amazingone
Great Supremacy Member
- Joined
- Jan 14, 2015
- Messages
- 66,315
- Reaction score
- 5,859
I worry how will Giga be positioned if Eight offer 5G.
Eight Telecom discussion thread
- Thread starter Jurong640
- Start date
eddy0505
Senior Member
- Joined
- Aug 10, 2014
- Messages
- 1,768
- Reaction score
- 790
Giga alr in hot waters after the esim incident liao. If eight offers 5G im porting my whole family line 3 generations to here liao.I worry how will Giga be positioned if Eight offer 5G.
loganrunning
Master Member
- Joined
- May 12, 2017
- Messages
- 3,643
- Reaction score
- 2,225
I worry how will Giga be positioned if Eight offer 5G.
my guess, either Giga will have to up their game, or eight will be "held back" in terms of products/services.
we shall see
loganrunning
Master Member
- Joined
- May 12, 2017
- Messages
- 3,643
- Reaction score
- 2,225
Giga incident is the classic sim-jacking. i was told sg was immune to that as all telcos required the minimal (but least effective ie "what you have") proof of ownership ie nric/ep/wp/singpass. looks like i was told wrongly.
eddy0505
Senior Member
- Joined
- Aug 10, 2014
- Messages
- 1,768
- Reaction score
- 790
Actually I'm also a bit shocked. Wonder if it's the person's phone or other device with credentials kena hack then conpromise his esim as collateral damage.
amazingone
Great Supremacy Member
- Joined
- Jan 14, 2015
- Messages
- 66,315
- Reaction score
- 5,859
Giga is Starhub's answer to Singtel's Gomo, but Singtel's Heya is not as aggressive as Eight as Singtel still wants to maintain some boundaries between each brand.my guess, either Giga will have to up their game, or eight will be "held back" in terms of products/services.
we shall see
loganrunning
Master Member
- Joined
- May 12, 2017
- Messages
- 3,643
- Reaction score
- 2,225
it sounds more like the hacker knew the other accounts and that this esim number was the common denominator, so the key was to gain control of the esim, and use that to funnel OTPs while resetting passwords/credentials on the bank/financial accounts.
phone OTPs are the least secure, but sadly it's the most common aka convenient option here.
loganrunning
Master Member
- Joined
- May 12, 2017
- Messages
- 3,643
- Reaction score
- 2,225
yup, hierarchy is sh -- giga -- eight
that's why i mentioned that if eight introduces 5G ---- giga enhancing offerings, eight being held back
eg Giga on 5G SA, eight on 5G NSA, or eight being speed throttled or lower priority wrt Giga etc.
amazingone
Great Supremacy Member
- Joined
- Jan 14, 2015
- Messages
- 66,315
- Reaction score
- 5,859
I guess if Starhub allow Eight to offer 5G, they will handicap the 5G in some ways or they will offer a 5G plan ($13?) between the $8 and $18 plan.
The idiotic user either reused his passwords across different accounts, or set his password to "12345678".
eddy0505
Senior Member
- Joined
- Aug 10, 2014
- Messages
- 1,768
- Reaction score
- 790
Yup that's what I suspected too. Coz impossible that hacker can gain access to his esim that easily. Probably some sensitive passwords or important info like nric dob and other secret answers all in the hands of hacker liao then can bypass all the verification set by Giga.
eddy0505
Senior Member
- Joined
- Aug 10, 2014
- Messages
- 1,768
- Reaction score
- 790
Possible, long ago I used dummy passwords for some dummy emails for some freebies. Recently got prompt that some hacker from Brazil logged in lol.
loganrunning
Master Member
- Joined
- May 12, 2017
- Messages
- 3,643
- Reaction score
- 2,225
the other problem is, "secret questions/answers" are easily guessed by crackers (correct use of term, not hacker) who know the target, eg questions like "favourite colour", "first school" etc. of course, a smart user will know what to set to not make it easy for the crackers.
loganrunning
Master Member
- Joined
- May 12, 2017
- Messages
- 3,643
- Reaction score
- 2,225
consequence of wanting convenience plus not using password manager or hardware biometric keys
loganrunning
Master Member
- Joined
- May 12, 2017
- Messages
- 3,643
- Reaction score
- 2,225
from the description, i view it otherwise. the weakness was to base the 2nd factor (2FA) on a channel where the user does not (and cannot) fully control and can be hijacked externally.
it was reported that the attacker obtained an esim QR code without physical verification of an identiy document (which is already the least secure method). Once this was obtained, then the attacker could use it to easily reset secure passwords and take control of the various accounts.
it's a good case study for those who want to secure their accounts, but i suspect it will be unheeded as many prefer convenience over security.
sibeiTrolled
Senior Member
- Joined
- Oct 23, 2012
- Messages
- 1,676
- Reaction score
- 1,345
Since you guys are talking about that GIGA incident, that "person" appeared in EDMW to talk about it before.
https://forums.hardwarezone.com.sg/...y-says-no-breach-found.7078033/post-154343359
The follow up to the situation and to some of the typical edmw comments here
https://forums.hardwarezone.com.sg/...y-says-no-breach-found.7078033/post-154345412
https://forums.hardwarezone.com.sg/...y-says-no-breach-found.7078033/post-154343359
The follow up to the situation and to some of the typical edmw comments here
https://forums.hardwarezone.com.sg/...y-says-no-breach-found.7078033/post-154345412
So he admits that his giga login got compromised, implying either stupid passwords or reused passwords. My guess was correct.
That's all I need to know, he's an idiot. Sorry to say.
It's like leaving your main door key under the outdoors mat, then get shocked when your house got robbed because your backup burglar alarm didn't work. In this case, can you blame the company that made the burglar alarm?
Probably yes, but the main responsibility is that the main door was effectively unlocked for anyone to rob.
Since the very first day when we created our first online account, we were told and reminded again and again to choose a good password. Choose one with at least eight characters. (Now sometimes ten or even twelve characters minimum.) Use a passphrase, or a password manager. Use upper case, lower case, digits, and sometimes even symbols. And never reuse passwords under any circumstances, or use variations of the same base password.
I guess the giga hack victim couldn't be arsed to follow these rules. And this are the consequences.
Harsh I know, but it's true, yet very sad because it is so easily prevented just by good proper password hygiene practices.
Eight Telecom: Year End Port-In Promo
Promo period: 8 Dec to 28 Dec.
Year-end port in promo: FREE $8/$18 Credits and 8 Lucky winners per week to WIN 1-year Mobile Plan!*
All Port in and get FREE $8/$18 credits: $8 and $18 plan (only voice plans). Credit will take 7 working days to be credited into the main wallet!
Win 1 Year Mobile Plan (equal to $96 credit), 8 lucky winners weekly. Winners will be announced on FB/IG weekly + sms send to the winners.
Don’t miss out!
Promo period: 8 Dec to 28 Dec.
Year-end port in promo: FREE $8/$18 Credits and 8 Lucky winners per week to WIN 1-year Mobile Plan!*
All Port in and get FREE $8/$18 credits: $8 and $18 plan (only voice plans). Credit will take 7 working days to be credited into the main wallet!
Win 1 Year Mobile Plan (equal to $96 credit), 8 lucky winners weekly. Winners will be announced on FB/IG weekly + sms send to the winners.
Don’t miss out!
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ Forums. Forum members and moderators are responsible for their own posts.
Please refer to our Community Guidelines and Standards and Terms and Conditions for more information.
