It may well be a hoax - I am not trying to defend it. I don't think we
have enough information to judge yet.
But where people's criticisms are misplaced, that is worth pointing
out....
And in that spirit....
> "[take] money out of the GPRS billing
> system"? This sounds like total rubbish to me. Unlike bits, we have
> people (known as accountants) who keep track of money, and who can
> easily find out who they gave it to, if they have any interest.
I used to do Information Systems Auditing for one of the UK big 4 (as
they then were). Your faith in accountants and accountancy systems is
touching but misplaced.
1) They have to know there is a problem before they look.
2) They have to be collecting the relevant data (bits, as you call
them). The claim is that the billing system is compromised. So the
"bits" may not accurately reflect what happened. Garbage in, garbage
out. (* but see below).
3) the audit trail may well hit a wall fairly quickly. They may know
that they gave money to entity X, but have no idea of the real identity
of X.
If there is a problem, they may well have known about it for ages but
not wanted to take the reputation hit and loss of revenue that
admitting it might have lead to.
Of course, this all comes from a firewall vendor with a product to
sell, so the whole thing should be taken with a a small salt-mine of
sodium chloride.
We need to know more. The criticisms made to date against Kewney's
report all fail I believe - and that is true whether or not it is a
hoax.
Nick
* (Actually, I am being unfair, my accountant takes garbage in and
produces lots of nice sheets that keep the tax office happy. But we are
not actually talking "accurate reflection of reality", it's more
re-arranging the garbage to make it look pretty and smell nice.)
On Friday, October 3, 2003, at 12:16 PM, keitai-l@appelsiini.net wrote:
> From: "keitai-l@appelsiini.net" <keitai-l@appelsiini.net>
> Date: Fri Oct 3, 2003 12:16:38 PM Asia/Tokyo
> To: keitai-l@appelsiini.net
> Subject: (keitai-l) Re: GPRS billing hack
>
>>> and, unbelievably, there was nothing to stop them simply providing
>>> services direct to that IP address - and taking the money out of the
>>> GPRS billing system to pay for it.
>
> Just how on earth does someone "[take] money out of the GPRS billing
> system"? This sounds like total rubbish to me. Unlike bits, we have
> people (known as accountants) who keep track of money, and who can
> easily find out who they gave it to, if they have any interest.
>
> I agree with Mika here, this sounds like a hoax.
>
> cjs
>
>
>
Received on Fri Oct 3 06:55:48 2003