It seems that O2’s legacy MMS platform doesn’t implement even the basic security my own service did… use of security through obscurity techniques surely is not an appropriate way to protect private images sent to O2 customers by MMS.

Ironically, my own o2mms webapp thrown together in a week or so was more secure in most respects than the solution built by the multi-national O2.

As soon as O2 relaunch the service with improved security I will restore my service, although no doubt this will take some time.

More information on the outage;

• http://www.theinquirer.net/gb/inquirer/news/2008/07/19/o2-allows-mms-pictures-seen
• http://www.theinquirer.net/gb/inquirer/news/2008/07/20/o2-responds-mms-leak
• http://www.informationweek.com/news/mobility/security/showArticle.jhtml?articleID=209101313