38 comments

[ 3.3 ms ] story [ 83.4 ms ] thread
Seems reasonable but I wonder why they’re not pointing to the word list?
(SWAG[1]) The reasons are likely because they don't want to anger the carriers by showing reverse-engined list of undesireable-to-that-telco words, and perhaps a bit of marketing - "we have done this work so you don't have to, so use us"

[1] https://en.m.wikipedia.org/wiki/Scientific_wild-ass_guess

Mostly the former, indeed. It's not really work one would need to do in general (we've done it to protect our relationship with these carriers, we don't want to block anything they wouldn't block anyway).
The interface could return with a "suggested revisions" to overcome over-restrictive spam filters. For example "morphine" -> "morph-drug".
or... userd could opt-in to auto-substitution of blocked words. The recipient gets "m*rphine".
Slightly off topic but I have been using JMP to proxy SMS to my XMPP, and it has been great. It's the easiest way to get SMS absolutely anywhere you want it (I use it inside Emacs :) )
Is blocking the keywords really the solution to prevent spam? I don't think that solves the root cause.

Wouldn't another approach like detecting senders who deliver 10k sms to thousands different contacts in a short amount of time be more effective?

(comment deleted)
(comment deleted)
> Is blocking the keywords really the solution to prevent spam?

Of course not, and as said in the article it's not even being used by the carriers to prevent spam, but rather to prevent what they consider "undesirable topics". I don't think it works amazing at that either of course.

SMSCs have had spam filters for ages and they’re very good. The telco ecosystem doesn’t mind rejecting legitimate SMSes and marking it as spam. The main reason is that SMS is paid for as soon as it’s sent.

Oligopolies and monopolies are the industry standard, which I think is more worthy of scrutiny than this well-known censorship aspect.

P.S. Also, silent SMS (Short Message Type 0) is interesting. https://akaki.io/2022/transmission_and_detection_of_silent_s...

Just relying on blocking specific words isn't the best fix. You've gotta attack this problem from different angles. Big names like Doordash or Uber blast messages all the time, so you need a way to tell them apart from new senders who suddenly flood you. The bad guys will switch senders fast, so now you gotta find a way to fingerprint messages. They'll even tweak the text slightly, so you need fuzzy fingerprinting techniques. And then there's the headache of defining what's spam. Some folks see political donation requests or marketing pitches as spam, while others don't. Sorting these messages becomes a puzzle. Then you have to ask yourself if spam and scam are two distinct types of messages. Spotting scam messages means digging into their content, like checking URLs to sniff out if they're fishy. And phishing? That stuff looks real and can play out across a whole message chain.
You make some excellent points… but I wish I could block all text messages that have links in them. I know this wouldn’t work for everyone but it would be a brilliant option for me lol

The only text messages I get from humans are from old people and from coworkers. Humans don’t ever send me text messages with links.

The only legitimate links in text messages I get are from parcels tracking things and many scammers spoof those text messages.

Meanwhile I don’t think I’ve ever received a spam message that doesn’t contain a link, at least not in the last 5 years

The solution is extreme, and I’m sure some legit messages will get blocked but man I really wish on iOS there was a native way to block any messages containing a link.

Besides stating the obvious, SMS already been replaced by other messaging protocols. So what exactly are we paying the carriers to do at this point besides being glorified ISPs of their own that just happen to hold frequency licenses for the Cellular data bands our devices use to communicate on said network?

I already knew SMS was insecure and send in plain text, knowing it's now also being censored and blocked without any warning from the carrier is just the last nail in the coffin for me for SMS. So when will we be able to tell these carriers to no longer provision a phone number but instead just issue me an IP address? It's clear they will mess with anything going over their network so now let's just send everything over TLS and HTTPS and cut them out entirely.

I'm an elementary school teacher, and I started at a new school this year. The official way to communicate is via email, but during the first week, my divisional head needed to get ahold of me more quickly. She tried calling, but I didn't pick up because I was with students. So she sent a text message.

My school is closed this week, so instead I'm giving private coding lessons to two sisters. Yesterday, I needed to get in touch with their father. I sent a text message.

What communication medium should have been used in these situations? Signal? Snikket? Either would have felt invasive. SMS is valuable for its social utility, not its technical merits.

P.S. Actually, both those anecdotes were lies. The girls' father and my divisional head were blue bubbles, so we were using iMessage. This is its own problem.

Another reason why encryption in RCS (not just google's flavor), or Apple opening up iMessage, can't come soon enough.
Why would Signal be invasive
...y'know, that's a good question. I feel strongly that it would have been invasive, but I'm not sure I can explain why.

SMS is universal. If you have a phone number, I know you have SMS. So sending a text message (or using Apple's stand-in) is a natural thing to do. I'm not looking you up on some external service.

Question: obviously you don't think it would have been invasive to reach out to the father on Signal. Would you have felt differently if I used any of: Whatsapp, Facebook Messenger, LinkedIn Messenger, or Discord? (I only had his name and phone number, but I could have done some searching.)

I think it's not invasive at all if they already have the service. "Oh, we need to connect, are you on Snikket?" isn't any more invasive than "what is your number". Where it gets harder is when they do not have anything you have and then you start saying "please install..." which is much more invasive for a casual contact. For this kind of lowest common denominator you can't really beat SMS or email because almost everyone has both already.
I guess the added thing is, even if they have $service installed, they might not be actively using it. Not only does virtually everyone have an SMS installed, virtually everyone also has it in their daily app rotation (even if it's not their preferred platform). So using SMS feels more polite to me.
> I think it's not invasive at all if they already have the service.

But if they don't? The main problem I have with non-SMS protocols is that there are too many of them. Having messaging fragmented across many services is a real issue. SMS is universal.

> So when will we be able to tell these carriers to no longer provision a phone number but instead just issue me an IP address?

You can already, for example https://jmp.chat/sim is data only, and there are other providers like this as well.

> SMS already been replaced by other messaging protocols.

No, it absolutely has not across the board. It certainly has in some places and cultures, but there are tons of people who use SMS as their primary messaging tool.

Delivered or not is too extreme, just like email phones should have a spam folder that suspicious messages are quietly delivered to, users can check that folder and identify messages that are ok. That feedback could improve the sorting.
(comment deleted)
What kills me is, they said "morphine" right in their own article, and here we are in these comments, showing that it's a word that must be communicated like any other word. What if HN also had the same filter for the same reasons? What if my browser did? Or their web host? The ostensible reasoning that the carriers give for filtering a message containing a word applies the same everywhere, if it were valid in the first place. It's literally not sane.

It also seems to me that interposing and filtering at all should lose the carriers their special "we're just the carrier" status and be directly criminally liable as a collaborator and beneficiary of every illegal thing they facilitate by failing to block it.

> What kills me is, they said "morphine" right in their own article, and here we are in these comments, showing that it's a word that must be communicated like any other word. What if HN also had the same filter for the same reasons? What if my browser did? Or their web host? The ostensible reasoning that the carriers give for filtering a message containing a word applies the same everywhere

It's a bit different.

When I send a text message, I am reaching out to you personally, and privately, and triggering a little 'ding' on your phone. Anyone in the world can trigger that ding, at any time, once they have your number. It's actually a really significant power, which most of us give away practically for free in the course of daily life[1].

I can't do that with my Hacker News comment, or with my website. You probably won't even see this reply unless you check your 'threads'.

All of this means there's a heightened need for filtering. (It does not mean the carrier's approach is sane.)

---

1: ...which I suppose is a great argument for the author's service, actually.

I grant that is a difference. Whether it's enough is arguable but it's a property I didn't notice.
> All of this means there's a heightened need for filtering.

I disagree. It seems to me that given that SMS is a personal communication, there should be no filtering of that, just the ability for people to block certain senders.

In a venue where you're talking to large numbers of strangers, filtering seems a bit more reasonable.

> just the ability for people to block certain senders.

But then they just switch to a different number.

If they're doing that, then they're stalkers and should be dealt with accordingly. In that case, I'd say the messages are the least worrisome part.
I'm not talking about texts from people I know.

Do you not get SPAM text messages? I do. I block and report them, but I get new ones from new numbers. It's annoying.

Some of these messages have been offers to buy illegal substances. So while I absolutely don't approve of the approach this carrier took, I do understand it.

Which is doubly dumb since drug chat tends to use slang words for drugs that would be mostly problematic to block anyway...as many of them are commonly used for their original purpose.
I'm not really in the drug scene, and so I don't have any direct experience, but from my understanding, if a buyer or narcotics has a conversation with his connection over open comms, the dialogue generally proceeds something like:

"Hey, wondering if my... friend is in town?"

"Oh, good, could he come over and bring, like, a large pizza, with pepperoni?"

They will just arrange for code words and phrases ahead of time, and wire taps will not be able to prove illicit intent without corroborating info.

Is there even any internet carrier still holding "we're just the carrier" status? It seems like everyone is forced to filter nowadays.
Anyone else remember the days of MSN messanger dropping messages that contained the string 'download.php' it didn't have to be part of a url even, just the bare string. I'm sure it was related to some worm that was spreading over the network, but what a kludgey solution!
is MMS censored in the same regard as SMS?