Jan 31 2012

Green’s Theorem?

I wish Green's Theorem had anything to do with Scotland...

Studying for Calculus…

Well, The semester is nearly over, And so begins the exams!

Good luck everyone!

Today a friend of mine borrowed me her pen tablet, this is the first drawing I made with it. I’m guessing I’m going to fail all my exams because of her. Drawing is much more fun.

Jan 24 2012

Cellcom login information revealed – Part III

Well, I didn’t believe I will write another post in the subject so quick. But a bit after publishing my last post (reminder read this post first), I’ve went and changed my password to a random keystrokes. The interesting thing was, that my original password kept working! At first I thought that maybe I had a mistake and that I didn’t changed the password but then I tried to login with the same random keystrokes and it worked as well.

Apparently, You can’t  change your password, you can just add a new one. So if someone hacked your account, there is no way to lock him out.

Great security… just great….

Update: It seems like my old password doesn’t work anymore. It seems like It just worked for a few long minuets. I’ve tried reseting the password again while being logged in from another computer. It did not logged the other user out. It seems like I can keep the session forever.

Oh, And another cool thing, You can send 5 free text messages from the website, meaning you can impersonate the user and send messages that will seem to the receiver like the victim sent it.

This site is hosted by:

Jan 24 2012

Cellcom login information revealed – Part II

Today I’ve received a phone call from Cellcom regarding my previous post. On the other side of the line was a customer relations representative. I’ve tried to explain to her that saving a password in plain-text is not legitimate, and that showing it to everyone with access to my phone is even less legitimate.

The representative tried to persuade me that the israeli ministry of communications made them show the login information. I told her that I don’t buy it and that it is violating the first rule of security. She told me that she will send my post to the team that handles the website, so I asked her to keep me notified and that the team will contact me, but she refused.

I don’t believe that they will change it anytime soon (Maybe if a Saudian hacker will find a way to exploit it and publish all the information in their database…)

I recommend that the password you use for Cellcom’s website won’t be the same password you use for your email etc, because anyone with access to their database can access it as well as anyone with access to your phone.