Thursday, December 07, 2006

Ping them.. with voice messages

Pinging someone use to mean sending a text or an IM..Pinger redifines that- their service lets you send voice messages with your voice to anyone - w\out ringing or listening to their greetings..they are onto something here - Ive said it before that texting is bigger now then voice because of the fact that you get through w\out the ringing, listening to ringback tones, or greetings, and its to the point- "meet me in 10mins"- no need for the whole courtesy thing "how are you? whats going on?" - most importantly is the fact that you dont feel like you are interrupting someone. .. sign up is pretty easy .. you get a local phone number which you use to "ping" people - you do have to import your contacts to the pinger website, and then they are accessible by just saying their name when you leave the message - it sends an email to that person and if they are pinger members they can a text message sent to their cell phone as well... if you are a myspace junkie you can import your myspace friends, and use pinger to post an audio bulletin from your cell phone...its a cool app but if it let users ping people and alert them on their cell phones (not just email) even if they werent pingers it would be even better! but hey its a free service so check it out and let me know what you think..


CallerID Spoofy said...

Do you know the companies PINGER and SNAPVINE?

Pinger and Snapvine are highly INSECURE!!!!

What this means: I can break into your Pinger and Snapvine phone accounts. I can listen to your messages. I can send out messages as you.

How do I do this? Easy. I mask / spoof CALLER ID / ANI. Anyone can do this, amateur hacks, etc.

Well, there are others, but suffice to say that these companies are doing new things with social networking sites and phones that help to connect people.

The problem is that these companies have a scalability problem based on inbound calling.

You see, if you have hundreds of thousands or millions of users, you can’t give everyone a unique dial in phone number.


What these companies have done is based user identification on Caller ID / ANI – meaning that you call their service, and their systems recognize your phone via Caller ID.

The problem is that Caller ID is highly insecure and can be faked.

The problem that these “dial in” companies are trying to solve is one of scalability. They simply cannot have enough dial in numbers for each user.

Therefore, they have architected a way to recognize each caller by Caller ID and to base the entire user authentication system on this insecure method.

This can easily be hacked.


The solution is funny – both Pinger and SnapVine make you enter in a PIN CODE when you dial in without validating your phone.

After you validate your phone, you no longer need to enter the PIN CODE.

So in effect, when you validate your phone, you make your account INSECURE.

What Pinger and SnapVine need to do is always require the PIN CODE.