Your device and account credentials are unique enough to identify you on the carrier-level. Ultimately, every time you share your contact info, it should be a unique code (QR would be convenient enough) generated by your cell provider. If it’s ever leaked, you just notify your carrier to burn it, and give the contact a new unique code. No two people should be given the same contact, and all of the contacts are simply correlated to your device by the carrier. Additionally, when sharing contacts via QR, they could be modified on the device-level to include e2e encryption keys, thus further securing the transmitted information, not at the trust-me-bro carrier level, but at the user-verifiable device level. If the carrier gets hacked, reset the identifiers, associate the new one in your text app to keep conversations going, and move on like nothing happened. You’ll still be better off than if your phone number was leaked. It’s not perfect, but it’d be a hell of a lot more secure than what we have now.
In other words: What if a billion dollar company made Signal, but with cell towers, and not as good?
chonglibloodsport@lemmy.world 5 months ago
Sure you can have a unique identifier. That’s not the issue. The issue is that anyone can contact you via your phone number! This is not a problem with chat apps where people need permission to add you to their contact list. Why not have a system like that?
Same goes for credit cards. They should need to ask for permission to charge your credit card. Merely knowing your credit card info should not be enough.
echodot@feddit.uk 5 months ago
But then you just get spammed with requests for connection. Just like spam email, the call coming through wouldn’t be the point anymore it would be the connection request.
rollerbang@lemmy.world 5 months ago
For CCs 3DS does exactly this, though not implemented everywhere.