And that shouldn’t ever happen over a phonecall, unless you can verify the number calling and say they use a videophone and then you can see it’s them too.

Mind you T-mobile are off their heads so that doesn’t surprise me anyway.

A really good example is with the “hacking” of Paris Hilton’s SideKick. The ppl who stole all of her photos and stuff were pretty much hacking amateurs, but they were able to convince one of the T-Mobile personnel to give them the correct access codes and such to allow them to pull off the “heist”

Its the same thing with brute forcing, either you can try to brute force a website or ftp server or whatever, or with a quick phone call, you can find out everything you wanted to find out.

I’d agree with grav there too - even if you sit behind an fortress doing brute attacks, you’re going to get seen by someone. Maybe not the people who are meant to be the network admin on the sites or servers being bruted - but someone is going to see that traffic, and they’ll certainly be taking all kinds of interests in you or at the least, your own hardware / network / etc.

I think brutes are best used - in testing, cause you need to account for the possibility of someone else (or their botnet) using such methods, and not-online brutes, eg - decrypting a drive or some such that you have actually with you. Which is also of course, why they are legit apps also.

@grav obviously man, and now some servers prevent multiple login attempts from a given ip to prevent such attacks…. thats the reason phishing is preferred….most skiddies go for it and succeed coz us humans are after all the dumbest species in the universe!!The percentage of people who know even a bit about ARP poisoning or BlindSQL attacks is miniscule outside the security professional world

Can I also suggest something: Why not move this website some on a Russian server? At lease no homeland narrow-minded idiots will interfere