One of the difficulties with spy tool applications is that even if they are legitimately used – the application vendor still has the problem of properly handling confidential data.
Case in point: Mobile-Spy for Windows Mobile.
Until recently (the last 48 hours or so) they had an issue with their web interface. The issue potentially allowed access to any communication data collected by their software.
Now that they've resolved the issue, we'll explain…
By using their Demo account to log onto their system, you were only supposed to be able to access demo messages. The logon is found at the following URL:
This URL is from one of the demo messages that you're supposed to be able to view. Notice that the message ID is plainly visible in the URL. So, what happened if you changed the ID number in the URL?
We used 34841 as an example:
Last week the result of adjusting the URL was this:
And now the result is this:
So, Mobile Spy has corrected the potential problem. You can read more details from ZDNet.
Posted by Jarno @ 12:22 GMT
http://www.f-secure.com/weblog/archives/00001285.html
Case in point: Mobile-Spy for Windows Mobile.
Until recently (the last 48 hours or so) they had an issue with their web interface. The issue potentially allowed access to any communication data collected by their software.
Now that they've resolved the issue, we'll explain…
By using their Demo account to log onto their system, you were only supposed to be able to access demo messages. The logon is found at the following URL:
This URL is from one of the demo messages that you're supposed to be able to view. Notice that the message ID is plainly visible in the URL. So, what happened if you changed the ID number in the URL?
We used 34841 as an example:
Last week the result of adjusting the URL was this:
And now the result is this:
So, Mobile Spy has corrected the potential problem. You can read more details from ZDNet.
Posted by Jarno @ 12:22 GMT
http://www.f-secure.com/weblog/archives/00001285.html
全站熱搜
留言列表
