There’s an interesting article over at SpyBlog discussing the suggestion posed in the wake of the Asian tsunami disaster for SMS based early warning systems.
I hadn’t given this one much thought until I picked up on this article. I guess they make a valid point when they ask would you act on an unauthenticated text message telling you to evacuate your home or business? After all, we get so many SPAM messages these days, it would be difficult to differentiate. There are other dangers posed by such a system – it would be difficult for the operator of such a system to identify relevant handsets within the impending disaster area. The option posed by one operator involved publishing personal details on the web. One of the fallouts of these tragedies is the human scavenging that goes on – a list of details of potential victims who will probably not be returning home provides a feast for burglars. Then there’s the ready made mailing list for SPAMmers and phishers.
All in all, it sounds like one of those nice sounding ideas that hasn’t been thought through properly.
That link really gives a ‘sky is falling’ concept… the ARC and similar systems are not open systems, they are supposed to be closed systems – and phone numbers should not be published.
Rather reactionary, really.Taran [[email protected]]
it’s not that hard to differentiate between a disaster warning and a SPAM txt msg: after all, if you and everyone around you started to get a txt saying ‘run to the hills, there’s a tsunami on the way’, well, you’d know pretty soon that you shouldn’t be doubting it.
there is perhaps no need for additional lists of mobile users – network operators can, if they choose, send msgs to every number on their networks (or roaming on their networks, as happened in SL *after* the tsunami to locate tourists, and to get lists of no-longer-active phones) and a dynamically generated of this sort is always going to be more accurate than a static list that requies maintenance.
and as for the civil liberties/ spam implications: it is already exceedingly (well, relatively, anyway) cheap and straightforward to spam the entire range of text messages in a given country, or even the range of active numbers in that country – why bother with a (possibly) outdated list when you can (like the netowkr operators) generate the list dynamically?
there are very different dynamics to txt and email spam: txt spam simply isnt cost effective across national boundaries unless being sent to an audience who you know in advance will be receptive to the msg; within national boundaries there is a sufficiently narrow range of possible addresses that spamming all of them *is* cost-effective. email spam on the other hand *isnt* restricted by national borders, but the range of possible addresses is so vast that, although it’s possible to spam every email address, the response rates are so infinitesimal it doesnt make any sense – hence the value of harvesting active addresses.sean [[email protected]]
[Longrider Replies] I think you both make good points (although I dispute the “reactionary” comment). However, I believe both of you are being over generous in your assumption that people are techno savvy. People do respond to SPAM – including the SMS type and many people have difficulty coping with the most basic technology, so confusion between real and hoax SMS messages (along with the privacy issues) are real concerns and would need addressing before I was comfortable with such a system.