SMS delivery report is more serious than you think

Online chatting is in its heyday, with thousands of apps already available. The most popular of them are regularly updated and new functions are added, making the user experience the best it can be. However, despite the prevalence of online chatting, short message service, or short message service, seems to still be one of the most used forms of communication, despite the fact that recent research has indicated its dangers.

The delivery report function is also associated with SMS, which, as its name suggests, provides feedback to the sender about the delivery or failure of messages. However, as it turned out based on recent experiments, it seems that the service that many allow is not entirely safe, which is why it is worth taking several aspects into account when using it.

Cornell University researchers’ viewpoint Because when we receive an SMS, it generates a number of delivery signals, receiving SMS that opens side channels that allow other network users to locate us.

Of course, for this to actually happen, potential attackers would have to collect a lot of measurement data, without which they wouldn’t be able to draw specific associations and conclusions about our site. However, the more comprehensive data they have about this, the more accurate the site classification results in machine learning (ML) predictions, and this can subsequently lead to a more targeted and effective attack.

This phenomenon is also observed in the case of silent SMS, that is, messages without content and not indicating a notification on the recipient’s screen. During the experiment, 20 such messages were sent per hour, it was shown that the ML model uses 60 nodes and that many additional information can be determined from the training data, such as the receiver location and network type, or even the distance to the receiver.

As a result of the experiment, the researchers found that both domestic and foreign locations could be distinguished with over 90% accuracy within the model, and reported proportions even higher than that in classifying countries. Very good accuracies of over 60% have also been described for locations within the same regions.

The results are surprising from every point of view, but at the same time they are also frightening, mainly because due to the design of networks, it is very difficult to prevent these delivery reports from returning to the sender of the message, which further complicates the process of preventing potential attacks. Nevertheless, such experiments are very useful, as they provide an opportunity to design various defense mechanisms and systems in the most effective way, and they also alert us to informed messaging and the protection of our data.