
Simplest Phones Open to 'SMS of Death' - blhack
http://feeds.wired.com/~r/wired/index/~3/tt4RLwhKbz8/
======
mixmax
_"The problem is these problems aren’t easy to fix."_

Can't the Telcos just scan all SMS messages and filter out the ones that
contain the malicious sequence of characters?

~~~
blhack
I think the problem there is the word "just".

~~~
gasull
_I think the problem there is the word "just"._

I pay a lot of attention to how much a boss or a client uses the word "just".
Be very afraid.

------
CountSessine
I would imagine that most exploits like this, at least if black-mailing the
telco is the objective, would be launched through an SMS gateway. There are a
limited number of those onto any carrier network, and I suspect that any telco
would rather shut those down temporarily than surrender to blackmail.
Maintaining the integrity of their relatively closed network and the phones on
their network is a lot more important to them than maintaining Twitter's and
Twilio's access to said network.

------
zitterbewegung
Link to the actual talk
[http://events.ccc.de/congress/2010/Fahrplan/events/4060.en.h...](http://events.ccc.de/congress/2010/Fahrplan/events/4060.en.html)
the presentation will probably be posted here.

------
SoftwareMaven
Any solution that requires end-users updating the firmware on their phones is
a completely useless and broken solution. If it isn't an auto-update, it is
not going to happen, unless they go to use their phone and it says "sorry, you
have to bring it to AT&T to have your phone updated before you can make a
call."

Yeah, AT&T is going to go for that.

