Great piece on simswapping.
Simswaps are most effective because there is no true alternative. Your phone number can't hide behind DDOS mitigation, a firewall, or a DNS lock. But what does it mean to not have one?
Companies like Google can try to mitigate these types of attacks for their employees and VIPs, like YouTubers.
Is there an IoT cellular provider currently selling IMSI-only SIM cards (without BAN provisioning for a phone number) to high-profile clients like this? Or did Twitter Security cook this up? If this is what he is referring to, it should be far more widespread.
Some of the connected cars don't have BAN provisioning. Tesla and Waymo oddly do. Considering Amazon is trying to buy Boost's cellular spectrum to build a backhaul company, could a world without phone numbers be fairly close? Would bring this to a hault.
The IoT space has really matured since the last time I investigated — and according to Hologram's website, they support factory unlocked iPhones. You can actually buy a U.S. SIM card without a phone number, for 1.4¢ a MB, and lower with bulk bandwidth. http://hologram.io
Request for startup: build the foolproof automated carrier without phone numbers and human error atop Hologram's backhaul network. End the simswapping era with the security we already rely on everyday for things far less important than a digital hijacking.
You can follow @_DanielSinclair.
Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.
Enjoy Threader? Sign up.
Threader is an independent project created by only two developers. The site gets 500,000+ visits a month and our iOS Twitter client was featured as an App of the Day by Apple. Running this space is expensive and time consuming. If you find Threader useful, please consider supporting us to make it a sustainable project.