Feeds

Irish mobile numbers just too portable

Easily stolen, quickly recovered

Internet Security Threat Report 2014

The number portability system used by Ireland's mobile operators has been shown to allow someone buying a new SIM online to port any number to it, even if they neither own nor have access to the number.

The issue became evident when one Reg reader became frustrated with the process of porting his old number to his new Vodafone SIM and tried to find an easier way to achieve it. Not only did he find such a way, but in the process he discovered that he could grab any mobile number in Ireland and have it shifted to his SIM.

Our chap explained the technique involved to, but we're withholding until a fix comes along.

When we contacted Vodafone it admitted the problem, which is common to all Irish networks. The operator did however assure us that if anyone did steal a number this way they would be caught out when Vodafone made its usual call to new customers, and that the "...mobile industry has a robust port reversal system which can restore service for a customer in a matter of minutes if a port is deemed unauthorised".

Anyone filching a number this way will have paid for the new SIM by credit card and so should be traceable, it added.

Vodafone has promised to fix the loophole that makes it possible in the next couple of weeks anyway.

Number portability is immensely important in driving competition and tends to favour new entrants to a market, and the faster numbers can be ported the more punters tend to do it.

In the UK the process takes about 5 days, and the network that owns the number has to keep forwarding connections forever. Ofcom (the UK regulator) would very much like to move towards the Irish system, which operates a central database of numbers and allows punters to change networks in a matter of hours rather than days.

Next week the long-awaited appeals by O2 and T-Mobile against the cost of improving number portability will be heard. The networks also fear that a streamlined number portability service will result in less security – a concern the Irish situation would seem to bear out. ®

Internet Security Threat Report 2014

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Broadband sellers in the UK are UP TO no good, says Which?
Speedy network claims only apply to 10% of customers
Virgin Media struck dumb by NATIONWIDE packet loss balls-up
Turning it off and on again fixes glitch 12 HOURS LATER
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.