But also, with the history of actually open protocols such as SMTP, the opportunity for abuse is enormous. The mobile phone system is abused right now by manufacturers, vendors, and "the surveillance state", but being open may just end up with us in a state where all that is true and there's a limitless slurry of effluent from semi-anonymous bad faith actors.
I think Signaling System 7 (what the phone networks use) might be the only widely-used communication protocol that's more open to abuse than SMTP.
With SS7, not only can you spoof any phone number, but you can cause the other end of the network connection to wire money without getting their prior authorization!
This is improved somewhat by STIR/SHAKEN, but, even with that, the state of the art is worse than SMTP.
Like SMTP, BGP or most "ancient" network protocols, it was built on completely different assumptions about who was actually allowed to connect to the network, and therefore trustability.
Unfortunately, there is way too much old gear around, probably hundreds of billions of dollars worth, so instead of actually rebuilding communications systems we're forced to bolt on security (and features, like with IPv6) onto an extremely large pile of ossified bull dung.
SMTP has no authentication, authorization, or encryption built in. GSM and the verizon standard do. SMTP abuse is entirely down to you being able to fire and forget a message without any sort of acceptance criteria for downstream systems.
Anyone abusing the mobile network runs the risk of their provider pulling the plug and disabling their access.
But also, with the history of actually open protocols such as SMTP, the opportunity for abuse is enormous. The mobile phone system is abused right now by manufacturers, vendors, and "the surveillance state", but being open may just end up with us in a state where all that is true and there's a limitless slurry of effluent from semi-anonymous bad faith actors.