Consumer SMS can be used for confidential communication. The contents of an SMS messages should not be known to the network operator's systems and personnel. Therefore, consumer SMS is an appropriate technology for secure communications.[146] In that case, those that worked in O2 was fired for violating operator security. The SMS is encrypted between handsets, and can be intercepted in the HLR only, and should be stored encrypted in the SMSC. The security of an SMS message is of another league than Internet security, but Gartner Group has found that also with mobile phone operators, hackers exist, but they have to walk on their own feet into what should have been a high-security area. You cannot intercept an SMS at other points, not that attempts has been made.
The network use the SS7 connectivity to route the messages and SMS gateway only when the destination is unreachable. The SMS has to go through the HLR/VLR but since this is part of the signalling, the message will be passed by IN - the "Intelligent Network" - the actual path taken is impossible to trace. The only place it will be intercepted is at the HLR and here it is encrypted again and passed on to the destination, if this is available according to network status. If the device is not connected, the SMS gateway will be used to hold it, until the handset tries to connect and is verified by the HLR - the user enters the correct PIN/PUK code and granted roaming. IN will change the network as subscribers move, using distributed software overseen by an "Operational Support System" - OSS. (see Wikipedia : Software-defined networking). The OSS determines the rules, while the "network elements" will ensure that these are adhered to and there is no time to check with the "boss" what to do. Lines are connected and taken down millions of times per second. Should you be on a foreign network, like abroad, the local operator has a "Visitor Location Register" - VLR, and this gets the credentials and encryption keys from your operator and stores a local copy. A SMS will be intercepted by the VLR that acts as proxy for your home HLR. This allows the operator abroad to send on an SMS to a local subscriber or any other foreign subscriber without intervention from your operator - except for charges for their service.
Failure rates without backward notification can be high between carriers (T-Mobile to Verizon is notorious in the US)[citation needed]. International texting can be extremely unreliable depending on the country of origin, destination and respective operators (US: "carriers"). SMS is to be coded in the ITU-T character set, which coincide with "simple ASCII text" as long as "all is default". But if a Chinese subscriber does the same, this can arrive as Chinese characters in the US, and you may not be able to read this. Likewise, someone that lives in the US can send in Chinese to China - given that their phone has the software to enter the text. Difference in "Country Code" and "Default Character Set" may yield surprising results.
What many discussions forget is that the operator (US:"Carrier") will use special messages that can control the mobile phone - typically use of radio channels. But what you all see is that the phone is loaded with access point names, IP addresses, routing gateways, service centre names (SMSC, MMSC), voicemail numbers apparently out of nothing. These comes in a burst of messages when you connect for the first time, and "programs" your phone to work in the network - as managed by the OSS. Those that describe "Stagefright" (Wikipedia Stagefright (bug) ) seems to have discovered this character set all over again.
If you trust your operator, you can trust SMS to be safe and reliable. Only they can intercept it. However, a new category of Internet based messages exists and here you have to trust every router that you pass the IM across. To be blunt: The competence in GSM networks is low in the US and misleading information is frequent. Just see that the NSA nor the Israeli intelligence has been able to intercept messages sent from Gaza or IS, Taliban and members of Al Qaeda in the Middle East, although they certainly know where they are. That they are unable to intercept should be evidence enough to consider SMS to be safe, secure and impossible to intercept.
| Consumer SMS | Business SMS |
|---|---|
| Reliable | Timely delivery |
| Measurable via delivery notifications | Measurable via delivery notifications |
| No message loss | No message loss |
| Full transparency and security through end-to-end delivery | Full transparency and security through end-to-end delivery |
| Viable for person-to-person communications as well as B2B and Enterprise | Viable for all types of mobile interaction: B2B, B2C, C2B, C2C |
No comments:
Post a Comment