[19822] in bugtraq
Re: otp - the next generation
daemon@ATHENA.MIT.EDU (Tollef Fog Heen)
Fri Mar 23 18:39:38 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <874rwkk59j.fsf@arabella.intern.opera.no>
Date: Fri, 23 Mar 2001 14:02:16 +0100
Reply-To: Tollef Fog Heen <tollef@ADD.NO>
From: Tollef Fog Heen <tollef@ADD.NO>
X-To: Gregory Steuck <greg@NEST.CX>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <86n1adxt7f.fsf@home.nest.cx>
* Gregory Steuck
| I am pretty sure that both assumptions are wrong. Phone company (or
| companies, I don't know how the messages are routed) will most certainly
| be able to sniff your messages and forge the source address.
As at least NetCom here in Norway allows one to send SMS's which seem
to originate from your phone, but are really sent from the web, that
last assumption is correct. IIRC, the police were quite annoyed when
GSM was put into production, since they then had to go to the telco's
switching centers in order to tap the line, so I guess the telco can
still tap your conversations.
--
Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.
