Wednesday, September 20, 2006
"Instant" Voice Messaging, BubbleMotion & Pinger
Bubble Motion, a provider of short voice message solutions, announced last week that it had raised US$10 million in series B funding from Sequoia Capital US and India. The company plans to use the funds to increase R&D and market and deploy their product offering more globally. Bubble Motion offers a compelling voice messaging product which is similar to a "push to talk" experience. The A party simply dials the recipients number with a couple of digits preceeding the full number, dials and records a message. The B party receives a SMS with a number to dial to pick up the message. I like the concept of a voice SMS but I think the pre-dial is a bit clunky as most of us dial direct from the address book.
Pinger, funded earlier this year by Kleiner Perkins Caufield and Byers is currently beta testing a similar service, currently restricted to US users only. The Pinger difference is that theres no need to key in the digits that preceed the B party number - Pinger lets the A party simply speak the recipient(s) name and record the message. Message retrieval for Pinger is similar to BubbleMotion.
Both products offer the consumer a SMS type message experience but using voice. Although in the case of Pinger it sounds like the A party might have to download something (you dont need to with BubbleMotion), the B party can get the message regardless of what device they have and what network they're on.
Subscribe to:
Post Comments (Atom)
2 comments:
Sending text messages can be a drag -- typing on my small cellphone is annoying. So I certainly see the utility in these companies...fyi -- both will actually be featured at Under the Radar: Mobility on Nov. 16th -- info here: http://undertheradarblog.com/under-the-radar-mobility-conference/
Do you know the companies PINGER and SNAPVINE?
Pinger and Snapvine are highly INSECURE!!!!
What this means: I can break into your Pinger and Snapvine phone accounts. I can listen to your messages. I can send out messages as you.
How do I do this? Easy. I mask / spoof CALLER ID / ANI. Anyone can do this, amateur hacks, etc.
Well, there are others, but suffice to say that these companies are doing new things with social networking sites and phones that help to connect people.
The problem is that these companies have a scalability problem based on inbound calling.
You see, if you have hundreds of thousands or millions of users, you can’t give everyone a unique dial in phone number.
SECURITY PROBLEM
What these companies have done is based user identification on Caller ID / ANI – meaning that you call their service, and their systems recognize your phone via Caller ID.
The problem is that Caller ID is highly insecure and can be faked.
The problem that these “dial in” companies are trying to solve is one of scalability. They simply cannot have enough dial in numbers for each user.
Therefore, they have architected a way to recognize each caller by Caller ID and to base the entire user authentication system on this insecure method.
This can easily be hacked.
SOLUTION
The solution is funny – both Pinger and SnapVine make you enter in a PIN CODE when you dial in without validating your phone.
After you validate your phone, you no longer need to enter the PIN CODE.
So in effect, when you validate your phone, you make your account INSECURE.
What Pinger and SnapVine need to do is always require the PIN CODE.
Post a Comment