Tetanus Factory

It’s been “big news” that Twitter and Jott are vulnerable to CallerID spoofing. Can’t speak for the Jott kids, but I know this isn’t news to Twitter kids, given that Blaine and Rabble were demonstrating CallerID spoofing (and related techniques) over Asterisk several years ago.

This is one of those security problems that everyone knows about and quietly agrees not to speak too loudly about because alternatives like Nitesh proposes are usability disasters.

The carriers have designed their networks around the assumption of monopoly practices and zero information sharing, and it means they’re slow and make dumb mistakes. (I always think of it as a nice parallel to the current U.S. administration — organizational tactics constrain your imagination and your coping techniques)

Jabber, btw doesn’t have this problem.

Photo by thristian