Just curious.

I used eSim for a while when I first got a phone that supported eSim, because I wanted to make it harder for a thief to disable the phone tracking, but now my main phone is broken and I’m a bit annoyed at having to chat with customer support for half and hour to activate eSim on another device.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    That hijacking risk applies to both. If you’re able to social engineer a telephone worker, they could move your account to a different SIM card completely.

    My best advice, is to use Google voice, Google Fi, lockdown your number for SMS two factor. A Google account and lockdown mode, with physical security keys, is not going to get hijacked by anything less than a state actor.

    Then your local phone, your local phone number, local SMS, none of that should be on your escalation path to authentication. Then you don’t care if somebody steals your sim.