[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A better Linux based firewall installation?
>
> Any attacker which is after your stuff and is able to penetrate a GSM
> exchange and send an unauthrized message without anyone noticing
> (remember that banks rely on the number as a ID good enough to identify
> you and divolge your account details on SMS)
Hey... Gilad, I expected better from you (being the one who built an SMS
gateway from recycled paper and used cardboard boxes).
Spoofing != sniffing. Spoofing is actually much easier. Faking the GSM
number you *send* to someone is easy/ier (I just have to fake the proper SMS
message). Sniffing the SMS your bank sends *you* is harder.
> can just as well break into
> your phisical location and take what he wants or kidnap the children of
> the sysadmin or any other large scale operations such as those.
That's actually easier than spoofing and/or sniffing (proof: statistically.
Look how many people are in jail for kidnapping, and how many for
spoofing/sniffing. QED).
> It all
> depends on what you are protecting. I think that for 95% of the people
> and LANs out there it's secure enough, combined with a one time password
> carried by the SMS message itself.
>
This is getting too weird for me, though. I tried to give Omer real
practical advise when suddenly the conversation drifted into GSM phones and
kidnapping kids. I'll be leaving this thread now :-)
- Aviram
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il