[VoiceOps] SMS receive security

Carlos Alvarez carlos at televolve.com
Thu Dec 10 11:51:04 EST 2009

On 12/9/09 10:24 PM, nick hatch wrote:
> Reading the last thread on why SMS isn't/should be dead, I almost piped
> up with a thought before I realized I should probably check my
> head-sphincter interface, first.

It's always wise to check for Recto-cranial Inversion Syndrome.

> However, I'm not so sure this assumption is correct. Does anyone have
> good references for the security of SMS? The most I've been able to find
> is this Slashdot article [1].

Since SMS is used as a third or sometimes fourth authentication step, I 
don't think that it lends itself to being usefully cracked.  Someone 
would have to know the username, password, and cell number of the target 
account (sometimes the PIN also), and that's simply unlikely except in 
the case of specific high-value targets.  Those accounts already employ 
additional levels of security (banks don't expose million-dollar 
accounts to basic online access).

Carlos Alvarez

Advanced phone services simplified

More information about the VoiceOps mailing list