undefined | Better HN

0 pointsbgvrofg11y ago0 comments

You could do this: if you enable passcode confirmation, type your pass anywhere in the text message along with your text confirmation. If you forget, you get a request to do so.

0 comments

MereInterest11y ago

Except that text history is usually saved on the phone. If someone has access to sending texts, they will have access to that as well. It is probably better to go with phone locking, instead.

That said, I like the passcode idea. I know that caller ID is easily spoofed, and so I would imagine that the source ID for text messages can be spoofed as well. Requiring the passcode would prevent this sort of attack.

wongarsu11y ago

The source of text messages is indeed easily spoofed. Most paid services enabling you to send SMS over the web allow you to set arbitrary sender IDs, so the cost of entry for spoofing is about $5.

It's not hard to imagine this leading to trouble as soon as you get into the crosshairs of some internet troll who managed to get your mobile number.

bgvrofgOP11y ago

Prediction, they will switch to a simple app soon.

alansammarone11y ago

that may not be ideal. most people keep their sms history, so the person trying to use the service in my behalf could just scroll the screen. or do you mean some sort of one timer passcode? that could complicate things a bit, not sure how it could work

bgvrofgOP11y ago

You could call them and enter a few numbers I guess. This isn't stored, at least on my phone since you are in a call, and can be automated. ( Or just don't store that message. )

alansammarone11y ago

ye, that seems reasonable... it kinda complicates the process though

j / k navigate · click thread line to collapse

0 comments

MereInterest11y ago

Except that text history is usually saved on the phone. If someone has access to sending texts, they will have access to that as well. It is probably better to go with phone locking, instead.

wongarsu11y ago

The source of text messages is indeed easily spoofed. Most paid services enabling you to send SMS over the web allow you to set arbitrary sender IDs, so the cost of entry for spoofing is about $5.

It's not hard to imagine this leading to trouble as soon as you get into the crosshairs of some internet troll who managed to get your mobile number.

bgvrofgOP11y ago

Prediction, they will switch to a simple app soon.

alansammarone11y ago

bgvrofgOP11y ago

You could call them and enter a few numbers I guess. This isn't stored, at least on my phone since you are in a call, and can be automated. ( Or just don't store that message. )

alansammarone11y ago

ye, that seems reasonable... it kinda complicates the process though

j / k navigate · click thread line to collapse