Old Nokia 1100s prized by criminal underground

Got an old Nokia 1100 sitting around? You may be sitting on a fortune... albeit with a catch.

Certain circles are said to be paying upwards of $32,000 for the handsets, at least those made in Nokia's Bochum factory in Germany.

Why? According to reports, the criminal underground has found a way to hack into the phones' firmware to allow for illegal bank transfers by reprogramming the phone number on the handset.

Changing the phone number would give hackers the ability to send and receive text messages via the handset, which would in turn open the door for completing basic bank transactions, particularly in Europe.

The details of the hack involve the transmittal of something called a mobile Transaction Authentication Number (mTAN), popular in many overseas countries, which are one-time codes that are sent to customers via text message and are used to complete financial transactions online. Having the mTAN gives hackers the final piece in the puzzle they need (assuming a user ID and password have already been obtained) to drain a bank account under your very nose.

Sounds like the usual criminal shenanigans, but there's a catch... according to an interview with PC World, Nokia says it has no idea why criminals want the 1100 model phones and insists that the software on the phone is not vulnerable to attack -- at least not in any way the company has been able to identify to date.

Meanwhile, Nokia continues to look into the matter, and third-party technology and security outfits are also currently baffled as to how the alleged hack is done -- but many are now also collecting Nokia 1100s for themselves to work on.

iPhone jailbreaking violates our copyright: Apple

Apple recently told the U.S. Copyright Office that it believes iPhone jailbreaking is a violation of the Digital Millennium Copyright Act and infringes on its copyright, according to the Electronic Frontier Foundation.

The EFF is trying to get the Copyright Office to grant a DMCA exemption on behalf of iPhone owners who have chosen to jailbreak their iPhones, or bypass the restriction Apple places on standard iPhones that only allows the installation of applications from approved sources: the App Store. In its response to the Copyright Office (click here to view the PDF), Apple disagreed that such an exemption was proper because the very act of jailbreaking the iPhone results in copyright infringement.

Current jailbreak techniques now in widespread use utilize unauthorized modifications to the copyrighted bootloader and OS, resulting in the infringement of the copyrights in those programs. For example, the current most popular jailbreaking software for the iPhone, PwnageTool (cited by the EFF in its submission) causes a modified bootloader and OS to be installed in the iPhone, resulting in the infringement of Apple's reproduction and derivative works rights.

The EFF's argument is that jailbreaking your iPhone is protected under fair-use doctrines, and that the Copyright Office should grant an exemption because "the culture of tinkering (or hacking, if you prefer) is an important part of our innovation economy." But Apple's response is that few users of jailbroken iPhones actually jailbroke it themselves; instead, they downloaded software created by other parties to make that happen.

Don't expect Apple to come knocking on your door if you're using a jailbroken iPhone;They used a similar argument in the Psystar case and no one has confiscated my open computer yet. But Apple could be trying to build momentum behind the recognition of jailbreaking that does more harm than good; already this week, iPhone developers have been discussing writing software that only works on jailed iPhones as a way of preventing application bootlegging....Or will that just encourage it?

Thoughts?

Twitter accounts of Obama, Britney Spears hacked

The Twitter accounts of President-elect Barack Obama, CNN anchor Rick Sanchez, Britney Spears, Fox News and 29 others were hacked Monday according to the microblog site, leading to false and inappropriate messages being posted on their accounts.

First Fox News Twitter followers read a false message about Bill O'Reilly's sexuality Monday morning after hackers launched several attacks.

Then came the attack on pop princess Britney Spears private parts.

CNN anchor Rick Sanchez, who uses Twitter on his TV show to interact with the audience, also fell victim to the scam, when a hacker posted about drugs on his account.

Twitter is a social-networking blog site that allows users to send status updates, or "tweets," from cell phones, instant messaging services and Facebook in less than 140 characters.

Twitter co-founder Biz Stone wrote on the site's blog that the accounts were compromised after a hacker accessed tools the support team uses when a Twitter user can't remember or wants to reset their login info.

"We considered this a very serious breach of security and immediately took the support tools offline," Stone said in the blog post. "We'll put them back only when they're safe and secure."

Jennifer Dargan, Director of Public Relations for CNN confirmed Sanchez's account was compromised.

"As a result, some Twitter users may have received offensive messages attributed to Rick when the breach occurred," she said. "This is annoying, though such breaches are not uncommon when using social networking sites."

"Rick has notified Twitter of his account's breach and taken some basic steps to secure his account's access. Rick enjoys communicating with viewers via Twitter and he and many others at CNN find social networking a valuable tool in their shows. Rick will continue to use Twitter -- along with MySpace and Facebook -- to engage CNN's audience."

The attacks came after Twitter suffered a vicious phishing scam over the weekend, during which everyday Twitter users may have been tricked into logging on to a page masquerading as the Twitter front page, according to the site.

Instead, users were actually giving out their login information. The fake link was then passed along to anyone following that user.

Twitter posted a small notice on the page of each user warning them about the attacks.

But some users, concerned about the attacks, began messaging Twitter employees.

"So you're OK with a status quo where any Twitter [application] is potentially a phishing scam?" Twitter user "Aral" posted on the account of Alex Payne, a developer at Twitter. According to his Web site Payne is in charge of working with programmers who develop their own applications that work with Twitter.

"I'm certainly not happy with the security status quo. I just want people to understand the different threats. We'll get there," Payne responded.

The attacks are the first known security issues with Twitter, which has grown as a popular social networking site during the last year.

The attack on Twitter indicates hackers may see social networking sites as a good place to try and steal passwords and account information from the most people.

While many of the accounts were fixed quickly by resetting passwords, the attacks are a reminder for Twitter that with increasing popularity comes more security risks.

Those risks have kept employees at Twitter working quickly to try and fend off attacks and fix compromised tools.

The company's CEO Evan Williams echoed that sentiment with a post on his Twitter account this morning.

"Mood at Twitter HQ the first work day of the year: Focused Anxiety."