After seeing STIR/SHAKEN's implementation details (hey what if we used JWT, and ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		some_furry 4 months ago \| parent \| context \| favorite \| on: The insecurity of telecom stacks in the wake of Sa... After seeing STIR/SHAKEN's implementation details (hey what if we used JWT, and then maximized the metadata leakage of who you're calling), I really do not want to trust telecoms to roll their own crypto. https://securitycryptographywhatever.com/2024/04/30/stir-sha...

lxgr 4 months ago [–]

At least they're now only botching protocols instead of self-rolling low-level primitives like block and stream ciphers...

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact