AT&T, Verizon, T-Mobile & Sprint Want Even Broader Access To Your Personal Data

from the hard-pass dept

We've noted repeatedly that however bad Facebook has been on privacy (pretty clearly terrible), the broadband industry has traditionally been much, much worse. From AT&T's efforts to charge consumers more just to protect their privacy, to Verizon getting busted for covertly tracking users around the internet without telling them (or letting users opt out), this is not an industry that respects you or your privacy. That's before we even get to their cozy, often mindlessly-loyal relationship with intelligence and law enforcement.

As such, it's kind of amusing to note that these are the same companies now trying to position themselves as the gatekeepers of all of your private data online. As security expert Brian Krebs notes, AT&T, Verizon, T-Mobile and Sprint (the latter two of which will likely soon be one company) are cooking up something dubbed "Project Verify," which would let end users eschew traditional website passwords -- instead authenticating visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, including location, "customer reputation", and device hardware specs.

This video by the carriers offers a little more detail:

The problem, as Krebs is quick to note, is that giving more private data to companies with an utterly abysmal track record on privacy might not be a particularly bright idea:

"A key question about adoption of this fledgling initiative will be how much trust consumers place with the wireless companies, which have struggled mightily over the past several years to validate that their own customers are who they say they are."

As we've been noting, these are the same companies that have been struggling to prevent hackers from routinely stealing customer identities via SIM hijacking, which involves a hacker bribing an employee to port your phone number to a new device, then jacking your identity and making off with your private data (or making millions by selling your cryptocurrency or valuable accounts). These are also the same carriers that have routinely failed to do much about the SS7 exploit that's been in the wild for seemingly ever, allowing hackers to spy on an undetermined number of cellular customers for years.

These are also the same wireless carriers that were just caught up in a massive scandal involving their collection of sale of user location data, a multi-billion dollar venture that involves selling your daily motion habits to a cavalcade of different companies, many of which have shown a similarly-flimsy disregard for actually keeping that data safe. And these are the same companies that work tirelessly to scuttle any and every effort to actually shore up nationwide privacy standards, usually by lying to lawmakers and the public about what these plans would actually do.

For his part, Krebs thinks this is a hard pass:

"I am not likely to ever take the carriers up on this offer. In fact, I’ve been working hard of late to disconnect my digital life from these mobile providers. And I’m not about to volunteer more information than necessary beyond the bare minimum needed to have wireless service."

Other widely-respected security reporters were similarly unimpressed:

Again, the devil will be in the details. But at first glimpse, you'd be pretty foolish to trust companies with additional private data that have repeatedly proven to be routinely cavalier about the oceans of data they already collect. Time and time again wireless carriers have prioritized profits over the personal interest and welfare of consumers, and anybody expecting that to magically change ahead of Project Verify's launch haven't been paying attention.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: accounts, digital identity, passwords, privacy, project verify, telcos
Companies: at&t, sprint, t-mobile, verizon


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 14 Sep 2018 @ 6:52am

    Blockbuster is more regulated than Verizon?

    It seems absurd that my video rental records are better protected than my mobile data.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Sep 2018 @ 7:05am

    'giving more private data to companies with an utterly abysmal track record on privacy might not be a particularly bright idea'

    really good thing when privacy is being eroded, along with freedom, by the US government and just about every other government on the Planet as well. letting what isn't being protected well already be less protected by a bunch of liars only interested in being paid for handing out info to as many companies as possible, while knowing everything we do, every minute of every day, gives them constant access to us is despicable!!

    link to this | view in chronology ]

  • icon
    TruthHurts (profile), 14 Sep 2018 @ 7:17am

    Project Verify - aka - Project EBD (Encryption Back Door)

    If you use this, you've just handed the feds the keys to your encryption for every web application or site you feed to this app.

    link to this | view in chronology ]

    • identicon
      Anymouse, 14 Sep 2018 @ 7:31am

      Re: Project Verify - aka - Project EBD (Encryption Back Door)

      So this is how liberty dies, with thunderous applause...

      The masses will eat this up, not realizing that they are basically submitting themselves to branding and constant monitoring of all their activities.

      Next will come the use of the privacy data to track down those responsible for "fake news" (aka, anything against the current governemnt's wishes), and then the beheadings will begin.

      Wait until the DNA databases are cross referenced with this data to track down any "foreign invaders" (aka immigrants) who will then be summarily shot by firing squad (or just deported to their country of origin, based on the highest % in their DNA record).

      Now where did I put that tinfoil hat... (it stops the privacy stealing rays... when wrapped around your phone, right?)

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Sep 2018 @ 9:07am

        Re: Re: Project Verify - aka - Project EBD (Encryption Back Door)

        "So this is how liberty dies, with thunderous applause..."

        This is how it always dies...

        there is a reason that the founding fathers said that those whom give up essential liberty for a little temporary safety deserve neither that liberty or safety.

        There is no greater irony than those that are crushed under the very boots they themselves elected to crush them.

        link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Sep 2018 @ 8:38am

      Re: Project Verify - aka - Project EBD (Encryption Back Door)

      Exactly, the feds have found their unicorn, key-escrow with a willing surveillance partner.

      link to this | view in chronology ]

  • identicon
    I.T. Guy, 14 Sep 2018 @ 7:23am

    [Laughs and laughs and laughs] Yeah, right.
    I will be sure to run right out and join.

    link to this | view in chronology ]

  • icon
    DannyB (profile), 14 Sep 2018 @ 8:32am

    DUMB PIPES

    Dear AT&T, Verizon, T-Mobile and Sprint:

    You don't need my personal data.

    You have exactly one job: DUMB PIPES.

    Just be the world's best, fastest, most convenient, and competitively prices dumb pipes.

    Doing your business and doing it well is a time honored way of building a great business.

    Sincerely,

    your customers

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Sep 2018 @ 5:18pm

      Re: DUMB PIPES

      Amazingly, Verizon just announced a suspiously great plan. I kept looking for a catch and didn't see it. No caps, no throttling, no tethering restrictions, 300-1000 Mbps, and their advertised price includes all fees and taxes. It's an announcement from a bizarro world. Two days later they announce they want to manage my security, and we're back to reality. Next week they'll be back to extorting money from Youtube and Netflix.

      link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 14 Sep 2018 @ 9:04am

    who cares

    Just like the last time I told the knobs around here that avoiding Google is as impossible as avoiding the credit agencies my post got flagged.

    Some are even dumb enough to think they can avoid the likes of google if they block scripts. If you design webpages, you already know you can hide plenty of things from the user about their sessions. This does not even count the 3rd party data sharing businesses do with Google on other things.

    These companies are going to get your data, they are going to be able to use it as they see fit. Any lawsuits they lose over that data will only result in temporary setbacks as the government is going to want that data as well. It behooves businesses to get into bed with government and to spy on you for them so they can bilk you for every last penny the government will allow.

    And you are going to deserve it too!

    link to this | view in chronology ]

    • identicon
      I.T. Guy, 14 Sep 2018 @ 9:28am

      Re: who cares

      Story about:
      "AT&T, Verizon, T-Mobile & Sprint Want Even Broader Access To Your Personal Data"

      Idiot says:
      "that avoiding Google is as"

      How'd Google get into this? Isn't Mike Google? Aren't you playing right into their devious plan? The only way you can avoid it is to completely disconnect from the internet. You better get started. Chop chop.

      link to this | view in chronology ]

      • This comment has been flagged by the community. Click here to show it
        identicon
        Anonymous Coward, 14 Sep 2018 @ 9:35am

        Re: Re: who cares

        Why are people like you so fucking dumb?
        The article is about AT&T.... but the primary focus is about "privacy" and your information which is why TD also brought up Facebook
        "We've noted repeatedly that however bad Facebook has been on privacy"
        And I decided to bring up Google. Please forgive me if you are too stupid to consider the parallels I brought up in my post.

        You are the idiot, people like you get taken quite a lot. There is no end to the ways I could get people like you to work against your own interests but pretending for you that you are working in your own best interest.

        "Isn't Mike Google?"

        Piss off with that bullshit, Google is google and no one else.


        "The only way you can avoid it is to completely disconnect from the internet."

        Not true, but I don't think you are intelligent enough to understand why.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 14 Sep 2018 @ 10:08am

          Re: Re: Re: who cares

          Lots of words but you haven't actually said anything.

          link to this | view in chronology ]

          • This comment has been flagged by the community. Click here to show it
            identicon
            Anonymous Coward, 14 Sep 2018 @ 11:10am

            Re: Re: Re: Re: who cares

            Let me make it clear then since you can't figure it out.

            AT&T, Verizon, Facebook (as mentioned by TD), Google, and many other businesses can mine your data and there is not a jack fucking thing you can effectively do about it.

            If you take them to court and win, they just pay out a little bit but will keep doing what the fuck they want. If you get a politician to side with you then they just buy the politician and still keep tracking you except they will now just agree to hand that data over to the politician.

            You
            are
            fucked
            either
            way!

            that is what I am saying!

            link to this | view in chronology ]

            • identicon
              Anonymous Coward, 17 Sep 2018 @ 8:07am

              Re: Re: Re: Re: Re: who cares

              Like I said, lots of words but not really saying anything.

              link to this | view in chronology ]

        • identicon
          I.T. Guy, 14 Sep 2018 @ 10:38am

          Re: Re: Re: who cares

          "And I decided to bring up Google."
          For no good reason whatsoever other than... well... to bring up your vendetta against Google at every opportunity.
          Yeah, we know.
          The rest of your comment is just you all butthurt.
          Seems you are in a perpetual state of butthurt.

          link to this | view in chronology ]

          • This comment has been flagged by the community. Click here to show it
            identicon
            Anonymous Coward, 14 Sep 2018 @ 11:07am

            Re: Re: Re: Re: who cares

            I don't have a vendetta against google... still use their email service and I also use their search engine.

            I am just telling clueless people like you that you don't know as much as you think you do and you can't avoid google collecting data on you no matter what you do.

            You CAN reduce the amount they collect on you by taking steps but there is a limit.

            The only thing I am "butthurt" about is the level of stupidity and ignorance around here. I can tolerate people having different views, I just have low tolerance for willfully blind ignorance. It's not like the things I say cannot be easily discovered. It just takes you to get your head out of your little sheep ass.

            link to this | view in chronology ]

            • identicon
              Anonymous Coward, 17 Sep 2018 @ 8:10am

              Re: Re: Re: Re: Re: who cares

              I don't have a vendetta against google

              Your constant railing against them and berating people for using their services would indicate otherwise.

              still use their email service and I also use their search engine.

              So you're just a hypocrite then. Got it.

              I can tolerate people having different views, I just have low tolerance for willfully blind ignorance.

              We feel the same way about you.

              It's not like the things I say cannot be easily discovered.

              Actually, they can't, because they aren't true.

              The only thing I am "butthurt" about is the level of stupidity and ignorance around here.

              You keep using those words, I don't think they mean what you think they mean.

              link to this | view in chronology ]

    • identicon
      James, 14 Sep 2018 @ 10:32am

      Re: who cares

      You can 100% avoid google along with any other site you desire to block. First, use a few addons such as ublock origin & decentraleyes --- custom set them up tight. Then, take control of your machine by first setting up very tight host firewall rules (if privacy is imortant, block port 80). Then, to stop MS abuse, use dnscrypt setting up tight blacklist, whitelist, & cloaking rules (see concise example snippets below). Finally, monitor all dnscrypt logs for rouge apps and block when necessary. Javascript should also be disabled 99% of the time. I just skip sites that insist on js, not worth the security risk. This settings will break a few sites, but you must ask, what is more important?... then we live accordingly. Also, if I need to see a blocked site, I temporarily put it in the whitelist & restart dnscrypt via a script, takes less than .1 second.

      dnscrypt cloaking examples...
      *googleapis* 127.0.0.51
      *gstatic.* 127.0.0.50
      *google-analytics* 127.0.0.52

      dnscrypt blacklist examples...
      cs9.wac.phicdn.net
      *google.com*
      *youtube.com*
      *mozilla*
      *microsoft.*
      *go.microsoft*
      *microsofto nline.com
      *.msftncsi*
      *windowsupdate*
      *telemetry.*
      *ipv6.microsoft*
      *appsforoffice*
      *social.msdn.microsoft *
      *social.technet.microsoft*

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Sep 2018 @ 11:18am

        Re: Re: who cares

        no you can't

        You don't even have to be online for google to collect data and information about you.

        I work in IT, people share data, you have already given data to others and they share it, and then google buys it from them. Google is not the only people that do this, in fact this has been happening since before google existed. The things YOU DO on the internet is not the only things being collected about you.

        You know what, ignore everything I just said... be a stupid fucking sheep, not a single fucking thing is being used to track you and this entire fucking story is a load of bullshit.

        Take your tin hat off, find the nearest pile of loose dirt, no make that "hard" dirt and slam your fucking head into it until you either bury your head enough to suffocate you or the process knocks some fucking sense into you!

        link to this | view in chronology ]

        • identicon
          james, 14 Sep 2018 @ 2:58pm

          Re: Re: Re: who cares

          My guidance concerned limiting data we give directly to corporations via our browsing activity. If you really worked in IT as a professional, were intelligent & understood what I wrote, then you would know this wouldn't you. My guidance gives 100% effective methods to control what domains a computer visits. It also gives a suggestion to monitor that activity in the event of anomalies or rouge activity. That is the problem domain my solution addresses.

          I does not address corrupt practices such as google buying data from Master Card. If you were not so crazed from sniffing glue, you would know this wouldn't you. Outside the internet is a different problem domain not directly solvable thanks to political corruption. If you really worked in IT as a professional, then you would know how to split up problem domains wouldn't you.

          So that is all we can do, to try to limit the amount of data that is out there. Any other protections must come via laws. Given that the US is in a downward, 900mph spirial race to the bottom, I wouldn't hold your breath waiting for a politician to save you. There are only one or two who have not sold their mother, spouse, and children's souls to the lowest bidder for peanuts.

          link to this | view in chronology ]

          • identicon
            Anonymous Coward, 14 Sep 2018 @ 5:07pm

            Re: Re: Re: Re: who cares

            My guidance gives 100% effective methods to control what domains a computer visits.

            Your guidance includes advice to monitor the logs, then block as necessary. By definition we can't reach 100% if we let things through and then block. Nor can you realistically say you're going to get us to 100% and then give an incomplete list of examples (how about doubleclick.net?).

            link to this | view in chronology ]

            • identicon
              James, 15 Sep 2018 @ 9:55am

              Re: Re: Re: Re: Re: who cares

              Let me help you with your concerns about "doubleclick.net".

              First, read where I stated "First, use a few addons such as ublock origin...". Ublock origin blocks all privacy invading domains BEFORE connection. If you really worked in IT as a professional, then you would not be embarrassing yourself typing nonsense such as, "(how about doubleclick.net?)".

              Furthermore, where you write, "And then give an incomplete list of examples", go back and read my original post, where it states "concise example snippets". A 15 yo child knows what those words mean in combination. See the definitions at the end of this post for a reminder of what words mean. Fact is, you seem to be very ignorant about technology and your reading comprehension compounds your problems.

              As far as your conern over "monitoring dnscrypt logs", I see a few mental inefficiencies in your interpretations of our dialogue. My ACTUAL advice was, "Monitor all dnscrypt logs for ROUGE APPS and block when necessary." But your glue disabled mind did not take note of the terms "rouge apps". It also missed my advise about setting up "tight firewall rules".

              So, let me help you; yet again. The way the internet works is, a rouge app first looks up an ip address. This is where dnscrypt comes in, working as a flag that informs you something is wrong. The rouge app then attempts to connect to that ip. But, because a careful reader would have setup "tight firewall rules", that rouge app's connection would have been blocked. In fact, if you are smart, you have several lines of defense to block rouge connections, not just the host firewall & dnscrypt. If you really worked in IT as a professional, then you would know all of this wouldn't you. Call me old fashioned, but I feel someone like you who sniffs glue while mopping floors at a data center is not the same as actually working in tech.

              Extra credit, if privacy is important to you, NEVER allow your mobile phone to access the internet. The second you do, you just joined ranks with the non-tech masses.

              Research how third party tracking ACTUALLY works, along with how google ACTUALLY tracks you across domains, along with the high effectiveness of Firefox's native third party tracker blocking (compounded in effectiveness with ublock origin).

              Then, see my advice about blocking port 80. Then, combine all of this advice with disabling javascript, using dnscrypt, et al. All combined, you can effectively block any domain you wish; including the blocking MS windows spyware. You have the logs to prove it. You can further absolutely prove your work by placing a Unix (not windows) wireshark fox between your browsing virtual machine and your hardware firewall (as an IT pro, you are using a locked down vm to browse and a hardware firewall to protect your network, right?). Fact is, ms, google, twitter, fb, et al are not even aware I exist on the internet.

              Note, js is what a big killer in user privacy. But if you need js so you can tweet about your hurt butt, Firefox has many settings to limit that damage; such as disabling WebRTC, GL, etc... You also have 100s of other protective about:config settings, such as
              about:config?filter=security.mixed_content.block_display_content
              about:config?filter=security.mixed _content.block_active_content
              about:config?filter=beacon.enabled
              about:config?filter=dom.storage.enabl ed
              + 100s more
              You being an IT pro and concerned about privacy knew to use Firefox and not chrome, and also how to setup a box for privacy, right?

              link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Sep 2018 @ 9:15am

    "The problem, as Krebs is quick to note, is that giving more private data to companies with an utterly abysmal track record on privacy might not be a particularly bright idea"

    This reminds me of the time FB suggested users upload their nudes so that FB could prevent revenge porn or something like that.

    link to this | view in chronology ]

    • This comment has been flagged by the community. Click here to show it
      identicon
      Anonymous Coward, 14 Sep 2018 @ 9:19am

      Re:

      Would you believe me if I told you that I know of a way to steal your property AND get you to actually like me after doing it?

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Sep 2018 @ 10:07am

        Re: Re:

        No. Nobody believes anything you say.

        link to this | view in chronology ]

      • icon
        Thad (profile), 14 Sep 2018 @ 10:20am

        Re: Re:

        If you knew a way to get people to like you, you would have done it by now.

        link to this | view in chronology ]

        • This comment has been flagged by the community. Click here to show it
          identicon
          Anonymous Coward, 14 Sep 2018 @ 11:31am

          Re: Re: Re:

          Why would I seek to be liked by a group of knobs and idiots?

          I have higher priorities, like trying to get you to stop being an idiot and be able to think for yourself and not rely on others to hand feed you a bunch of bogus information designed to sucker you like a dope!

          Once you like truth you will then start to like me, because people that like truth stop getting butthurt when truth appears on the scene. They begin to welcome it!

          link to this | view in chronology ]

          • identicon
            Chip, 14 Sep 2018 @ 12:11pm

            Re: Re: Re: Re:

            Why would I seek to be LIKEd by people who I want to egt to LISTEN to "me"? That doesn't Make any Sense! You stupid "sycophantic" KNOBS! You will Listen to "me" because I call you Idiots! That is how being SMART works! If you were SMART like "me", you would "know" THAT! Knobs! Idiots! Sycophants! Why "won't" you LISTEN to ME?

            You don ot understand "truth"> And by "truth" I mean Paint CHIPS. Truth is the "brand" of PAINT that I like to Buy. It contains LEAD because I am knot a KNOB who does not eat LEAD. Regulations are BAD and both "sies" are BAD and you are STUPID KNOBS who do NOT "see" the Truth! Why would I want you to "like" me, you Knobs? I wnt you to LISTEN to "me", not Like me. The two things are "obiovously" toally UN related, as anybody who is SMART and understands "truth", like Me, can Tell you! You knob!

            One day you will "see" and you will "like Truth", because you will eat Paint chips like "me". And than at Last I will have "friends" and people who "like" me.

            Every Nation eats the Paint chips it Deserves!

            link to this | view in chronology ]

            • identicon
              Anonymous Coward, 14 Sep 2018 @ 1:15pm

              Re: Re: Re: Re: Re:

              Where have you been you little shit? It has been a while since I read one of your little posts.

              How have the paint chips been? Are they nice and tasty still?

              Now, I don't know if every nation eats the paint chips they deserve, but I can tell them that they need to get up early to get their fair share before you eat it all.

              link to this | view in chronology ]

          • icon
            techflaws (profile), 14 Sep 2018 @ 9:42pm

            Re: Re: Re: Re:

            "I have higher priorities"

            Yeah, like posting on a forum of knobw and idiots. You're not very bright, are you?

            link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Sep 2018 @ 10:51am

        Re: Re:

        You have a desire to get people to like you?

        Oh, I get it... you're trying to get voted funny before the week finishes.

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Sep 2018 @ 2:17pm

        Re: Re:

        "Would you believe me if I told you that I know of a way to steal your property AND get you to actually like me after doing it?"

        Uploading your nudes to FB will not do it for me, but thanks anyways.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Sep 2018 @ 10:27am

    Let's not go with "SIM hijacking"

    Nothing was done to the SIM card. We should come up with a better term before we're stuck with something as bad as "identity theft". (Nobody loses their identity from "SIM hijacking" BTW, nor does the "thief" gain their identity.)

    How about "the telco fucked up and gave a criminal access to the account"?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Sep 2018 @ 2:19pm

      Re: Let's not go with "SIM hijacking"

      It is just another of their ill fated attempts at blaming the victim.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Sep 2018 @ 5:15pm

        Re: Re: Let's not go with "SIM hijacking"

        Yeah, like when people say they're the victim of identity theft because someone took a loan in their name. Uh, no. Whoever loaned them the money is the victim. It's their problem to fix, not ours.

        Nobody staged a heist on a SIM truck. The telco reps were not held at gunpoint until they let criminals into the account. They were simply incompetent.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 15 Sep 2018 @ 2:48am

          Re: Re: Re: Let's not go with "SIM hijacking"

          Yeah, like when people say they're the victim of identity theft because someone took a loan in their name.

          The person whose identity used will have to deal with the fall out, like all those credit histories that need fixing.

          link to this | view in chronology ]

          • identicon
            Anonymous Coward, 15 Sep 2018 @ 8:39am

            Re: Re: Re: Re: Let's not go with "SIM hijacking"

            The person whose identity used will have to deal with the fall out, like all those credit histories that need fixing.

            That's still the bank's fault. The person would be a victim of the bank's incompetence, and banks should be held liable for the results. Legally, if the bank can't prove they took the loan, they should be required to fix the damn problem—e..g, retract the lies they told to the credit agencies. (Legally BTW, they are: the FCRA requires them to correct the report; the FDCPA requires them to stop contacting you after you dispute the debt, and to not report false information to a credit agency. But we pretend like the client lost their identity—should've been more careful with it!—and don't hold lenders to account.)

            link to this | view in chronology ]

        • identicon
          Anonymous Coward, 15 Sep 2018 @ 10:23am

          Re: Re: Re: Let's not go with "SIM hijacking"

          Or corrupt. Bribes were involved in several of the reports.

          link to this | view in chronology ]

          • identicon
            Anonymous Coward, 16 Sep 2018 @ 9:15am

            Re: Re: Re: Re: Let's not go with "SIM hijacking"

            True enough, but the telco's security procedures must be lax for that to go unnoticed. If I want to get into my account, and don't have the associated phone or SIM card, and don't know the password/PIN, that should be a red flag that gets a supervisor involved. (And while they could be corrupt, people involved with casual conspiracies are usually not great at keeping them secret.)

            link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.