Financial Daily from THE HINDU group of publications
Wednesday, Dec 24, 2003
Financial Daily from THE HINDU group of publications Wednesday, Dec 24, 2003 |
|
|
|
|
|
eWorld
-
Security To believe or not to believe R. Savitha
CALL it the bane of progress - the minute a particular technology clicks, and becomes popular, there's somebody out there trying to figure out how it can be used for their own narrow ends - be it for fun or more sinister purposes. Take the case of the short messaging service or SMS that is becoming the preferred medium of communication amongst mobile-phone toting youngsters. The SMS message has gained so much ground that law-enforcing agencies might even rely on it as evidence in disputes. But even as its credibility grows, there's the other side to it - SMS spoofing. What does this mean? Simply that you can send SMS messages using another person's mobile number without him/her being any the wiser as to what's happening. Think of what this means in a legal context where the very authenticity of the SMS, in terms of who sent it, is called into question. Echoing such concerns perhaps the Pune-based Asian School of Cyber Laws (ASCL) recently held a seminar on SMS spoofing wherein `experiments' were conducted to check it out. The ASCL was able to successfully spoof SMS messages, making them appear to come from the phones of people using GSM-based cellular phone services in various parts of India and other Asian as well as African countries. Rohas Nagpal, President of ASCL, says the experiments were tried out with a small base of 30 people, basically government and police officials. The simple message that was sent out was "if the SMS appears to come from your own cell number, then give me a call.'' The people who responded to this message were from locations as far off as Singapore, Malaysia, the US and Mauritius, and the only query that was uppermost on their minds was how it had been done. Nagpal says for SMS spoofing to be done, the individual or group of people seeking to `offer' such a `service' would first have to rent an SMS server. After that is done, they let it be known that such a `service' is available. . People looking to send fake SMS messages can then contact the `service provider' and use the service for a fee. The billing could be on a monthly basis or even on a message basis. Thus the chain begins. According to Nagpal, there are hacking communities across the globe that also rent out their servers for SMS spoofing. Then there are commercial organisations that rent out their `message centres' and take in either a token amount as their `service charge' or bill according to the number of messages sent. "As this is an illegal process, it is difficult to find out where exactly the message centres are located,'' he says. "SMS faking is a criminal offence and is punishable. The only solution to this kind of a problem is to lodge a complaint with the police," he says. However, bringing the culprits to book could be difficult. It would depend on how effective the tracking mechanism proves to be. All said and done, what do these developments mean for the one receiving SMS messages? To believe or not to believe... .. Picture by R.M. Rajarathinam
Article E-Mail :: Comment :: Syndication
|
Stories in this Section |
|
The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription Group Sites: The Hindu | Business Line | The Sportstar | Frontline | The Hindu eBooks | Home |
Copyright © 2003, The
Hindu Business Line. Republication or redissemination of the contents of
this screen are expressly prohibited without the written consent of
The Hindu Business Line
|