Comment

Comment on Australian Government gets a taste of what everyday people have to deal with in terms of data breaches as Prime Minister Anthony Albanese's mobile phone number released online

<- View Parent

logicbomb@lemmy.world ⁨1⁩ ⁨day⁩ ago

I intentionally was vague because there are many possible existing ways to accomplish each thing I said, and it is up to the phone company to innovate.

The simplest way to keep people from guessing phone numbers is to make them very long and sparse. If an autodialer had to dial 1000 invalid numbers before finding a valid number, it would make the endeavor that much harder. This is just a convenient example because the cryptography equivalent is harder to explain, but you could make contact info so hard to guess that it would be basically impossible.

Probably the easiest way to explain how to keep people from passing contact info is to imagine a two step process like facebook has. If I pass your facebook username to someone else, they don’t automatically become your friend. The cryptographic equivalent would involve a chain of trust, but again, harder to explain.

source

Sort:hotnew top

explodicle@sh.itjust.works ⁨23⁩ ⁨hours⁩ ago
I love cryptography! Technical explanation please.

source
- Natanael@infosec.pub ⁨19⁩ ⁨hours⁩ ago
  Literally just use existing standards (STIR/STUN) with some filtering by source network, etc
  
  source
AwesomeLowlander@sh.itjust.works ⁨23⁩ ⁨hours⁩ ago
Still not seeing how it would work. You’re dropping random bits of the system and saying it would work but it’s too complicated for you to explain, so there’s really nothing to discuss.

source
- WhyJiffie@sh.itjust.works ⁨19⁩ ⁨hours⁩ ago
  not op but signal has basically solved this. users are not just randomly accessible by anyone. they can share a long URL that contains an ID, or make a short username they like and pass around to people. and even then the recipient has to accept being contacted by each other user
  
  source
  - AwesomeLowlander@sh.itjust.works ⁨19⁩ ⁨hours⁩ ago
    At that point, you (well, not you per se) are basically suggesting to replace the telephone system with a Signal-esque system. Which would break a billion things in real life, for little to no gain.
    
    source
    WhyJiffie@sh.itjust.works ⁨16⁩ ⁨hours⁩ ago
    any change would break a billion things in real life, so we could at least have a proper replacement.
    
    the problem with signal here is that it’s centralized, probably couldn’t even handle the load besides other problems. but that’s solvable, like look at simplex which is similar
    
    source