Hi all, Reading the last thread on why SMS isn't/should be dead, I almost piped up with a thought before I realized I should probably check my head-sphincter interface, first. Many banks use SMS messages as an out-of-band authentication factor for online banking. (ie, they send a challenge code to the customers phone in response to an online banking request) If one assumes that cell phone SMS messages can't be intercepted out of the air by a forged device or through other means, they operate as a quasi-physical authentication factor, which is very valuable. This would be a strong use case for SMS over email or other general-purpose communication mediums where the password or other knowledge can be bootstrapped into access to the medium. However, I'm not so sure this assumption is correct. Does anyone have good references for the security of SMS? The most I've been able to find is this Slashdot article [1]. -Nick [1] http://it.slashdot.org/article.pl?sid=09/05/21/1858233