Hacker News new | past | comments | ask | show | jobs | submit login

It is a pretty good idea, but only sufficient if you don't have much money. For large balances it might be worth someone's time to bribe your local telco worker or subvert your SS7/Diameter routing so that your calls route via an intermediary (i.e. make your phone a roaming number, route it's calls to an attacker controlled exchange in e.g. India). It is even simpler to listen in to your legitimate call and hear your phone banking password and secret Q&As.

Calling via a landline or via an operator assisted call would make such tricks much more difficult.

Some great papers on Diameter and telco security here: https://www.bell-labs.com/usr/silke.holtmanns






Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: