Hacking made easy by design
The hacking of phones by journalists, private detectives and others is a deplorable invasion of privacy, and cannot be condoned.
But what interests me as a computer scientist and designer of these new sorts of technologies is how and why these things happen, and whether it's easy to stop.
What is revealing in the recent cases is that it's not really been hacking. That suggests that someone has spent ages actively trying to break through levels of security to get to the messages - as if they had to scale a high fence, crawl across open ground swept by floodlights, pick a lock, open a creaky door next to a salivating but sleeping guard dog, then creep across a floor and work, sweat dripping from brow, to open a combination safe by pressing a stethoscope to the side, and then escaping with the contents.
Whereas, in fact, it was more like wandering along a street and seeing who had left their door open and wandering in, taking what they found in there. Not legal, and reprehensible, but not quite the criminal mastermind that 'hacking' suggests.
To hack the phone, the hacker rings the phone which goes to voicemail - they then try some common combinations of numbers as the default password, which most people have not changed: 1111 - 1234 - 9999 - 4321 - 0000 - and one of those gave them access.
This is not a difficult thing to do. There are a number of interesting things here. One is that the people who had voicemail never gave it a moment's thought - they assumed it would be secure, probably because they hadn't a clue how it works and just assumed it ought to be so it would be. And why should they have to understand the technology?
But a few seconds thought, realising that they, like everyone else, had been issued with a default access code, and they would realise that changing it would be quite sensible as there is nothing to stop anyone else calling in an using that code.
Indeed, the network providers encourage us to change the codes. But we don't bother. Does that make us negligent, or at least mildly responsible if we are then hacked?
It also brings into question why it is there as a feature in the first place. Theoretically, it's there to allow you to access your voicemail from another phone.
How many people do you know who do that? It's a carryover from the days of huge clunky non-portable brick-like mobiles, when carrying your mobile was a pain, and it's battery would have expired anyway, so you needed a way to see who had rung you.
But now, we access voicemail from our own mobiles, when we want to.
It would have been better not to allow remote access, except on special request and with clearer warnings for the few who needed it, in order to keep the majority of the population safe. So we could have designed a better solution - if we had given it some thought.
This sort of thing still goes on. Many people have wireless networks at home, and lots of these are taken from the box, plugged in, and turned on.
Because they then seem to work, people leave them alone - and they are running in a very unsafe default mode, broadcasting their presence to the world, with weak or no password protection, allowing anyone passing to access your network - and from your network, often your computer.
And even if not your computer, you could be getting a visit from the copyright police or lawyers, asking you why you are download so much copyright material - or illegal pornography or bomb-making instructions, or anything else - and you might not have been but might have been allowing others to do so - and you'll have a level of responsibility for that.
Again, the manufacturers don't make it simple or easy for people, and rarely set things up to work in a safe way straight from the box.
There have been many lessons from the phone hacking scandal.
One clear one has been that the public detest it, and it shouldn't have been done.
Another one is that we have to look to our own practices, to see if we accidentally aide and abet those wanting to misuse technology.
Another one is that we need to demand more from our designers and manufacturers, to set these things up properly for us in the first place.
And a final one is that we owe it to ourselves, those we care for, and society in general, to become a little more technologically literate so that we can understand the ramifications of the wonderfully powerful technology we have everyday access to.