[VoiceOps] SMS receive security
Carlos Alvarez
carlos at televolve.com
Thu Dec 10 11:51:04 EST 2009
On 12/9/09 10:24 PM, nick hatch wrote:
> Reading the last thread on why SMS isn't/should be dead, I almost piped
> up with a thought before I realized I should probably check my
> head-sphincter interface, first.
It's always wise to check for Recto-cranial Inversion Syndrome.
> However, I'm not so sure this assumption is correct. Does anyone have
> good references for the security of SMS? The most I've been able to find
> is this Slashdot article [1].
Since SMS is used as a third or sometimes fourth authentication step, I
don't think that it lends itself to being usefully cracked. Someone
would have to know the username, password, and cell number of the target
account (sometimes the PIN also), and that's simply unlikely except in
the case of specific high-value targets. Those accounts already employ
additional levels of security (banks don't expose million-dollar
accounts to basic online access).
--
Carlos Alvarez
TelEvolve
602-889-3003
Advanced phone services simplified
More information about the VoiceOps
mailing list