T-Mobile is the first US carrier to make Google Messages its default SMS app - Engadget
T-Mobile is the first US carrier to make Google Messages its default SMS app - Engadget |
- T-Mobile is the first US carrier to make Google Messages its default SMS app - Engadget
- 3 thoughts on “How to Send an Anonymous Text” - Alphr
- Can We Stop Pretending SMS Is Secure Now? (krebsonsecurity.com) - Krebs on Security
| T-Mobile is the first US carrier to make Google Messages its default SMS app - Engadget Posted: 29 Mar 2021 02:27 PM PDT Google's Messages platform just got a big boost from T-Mobile, with the carrier announcing on Monday that the RCS app will come standard on all current and future Android phones it sells. That's a significant step forward for what's been a long and sometimes tricky quest on Google's part to make Rich Communication Services ubiquitous across the Android ecosystem. T-Mobile was an early adopter of the protocol back in 2015. By mid-way last year, it also became one of the first carriers to implement a full standards-based interconnect with Messages. That meant T-Mobile subscribers could take advantage of all the protocol's headline features — including typing indicators and read receipts — when messaging people outside of the US. According to the carrier, it will complete this latest switchover by the end of the year. Google also shared an update on its work to add support for end-to-end encryption in Messages. The company says the beta rollout of the feature will continue throughout 2021. End-to-end encryption over RCS is currently only available through the Messages app, not other RCS-compatible software. Messages isn't the only Google product getting a boost from T-Mobile. As part of their new partnership, the carrier will also start promoting Google's Pixel phones, as well as dropping its own TV service in favor of YouTube TV.  |
| 3 thoughts on “How to Send an Anonymous Text” - Alphr Posted: 30 Mar 2021 12:30 AM PDT For whatever reason, you may find yourself needing or wanting to send a text to someone without your phone number showing up at the other end. In a world where privacy and anonymity are both getting steadily eroded, it can help know about ways to send a message to someone's phone without saying who you are. Being able to send an anonymous text is minor protection of your privacy, but it might be one you find essential one day. This article gives you several ways to send a text anonymously or semi-anonymously. Anonymously Texting SomeoneHow does anonymous texting work? First, let's talk about how it works normally. Usually, SMS messages are packaged along with the sending number, the destination number, and the message itself. This is by design so that individual packets (your text may take up one or many packets, depending on how long it is) can reach the destination number and get reassembled into a coherent message. Including the sending number with the packet lets the sending carrier know who to bill for the service. Your sending number gets stripped out with anonymous messaging after billing is triggered and sent to the destination. This way, the phone company knows you sent the text and charges you for it, but they won't pass your number along to the recipient of the message. Another more straightforward approach to anonymous texts is apps and websites that use their SMS numbers to pass along your message. The platform generally switches your sending number with its own for billing purposes, but the service's number is the one that gets sent along to the destination. The two main ways to send an anonymous text are through an app or a website. These services tend to come and go, so what follows are the apps and sites currently working in May of 2019. Apps to Send an Anonymous TextApps open up a lot of functionality with your texts. For instance, you can use apps to forward text messages to your email or change your messages' fonts and layouts. A few apps have anonymous texting either as their primary function or as an added benefit. Most of these will work on both Android and iOS. All of these applications are free to download and offer end-to-end encryption for ultimate security. Let's take a look at the apps we've researched and make it easier for you to choose which one is right for you. Private Text Messaging & CallsPrivate Text Messaging & Calls is an Android-only app. It can handle SMS, calls, image/file sharing, and self-destruct messages after a set time. It has several other privacy-oriented features and is worth checking out.
In our current era, privacy is scarce. This app not only allows you to send anonymous messages and make unknown phone calls, but it also offers end-to-end encryption and a neat 'shake to hide' messages option. Regardless of what you're using it for, this free app is a privacy-conscious individual's dream messaging option. Signal
Signal is a secure communications app, apparently supported by Edward Snowden (the famous and controversial leaker/whistleblower who exposed the NSA's vast data-gathering operation in 2013). Signal encrypts calls and texts, and you can send files and images securely. It also can suppress your caller ID when calling or messaging, which is ideal if you want to send an anonymous text or call someone in secret. Using the Sealed Sender option released in late 2018, users can send anonymous messages to anyone who accepts sealed ones (there is an option to turn this off in the settings). It's available for Windows, Android and iOS. Websites That Let You Send an Anonymous TextIf you don't want to download an app for it, a few websites allow you to send anonymous texts. Many restrict the number of messages you can send in a day but are otherwise reliable. We've reviewed each of these sites, and they work reasonably well. The basic layout and capabilities are similar among the websites, and the messages tested were delivered within two minutes. These are free to use, so it's important to remember that message delivery isn't guaranteed. TxtEmNow
TxtEmNow is a very slick website that allows you to send anonymous texts to any North American or international phone. You will need to scroll through the ads to find the options to send a message. The bright-side is that you don't have to sign-up or input any personal information to use this website to offset those annoying advertising adventures.
Message delivery does take a while, especially if the website is experiencing high traffic. Fortunately, you can check the status by refreshing your web browser. Text 'em
Text 'em is very similar, although the website looks like something out of the 1990s. Regardless, the website gets the job done. Enter the number, the carrier, and the message. Complete the Captcha and agree to the ToS, then hit Send Message. The site seems to cover most North American carriers, with a few international ones thrown in.
SendAnonymousSMS
SendAnonymousSMS does what it says: send an anonymous message to any recipient in almost any country. The site is clean and easy to use. Enter the sender number, the country, the delivery number, and the message. Then enter the Captcha code and send the SMS. Delivery with this one took quite a while, and it's unclear why you have to put your phone number in before sending it. It could be that this website tries to track or eliminate illegal activities. Nevertheless, the service works. TextForFree.net
TextForFree.net is another very basic-looking website that gets the job done. This site only seems to work in the U.S., but it does deliver the message, as long as you're using one of the approved carriers. Enter the number, the message header, and the message, then choose the correct phone provider from the list. Hit Send Free Text Message at the bottom, and again, delivery takes a while, but it does get there. That is two great apps and four websites that will allow you to send anonymous messages for free. Each has its strengths and weaknesses, but they are all successful.  |
| Can We Stop Pretending SMS Is Secure Now? (krebsonsecurity.com) - Krebs on Security Posted: 16 Mar 2021 12:00 AM PDT SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of employees at mobile stores who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we're learning about an entire ecosystem of companies that anyone could use to silently intercept text messages intended for other mobile users.
Security researcher "Lucky225" worked with Vice.com's Joseph Cox to intercept Cox's incoming text messages with his permission. Lucky225 showed how anyone could do the same after creating an account at a service called Sakari, a company that helps celebrities and businesses do SMS marketing and mass messaging. The "how they did it" was sickeningly simple. It cost just $16, and there was precious little to prevent someone from stealing your text messages without your knowledge. Cox writes:
Lucky225, who is chief information officer for Okey Systems, told KrebsOnSecurity that Sakari has since taken steps to block its service for being used with mobile telephone numbers. He said Sakari is just one part of a much larger, unregulated industry that can be used to hijack SMS messages for many phone numbers. "It's not a Sakari thing," Lucky225 replied when first approached for more details. "It's an industry-wide thing. There are many of these 'SMS enablement' providers." The most common way thieves hijack SMS messages these days involves "sim swapping," a crime that entails bribing or tricking employees at wireless phone companies into modifying customer account information. In a SIM swap, the attackers redirect the target's phone number to a device they control, and then can intercept the target's incoming SMS messages and phone calls. From there, the attacker can reset the password of any account which uses that phone number for password reset links. But the attacks Lucky225 has been demonstrating merely require customers of any number of firms to sign a sworn "letter of authorization" or LOA stating that they indeed do have the authority to act on behalf of the owner of the targeted number. Allison Nixon is chief research officer at Unit221B, a New York City-based cyber investigations firm. An expert on SIM-swapping attacks who's been quoted quite a bit on this blog, Nixon said she also had Lucky225 test his interception tricks on her mobile phone, only to watch her incoming SMS messages show up on his burner phone. "This basically means the only thing standing between anyone and the equivalent of a SIM swap is a forged LOA," Nixon said. "And the 'fix' put in seems to be temporary in nature."
The interception method that Lucky225 described is still dangerously exposed by a number of systemic weaknesses in the global SMS network, he said. Most large and legacy telecommunications providers validate transfer requests related to their customers by consulting NPAC, or the Number Portability Administration Center. When customers want to move their phone numbers — mobile or otherwise — that request is routed through NPAC to the customer's carrier. That change request carries what's known as an ALT-SPID, which is a four-digit number that enables NPAC to identify the telecommunications company currently providing service to the customer. More importantly, as part of this process no changes can happen unless the customer's carrier has verified the changes with the existing customer. But Lucky225 said the class of SMS interception he's been testing targets a series of authentication weaknesses tied to a system developed by NetNumber, a private company in Lowell, Mass. NetNumber developed its own proprietary system for mapping telecommunications providers that is used by Sakari and an entire industry of similar firms. NetNumber developed its six-digit ALT SPIDs (NetNumber IDs) to better organize and track communications service providers that were all using other numbering systems (and differing numbers of digits). But NetNumber also works directly with dozens of voice-over-IP or Internet-based phone companies which do not play by the same regulatory rules that apply to legacy telecommunications providers. "There are many VoIP providers that offer 'off net' 'text enablement'," Lucky225 explained. "Companies such as ZipWhip that promise to let you 'Text enable your existing business phone number' so that customers can text your main business line whether it be VoIP, toll-free or a landline number." As Lucky225 wrote in his comprehensive Medium article, there are a plethora of wholesale VoIP providers that let you become a reseller with little to no verification, many of them allow blanket Letters of Authorization (LOAs), where you as the reseller promise that you have an LOA on file for any number you want to text enable for your resellers or end-users.
NetNumber declined to comment on the record, but instead referred to a statement from the CTIA, a trade association representing the wireless industry, which reads: "After being made aware of this potential threat, we worked immediately to investigate it, and took precautionary measures. Since that time, no carrier has been able to replicate it. We have no indication of any malicious activity involving the potential threat or that any customers were impacted. Consumer privacy and safety is our top priority, and we will continue to investigate this matter." Lucky225 told KrebsOnSecurity many of the major mobile companies have moved to ensure none of their customers can be affected by changes requested through NetNumber or its partners. But he suspects some of the smaller wired and wireless telecommunications firms may still be vulnerable. "I'm pretty sure it's only the big carriers that they're protecting now," he said. "But there's just so much we don't know about what they patched because everyone is being so tight lipped about this right now." Nixon said it's time for federal regulators to step up and protect consumers. "Its clear this is a lot of foundational infrastructure mucky muck and some fundamental changes are going to need to happen here," she said. "Regulators really need to get involved." WHAT CAN YOU DO?Given the potentially broad impact of fraudsters abusing this and other weaknesses in the vast mobile ecosystem to completely subvert the security of SMS based communications and multi-factor authentication, it's probably a good idea to rethink your relationship to your phone number. It's now plainer than ever how foolish it is to trust SMS for anything. My advice has long been to remove phone numbers from your online accounts wherever you can, and avoid selecting SMS or phone calls for second factor or one-time codes. Phone numbers were never designed to be identity documents, but that's effectively what they've become. It's time we stopped letting everyone treat them that way. Any online accounts that you value should be secured with a unique and strong password, as well the most robust form of multi-factor authentication available. Usually, this is a mobile app like Authy or Google Authenticator that generates a one-time code. Some sites like Twitter and Facebook now support even more robust options — such as physical security keys. Removing your phone number may be even more important for any email accounts you may have. Sign up with any service online, and it will almost certainly require you to supply an email address. In nearly all cases, the person who is in control of that address can reset the password of any associated services or accounts– merely by requesting a password reset email. Unfortunately, many email providers still let users reset their account passwords by having a link sent via text to the phone number on file for the account. So remove the phone number as a backup for your email account, and ensure a more robust second factor is selected for all available account recovery options. Here's the thing: Most online services require users to supply a mobile phone number when setting up the account, but do not require the number to remain associated with the account after it is established. I advise readers to remove their phone numbers from accounts wherever possible, and to take advantage of a mobile app to generate any one-time codes for multifactor authentication.
Tags: Allison Nixon, ALT-SPID, Lucky225, NetNumber, NPAC, Number Portability Administration Center, SIM swapping, Unit221B  |
| You are subscribed to email updates from "fully encrypted phone,what is encrypt phone,how to encrypt text messages android" - Google News. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
Comments
Post a Comment