Bookmark and Share
Twitter SMS spoofing still undead

Fri, Mar 6th, 2009

A fix against an SMS spoofing flaw involving micro-blogging service Twitter offers only partial protection.

Tests by Heise Security found that providing a user knew the number of a phone associated with a Twitter account, it would be possible to use an SMS sender faking service to post fake status updates that appeared under a user's profile. Services such as PhonyText allow the relaying of SMS messages with a fake sender field. Spoofed SMS messages sent through this service to the number for sending SMS tweets could thus be used to create fake tweets.

Read the whole story on The Register or try our Toolbar

Related Stories:

  • Fluffy the Vampire Slayer

    "I should get the vacuum cleaner out more often," I said to myself as I chased the fluffy dust bunnies from their nest of cables beneath the desk. Although ...

  • GrandCentral Returns as Google Voice

    Google today finally announced its plans for GrandCentral, the telephony service it acquired in July 2007. GrandCentral will be reborn as Google Voice ...

  • Google tosses free texting

    Google is pulling access to the XMPP API that allows third-party applications to send SMS messages with the Mountain View chocolate factory footing the bill, much to the annoyance of app developers ...

#More stories ...

Bookmark and Share
No comments yet.