undefined | Better HN

0 pointsmschuster913y ago0 comments

Against private phone contracts, yes indeed - but as I said, large companies (which CF targets here) already shouldn't be vulnerable.

For private phone contracts, we should kick the arses of our politicians and the regulatory agencies to finally do their job.

0 comments

staticassertion3y ago

> but as I said, large companies (which CF targets here) already shouldn't be vulnerable.

Only if you're willing to trust the reset process. The whole point of this is to remove that trust.

Further, as noted, this doesn't just protect against that attack. It also allows for filtering at the data layer, so you can remove malicious traffic. And it also gives SIM a stronger identity, so if you're using a heuristic for identification (as you always are) it becomes a much more powerful entry.

j / k navigate · click thread line to collapse

0 pointsmschuster913y ago0 comments

Against private phone contracts, yes indeed - but as I said, large companies (which CF targets here) already shouldn't be vulnerable.

For private phone contracts, we should kick the arses of our politicians and the regulatory agencies to finally do their job.

0 comments

staticassertion3y ago

> but as I said, large companies (which CF targets here) already shouldn't be vulnerable.

Only if you're willing to trust the reset process. The whole point of this is to remove that trust.

j / k navigate · click thread line to collapse