Couldn't we shift the fault back a step? If it's so easy to SIM swap people, shouldn't the telecoms be liable for damages to their customers in the event of a SIM swap?
i am not entirely sure i fully agree. telecoms never sold us a service to authenticate us to 3rd parties. those 3rd parties did bolt it on-top of an arguably insecure message transmission system. it wasn't meant to be used like this and maybe its even a bad idea to use it like that. the assumption only you yourself could receive these codes because you are authenticated against your mobile network provider might just be wrong here.
of course, letting the actual sim swapping attack work is an issue they should be required to solve. but for entirely different reasons. once you are authenticated to their network you can cause substantial costs for the real owner of the contract for example and those costs would definitely be compensated to their clients if this happens without their involvement. but if your assumptions break because of this issue your assumptions are wrong in my opinion and you would be the one to blame.
a simple analogy here could be you park your car in front of a police station, because nobody would dare to steal your car right in front of the police right? but then your car still gets stolen and you think you should try to sue the police because that just happened.
on the other hand coinbase did made that assumption and has been proven wrong in this way. they did bet on using the telcos messaging systems being secure enough to be used for authentication. that did not work out and this caused people to lose money which should be compensated for, by coinbase, because they decided to do that and not the telecoms.
I agree - you are right, we absolutely should. But if customers are using Coinbase, and people sue and get successfully judgments against Coinbase for using insecure authentication media, then maybe Coinbase can go ahead and initiate lawsuits against the telecoms if they are feeling the heat.
Consumer complaints against ISPs/telecoms have been notoriously slow, unresolved with no real improvements - even before the creature Ajit Pai crawled out from under his rock, shockingly enough.
Then don’t use it haha. There’s always so many HN users talking up these so-called breaches and acting like they matter when they probably have a grand total combined spend authority of $100 for snacks at the weekly happy hour.
I was a pre-sale investor in Ethereum, have been in Bitcoin since it was < $2 per BTC. Your casual dismissal of my statement indicates you have no idea what you are talking about - no one is going to seriously use this. Just like no one serious keeps their balances on Coinbase Pro/Prime. They are a fine trading desk if you face them OTC, but to think they are going to become a state of the art "crypto cloud provider" is hilarious.
Next up, Coinbase NFT verification services (Sotheby's of the future!). My sides are sore.
> None of those statements demonstrate purchasing power for a cloud product…
What does this even mean? Are you trying to say I don't have enough money for the offering? Maybe so :)
I am indicting Coinbase for what they are - their lack of support, lack of useful options even for well-moneyed players in the market, lack of useful crypto products. Their API is fine, but that is standard.
And now they want to be the new Infura/Alchemy? I mean, why? They already don't provide a great product. My Uber driver yesterday was asking me if they should buy Avalanche after I casually mentioned crypto. Yeah, democratizing finance for sure.
Use it if you want, you seem axed on the product. Hope it works out for you!
To be fair an early investor in Bitcoin and Ethereum from pre-2015 could have the same ‘spending power’ as a successful IPO founder, which isn’t trivial!
