[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A better Linux based firewall installation?
Aviram Jenik wrote:
>> Any attacker which is after your stuff and is able to penetrate a GSM
>> exchange and send an unauthrized message without anyone noticing
>> (remember that banks rely on the number as a ID good enough to identify
>> you and divolge your account details on SMS)
>
>
> Hey... Gilad, I expected better from you (being the one who built an SMS
> gateway from recycled paper and used cardboard boxes).
Actually it was half a spud and an Orchid ;-)
> Spoofing != sniffing. Spoofing is actually much easier. Faking the GSM
> number you *send* to someone is easy/ier (I just have to fake the proper SMS
> message). Sniffing the SMS your bank sends *you* is harder.
Hmm.. I did not imply that because the bank is sending you your acocunt
details on SMS it makes it safe because the bank trusts that no one can
READ your messages, what I meant is that Bank trust the identity they
get from the network to send the information, that is - that the network
is hard (enough) to spoof.
Anyway, this thread is rather silly. You could DES encrypt the SMS
messages...
But this is getting OT ;-)
Gilad.
--
Gilad Ben-Yossef <gilad@benyossef.com>
http://benyossef.com :: +972(54)756701
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il