BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 08-11-2008, 05:52 PM   #1 (permalink)
New Member
 
Join Date: Aug 2008
Model: none
PIN: N/A
Carrier: AT&T
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Puzzled - unknown BlackBerry accessing my Gmail?

Please Login to Remove!

Gmail has a feature I had never noticed until today, maybe it's new. It tells you who has accessed your account and via what method (browser, IMAP, POP). Well, I find these two lovely IPs had just accessed my mail less than an hour before I checked my account access history:

216.9.250.237
216.9.250.243

And I do not have a BlackBerry. I used to, years ago. But not since then. Is it remotely possible that even though my BlackBerry account is shut off, that somehow, in my BlackBerry account settings which may have been using POP on my Gmail account, the system is still firing off and fetching email? That's my first guess, because there's no way in hell someone could've figured out my password, period. My password has punctuation, letters, and numbers in it, and no discernible words. It's in no way guessable, and the ONLY place my password exists is in my head and in my 1Password file on my Mac (and my Mac is totally firewalled).

RIM is in the process of (or so they tell me) research the problem. At first they tried to claim that it was not possible to trace the IP to a phone or account, but I don't buy it. That translates to "we are irresponsible and our user base has no accountability.. all hackers are welcome here." No company is stupid enough to not have logs of which IPs were associated with which phones/accounts at a given time, right?
Offline  
Old 08-11-2008, 05:59 PM   #2 (permalink)
No longer Registered.
 
Join Date: Jun 2007
Model: 9530
OS: 4.7.0.XXX
PIN: G Pong Champ
Carrier: T-Mobile U.S.
Posts: 5,515
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

No matter what I would at least change your password. I am not sure how far RIM will look into it witout a court order.

There are many ways to get a password, even a secure one.
Offline  
Old 08-11-2008, 05:59 PM   #3 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,686
Post Thanks: 4
Thanked 100 Times in 72 Posts
Default

When you got rid of your BB did you remove the GMail account from it before cancelling the service?
Offline  
Old 08-11-2008, 06:01 PM   #4 (permalink)
New Member
 
Join Date: Aug 2008
Model: N/A
PIN: N/A
Carrier: Verizon
Posts: 2
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by CaptSaltyJack View Post
access history:

216.9.250.237
216.9.250.243
216.9.*.* are commonly associated with RIM routing IPs (quick google turned this up)

Quote:
That's my first guess, because there's no way in hell someone could've figured out my password, period. My password has punctuation, letters, and numbers in it, and no discernible words. It's in no way guessable
...

It can be guessed, brute forced, or decrypted among other things. Passwords as we know them are only barely useful.

Quote:
, and the ONLY place my password exists is in my head and in my 1Password file on my Mac (and my Mac is totally firewalled).
Your Mac can be hacked and/or trojan-ed just like a PC.

Quote:
RIM is in the process of (or so they tell me) research the problem. At first they tried to claim that it was not possible to trace the IP to a phone or account, but I don't buy it. That translates to "we are irresponsible and our user base has no accountability.. all hackers are welcome here." No company is stupid enough to not have logs of which IPs were associated with which phones/accounts at a given time, right?
RIM can only provide IP information to the government (read: 5-0) in cases of criminal action.
Offline  
Old 08-11-2008, 06:03 PM   #5 (permalink)
New Member
 
Join Date: Aug 2008
Model: none
PIN: N/A
Carrier: AT&T
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

@John: I may not have, I don't remember. I just checked my Gmail POP settings, it says it was set for all mail that has arrived since 7/10/08, so that's fishy. I had POP access off. Seems like maybe someone logged in as me and turned POP on.
Offline  
Old 08-11-2008, 06:06 PM   #6 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,686
Post Thanks: 4
Thanked 100 Times in 72 Posts
Default

(I never even noticed this feature in GMail)
Offline  
Old 08-11-2008, 06:08 PM   #7 (permalink)
New Member
 
Join Date: Aug 2008
Model: none
PIN: N/A
Carrier: AT&T
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Faktor View Post
216.9.*.* are commonly associated with RIM routing IPs (quick google turned this up)
What does that mean exactly?

Quote:
Originally Posted by Faktor View Post
Your Mac can be hacked and/or trojan-ed just like a PC.
Well, no. It can't be trojan'd because I don't randomly run files I download from the Internet. I only open attachments from known/trusted sources, and I don't do P2P. And as far as hacked, I doubt it. Trust me, my setup is locked down tight. I have a Mac box and a Linux box on my network, and only the Linux box has a few ports open, all other ports on any other computer are firewalled (Tomato firmware). I'm locked down.
Offline  
Old 08-11-2008, 06:08 PM   #8 (permalink)
Thumbs Must Hurt
 
Join Date: Jul 2008
Model: 8330
OS: 4.5.0.77
PIN: ch me, I must be dreaming
Carrier: Verizon
Posts: 157
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

If you're not using POP3 or IMAP for your own access to your Gmail, you could (temporarily) disable one or both. If you have your BIS login information from way-back-when, try logging in and either removing the Gmail account from your BIS configuration. If not, and you have your old PIN and ESN you could have the login information sent to your email (which would then also go to the BlackBerry).

As I understand it, RIM retrieves the email and then pushes it to the device. If that's the case, then the IP addresses you mentioned would be RIM servers, not a specific BB device. RIM should be able to determine which PIN the email is being pushed to (if any).

Looking at it from RIM's point of view, it's possible that the device user is the legitimate "owner" of that email address, and that you have gained access to it somehow. How are they to know who is the victim and who is the perpetrator?
Offline  
Old 08-11-2008, 06:10 PM   #9 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,686
Post Thanks: 4
Thanked 100 Times in 72 Posts
Default

What did you do with the Blackberry that you had? It's possible that the pin is still tied to your email account and the RIM system is trying to send email to it.

Changing your password should do the trick.
Offline  
Old 08-11-2008, 06:11 PM   #10 (permalink)
New Member
 
Join Date: Aug 2008
Model: none
PIN: N/A
Carrier: AT&T
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Mike: Disabling POP3 did stop the logins. (and I alread changed my password the minute I found out what was going on)

Could someone tell me the BlackBerry account login page? I can try to punch in my old info and see if it's somehow till there..
Offline  
Old 08-11-2008, 06:12 PM   #11 (permalink)
No longer Registered.
 
Join Date: Jun 2007
Model: 9530
OS: 4.7.0.XXX
PIN: G Pong Champ
Carrier: T-Mobile U.S.
Posts: 5,515
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by John Clark View Post
(I never even noticed this feature in GMail)
Google started this about a month ago.
Offline  
Old 08-11-2008, 06:14 PM   #12 (permalink)
No longer Registered.
 
Join Date: Jun 2007
Model: 9530
OS: 4.7.0.XXX
PIN: G Pong Champ
Carrier: T-Mobile U.S.
Posts: 5,515
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by CaptSaltyJack View Post
Well, no. It can't be trojan'd because I don't randomly run files I download from the Internet. I only open attachments from known/trusted sources, and I don't do P2P. And as far as hacked, I doubt it. Trust me, my setup is locked down tight. I have a Mac box and a Linux box on my network, and only the Linux box has a few ports open, all other ports on any other computer are firewalled (Tomato firmware). I'm locked down.
Still could have been a spoof site you went to, if you used ANY accss point not under your control, Registered at ANY site with your GMAIL email address and used the same password for the site as your email, the list goes on and on.

I consult on security and everyone tells me there is no way......

But obviously there is.
Offline  
Old 08-11-2008, 06:16 PM   #13 (permalink)
No longer Registered.
 
Join Date: Jun 2007
Model: 9530
OS: 4.7.0.XXX
PIN: G Pong Champ
Carrier: T-Mobile U.S.
Posts: 5,515
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by CaptSaltyJack View Post
Mike: Disabling POP3 did stop the logins. (and I alread changed my password the minute I found out what was going on)

Could someone tell me the BlackBerry account login page? I can try to punch in my old info and see if it's somehow till there..
Here is the login pages:

Where can I log into my BIS account? - BlackBerryFAQ
Offline  
Old 08-11-2008, 06:17 PM   #14 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,686
Post Thanks: 4
Thanked 100 Times in 72 Posts
Default

Quote:
Originally Posted by CaptSaltyJack View Post
Could someone tell me the BlackBerry account login page? I can try to punch in my old info and see if it's somehow till there..
Where can I log into my BIS account? - BlackBerryFAQ
Offline  
Old 08-11-2008, 06:18 PM   #15 (permalink)
Thumbs Must Hurt
 
Join Date: Jul 2008
Model: 8330
OS: 4.5.0.77
PIN: ch me, I must be dreaming
Carrier: Verizon
Posts: 157
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by CaptSaltyJack View Post
Mike: Disabling POP3 did stop the logins. (and I alread changed my password the minute I found out what was going on)

Could someone tell me the BlackBerry account login page? I can try to punch in my old info and see if it's somehow till there..
Try the bottom of this page. BlackBerry - BlackBerry | Wireless Handheld Devices, Software & Services from Research In Motion (RIM) It has login links for many carriers.
Offline  
Old 08-11-2008, 06:19 PM   #16 (permalink)
New Member
 
Join Date: Aug 2008
Model: none
PIN: N/A
Carrier: AT&T
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by troydbrown View Post
Still could have been a spoof site you went to, if you used ANY accss point not under your control, Registered at ANY site with your GMAIL email address and used the same password for the site as your email, the list goes on and on.

I consult on security and everyone tells me there is no way......

But obviously there is.
I do register on sites with my Gmail address, but I never use the same password as my Gmail account.

Could've been a site spoof maybe.. maybe something related to that recent DNS vulnerability, who knows? It's just very puzzling. And it bugs me to no end to know that it's possible someone's got all my Gmail on their BlackBerry now. This is why I'm hoping it was my old account pulling that stuff off.. but I'll never know.
Offline  
Old 08-11-2008, 06:21 PM   #17 (permalink)
New Member
 
Join Date: Aug 2008
Model: none
PIN: N/A
Carrier: AT&T
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by John Clark View Post
What did you do with the Blackberry that you had? It's possible that the pin is still tied to your email account and the RIM system is trying to send email to it.

Changing your password should do the trick.
Thought of that too. I sold it to someone years ago. But see, I don't remember if I had set up Gmail on my BlackBerry, I can't be 100% sure. I'm just making an assumption based on the fact that the IP was from a BlackBerry, and there's no way my password was guessable, and I don't see how a brute force attack on Gmail is possible.
Offline  
Old 08-11-2008, 06:22 PM   #18 (permalink)
BlackBerry Master
 
MrKyoo's Avatar
 
Join Date: Oct 2005
Location: Los Angeles
Model: 4s
OS: iOS
PIN: 79B32491
Carrier: AT&T
Posts: 4,546
Post Thanks: 1
Thanked 4 Times in 3 Posts
Default

Quote:
Originally Posted by troydbrown View Post
Google started this about a month ago.
And why wasn't I notified of this?
__________________
http://twitter.com/mrkyoo
Offline  
Old 08-11-2008, 06:24 PM   #19 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,686
Post Thanks: 4
Thanked 100 Times in 72 Posts
Default

You weren't at the Google meeting either?
Offline  
Old 08-11-2008, 06:26 PM   #20 (permalink)
BlackBerry Master
 
MrKyoo's Avatar
 
Join Date: Oct 2005
Location: Los Angeles
Model: 4s
OS: iOS
PIN: 79B32491
Carrier: AT&T
Posts: 4,546
Post Thanks: 1
Thanked 4 Times in 3 Posts
Default

Quote:
Originally Posted by John Clark View Post
You weren't at the Google meeting either?
Well, I didn't go because there was no beer being served.
__________________
http://twitter.com/mrkyoo
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.