet is a breeding ground of predators, and not falling for those things is a skill I want my kids to have when someone is trying to manipulate them into something; whether it is peer pressure or a malicious adult."

Hadnagy and others behind DEFCON Kids were adamant that in a world where children are surrounded by technology it is smart to provide guidance and a place where they can safely, and legally, test hacker skills.

Hadnagy, whose book Social Engineering: The Art of Human Hacking came out this year, tailored a "Capture the Flag" game for the event.

The game will include deciphering clues, picking locks, and reading body language and subtle facial expressions.

"Kids are great at it," said Hadnagy. "This gives them a chance to grow into what we are now, the ones who keep companies secure."

Since DEFCON debuted in 1993, many once-nefarious attendees have become computer security good guys bent on defending companies and homes against cyberattacks.

Government agents once flushed out in a game called "Spot the Fed" at the world's largest hacker gathering are now welcomed on panels such as "Meet the Fed." National police agencies recruit talent at DEFCON.

DEFCON founder Jeff Moss, whose hacker handle is Dark Tangent, is on a White House homeland defense council and heads security for the agency in charge of Internet addresses.

The US National Security Agency is to bring a museum-quality cryptography exhibit this year.

"While DEFCON has a bit of edgy counter-culture to it, there is a need to harness, direct and encourage children," said Christofer Hoff, a hacker dad and a lock picking tutor at DEFCON Kids. "It is a natural complement."

Hoff has taught his daughters to pick locks and launched HacKids camps in the United States about a year ago after peers in the security industry wondered how to hook children on science and math skills.

"I got to learn about computers and do fun stuff like trebuchets and marshmallow gun fights," said his 10-year-old daughter and hackid.org camp attendee Chloe. "It was really cool to figure out how things work."

Hoff's girls will be volunteer "goons" helping at DEFCON Kids, where his session was renamed "The physics of locks."

"When we talk about teaching kids hacking it is about the creative, sometimes interesting out-of-the-box embracing of science, math, computers...to get their creative juices flowing," Hoff said.

"If you teach a kid how to light a match, does it mean he will turn into an arsonist?" he asked rhetorically. "Probably not, but he will learn how not to burn himself."

Information was online at defconkids.org.

1. Defconkids website