On 12/9/09 10:24 PM, nick hatch wrote:
Reading the last thread on why SMS isn't/should be dead, I almost piped up with a thought before I realized I should probably check my head-sphincter interface, first.
It's always wise to check for Recto-cranial Inversion Syndrome.
However, I'm not so sure this assumption is correct. Does anyone have good references for the security of SMS? The most I've been able to find is this Slashdot article [1].
Since SMS is used as a third or sometimes fourth authentication step, I don't think that it lends itself to being usefully cracked. Someone would have to know the username, password, and cell number of the target account (sometimes the PIN also), and that's simply unlikely except in the case of specific high-value targets. Those accounts already employ additional levels of security (banks don't expose million-dollar accounts to basic online access). -- Carlos Alvarez TelEvolve 602-889-3003 Advanced phone services simplified