Unless you’re paranoid and have automatic keylock and a PIN on your phone, what’s to stop someone picking it up and reading your texts? Nothing. Even if you have all of these, there’s ways around it.

Then we move to the mobile network operators. I can think of a number of cases in the past few years where employees at the networks have got up to mischief and accessed subscribers voicemails, personal records, and all sorts. Those are the ones that make it into the news – I’m sure there’s plenty more that don’t.

There’s one way and one way only to make SMS secure. Encrypt the message, and make sure only the person who receives it could possibly ever decrypt it. However, encryption is reversable – Alan Turing and co managed to crack Enigma using the same processing power as my washing machine, so it’s only a matter of time before the kids can crack any encryption the bank chose to use on your SMS.

Just like the mobile operators do…….. Oh, I forgot they don’t. They give you a phone, a SIM card and a telephone number but how many times has your mobile operator called you ever? And if they did, did they know your name?

I think that’s why the mobile operators want to create social networks so they can find out who the customers are. Good idea, maybe then they will stop spending all that money on corporate branding and useless TV advertising.

I do feel that it is unfair to comment on TynTec’s delightful news as ‘PR bull’, something more constructive would be more appropriate.

I do wonder if they have something in their connection to the signalling system 7 (SS7) network that may provide this additional quality and security (they do quote “TynTec’s unique technology infrastructure”).

It is not unknown for phreaking of the SS7 connections and IN platforms. Maybe they have some technical architecture that offers more capbility than is used even by the mobile operators. It is also not unheard of for DDOS attacks (denial of service) to be made against both the SMSC (and thus) the SS7 connection, maybe they have enough capability to withstand these as well. From my experience the mobile operators seem to suffer from poor service just related to high levels of SMS activity – probably not enough boxes handling the SMSC function, I digress……

I presume from TynTec’s business their customer is the corporate and financial/banking sector and therefore without getting into the high level technical nuances of the SS7 and intelligent platform architectures, the message (PR) they want to give these prospective customers is that they are focussed on providing a solution to them which gives direct access into this network along with the fringe benefits of security, reliability, audit trails and TynTec costs to match.

I would propose they target this message more directly to the specific market sector they wish to entertain with their commercial service rather than use a general web PR distribution.

I would also hope that more care and attention is paid to the use of such terms as
- Enterprise-quality SMS operator
- Banking grade tool [a finger?]
- Banking Grade [software for numbers that goes wrong just like Windows]
- mission-critical corporate applications [applications regularly abused/broken/avoided by the employees]

These terms are (to paraphrase Ewan) ARSE. They are just as bad as mobile companies using terms ‘Carrier grade’ and ‘zero fault tolerance’.

Ha Haa. If this goes on I will propose we have a BullS–T Bingo quiz every week with a pick of the worst terms used in the PR and giving your own thoughts on what the terms mean.

Mind you, I am mission critical. I am carrier grade (around the waist only), I am internet startup quality (we work more hours, days, years, for zero pay than anybody), but I am not fault tolerant.

And our current mobile platform serves 3 million customers – it’s cosmic sherbet flavoured quality grade platform.

Until we digress again on another urgent matter of mobile centric, 3G mega license funded, IP disruptive, VOIP kicking, walled garden hating SMS related discussion…

Bye for now.

HSBC decide to let people bank via SMS

They sound out emails / news letters / branch billboards, tv ads etc telling customers that they can now do banking via SMS…

I go to textanonymous.com or similar and send out messages to HSBC customers saying “To confirm your banking by SMS system, please send your account number and password to XXXXXX”

I can send this message as though it came from “HSBC BANKING” and I would bet that most customers would buy it straight away.

This opens doors for HUGE phishing scams. Remember that the reply can be forwarded by email to the scammers thus making it quite easy to become un tracable.

I still think that at the moment anyone who got a message like that would go “ooo thats odd, best ring the bank” but once they are told BY THE BANK that it will start happening, they will just accept it “as is” and send their info…

Even the people who are normally more vigilant with emails etc would probably be got by this as its a lot rarer to see a NAME not in your phone book appear on a text….

Anywho.. this is just one of my concerns. I have no issues with how secure their tech is, just how easy it is to fake it and steal using public knowledge.