Filed in archive Mobile Technologies by tom on April 18, 2007

I've just noticed a post over on ONLamp.com (via Twitterati) which talks about vulnerabilities in the Twitter and Jott systems.

This is something close to my interests, as spoofing text from another user is something I take very seriously in all the community services I work on or build. I tried to replicate the vulnerability explained in the O'Reilly piece with Pitch, and it's thrown up an interesting side piece in relation to these services: You can spoof the sender MSISDN when sending an SMS message to a UK long number, but not to a shortcode. It seems shortcodes - at least if properly configured and managed - will set the sender MSISDN to the real sender MSISDN, as the numbers come across the cellular network, not the IP network, and require verification as they can be used for premium billing.

So as long as Twitter uses a shortcode in the UK, they can't, as far as I know, be spoofed.

Related Entries:

ARP Spoofing - 11 March 2006
Why Twitter? (3): Twitter 与虹 (上) - 04 April 2007
Why Twitter? (4): Twitter 与虹 (下) - 05 April 2007
Twitter me this - 13 April 2007
Another Reason Why People Shouldn't Use Twitter - 28 November 2007

« Haier Elegance Handset | Main | Mobile Phone: A Conspicuo... »

Permalink: Twitter & Jott Vulnerable to Spoofing

Tags: twitter spoofing mobile 2007 wireless twitter+jott jott+vulnerable vulnerable+spoofing

Trackback: http://publish.creative-weblogging.com/publish/mt-tb.pl/64349

Addthis

Ask

Blinklist

del.icio.us

Digg

Fark

Facebook

Google

Lycos

Ma.gnolia

Mr Wong

Netscape

Netvousz

Newsvine

StumbleUpon

Slashdot

Tailrank

Technorati

Wink

Yahoo

Vote for Twitter & Jott Vulnerable to Spoofing:

Currently 7.40/10
1
2
3
4
5
6
7
8
9
10

Rating: 7.40 out of 5 vote(s) cast.

Response from: amit (09/16/07 10:36pm)

hi monu this is amit hw r u

Add your response to Twitter & Jott Vulnerable to Spoofing:

Name: *

Email: (will never be shown)*

URL:

(* marked fields are required)

Notify me if more comments appear?

Subscribe to The Mobile Technology Weblog newsletter? (Newsletters are sent out weekly).

Remember me

Security Code: *
(Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)

We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

Share It

Use the search to look for other interesting posts

Contributors (Last 90 days)

Stephen Lunn (1)
Jason Giacchino (40)

This site has 1229 entries and is powered by Creative Weblogging since June 2004.

Our Editors recommend

Disclaimer

Some of the contents of this site are protected Creative Weblogging Inc. 2004-2010.

Check out our Sponsored Blogs!

Business Computer Blog (UK)

Are you interested in writing a blog in our network?

See which positions are currently open.

Testimonials

'Great analysis...'

'revenue, schmevenue -- where's the app, i'm ready to play :-)'

'Your site is unique and helps make my life easier when trying to find news on mobile phones.'