Hacker News new | past | comments | ask | show | jobs | submit login

Just adding that landline numbers, not just toll-free numbers, are probably vulnerable to this.



Yes, I forget to include it.


I also place the blame on Sakari. I headed Engineering for a company that allowed you to bring your own landline number for business, and our automated flow for non-toll-free landline required receiving a code via telephone call (to avoid the situation of compromised SMS routing) and entering that as part of the signup process.

For toll-free numbers, it was a manual process where we received written LOAs and verified ownership via the SMS/800 database (ironically, SMS here has nothing to do with messaging and is purely coincidental).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: