Gregory Steuck wrote:
> 2) SMS source address can not be forged.
>
> I am pretty sure that both assumptions are wrong. Phone company (or
> companies, I don't know how the messages are routed) will most certainly
> be able to sniff your messages and forge the source address.
Indeed. And SMPP (the protocol usually used to inject SMSes into the
network over TCP) also allows the source address to be specified, though
I believe some telcos impose restrictions on valid source addresses.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
ApacheCon 2001! http://ApacheCon.com/
