Computer Weekly and several other online news sites writes about how British tabloids “hacked” Prins Charles’ mobile phone voice mail service and gained access to his personal messages. The service they used is called SpoofCard and is a US-based phone service that allows anyone to make calls appear to originate from any 10-digit number. The same service also enables the caller to change his/her voice in real time and to record and download a conversation. Ladies and gentlemen – social engineering just got a lot easier!
According to the SpoofCard FAQ the service is complete legal, both “in the US and throughout the world.” They even claim to have been sought out by law-enforcement agencies looking to obtain their services.
Admittedly there might be some completely valid and useful applications for this service, even for the public. And since I am a big fan of privacy and the ability to go through life as anonymous as I’d please, I welcome any service that makes this easier. However, this service could very easily be used to cause harm and unpleasantness to others and I would urge people to use it with caution. As in the case of the stolen voice messages – some acts are illegal even if the tools and means by which they were accomplished are not.
I therefor urge people not to use this and other services like this for illegal purposes. It will just add to the suspicion of people wanting their privacy and ultimately damage the fight for everyones right to privacy.
And to all you people trusting the caller ID display to tell you who is calling – don’t. It just might be SpoofCard calling!
