The Heartbleed Bug

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

heartbleed.com

All World Text servers were patched by Friday the 11th of April and SSL Certificates were renewed.  Although we are not aware of any information being compromised, we do recommend that users change their account password.

Posted in News & Updates! | Leave a comment

EU Data Retention Directive Ruled Invalid

EU Data Retention Directive Invalid

flag-259721_640The EU’s highest court, the Court of Justice has ruled the EU Data Retention Directive invalid.  The full ruling can be found here.

“It entails a wide – ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary”

Which seems like a clear victory for common sense.

Why Data Retention?

The directive was introduced as a knee-jerk reaction to the 2006 bombings in London and Madrid.  Having failed to get the required legislation through in the UK, Mr Brown took it to Europe.  If I recall correctly it was heavily defeated here in the UK.

Sadly given the views of current politicians it would be unlikely to be defeated again in the UK.  A British government spokesman said the retention of communications data was absolutely fundamental to allowing law enforcement authorities to investigate crime and ensure national security.

He would, of course, be unable to point to a single case where such retention had helped.

Damningly, the court added that the directive failed to offer sufficient safeguards “against the risk of abuse and against any unlawful access to use of the data”.

No doubt the directive would not apply to GCHQ et al, but it’s the first pushback of significance against mass surveillance.

What Now?

browser-98386_150We should hope that in the interim all ISPs choose to rm -rf * any data they have currently stored.

One ISP in Sweden has already done exactly this.  Bahnhof CEO Jon Karlung said he deleted all retained data on Wednesday after consulting with lawyers.

So now we await the first UK ISP to announce their removal of this incorrectly retained data.  I’m not holding my breath mind you.

It is interesting to note that just at the time the EU has the lowest reputation ever here in the UK, there is a lot of common sense coming from Europe regarding surveillance and privacy.  For the first time in a very long time Europe seems to be considering the rights of the individual.

Posted in Blog | Leave a comment

Capitalism, Freebies and the Entitlement Generation

Ovivo is no More

Ovivo has shuffled off this mortal coil, absolutely no surprises there – the pricing model was pretty weak. They weren’t even directly connecting to Vodafone – they were going through an aggregator – someone else taking a percentage. Few have made ad supported work, but we have been here so many, many times before. For a while in the first Dot Com boom it seemed like everything was going to be paid for by online adverts, except virtually no one aside from Google managed it.

Where’s the attraction to advertisers? Pay to advertise to a self-selected 50,000 skint or tight fisted folks who want something for nothing? Yeah, that’ll work, it’s the perfect target demographic!

ovivo-logoAnyway, I assume Ovivo were warning everyone of this since inception with their cute pink, but dead, rhinoceros logo.

So what did Ovivo bring to the party that Samba, Blyk and countless others couldn’t? Nothing.

There’s a further problem with the ad supported model – almost everyone who’s tried it starts skirting dangerously close to click fraud – click the ad and get 10 more minutes or MB of internet. So no one is clicking the ad because of what’s advertised, but simply to make it go away and give them a bit more internet or phone etc.

If you don’t enforce it you don’t get enough clicks to survive, if you explicitly trade a certain time/data for ad clicks you’re now breaching the terms of most ad networks. After all, what advertiser wants to pay for clicks from people who are mostly not interested in your product, but are only clicking so they can surf Facebook or send a text?

So for the consumer, the only attraction of such a service should be for a disposable, temporary way of getting free service. For a while. You might get six months or a year of free before it (inevitably) closes, you might only get three weeks.

If, like so many in this recession, you’re very strapped for cash it could be a great way to avoid a disconnected phone and keep contact. To expect it to be as stable as the O2s and Vodaphones is naive at best.

The Entitlement Generation

Crying GirlSurprising it may be, but so many still expect something quality is possible for nothing. The internet now has the fake outrage over Ovivo’s closure on Twitter, Facebook and in the comment section of most news stories on the topic.

Today I heard on the radio there is now a petition demanding the government “fully investigate the circumstances of the closure and do everything in their power to ensure that OVIVO customers receive refunds”. Presumably they expect that if the company turns out to be insolvent that our taxes will refund them their 20 quid non-refundable sign-on fee. Really? Expect a government enquiry for a defunct free service?

No one refunded my £50 deposit when a double glazing firm closed 2 weeks after I placed an order, nor would I expect them to. That’s capitalism. If it was a bank with my life savings, well there are regulations already in place.

There are already laws in place to prevent companies trading whilst insolvent. These things usually come as a surprise as it’s incredibly suicidal to advertise that you’re on the brink – doing so pretty much guarantees that all your existing customers will be seeking to get refunds and get out fast.

Usually the staff don’t even know insolvency and closure is coming. In the specific case of Ovivo who knows, but they do seem to have been in dispute with their sole supplier, who eventually turned them off.

So, as ever, caveat emptor (buyer beware). Though is there actually an emptor with a completely free service?

Doesn’t seem to stop the entitlement generation being so, well, whiny and entitled. How dare they? The government must DO something (where something is giving them back all their money).

If perchance you want to sign the petition, you can find it here. Though it won’t be achieving anything aside from providing a little entertainment value!

What next for the Ovivo Customer?

Find another free mobile service, who will likely disappear in some indeterminate time. Expect it, and plan accordingly.
Find a service that suits your needs better, but must be paid for.

Of course if you have a particular need to send texts from your now defunct number, or need two-way texting, World Text can help. We can send with any source address – you’ll need to contact us to set the number as it’s not an active number, or we can provide a virtual mobile number for two way.

We don’t expect many ex-Ovivo customers though as we actually charge for the service we provide. That’s why we’ve been in business over a decade, and expect to remain so for many years to come. Unfortunately to achieve this we have to charge you a little money for what you use!

We have an excellent reputation for support, unfortunately this has to be paid for!

Posted in Blog | Leave a comment

UK HLR Lookup

We are pleased to announce an update to our HLR Lookup service (Home Location Register) for UK networks enabling full coverage. This update is coming soon, we recommend consulting with us now in order to benefit from this improved service from the first day of going live.

HLR lookups for UK networks have been fraught with problems for quite some time, with lookups going via official network sanctioned routes and methods being precluded from MSISDN’s belonging to Vodafone UK at their request.

Some HLR lookups to Vodafone UK have been offered by others, but this has either been ‘cached’ data so often out of date and certainly does not offer live results or has been mixed among existing outbound SMS traffic which of course is not sanctioned by the networks, so falls outside of the terms of service which in turn leads to a volatile service.

The World Text HLR Lookup service will be one of the few officially sanctioned lookup routes for not only Vodafone UK, but for HLR Lookups directed towards EE (T-Mobile and Orange for those of use who still haven’t caught on!) which currently has the largest subscriber base in the UK by quite some margin.

To clarify, both Vodafone and EE lookups will only be network sanctioned via official approved routes and methods – make sure your current service will allow for this to ensure continuity!

The following networks are confirmed as having live data HLR Lookup coverage using the new service coming soon:

  • Vodafone
  • EE (Everything Everywhere)
  • T-Mobile
  • Orange
  • O2
  • Three
  • and all MVNO’s on any of the above networks

Data returned as standard for lookups will be the status of the handset (i.e. OK, Absent Subscriber etc.) and the MCC / MNC.

Further information is heavily restricted for obvious reasons which will help reduce SMS fraud and spoofing – this can nothing but help stabilise our industry!

For further information please contact us.

 

Posted in News & Updates! | Leave a comment

National Security and a Webcam…

You Couldn’t Make it Up

It’s starting to sound like something from Monty Python. No one expects the Spanish Inquisition GCHQ. Our chief weapon is surprise, and snooping. Our two chief weapons are surprise, snooping and building a database of the whole population, etc. All we need now is the “and near fanatical devotion to the Pope!” line. Trouble is, it’s not funny. It’s become a little bit sickening actually.

Turns out that GCHQ with the assistance of the NSA have been intercepting and storing webcam images in bulk – some 1.8m users being “targeted” in a six month period in 2008, and the programme is ongoing. (Targeted? This is more akin to area carpet bombing than any sort of sniper like targeting of someone under suspicion of some wrongdoing). No one will be surprised to learn that a significant proportion of this was sexually explicit. This is for Yahoo users only – there’s no mention of any other services – but I have no doubt there will be equivalent programmes to attempt similar access via Google Hangouts, MSN, Skype and so forth.

The Guardian have the full details on the project codenamed Optic Nerve. It’s by far the grubbiest revelation yet.

Time was if you believed the spy agencies were snooping on webcams you would be firmly in the company of the more extreme “tinfoil hat” wearers and the paranoid. Turns out that the paranoid weren’t quite paranoid or imaginative enough, and the rest of us are starting to look a little embarrassed and foolish.

After all, we’re a free country (a claim that’s ringing increasingly hollow), and such all-pervasive snooping would be the preserve of the Stasi and other tinpot dictatorships. More fool us for believing that.

So, via their wholesale, untargeted collection of stills from these webcams every five minutes they will have built a huge database of faces and other parts. So GCHQ probably have naked photos of 2%? 5%? I have no idea, of the UK adult population. Probably a good proportion of under-age folks too – teens often do silly things as they’re discovering their sexuality. Teens might also be able to add five years to their age so they pass the feeble over 18 check.

Collect it all! We’ll find something to make them guilty of later!

I notice the “if you have nothing to hide” brigade have gone very silent indeed of late. Hardly surprising really.

To What End?

????????????????????????????????What’s the rationale here? Establish a database for ridicule or blackmail them? A national identity database of naughty bits? Far as I know nudist suicide bombers are vanishingly rare. “.  It’s beyond ludicrous. Monty Python or Spitting Image would have a bloody field day. Where is all the hard-hitting political satire these days? Apparently, like the parrot, it has ceased to be.

Further, it seems that GCHQ were constantly struggling to keep this massive porn database away from the eyes of their staff. Yep, clearly they can be trusted… to go looking for a few cheap thrills at work. Most people wait until they get home. Or was it a case of transfer a few Gig onto a USB stick for the evening’s entertainment?  Perhaps it’s simply a case of accidentally displaying the dubious content in response to searches.

Given that it’s periodically snapping stills from the web chats there’s no possiblity of learning some mission critical terrorist planning – smiley face, frowning face, angry face, laughing face. Yup, that’s going to help a lot. So what’s the national security rationale here?

The programme was started because “Yahoo webcam is known to be used to GCHQ targets”. Oh that’s OK then. Presumably they have bugged every car on the road as cars are known to be used by GCHQ targets, and recorded every phone call, and have access to every retail database as shopping is known to be used by GCHQ targets, and recorded every public CCTV camera. Are they really this feeble? Not in the least – they have some very intelligent people there. There does seem to be a large dose of groupthink going on though. Along with a concerted and sustained effort to build a database of everything. They apparently want 1984 + Minority Report. Yet Minority Report rather clearly demonstrated the bloody problem with that.

Talking of CCTV, I’m sure that many people would have far less issue with sampling images from those, as people are at least out in public and expecting to be observed. Though perhaps not being fed into the database of everything.

We’re told, via the document released, that they were only collecting images every five minutes to comply with human rights legislation, and to avoid overloading their servers. So it’s quite a lot then – they have a ridiculous amount of servers. They’re then trying to use those images to build a massive mugshot book and for face recognition. What’s wrong with using Police mugshot books and suchlike? Oh! Of course, those don’t include the innocent.

This, remember, is the national spy agency who we are repeatedly told has the nation’s best interests at heart and is performing an essential service. It’s getting decidedly grubby and abhorrent. What’s next?

Equal Under the Law

Statue of Justice on top of Old Bailey, Criminal court, LondonThere’s a long held common law principle in the UK that every citizen, upto and including the sovereign is subject to the same law. (This has been rather weakened with various statutes and European legislation as statute law overrides common law). Nonetheless, the principle holds.

If an average citizen were snooping on his neighbours (presumably in a dirty raincoat, with a pair of binoculars) not only would the gutter press go overboard with stories of the pervert, they would likely deeply offend the neighbours and not exactly be winning friends and influencing people.

If GCHQ do it on the scale of millions it’s fine, even if a significant proportion of that data is pornographic, and a subset of that porn is under age. Because terrorism, the modern day excuse for anything.

Even if some GCHQ analyst is searching this massive database they are also shown images of people with similar usernames to surveillance targets. Now then, for any of the huge services (gmail, yahoo, msn, etc) it’s mostly impossible to choose a personal nickname, for nigh on everything you can think of is already taken, and has been for a decade.

So the system will suggest alternatives, and after 40 minutes of trying to be unique and creative you’ll discover you’re neither, give in and accept the suggestion of “thecat82526″. Bad luck if Mr Bin Laden had a Yahoo id of thecat82525 for now every time an analyst searches their super mug book your face will pop up too. Well, by their reasoning, you are nearly a terrorist. If you’ve been webcamming with your significant other, well bad luck twice as it may be your naughty bits rather than your face.

It’s absolutely bloody laughable, if it weren’t so depressing. Equal under the law? Clearly not.

Innocent until proven guilty? Suspicion? Just cause? Search warrant? Apparently inconvenient relics of olden days. Because terrorism.

Go watch the excellent BBC mini series, The Last Enemy

This isn’t security, this is perverse and has an overall air of being dirty, firmly in the same territory as perverts and flashers. Because terrorism. Bull****.

I’m awfully glad I’ve never bothered with webcams, aside from very occasionally.

So now we learn we’re a free country that comes at the cost of the complete abolition of individual privacy. Because terrorism.

Lest we forget, you are more likely to die in a lightning strike or drown in the bath than be the victim of a terrorist act. Is it a fair price to pay then for this vanishingly unlikely event? Absolutely not.

We’ve rapidly reached a point where we’re not preserving our freedom. Our freedom and privacy is absolutely and irrevocably being destroyed piece by piece. Where is the freedom of 24/7 surveillance?

Someone is watching you every chance they possibly can.

We Needn’t Worry

We also learn last week that No 10 aide Patrick Rock was “accused of an offence related to child abuse images hours before his arrest”. Now this may well be true, but given the complete lack of morals shown by our government I find myself wondering who did he upset, and who put them there. Of course he’s not been prosecuted, or convicted so it could turn out to be a false accusation, or he’s genuinely guilty of something…

You see that’s one particular problem of all pervasive surveillance – if you start to use one of the techniques of a police state, don’t be surprised if people start believing you’re willing and capable of using any and all of the techniques of a police state.  However ridiculous that might be…

It becomes incredibly easy to incriminate anyone by planting a little incriminating evidence. If his laptop wasn’t full of incriminating emails, it soon will be. Justly or otherwise.

Now then, where’d our free country go?

Do I believe such activities would take place in the UK? Six months ago I would have said no, absolutely not, but now I honestly don’t know any more. It’s certainly not the country I was once proud of. It’s a country I am now deeply embarrased of. Because terrorism.

We Can Trust the Watchers

Or can we? Just last week, regarding the Stephen Lawrence case, we hear the Metropolitan Police branded institutionally corrupt, along with some deeply disturbing revelations on the integrity of UK policing. One of the people named in this scandal has now become the head of the Metropolitan Police’s counter terrorism unit.  Within 24 hours of that story breaking, he was removed from the post.

The Brits and Spying

In ActionThe British have always had a fairly positive view of espionage – between John le Carre, 007 and the folk tale of how Bletchley Park won us the war it’s all made for a jolly good tale.

What’s acceptable in fiction or wartime is very different to the wholesale abuse of power in peacetime. I’ve no doubt most of us expected communications to places like Russia or Pakistan to be monitored, and we’d fully expect our acronym happy agencies to be monitoring overseas military, actual suspected terrorists and agitators etc. Would we expect wholesale monitoring of everything, including our “allies” in NATO and the EU? Wholesale monitoring of our own population encompassing their texts, pizza orders and private webcam chats?

It really is about time we woke up and reconsidered our overly rosy view of how these skills have developed and are used. We never expected it to be turned on us.

The Law of Unintended Consequences

Cameras in loveOf the people I know, many couldn’t have cared less about internet privacy and Google databases 12 months ago. Got a Tesco clubcard? Of course they are data mining you to death. Got a Google account? Of course they know more about me than I do, who cares? Now even some of my most previously unconcerned friends are talking of VPNs, TOR, secure chat, encryption and rejecting Google, Apple and Facebook services.

A couple of those who once ridiculed me for being concerned by the extent of Google’s data mining are now far more locked down than me!  I was only ever concerned with the extent of the commercial assumptions being made by Google becoming so all-pervasive in web services.  I never conceived the idea that they were actually only a minor player in this data mining, snooping game, and then mostly to show me adverts I always ignore anyway.

An awful lot of IT techies are now developing an interest in privacy and encryption – and some will, in due course, be getting involved in projects to make secure encryption and privacy easier. It will take some time, but I expect many products and services to be kickstarted into life on the back of security over the coming years.

What will be lost when this happens? Quite possibly the ability of the spooks to snoop on actual suspected criminals and terrorists as half the world will be using highly secure comms channels.

That would be throwing the baby out with the bathwater, but they do seem to want to bring this upon themselves.

Posted in Blog | Leave a comment

New Telephone Number!

We’ve changed our telephone number!

Contact us on 0330 223 1110

So as calls to us from both UK landlines and UK mobiles will be charged at a local rate or be deducted from your inclusive minutes, we have changed to the new UK standard of an 0330 prefix number – further information on this here http://consumers.ofcom.org.uk/files/2010/01/numbering.pdf

Posted in News & Updates! | Leave a comment

Netherlands SMS Virtual Numbers

With effect from 4th April 2014 Netherlands SMS virtual numbers will no longer be available from any mobile network in this country.

The Dutch Consumer & Market authority have taken the decision to not allow inbound SMS virtual numbers. This is due to an application for a new virtual number range being declined for one of the mobile networks and as such they then deemed that it was unfair competition to allow the existing ranges to continue.

There are two options open to users who require inbound SMS from networks in The Netherlands:

World Text VSIM Hosting service – this will enable a local numbers, however current restriction is that inbounds from users on the Tele2 network will not be received. This may change, however there is no confirmed date.

World Text Swedish SMS Virtual Number – This provides full inbound coverage for the main networks in The Netherlands, however users replies would be an international rate message.

We are working on an alternative solution, however at this point we do not know what will be possible and what won’t be.

For further information please contact us.

Posted in News & Updates! | Leave a comment

Romania SMS Virtual Numbers

World Text are please to announce that Romania SMS virtual numbers (aka. virtual mobile numbers, long codes and virtual numbers) are now available to rent.

Romanian SMS virtual numbers can be used for inbound text messaging and two-way text messages services – combined with the World Text extensive global coverage these and our many other virtual numbers provide unrivalled international SMS services.

For further information please contact us.

Posted in News & Updates! | Leave a comment

Virtual SIM hosting inbound coverage

We are please to announce additional inbound coverage has now been added to the World Text Virtual SIM Hosting service (aka. VSIM, VSIM hosting).

Please see below the networks which are now supported in addition to our existing extensive coverage.

  • Congo, Democratic Republic of – SAIT Telecom
  • Iceland – NOVA
  • Moldova, Republic Of – MOLDCELL
  • Uganda – Uganda Telecom Ltd

In addition to this, our range of 447937 prefix international UK SMS Virtual Numbers now benefit from the same additional inbound coverage.

For further information please contact us.

Posted in News & Updates! | Leave a comment

Philippines SMS Virtual Number

Virtual SMS numberWe are pleased to announce new lower cost +63 Philippines SMS virtual number for inbound / receiving SMS text messages and for two-way SMS text messages. Also known as virtual mobile number, virtual long number and long number.

Available immediately these provide a low cost way for user in the Philippines to text to or reply to SMS sent to them.

Please contact us for further information.

Posted in News & Updates! | Leave a comment