What is Digg?35 Comments
- silhouette88, on 10/12/2007, -1/+8I just tried this from my Sprint Treo 600 and it let me into my own account without a password, along with a few of my friends' accounts (what? did I ask for permission? uh, yeah...sure...)
How long before a bunch of skiddies claim they've h4x0r3d into Paris Hilton's cell phone and grabbed all her pictures... - RaistlinMajere, on 10/12/2007, -0/+6So...who'd they steal this story from?
I'm kidding :) - n3tfury, on 10/12/2007, -0/+5@ bangelo:
but yet they (verizon) cripple their phones. - onceler, on 10/12/2007, -0/+5However you can't beat Sprint's data prices. Sprint & Verizon both have the 6700, however Sprint's data prices over 1/2 price of what Verizon's cost; and for the same speeds (EV-DO). With Tmobile, you not only get slower speeds (Edge is about what Sprint/Verizon's 1X data rate is), you also get a slower phone. The MDA has a 200Mhz dual-core proc. as opposed to the 400Mhz proc that is the CMDA version.
- kene, on 10/12/2007, -1/+3just checked site and:
The site is temporarily unavailable due to routine maintenance and enhancements. We apologize for the inconvenience. Please come back soon!
hope they're fixing it - Schmitty, on 10/12/2007, -1/+3I've had Sprint for well over two years, first with a shared phone w/ my parents, and now on my own. I used to sell them, so naturally I bought into what I sold, and quite honestly, I feel it was the best bang for my buck. The problem tends to spring from salesmen so fixated on the sale that they end up selling customers crap they honestly don't need, or even want. Most companies out there thrive on the fact that a lot of consumers don't research what they want to purchase before hand. Want to stop them? Then do your homework ^^.
- Xinareiaz, on 10/12/2007, -0/+2ya..no fair i wanted to delete some pics of me on my freinds phone lol
- inactive, on 10/12/2007, -1/+3Stay away from CDMA networks & go with GSM. Buy a phone from the U.K. and apply it over here with Cingular or T-Mobile. The phones in the U.K. are 2-3 years ahead of ours since companies kill innovation by tying specific handsets to the carrier.
Plus, you get better battery life from a phone on a GSM network (7 hours on a particular Samsung phone) versus CDMA (5.5 hours on the same handset). - inactive, on 10/12/2007, -0/+1oh yeah delete the content length from the above box
- harley999, on 10/12/2007, -0/+1Yeah I believe their picture mail is offline, I patched:
form name="loginForm" method="post" action="/authenticate.jsp" onSubmit="return checkFields()"
to:
form name="loginForm" method="post" action="https://pictures.sprintpcs.com/authenticate.jsp"
and I also tryed just editing:
if (password.value.length==0) {
alert("Please enter your password.");
password.focus();
return false;
}
and: /authenticate.jsp
to:
if (password.value.length==1) {
alert("Please enter your password.");
password.focus();
return false;
}
And: https://pictures.sprintpcs.com/authenticate.jsp
It returns you to the main page, so I'm guessing they are working on a fix right now, unless I'm doing it wrong.. :) - curomo, on 10/12/2007, -3/+4Sprint security scares me.
I remember a time about a year ago that I had to call in and get support over the phone, but the agent refused to talk to me until I gave them my sprintpcs.com password. I was shocked. I told the rep that I don't give out my passwords. He insisted that he had it on the screen in front of him already and just wanted to confirm it.
Fortunately my contract with them us up next week. How's t-mobile? That MDA looks sweet. - harley999, on 10/12/2007, -0/+1let me know when you get it working, you can probably find a valid number by searching google for "@messaging.sprintpcs.com" :)
I'm not letting you into my account, :) - inactive, on 10/12/2007, -1/+2because, some comments start topics, and you can only reply to the topic, not a reply
- inactive, on 10/12/2007, -0/+1I believe the above code is just a quick fix, I am working on a proof of concept that you can still log in. I need a valid phone number though.
- inactive, on 10/12/2007, -0/+1harley im going to have a hell of a time finding a number. Try this. install Firefox's livehttp header plug in, load up https://pictures.sprintpcs.com/authenticate.jsp with the livehttp header running. clear the contents, then submit a bogus request 1112223333 password 123456789. Click on the top packet and hit "replay" button. modifiy the URL string to put in your phone number and delete the password '123456789'. hit replay, let me know if it works :)
- harley999, on 10/12/2007, -0/+1FIXED! stop digging!
- harley999, on 10/12/2007, -0/+1Ok, checked out the source, looks like they put a check in their to make sure your password is not blank:
if (password.value.length==0) {
alert("Please enter your password.");
password.focus();
return false;
}
anyone want to patch the file and test without their temporary fix to see if the security is still allowing blank passwords? :) - whaler, on 10/12/2007, -0/+1It's 10 a.m. MST, and I've tried logging in using IE, Firefox and my Sprint PCS phone. None of them let me log in without a password. Has Sprint fixed it?
- hyperpasta, on 10/12/2007, -0/+1Oops.
- inactive, on 10/12/2007, -1/+2Wasn't Sprint the culprit involved in the story a few months back, where a car was hijacked with a child inside, along with the parents' cellphone? Then, the Sprint rep would not give the location of the phone to the authorities without authorization?
I suppose I could do a search but I'm lazy. - mbm329, on 10/12/2007, -0/+1Verizon... they never stop working for me.
- n3tfury, on 10/12/2007, -2/+2offtopic: why am i able to reply to most, but not all comments?
- saywhat5959, on 10/12/2007, -0/+0Is this a done deal or is there still a way to view this?
- Spaztic, on 10/12/2007, -2/+2yep looks that way! Didn't take to long, must be some Sprint people on Digg
- rebrad, on 10/12/2007, -4/+4What happen here? I guess Sprint wasn't willing to payoff Engadget like Apple does. Engadget is not a reliable source and is nothing but a Spam Whore for anyone that will give them enough money.
- inactive, on 10/12/2007, -1/+1Why even link to this site when you can go to the source: http://www.howardforums.com/showthread.php?t=874965
This is why a lot of blogs suck, nothing is original, its all borrowed content. - bangelo, on 10/12/2007, -2/+2Verizon is the way to go. Much faster data plan than tmobile. They have the Vx6700 too which has the same form factor as the MDA.
- SiI3nt, on 10/12/2007, -0/+0nydan: I tried it just now, It kicks you back to the login page like harley said earlier. Unless I did it wrong.....
- inactive, on 10/12/2007, -0/+0I'm trying to log into my phone via Opera. Even with the password it's saying application error. Apparently they took it offline (presumably for a fix)
- cvrefugee, on 10/12/2007, -1/+1No thanks, CDMA phones from Asia are light-years ahead of any GSM phone from Europe.
- en3r0, on 10/12/2007, -4/+2Yea, and update to this source said it is down for maintenance now. Good thing it grabbed their attention so quickly.
___________
-en3r0
http://virtenu.com - sahaskatta, on 10/12/2007, -3/+1sprint's service is ridiculous. i keep getting server error message with just about anything i do. i got a free samsung a920 to review for our site with unlimited services, but only occasionally can i access them. I think Sprint has a good start, but they are still developing a lot. I currently use a Verizon phone and i have never seen any error such as the ones that appear in sprint. Verizon is more developed now and features such as vCast (power vison = sprint equivalent) function well. http://www.skattertech.com/2006/03/sprint-ambassador-program/
- zengonzo, on 10/12/2007, -16/+6
Get over it. - inactive, on 10/12/2007, -13/+0Fixed, I think... lame
- mcpaige, on 10/12/2007, -21/+5http://www.digg.com/security/Sprint_Picture_accounts_easily_hackable
© Digg Inc. 2009
— Content created and posted by Digg users is