Re: Dongle questions Quote:
Originally Posted by TOOKNAPA What unique attributes are you talking about ? | I don't know what attributes "Play" was referring to but I can tell you that I know these Dongles/mifis/cell phones inside and out at the binary level and there are many identifiers they broadcast and that can not be hidden right in the open header of every bit of data transferred.
Each device has a unique MEID or IMEI which is essentially its Social Security Number and while this not impossible to change it is (depending on the device) very difficult and most times requires expensive tools, training and time.
I used to uses the mifis with completely automated scripts to do just that and then it would log into the internet and go do that which I programmed it to do with a new SSN (MEID or IMEI)
But there are at lest seven other distinctly identifying sets of numbers that are broadcast as well.
AAA shared secret codes which are baked into the device and must hash back to the meid or IMEI
HA codes that also must hash back to the MEID or IMEI
then you have generated Pass codes or AKey codes that are generated from the first 8 digits of the meid or IMEI and in the header packet it broadcasts if theses are correct or false
So any website you travel to can simply capture these codes and compare them if the choose to do so.
It's basically in plan text.
If you know how to run wireshark you can see it
I suppose a lot of sites don't look at that information but from a network security standpoint I could almost guarantee that eBay and Amazon collect that information or at lest a portion of it each time you log in.
They may not look at it right now but I would imagen that they can flip that switch anytime they want and do so especially once the automated system alerts customer service to manually look at your account.
|