Skip to main content

Cybersecurity sees everything

We should mean almost, digitally. With serious considerations to best practices, widely acceptable principles including that of, directly and indirectly related, applicable laws and, if any, for the sake of thoughtful and sensible transparency. Almost everything, in this case is about, as nations and industries are already taking it as an initiative to protect entities such as people, enterprises, assets, properties including but not limited to information, which is the sole subject of information security specialists but it's reality is more complicated than arguing on which security can cover which area. Technology practitioners should appreciate it. Those who goes beyond a few specializations could realized it and make an effective position paramount to a cybersecurity responsibility. And the size of that responsibility may mean breaking and delegating it with various roles, with those who are effective and prudent in their jobs.
Post a Comment

Philippine telcos blocking entire SMS text with internet addresses in it

If you are sending SMS texts to your friends, family or colleagues and they contain internet or web address including IP and email addresses, and even a period or dot separating, regardless of, your words and numbers, they are automatically blocked and not going to be received by your waiting recipient. Cooler heads must prevail here especially if an important message is urgently being expected.

IP version 6 address is fine. However, an IPv4 including localhost address (given automatically to every computers and network interfaces as their own alone designed for troubleshooting purposes), and your money in the billion figure using dot as separators would be blocked. 

If you send "local.business, naman.naman etcetera" or any words that made you use dot in between them, as part of the text, they will be blocked. There are some, that isn't blocked in this category. Like check.iclassed, some.ent, whatever.local etcetera, that is because they do not form any domain name at all. Unlike artificial.intelligence, the first two (in) or three (int) after the dot which are India's and international organization's top level domains, respectively, most probably are being parsed as that by their blocking system. 

More so on legitimate top level domains in which there are now hundreds of these identified as generic and country code top level domains and domain hacks as well.

Any web address, even if its legitimate, including government and business domain names, if you send them as part of your SMS text, they will be blocked. Your entire text are not delivered at all and there's nothing that will be received on the other end.

The same thing for numbers with dot in between including IP (192.168.1.1) and email ([email protected]) addresses. 

But we are still receiving scam texts. Right? That's because in those texts, they don't use dot anymore. They are now using semicolon or comma or dot-using the whole word.

If you send "local,business" or any other message you have to with that format, it will get through, and so with the use of said other very simple schemes.

With the parameters being blocked as mentioned above, we tried to send some SMS texts with setting as the following

  • From/to Smart, both numbers are from Smart, the SMS texts were going through. All SMS sent through Smart and within its own network passes through, except for some texts that is lost, which is not received, for whatever reason, but probably not necessarily due to blocking of scam SMS texts. This issue seems to occur to all networks.
  • From/to Globe, both numbers are from Globe, the SMS texts were not going through. Even sending .com and other top level domains i.e. .net, .org alone as the only content of SMS texts, they do not go through. When a Globe subscriber send an SMS which contains link or domain name to another Globe number, same thing happened, it would not pass through. Globe, however, can send these links and domain names to its subscribers as we can see when we are getting SMS from them via their multiple channels or the 4-digit numbers that they mostly use for some of their services. 
  • From Smart to Globe and from Globe to Smart, SMS texts were not going through. It could be one network is totally doing the blocking. 

Networks not identified here were not part of the test or incidental activity, we should say. If you've got some extra load you can try these with other mobile number of yours or colleagues'.

Comments

Jon S said…
Problem, problem. All of this can be avoided when customers' businesses/activitise are factored in everytime. AWS sends URI for some of my account's authentication and I wouldn't received it.

Those who made such decisions are not sensitive to people's business, in PH this is sadly just the truth. They are only after their own profit, grow and ignore concerns of subscribers.

Looks like human errors are increasingly getting in the way of technology's job. iclassed has taught me well, try it's sorbefacient tutorial, and I completely understood why problems are becoming a norm in every technology effort. There is a solution to this, only that there are so many wrong people in those kind of position.
Friday, January 20, 2023 1:44:00 PM
Jon S. said…
Human error? Read https://www.reuters.com/world/us/airlines-expect-us-operations-rebound-thursday-faa-investigates-outage-2023-01-12/
Friday, January 20, 2023 1:45:00 PM
K said…
You never have to think twice again https://www.iclassed.com/p/zero-hour-covid-time-like-or-distressed.html.
Friday, January 20, 2023 4:15:00 PM
Anonymous said…
The participation of affected people (based on my own experience, it's everyone) are not so much of a news, both in the web and mass media. Like there is nothing at all to say about. But this is a start, I like the practicality of the ideas here and there.

Suzuki-san
Wednesday, March 01, 2023 3:33:00 PM
Unknown said…
Relevant discussions threading subjects significant to big picture, consultants working indeed. Any other company in PH doing such as this? Appreciate your reply, I am trying to source a new team (previous teams came from the so-called Big 4 and couldn't even formulate a simple strategy, so shortsighted) for a project.
Friday, March 24, 2023 12:06:00 PM
Post a Comment

Popular posts from this blog

Jobs we observed in a system performance

They are made either any of the following- - Tech job, - Business job, - Nut job, or - Enterprise job. What's yours? Can you do it better from your existing drive? Whatever you do, your output should facilitate not just your organization's goal but a little more than what you originally planned. Leaders usually kept them in the mind, so subtle only them knows it, but with some useful and delicate strategies employed people really are doing a good job, and working to improve them, too. That's the beginning why corporate social responsibility, or even the consequential environmental, social and governance initiatives can be a potent move to do something, if pertinent or weighty is even the right word. That doesn't need an ostentatious resources but the effect is meaningful for stakeholders, everyone we meant.
Post a Comment
Continue Reading

iclassed privacy policy, unbelievable at first sight

Those who, before engaging us and was reading our business conduct, alerts and notices , could not restrain themselves asking, "can you really do your job without keeping any data at all? At the end of the day, you should still be looking at those information and make sure you did, and will, do well. I am expecting a lot from you here, you said so yourself!" Now, that last sentence is so loud. We keep them, not in our premises, but yours. If you've been our clients, you'll know how persistent we are when it comes to the reliability and security of your systems, data and credentials. That's our responsibility, as is made popular by cloud computing, and we don't need to be in a cloud.
Post a Comment
Continue Reading