Thinking about SMS security Sir Ryan Bemrose (npub10us…p5pu) Princess Pheonix of The Lotus (npub142a…ccwa) PhoneBoy of The Lotus 🪷 (npub1d85…p88k) - it's my understanding that SMS is unencrypted w/in the network where it's sent (so phone-company secure), and that the biggest risk is rogue connection points that may trick the phone into connecting to it. People may underestimate how likely they are to encounter one of those ("who would want MY data?" LOL), but has that threat model changed?
I agree on the levels of security by content, but it also needs to be the highest level of security that content would need; otherwise, the presence of a certain level of security implies the value of the content being secured. I agree that should be baked in at the design level, not layers bolted on afterwards; but, do you not see some of those as pragmatic steps to save the uninformed masses from themselves"?
Daniel J. Summers ~ East TN, USA
npub1za…g6q06
2025-07-05 15:13:44 UTC
Author Public Key
npub1za0u4ztucv9zdnvt2p2jujjtgtjvc3hktq23ptld957fq25kslmssg6q06Seen on
wss://relay.momostr.pinkPublished at
2025-07-05 15:13:44 UTCEvent JSON
{
"id": "751ab2775b8215422e877a7d38f614a4bcef156818e65df29913356a8dbe6c22",
"pubkey": "175fca897cc30a26cd8b50552e4a4b42e4cc46f6581510afed2d3c902a9687f7",
"created_at": 1751728424,
"kind": 1,
"tags": [
[
"p",
"aaba608f10f96010b1d2852520ef3c945634198f7c2246057624d787d566a8f3"
],
[
"p",
"69e8b4fbb559c42757b258c3b7ab44fddcdd5e0553d48c3af1729163edc31c1e"
],
[
"p",
"7f2068a65e1a5ff3b8fa6a852b1885c4cc31dea072d4fd0fca0bc118ee99c1a1"
],
[
"proxy",
"https://fedi.summershome.org/objects/d46ffb0b-6c91-468a-9f7c-09c88b60a25c",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://fedi.summershome.org/objects/d46ffb0b-6c91-468a-9f7c-09c88b60a25c",
"pink.momostr"
],
[
"-"
]
],
"content": "Thinking about SMS security nostr:npub10usx3fj7rf0l8w86d2zjkxy9cnxrrh4qwt206r72p0q33m5ecxss7np5pu nostr:npub142axprcsl9sppvwjs5jjpmeuj3trgxv00s3yvptkyntc04tx4res23ccwa nostr:npub1d85tf7a4t8zzw4ajtrpm026ylhwd6hs9202gcwh3w2gk8mwrrs0qcup88k - it's my understanding that SMS is unencrypted w/in the network where it's sent (so phone-company secure), and that the biggest risk is rogue connection points that may trick the phone into connecting to it. People may underestimate how likely they are to encounter one of those (\"who would want MY data?\" LOL), but has that threat model changed?\r\n\r\nI agree on the levels of security by content, but it also needs to be the highest level of security that content would need; otherwise, the presence of a certain level of security implies the value of the content being secured. I agree that should be baked in at the design level, not layers bolted on afterwards; but, do you not see some of those as pragmatic steps to save the uninformed masses from themselves\"?",
"sig": "150a9cf2f425d8072dd8827e1055f3a70d65be9c9b379a3f904c145136097b8b2f1693c5b89749772d377c37fedc97829698223e9eaf62b18c5701a26b5369a9"
}