this post was submitted on 25 Sep 2023
604 points (99.0% liked)
Technology
59390 readers
2840 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You build a 10 foot high wall, they will build an 11 foot ladder. Stir/shaken was good for like 6 months before spam callers were able to bypass that security measure.
If only the phone system in the US, like the rest of the modern world, had robust authentication. It’s all a bit hacked together, much like the solution.
I've been saying for years now that providers should try converting to cert based auth. You get issued a cert with a private key from the provider. You are the only one who can use that number and authenticate to the network with that number.
STIR/SHAKEN had yet to be fully implemented, so while most carriers are now signing calls, almost none are taking action against unsigned calls.
I have hope that it will become a useful tool in the future for blocking spam and even bad carriers who are signing anything and everything.