[Someone1234]

There's two different but both problematic things here:

- Really poorly written spam detection.

- Failure to notify customers/no remediation procedure.

No doubt people will bring up "but then the spammers will know!!" Or similar, but honestly spammers are already limited by the cost of buying SIM cards ($5/ea), and I feel like customers being negatively impacted outweighs the minor benefit to spam-fighting (particularly when spammers could buy a single second number and detect this 100% of the time anyway).

Plus I'd be pretty upset if I was a customer paying for service, and I lost access to a part of that service for 10 days because I sent the word "butt" in a conversation. I'd feel particularly irritated if I wasn't told that my messages weren't delivered, and vital ones were just going into a void.

[drtillberg]

For SaaS like Strava or something, I'm agnostic whether the notice should come before the shut-off alleging a TOS violation. For cellular service though, SMS is integral to life. 911 even accepts SMS. Imagine T-Mobile silently dropping 911 SMS communications because someone texted the wrong word? Which isn't even in the TOS?

This is like dangling chum in the water, waiting for a big shark to chomp your leg, T-Mobile and whatever individual engineer came up with this.

[ThePowerOfFuet]

Did anyone allege that sending SMS to 911 was affected?

[edoceo]

No, we were just asked to imagine the effects of this poor implementation on emergency services.

[t-writescode]

Which is something that should be considered before writing this stuff and hopefully a T-Mobile engineer reads Hacker News to be encouraged to think about that and check it.

[makethetick]

Bulk SMS spam would most likely come from someone with direct signalling access and not from individual SIM cards which would be trivial to detect and block by the operator.

[nullc]

> which would be trivial to detect and block by the operator.

Problem solved! https://www.aliexpress.com/item/4000124061983.html

[makethetick]

Wow, pretty inventive! You can get similar devices which plug into a computer and would be a lot easier.

[jasonjayr]

It is trivial, even for someone not that technically oriented to send a mass SMS from Android, with the appropriate app. Since it's easier to sideload on Android, it would be even easier for a malicious spammer to pay people to install sketchy APK's that spam from the user's phone relentlessly.

[makethetick]

This would be simple for the user to execute but it would very quickly be spotted by the operator as it's all from a single originating MSISDN. Spreading the load over many users like your latter example would be a lot harder to spot, as would spamming through multiple SMS providers as you're diluting it (but it might also get picked up by the provider e.g. Twilio, MessageBird etc).

My point was that most spam originates from people with SS7 access and not SIM cards. It can also come through low cost SMS providers but is short lived as it's blocked the moment it's discovered or there's a complaint.

[jasonjayr]

How does one even obtain SS7 access w/o a AUP forbidding this kind of abuse? Or are the Telco owners making more money not caring @ that connection level?

[seba_dos1]

What's more, all you need is a broadband dongle and you can send SMS with a simple script straight from your PC - but as others already said, it's hardly a real source of spam.

[jcrawfordor]

I think there's an increasing amount of SMS spam being sent by random compromised consumer devices, which is probably what drove T-Mobile to take this sort of desperate measure. It would seem like notifying the customer is even more warranted in this case, though.

[Geezus_42]

The only SMS spam I ever get is from email addresses...