[HN Gopher] Zero Trust SIM
___________________________________________________________________
Zero Trust SIM
Author : aofeisheng
Score : 301 points
Date : 2022-09-26 13:14 UTC (9 hours ago)
(HTM) web link (blog.cloudflare.com)
(TXT) w3m dump (blog.cloudflare.com)
| lxgr wrote:
| What's the advantage of using this vs. installing a mandatory VPN
| via an MDM profile? For mobile data, the outcome seems to be
| identical, but it would also work for Wi-Fi.
| jabart wrote:
| Likely this is using the private network option that mobile
| carriers have been offering. Hologram has something similar
| where every SIM is in a private IP space behind a NAT. Now it
| seems CF can run your phones in their own private LTE/5G
| network, anything going to work addresses gets split directly
| to those endpoints and "auth'd", while personal goes out to the
| internet. Similar to a VPN but without an endpoint and less
| spam traffic since it's a private network only your authorized
| SIMs can get onto. You could still run a VPN but all your Zero
| Trust should be over HTTPS/TLS and MitM becomes a bigger lift
| to make happen since you now have to attack cell sites.
| Nextgrid wrote:
| There's no advantage from a security point of view, but much
| disadvantage because the VPN is end-to-end encrypted between
| your phone and the VPN server. This is not; the mobile network
| has access to the plaintext traffic.
|
| The advantages of this that I see is better/easier management,
| you deal with a nice web interface/API and (if needed)
| competent customer support people rather than monkeys.
| [deleted]
| fluidcruft wrote:
| What even is the advantage for the person who actually owns the
| phone?
| formerly_proven wrote:
| I honestly don't particularly get BYOD. The savings on the
| company side seem so marginal for a lot more uncertainty, more
| support issues and worse employee mental health etc.
| ben174 wrote:
| Employees don't want to carry two devices.
| Eleison23 wrote:
| The interesting thing about using personal devices for work
| is personal liability. Have you ever considered what happens
| if your company is embroiled in some sort of litigation,
| regulatory investigation, or suspected criminal activity, and
| undergoes discovery of evidence? If law enforcement or
| counsel suspects that you or your devices are harboring
| relevant data, then your devices could be seized, imaged,
| held as evidence, and possibly never returned to you,
| certainly not in one piece.
|
| So if you're mingling your personal data along with any sort
| of company data, or data that belongs to an organization
| that's outside your family unit, and said data is physically
| inseparable, then prepare to lose big in the future. You'll
| kiss all your backups goodbye, no matter where they're stored
| or how you've encrypted them.
|
| Of course this may also apply if you've got a company-
| provided device (COPE) or one running MDM, and it's stolen or
| lost. When you report back to the company that their data's
| in the wind, they're going to remote-wipe and remote-brick
| that device, so again, kiss your personal data bye-bye.
|
| Best practice going forward is to purchase separate devices
| (especially mass storage) for each individual purpose and
| meticulously separate out company data from personal stuff.
|
| It never pays to mingle business with pleasure, or business
| with personal, and I think this liability issue is something
| that's a well-kept secret by companies who wish to encourage
| workers to BYOD and downplay the repercussions, although
| rare, that could put those workers into a world of hurt.
| GoblinSlayer wrote:
| >You'll kiss all your backups goodbye, no matter where
| they're stored or how you've encrypted them.
|
| How?
| alpentmil wrote:
| > Have you ever considered what happens if your company is
| embroiled in some sort of litigation, regulatory
| investigation, or suspected criminal activity, and
| undergoes discovery of evidence? If law enforcement o
|
| Very few people in real world experience this. I have some
| friends that do programming jobs who just ask for cellphone
| with at least 100 GB data as condition for employment.
| Companies do not care. These are not SRE that need 24 hours
| access but employees fell valued by these.
| denton-scratch wrote:
| Thing is, until they've seized and inspected it, they can't
| tell whether my device contains relevant data or not. I'm
| not confident that keeping separate devices will protect me
| from the exigencies of discovery.
| niom wrote:
| Of course nobody with a court order on your doorstep is
| going to take your word for anything. If the object of
| the order is to find some data, anything and everything
| that looks vaguely digital will be taken
| (consequentially, every physical nook and cranny will be
| searched for errant micro-SD cards). Stuff is handled on
| a per-item basis. An item is either returned (after
| months to years), or not.
|
| If you end up in a situation like that - which does not
| mean you did anything wrong at all - your best bet at
| getting your personal data and items back is by 1.)
| having them physically separate 2.) not encrypting
| anything or immediately providing passwords / access so
| items can be cleared.
|
| Effects and results may vary. Consult your local lawyer
| for more information.
| [deleted]
| axus wrote:
| I've got 2 devices, and the only downside has been needing to
| charge more often. Reasons I like it:
|
| - Can keep the device for work in a secure place, never have
| to look for it
|
| - Can call my personal phone when I have look for that :)
|
| - Separate address books
|
| - Do whatever I like with my personal phone, no worries about
| it affecting business
|
| - Easy to "turn off" work
| GoblinSlayer wrote:
| Then leave them on your desk.
| RunSet wrote:
| I would rather carry two devices than allow an employer to
| use my hardware without compensation. Ideally they would
| furnish their own data plan, too.
|
| This also permits leaving the work device at work where it
| belongs.
| eastdakota wrote:
| That's the idea: the employer pays for the data you use to
| do your job.
| michaelt wrote:
| I can see why it would be tempting.
|
| All I want is to know when and where my next meeting is,
| without going back to my desk.
|
| If I accept a company phone, I have to let everyone in the
| company have the number, and they might start calling me.
|
| And it'll probably be some shitty $50 Android phone - a company
| phone isn't some huge perk or status symbol, like it might have
| been in 1995.
|
| It'd be tempting to just type the password in on my personal
| phone.
| tenebrisalietum wrote:
| If BYOD gets really good companies don't have to buy or
| maintain phones or laptops for employees.
| mikece wrote:
| Great implementation of the wrong solution. The problem isn't
| that SIM security is weak but it's that we're using SIM/eSIM for
| identification and authorization in the first place. When we stop
| using SIM for authentication the need to guard against SIM Swap
| attacks goes away as well.
| yevpats wrote:
| This. SIM is not secure and will never be. just use yubikeys
| and/or other compatible webauthen and you will finish this non-
| ending cat and mouse race of phishing/anti phishing solutions.
| xaduha wrote:
| > SIM is not secure and will never be.
|
| That's just nonsense. You need to explain what you mean by
| that, because otherwise you sound like someone who doesn't
| know what they are talking about. If you mean SIM swap
| attack, then that's basically 'social engineering' with a
| help of identity theft targeting providers and has nothing to
| do with SIM cards themselves.
| georgyo wrote:
| A physical SIM card is a smartcard, and in many ways is
| exactly like a yubikey. A yubikey even presents as a USB
| smartcard.
|
| The attacks on SIM cards are not on the SIM itself, but by
| the carrier binding your identity to a different card. A
| function they must perform at least sometimes! If you lost
| your yubikey, I'm sure you want your replacement to be able
| to activate your cell phone.
| dathinab wrote:
| This is not mainly about SIM security as far as I understood.
|
| It's more about employees visiting phishing sites on their
| phone. Or their phone getting hacked exposing mail
| correspondence, or 2FA getting hacked etc.
|
| In the way it's presented it's still the wrong solution IMHO.
|
| If security matters and the work requires a phone do not allow
| BYOD. Provide a phone. For such a phone this might be an okay
| solution, not for a private phone. If a phone isn't strictly
| required remove phones completely and strictly out of the loop.
| This is beneficial both for security in more ways then this sim
| service provides and for the mental health of your employee.
| Make it clear that even if they are called because of an work
| emergency they are contractual bound not to process it on the
| phone but instead switch to a employer provided device no mater
| who calls and which situation it is. PS: Also fire any manager
| or even the CTO who tries to pressure employees into not
| keeping the rule, make it an automatic firing through a
| contract clause.
| Maxburn wrote:
| I never understood the thinking behind banning VoIP. I
| understand the ease that attackers can make and use new numbers
| but if I'm using a VoIP number to receive 2FA SMS wouldn't it
| be more secure to have that tied to a VoIP number that can't be
| SIM swapped and potentially is secured with 2FA itself?
| rekoil wrote:
| VoIP is banned?
| kyle-rb wrote:
| Many social media sites don't allow you to register using
| e.g. Google Voice or Twilio phone numbers, since you can
| get those for free and/or in bulk, so they assume they're
| used for spam or ban evasion.
|
| I've seen this on Twitter, which doesn't require a phone
| number to set up, but it's possible for your account to be
| flagged as suspicious, and get locked down until you add a
| phone number.
| mildmotive wrote:
| Twitter does lock you out and force you to give them your
| phone number, even if you technically can register
| without one. I've seen them do so almost instantly after
| registration.
| monksy wrote:
| That's very concerning. Many phone companies require you
| to back your hard number to a national id.
|
| Say something bad about insert monarchy... They'll trace
| you down with that.(Turkcell does that just for wifi at
| IST)
| dathinab wrote:
| In many countries they are required to do so by law for
| acquiring any phone number. Including per-paid. It's not
| uncommon that it's true for _any_ phone number including
| VoIP. But a single person as a "company" can get a huge
| number of VoIP numbers and then "accidentally" get hacked
| by a illegal phishing call center then using that
| numbers. Or maybe that persons passport got stolen and
| used by a similar locking person. Or the passport
| verifying personal got bribed. Etc.
| Maxburn wrote:
| Ebay and Uber are more.
|
| Lots of banks reject VoIP too.
| nightpool wrote:
| It's because most companies that use SMS "2FA" don't use it
| for _your_ security, they use it for _their_ security--phone
| numbers are a costly resource, and every phone number an
| attacker spends to launch a spam attack is a phone number
| they 'll never be able to use again. VoIP numbers flip that
| logic on its head by making it much cheaper to provision and
| allocate phone numbers. This also slightly protects user
| accounts because it makes it harder for attackers to
| "overwrite" a hijacked user account with their own bogus
| phone number during takeover, but that's a secondary goal--
| the main goal is spam reduction
| Maxburn wrote:
| I get it, but it's still sad.
|
| Lots of places reject my Google Voice number, just because
| it's VoIP. I've had that number for ten years and the
| account it is under is protected by a popular security key.
|
| But that Prepaid SIM I have for a month and might ditch any
| time, no problem, everyone takes that.
| ForHackernews wrote:
| You can port other numbers to Google voice, which helps I
| think.
| jgrahamc wrote:
| That's one line in the announcement and is not the core of what
| we announced. This eSIM provide a data connection that goes
| directly to Cloudflare.
| vinay_ys wrote:
| This blog post doesn't read like rest of Cloudflare posts. It
| is very beating around the bush and doesn't get to the point
| at all. Please consider updating the blog for clarity and
| brevity.
| Nextgrid wrote:
| But the data connection is not end-to-end encrypted to CF.
|
| The SIM authenticates you to the mobile network which is free
| to tamper with your traffic. Considering the "security" of
| the equipment in there, as well as the incentives of the
| people working there and the general level of skill and
| development practices in there, I wouldn't trust it at all.
|
| The only way this would be secure is if the SIM/eSIM is able
| to embed an actual client certificate which the mobile device
| can then use to initiate a VPN connection to Cloudflare, but
| this would also require the eSIM to not be able to be
| tampered with by the issuing carrier, otherwise they could
| potentially push an update to extract the keys or have it
| sign malicious requests in the background.
| gz5 wrote:
| This ^.
|
| Alternative is to put authorization into the app w/ a
| resultant VPN-like encrypted connection through mTLS
| verified overlay network which has no access to your data
| plane keys. So no MNO access and E2E encrypted session from
| the process space of the app client to the process space of
| the app server (or peer).
|
| Examples of this alternative here:
| https://github.com/openziti-test-kitchen/go-http
| [deleted]
| ayewo wrote:
| How does this data connection work in practice? Sounds like
| you have to become an MVNO, no?
| Nextgrid wrote:
| They will essentially be an MVNO, yes. It doesn't address
| security much though - the carrier's infrastructure still
| needs to be trusted and there is no end-to-end encryption
| between the mobile device and Cloudflare (you'd still need
| an on-device VPN for that - this is a limitation of the
| mobile protocols; the network is considered trusted and is
| given access to the traffic). The eSIMs that Cloudflare
| uses also need to be properly segregated away so that the
| carrier's customer support people can't reissue those SIMs,
| which they can technically do as they are still considered
| the issuer and their system is in control of the issuing
| process.
| lkbm wrote:
| I would love to use a proper authenticator app or security key
| for everything important, but the reality we live in is that
| many financial institutions still only support phone-based 2FA.
| If CloudFlare ould force them all to add support for proper
| 2FA, that would be fantastic, but I don't think that's an
| option.
|
| If they can make SIMs more secure in the meantime, that's a
| win, and a very important one.
|
| Improve the things you have control over rather than just
| bemoaning the things you don't.
| staticassertion wrote:
| I think two things can be true:
|
| 1. Phones are an important attack vector to consider
|
| 2. We should be using strong 2FA ala FIDO2
|
| Given that phones can act as FIDO2, I think that only
| strengthens (1).
|
| Even if a phone _isn 't_ used for 2FA, it still is likely to
| have access to company resources - Slack, Email, _non 2fa_ text
| messages, etc.
| zzz95 wrote:
| How is this even Zero Trust. Admittedly, there is no precise
| definition for ZT, but Cloudflare's solution seems to run counter
| to the idea of perimeter-less ZT philosophy. Instead of assuming
| that phones can be insecure and developing appropriate crypto
| based mechanisms, Cloudflare is proposing to bring the phone
| inside a 'trusted' network. Remember, ZT does not rely on trusted
| network.
|
| Solutions like this will increase confusion and fragment the
| already 'interpretation led' as opposed to definition led ZT
| landscape.
| jchw wrote:
| I don't see anything about a trusted network, it looks like
| this is about authorizing devices. It seems a little bare on
| the details of how it works, but apparently it ties into a
| Cloudflare product called Magic WAN. Authorizing specific
| devices is still a good strategy even with zero-trust
| networking.
| ignoramous wrote:
| So, a matter of time before Cloudflare acquires https://gigs.com?
| HFrank wrote:
| We're not for sale ;)
| for1nner wrote:
| Is there a reason your eng. team is EU-only while your
| biz/ops is EU/US?
| AnonMO wrote:
| And 1 year ago figma said they don't want to be adobe.
| estsauver wrote:
| Hey, gigs looks super neat--I couldn't find any information
| on the markets you're in. We operate in subsaharan Africa, so
| don't want to take time from your sales team if that's not a
| good fit, but I couldn't find anything on your notion that
| was publicly available.
| ignoramous wrote:
| Not sure about gigs, but airalo vends African eSIMs:
| https://www.airalo.com/africa-esim
| lbhdc wrote:
| This is cool. I noticed a bug on your main page. The section
| showing off what the ui looks like shows a blank white panel
| on firefox.
| ck2 wrote:
| random fun cloudflare related thing I learned last week, their
| "private dns" address is "one.one.one.one" which is even easier
| to remember than "dns.google" (there is also "dns.adguard.com"
| and "dns.quad9.net")
| mxuribe wrote:
| Wow, TIL ...I had heard of the ip address 1.1.1.1 (and yes, for
| dns), but never knew about the spelled-out website:
| https://one.one.one.one/
| drummer wrote:
| Seeing as how Cloudflare can cancel and censor you at will and
| has done to others recently, you'd have to be crazy to trust them
| with your phone and sim.
| badrabbit wrote:
| Why is there no opposition to this shit? SIMs were physical for a
| reason. As a consumer what do you get out of it? You have to go
| through the carriers to switch between phones now! You can't just
| pick up a random unlocked phone and put a sim in it. No more
| burner phones. I have been in situations where I changed SIM
| between phones multiple times a day.
|
| But it sounds like it is too late for this. It's like people who
| oppose cash payments out of the convenience of card/app payments.
| This small chipping away of a small libery adds up.
|
| I hope eveyone knows that you can't as a layman register an email
| address or any meaningful service you depend on without a phone
| number (i.e.: a sim), that is what is being regulated here even
| more.
| maxboone wrote:
| I do remember this thing called SIM-locking
| kornhole wrote:
| Phone number does not equate to SIM. I use VOIP for SMS and
| only when really needed. I suppose this solution could work
| with dual esim where one could primarily use
| https://invisv.com/articles/pretty-good-phone-privacy.html.
| vl wrote:
| And this is exactly why I'm not going to buy new SIM-less
| iPhones.
|
| In typical Apple asshole fashion, in China you can buy an
| iPhone which takes two sims, in US - zero. Talk about carrier
| lock-in and Apple helping it.
| MBCook wrote:
| What carrier lock-in? My iPhone can support 8 eSims. I can
| have two active at a time and switch between them whenever I
| want.
| vl wrote:
| When you drop your iPhone on the floor and it shutters, how
| exactly are you going to get to your SMS 2FAs?
|
| The point of SIM is that you can transfer service to
| another handset without talking to anyone. Which is
| invaluable, for example, when you travel in the foreign
| country and your iPhone dies from water damage, albeit
| being advertised as "waterproof".
| gst wrote:
| The same example also goes into the opposite direction:
| Let's assume your phone gets stolen in a foreign country:
| With a regular SIM card I lost my phone service for the
| remainder of the trip. With an eSIM I can buy another
| phone (that supports eSIMs) and login to the website of
| my provider to download a new eSIM. Problem solved.
| wklauss wrote:
| All of these things you mention are real trends, but they are
| not tied to eSIM.
|
| 1. eSIM standard supports transferring of eSIM profile from one
| phone to another. physical SIMs can be tied to specific IMEIs
| (and it use to be VERY common) 2. You can use eSIMS on unlocked
| phones. 3. Burner phones can still exist! Nothing prevents a
| phone company or MVNO from offering eSIMs the same way they did
| SIMs before (obviously local law might force you to provide ID,
| but this has been the case with SIMs as well in various
| countries)
| gruez wrote:
| >1. eSIM standard supports transferring of eSIM profile from
| one phone to another
|
| Source? The only implementation I know of is on iOS, which
| allows you to transfer esims between phones that are on the
| same icloud account. For every other phone the solution was
| to get a new QR code from the provider.
| tuxone wrote:
| It depends on the carrier implementation. Here in Italy
| both TIM and Vodafone allow for infinite rescan of the same
| qrcode, Wind3 does not.
| pmx wrote:
| You simply unregister the eSim on the first phone and then
| scan the QR code on the new phone, it works "offline" too.
| lxgr wrote:
| Unfortunately, that's not true for all eSIMs I've used -
| some activation codes are single-use, and you have to
| contact the provider to issue a new one every time. Some
| of them even charge for that...
|
| But I agree that this is exclusively a policy problem,
| not a technical problem with eSIM, which clearly supports
| reusable profiles as well.
| mindslight wrote:
| I would still call that a technical problem,
| fundamentally. If the technical failing didn't exist,
| then businesses would be unable to create the user-
| hostile policy to decommodify the market.
| lxgr wrote:
| But they are able to do exactly the same thing with
| physical SIMs! So what's the difference?
| mindslight wrote:
| There is still a difference in that doing this to a
| physical SIM requires the carrier going out of their way
| to integrate a check with the automated SIM setup
| process, whereas with eSIM such activation request would
| seem to be an inherent step of the process.
|
| I do agree that cell protocols in general need to be
| reformed to get rid of static device identifiers like
| IMEI. I'd go even further and say that the tamper proof
| aspect of SIMs should be eliminated - the application
| processor can store the key to auth to the network,
| putting the user in control rather than suffering
| arbitrary top-down restrictions enforced by hardware they
| purportedly own. Though obviously that's a pipe dream
| while regulators continue to work for Ma Bell.
| [deleted]
| jacobr wrote:
| It's definitely a trade-off between privacy/liberty and other
| benefits.
|
| The spread of standardised time and clocks had a significant
| negative impact on individual liberty, and people would even
| sabotage clocks. They failed of course, as will the opposition
| against the cashless society, because cash is so much worse in
| most aspects.
|
| If it's something you care a lot about, rather than going the
| way of the Luddites and opposing eSIM and electronic payments I
| would suggest focusing on using technology to find new
| solutions to the privacy/liberty problems.
| ksec wrote:
| > It's like people who oppose cash payments out of the
| convenience of card/app payments.
|
| Well it wasn't that long ago, 95% of HN comments were all for
| Digital Payment, Apple Pay, and Cashless Society. Things only
| changed around ~2019.
| systemvoltage wrote:
| Well, a lot has changed on HN. I used to agree with half of
| the people here. Now, it is less than 5%, usually gray
| comments.
|
| I think it is not just HN, the society itself has devolved
| and going into the toilet. Or it could just be that _I_ have
| changed, but that 's easily litmus tested by just reading old
| threads which I still agree with (pre-2019).
|
| Regarding physical stuff, just the other day people love the
| idea of QR codes in restaurants with no opposition to the
| totalitarian digital state we're slowly building. Same goes
| with security cameras, cashless payments, parking apps, esim,
| covid QR codes, etc.
|
| QR codes are extensively used in China for tracking people
| everywhere.
| doubleorseven wrote:
| > I hope eveyone knows that you can't as a layman register an
| email address or any meaningful service you depend on without a
| phone number
|
| You can open a gmail account from a residential IP adress and
| get the phone number field as optional.
| ronsor wrote:
| That isn't quite true. It's really up to a(n AI) coinflip
| whether or not the phone number field will be mandatory.
| bobajeff wrote:
| I've honestly never thought about this issue until reading it.
| I wonder why they couldn't make registration-free eSIMs like
| they have with physical SIMs. That would be a major
| inconvenience when traveling otherwise.
| infotogivenm wrote:
| This comment thread = hn insanity. Putting aside your misplaced
| outrage here, I recommend actually reading the article. Granted
| it's incredibly winding and full of the buzzword "zero trust",
| but they explicitly mention adding support for physical sim
| cards.
| badrabbit wrote:
| My comment was about how phone makers like apple are getting
| rid of physical SIMs.
| clint wrote:
| There's no "opposition" because your entire argument is
| predicated on a straw man that you have invented in your own
| mind.
| INTPenis wrote:
| The need for anonymity for legal reasons is absolutely not a
| straw man argument.
|
| I just finished telling a woman how she should be careful on
| dating apps and always use an anonymous sim card, never give
| out her real number, or real contacts, to strangers.
|
| But my country is making this impossible now too, and the
| reason is drug dealers using them for burner phones of
| course.
| foobiekr wrote:
| What problems do you suppose using an anonymous sim card
| solves in the real world of dating?
| INTPenis wrote:
| Not just for dating, women who flee their home with a
| child in their arm and are put up in a secret apartment
| by the local ROKS org here usually still have to contact
| the babys father at some point. I know first hand it's
| one of the biggest issues in those orgs to keep their
| apartments hidden from anyone but the police.
| samtho wrote:
| With many mobile providers, the name on the account is
| directly associated with the number. Try to enter your
| own mobile number into Twilio's lookup feature and see
| what name pops up.
| endgame wrote:
| Remember also that about 1/3 of Australia just had their
| PII leaked because one of the nation's biggest telcos
| couldn't do basic isolation between dev and prod.
| mrweasel wrote:
| > The need for anonymity for legal reasons is absolutely
| not a straw man argument.
|
| That's not really an argument against eSIMs. As you point
| out getting an anonymous real SIM is also impossible in
| many countries. What prevents anonymous SIMs (or eSIMs) are
| legal issues and is not related to the technical
| implementation. Potentially eSIMS could make the whole
| process of getting burners much easier, if it wasn't for
| the legal issues.
| [deleted]
| AnonMO wrote:
| If your phone can scan qr codes you can use esim its pretty
| easy at least in my experience. I unlocked my phone when i was
| traveling to Kenya grabbed an esim for a couple cents when i
| landed and was set up in seconds.
| cmeacham98 wrote:
| Nothing you say here has any relation to eSIMs.
|
| 1. This problem can exist with real SIMs too. Back many years
| ago Verizon used to lock your SIM to a specific IMEI and you
| had to call them to change it (they might have even charged a
| fee for changing it, I don't remember for sure?)
|
| 2. Nothing prevents a phone company from offering an anonymized
| eSIM.
|
| Anonymous phone numbers are drying up, but not because of
| eSIMs.
| baybal2 wrote:
| awill wrote:
| Verizon is a bad example as they were CDMA and always more
| locked down
| cmeacham98 wrote:
| Verizon happens to be the provider I had at the time, I
| wouldn't be surprised if other providers did it too.
| saghm wrote:
| When I was on Verizon, I remember having to go into their
| store to get a new SIM each time I got a phone that
| wasn't through them. Using eSIMs after I switched to Fi
| was a small but noticeable quality of life improvement
| for me at least.
| rubyn00bie wrote:
| As another comment said, you're referring to Verizon's CDMA
| network. Which did not use GSM and this did not use SIM
| cards. Literally, no SIM cards. It wasn't until their LTE
| network they supported SIM cards in any meaningful way. Their
| handsets were locked to their network and only worked on
| their network. Occasionally, an "international" phone would
| be sold that had CDMA + GSM so their customers could use it
| overseas but the SIM card slot did literally nothing here in
| the states since those phones wouldn't have supported
| T-Mobile or AT&T's network frequencies.
|
| And just because nothing prevents a phone company from
| offering them, doesn't mean they will. Having the ability to
| just move a SIM card is very pro-consumer in a way I don't
| think esims will ever be (unless the EU regulates it).
| indymike wrote:
| More recent versions of CMDA devices did support SIM cards.
| comboy wrote:
| I feel you, but consider this - we live in alternative reality
| where eSIM comes first and then somebody comes and says you
| need to put a black box into your phone (which is btw spinning
| up whole java environment) if you want to make calls. You could
| probably get outraged at that too.
| staticassertion wrote:
| > It's like people who oppose cash payments out of the
| convenience of card/app payments
|
| Well, yeah, cards _are_ radically more convenient. And this
| eSIM also looks like it solves real problems. People want to
| solve real problems. Until "my eSIM provider won't let me
| register for email" (or something? I'm guessing that that's
| what you're saying is a problem) or "I have no physical SIM to
| swap into another device, and for some reason I care about
| that" are bigger problems no one is going to optimize for that.
| WirelessGigabit wrote:
| I've got 20,000 devices in the field. All SIM. Can't change
| providers as it would be cost prohibitive as I'd need to visit
| all locations.
|
| With eSIM I can just push a new configuration.
| tomashubelbauer wrote:
| I am not sure how common this is in the US or other countries,
| but in the Czech Republic (maybe in the whole EU?), the carrier
| is obliged by law to provide you with a special numerical code
| which you can then use to transfer your phone number to a new
| carrier without the old carrier being able to do anything about
| it or indeed being involved in any way at all. This completely
| erases the need to have a physical SIM in order to keep your
| phone number.
|
| I am not sure whether carriers here offer prepaid eSIMs though.
| krzyk wrote:
| Same in Poland. The usdye is that not all providers support
| esim (2 out of 4)
| axg11 wrote:
| SIMs were/are also issued by carriers? You have to go through
| carriers either way. You're using their network.
| ajsnigrutin wrote:
| You got a sim and you put it in any phone you wanted. Now
| every time you switch a phone, you have to contact your
| carrier and possibly even get charged for the change.
|
| If you travel a lot, you just buy a prepaid sim card in
| whatever country you're in, and put it in a phone, then leave
| the country, take the sim out and use another sim in that
| country. Some new phones (notably the new iphone, us version)
| don't even have a sim card slot anymore.
| selykg wrote:
| > Now every time you switch a phone, you have to contact
| your carrier and possibly even get charged for the change.
|
| This depends on the carrier.
|
| I use US Mobile. In their app, there's a very simple button
| on each line's screen to transfer the eSim to another
| phone. I converted my physical sim to eSim on my iPhone XS
| before the iPhone 14 came out a couple weeks back. When I
| got my iPhone 14 I was able to transfer the sim to my new
| phone in about 30 seconds.
|
| The ONLY gotcha here is you do need internet access to make
| this work, so that is one thing to keep in mind. But it's
| super easy to do and I really don't see a majority of the
| complaints around how easy it is being legitimate. I
| suspect many of you haven't actually used eSims before.
| lxgr wrote:
| Or you just use a carrier that allows re-scanning eSIM
| activation codes. Then the only problem is your device
| physically breaking, which actually "traps" the eSIM
| profile.
| Nextgrid wrote:
| So you depend on the company's goodwill. Has this _ever_
| worked when it comes to monopolized industries?
| lxgr wrote:
| As others have mentioned, companies can (and some but not
| all do!) tie physical SIMs to a given IMEI just as well,
| so it's less a question of goodwill and more one of
| competition, consumer education and choice etc.
| ajsnigrutin wrote:
| I think this (tieing phones to sims and vice versa) is
| forbidden in EU.
| wiredfool wrote:
| ESims are quite nice, out here in the real world.
|
| You can travel to a different country, find your data is crap
| because reasons -- either they're not roaming well (hello edge
| on a cheap out of country provider), or you've travelled to
| Switzerland and data now costs 7.13eur/mb. (yeah, a car/Gb)
|
| So you pay for an ESIM from an MNVO, get a qr code, install,
| and you're good to go in 5 minutes from any network connection.
| Nothing physical required. And your normal number is still
| there for incoming calls/texts, because all the ESIM phones
| I've seen have at least two slots (or one + physical sim)
|
| Of course, you've got to have an unlocked phone. But you wanted
| that anyway.
| bane wrote:
| I perceive the problem differently. Google Fi has
| demonstrated that it's possible to arrange service agreements
| across providers that offer consistent, predictable,
| relatively low costs for people that travel frequently
| between countries. If there was another couple global-scale
| competitors to Fi I'd wager we'd see competition squash the
| prices down even more. But at the moment, when I step off a
| plane or drive across a national border it's an experience
| basically equivalent to driving across states here in the
| U.S. I've used it in 4 continents and about 20 countries now
| and it's pretty much instant.
|
| The problem of course is that Fi is U.S. based which brings a
| few extra headaches with it for people who want the service
| but are based overseas, or for expats living abroad for a
| long period of time.
|
| Note: I also have some Voip apps on my phone giving me a few
| different phone numbers to the same phone without the
| SIM/eSIM mess. But these days I'm finding I'm more or less
| just making voice calls over apps anyways meaning I'm using
| voice service less and less.
| Sohcahtoa82 wrote:
| +1 for Google Fi
|
| I use Google Fi and I've been to the Netherlands, France,
| Spain, Italy, and Switzerland. When I landed, I'd get a
| text message saying something like "Welcome to $COUNTRY!
| Your data is $DATA_RATE per gigabyte and voice calls are
| $VOICE_RATE per minute. It may take a couple minutes to get
| connected"
|
| DATA_RATE has always been the standard Google Fi rate of
| $10/GB (with data free after a certain point, and free but
| throttled at another threshold), and the voice rate is
| typically 10 cents/minute.
|
| For people that do a lot of travel and use a lot of data,
| you can even get an unlimited international data plan.
|
| But yeah, I can go to nearly any first world country, and
| even some 3rd world countries, and not pay extra for my
| data. The fact that Verizon/TMobile/Sprint/etc. can't get
| their shit together and make this happen for their
| customers feels like a scam.
| xur17 wrote:
| > The fact that Verizon/TMobile/Sprint/etc. can't get
| their shit together and make this happen for their
| customers feels like a scam.
|
| TMobile provides this same service for free for
| international travel (I actually wonder if this is where
| Google Fi gets the service for it from).
| meragrin_ wrote:
| > The fact that Verizon/TMobile/Sprint/etc. can't get
| their shit together and make this happen for their
| customers feels like a scam.
|
| Or maybe it is not worth it because the cost of doing so
| is not worth the possibly small number of people who
| would use it? A good number of people never even leave
| the country. I wouldn't be surprised if the vast majority
| of people in the US leave the country five or fewer times
| in their lifetime.
| lotsofpulp wrote:
| ATT is $10 per day, up to $100 per month after which the
| rest of the month is no extra charge. It starts and stops
| automatically when you start and stop using international
| data/voice/SMS/MMS.
|
| https://www.att.com/international/day-pass/
| Sohcahtoa82 wrote:
| Which is beyond ridiculous.
| throwaway29812 wrote:
| -1 For Google Fi. I traveled to 2 countries on their list
| of "compatible" places where data should work, it didn't.
| Called support, no explanation. Bought a cheap local sim
| card instead, which always makes more sense to do. Now
| that Whatsapp and iMessage both let you "roam" on a
| different sim while keeping your phone number, there's no
| reason to try and roam with your original plan.
| badrabbit wrote:
| Basically esims are more convenient, great. Why are they
| not optional? Why can't phones support both types of SIM?
| cageface wrote:
| Anybody who thinks esims don't have issues hasn't seen much
| of the "real" world. In a lot of countries esim still isn't
| even an option, especially if you're a visitor. At least in
| developing countries getting a physical SIM is as easy as
| paying a small fee on your way out the airport and popping it
| in your phone or picking one up in a convenience store.
|
| I just arrived here in Panama and got a local sim for $5/week
| from a grocery store. The esim options were 2x this price and
| required installing special apps.
| WastingMyTime89 wrote:
| Airalo just works in most of the world. I travel quite a
| lot and eSIM made my life a whole lot simpler.
|
| Before you had to find an operator kiosk at the airport and
| negotiate with someone there who might or might not speak a
| language you speak to try to get a pre-paid vaguely firing
| your need if one exists. Now you can just pre-buy in app
| before your flight and everything pretty much just works.
| gwill wrote:
| can't a regular sim be typed in manually and used as an
| esim? at least that's how it worked on my iphone a year
| ago.
| bodyfour wrote:
| My bet is that this is going to change a lot, very soon.
|
| Apple apparently felt comfortable enough with the eSIM
| situation in the US to drop legacy-SIM already. The fact
| that they couldn't do this worldwide yet is because, as you
| say, eSIM availability is still spotty around the world.
|
| However, the fact that they're moving to eSIM-only is a
| huge flashing warning to telcos around the world that the
| time to sort out their eSIM support is now. Otherwise,
| they'll soon be chasing away their affluent iPhone users.
|
| I think the transition will now proceed pretty quickly.
| Physical SIMs have only continued on due to market inertia.
|
| In a few years we'll look back and think "remember when SIM
| cards were physical objects... that was weird wasn't it?"
| dathinab wrote:
| Appel was a major driver of esim because they are
| obsessed with controlling every part of their phone so
| having a SIM card they don't control in their phone
| didn't fit well with them at all.
|
| So dropping the SIM in the US is more a consumer hostile
| move to save a few cents and force them to use the tech
| Apple wants you to use then anything else.
|
| They can't do that in many other countries as neither
| carrier nor population where okay with accepting not
| having a SIM slot.
|
| eSIM is easily usable in the EU many people still insist
| on using physical sim cards for various reasons, similar
| "unlocked" phones are the standard in many EU countries.
| I'm not even sure it's legal to sell carrier locked
| phones in all EU countries, I think it isn't at least in
| some.
| srmarm wrote:
| I agree, I also remember when sim cards were credit card
| sized!
| jackson1442 wrote:
| eSIM can be sold in physical stores as well, just as a QR
| code rather than a physical chip. Sibling comment addresses
| the cost issue as well.
| nsriv wrote:
| I keep seeing this sentiment and it's incredibly obvious
| that people are traveling to European or developed Asian
| countries. The sim situation in most other countries is
| exactly as you describe if not worse, and that's also
| accounting for language barriers between the traveler and
| the vendors.
| supertrope wrote:
| In some countries no domestic carrier supports eSIM.
| dweekly wrote:
| Here's a map, thanks to a Redditor: https://www.reddit.com/
| r/ios/comments/x8r6a3/countries_that_...
| bsimpson wrote:
| It's so nice to not have to spend the first day of a trip
| wandering around looking for a SIM shop that's open and will
| sell to you with a foreign passport.
|
| Last time I was abroad, I set up an eSIM while I was waiting
| at baggage claim, so I had service on my multihour train
| connection.
| tinus_hn wrote:
| Can you actually get a European sim without showing ID?
| That would kind of surprise me, there has been a big push
| to get rid of anonymous phone numbers.
| wiredfool wrote:
| Depends, I think you can get them in Tesco pretty easily,
| and the MVNO I was talking about was giving numbers for
| their data plan from the UK, but with roaming all over
| Europe.
|
| I think it's more difficult in Germany than a lot of
| other countries.
| jiayo wrote:
| In France, providers will require you to provide KYC
| information within 14-30 days of obtaining the SIM, or it
| will be deactivated. Suitable for a short-term travel use
| case.
| ugjka wrote:
| Here in Latvia you can buy sims from all major providers
| without any ID for as low as 0.99EUR. The caveat is that
| you have to top up them regularly because they have
| expiry times depending on the amount you top them up.
| bsimpson wrote:
| Swype by Yallo is the eSIM I've used.
|
| My Telecom Italia SIM ran out of roaming data while I was
| in Switzerland, and there was no way to top up. Swype had
| a first month free promo, so I signed up from my Airbnb.
| I did have to send a photo of my documents, but the total
| time from download to data was less than 30m.
|
| I took a quick (1 week) work trip to Germany this summer.
| I was trying to figure out how to get a SIM before
| getting on the train, when I remembered I still had the
| eSIM in my phone. I downloaded the app and bought data -
| $15 per month + $3 per day (since I was roaming). Not
| only was it super convenient, but I had unlimited data
| with roaming. I don't think even local cards get you
| that.
|
| For short trips to Europe, I definitely recommend Swype
| for its convenience.
| linuskendall wrote:
| In Sweden there are usually stands where you can pick up
| sims for free, in airport outside shops etc.
| schwartzworld wrote:
| > It's so nice to not have to spend the first day of a trip
| wandering around looking for a SIM shop
|
| I went to three different countries this summer and all of
| them had sim cards available on your way out of the
| airport. In Armenia, it was in the baggage claim.
| SpectralTheory wrote:
| I did not notice this in Ireland, but I may have missed
| it. It was this easy in London though.
| throwaway29812 wrote:
| Also all EU sim cards roam in the whole of the EU
| automatically.
| thekid314 wrote:
| This is sometimes true. Like in Tunisia where they give a
| free SIM in baggage claim. But I crossed a lot of land
| borders through west africa where it would be a day or
| two of traveling before I could find an official store
| that had a physical SIM.
|
| Experiences differ.
| tgsovlerkhgsel wrote:
| The increased competition from international MVNOs likely
| also helps drive prices down.
|
| When you're traveling and don't want to plan weeks ahead,
| your options with physical SIMs typically were either
|
| 1) special roaming-oriented SIM cards from your local country
| (which were still a massive hassle and had to be ordered days
| in advance to allow for delivery),
|
| 2) getting a SIM in the destination country (hassle and might
| not always be possible)
|
| 3) very expensive offerings from your own provider, if they
| even had something better than the aforementioned car-per-GB
| rates.
|
| Now, you can get an eSIM from an MVNO that's from a third
| country, before travel or from the airport/hotel WiFi,
| usually also bypassing any bureaucratic bullshit that the
| destination country imposes on getting a local SIM.
|
| And these "travel eSIMs" are often cheaper than local
| offerings even for use in your home country.
| endgame wrote:
| For now. And the move to "eSIMs" will be a one-way door.
| There's a reason embrace, extend, extinguish works as a
| strategy.
| sangnoir wrote:
| > So you pay for an ESIM from an MNVO, get a qr code,
| install, and you're good to go in 5 minutes _from any network
| connection._
|
| Physical SIMs require _no network access at all_ : as a
| matter of fact, acquiring a SIM may be a prerequisite of
| getting a network connection in a foreign country.
| enos_feedler wrote:
| That has never been my problem. Dealing with people,
| stores, passport verification, scams, etc has been.
| mig39 wrote:
| I'm Canadian. I recently travelled to Spain & Portugal for
| more than a month, used a Hong Kong esim for data for a few
| days until I found a local physical SIM. Then swapped between
| both depending on the coverage.
|
| I bought the esim at the airport, while waiting for my bags.
| badrabbit wrote:
| You mentioned all the conveniences which I never disputed. As
| an optional feature I have no problem against them.
| rvz wrote:
| Yeah. They want a magnificent dystopia, where everything will
| be digitalized and you will be tracked, micro-chiped, no
| privacy, own nothing, only rented and be a happy 'user'.
| iknowstuff wrote:
| olliecornelia wrote:
| Physical SIMs are microchips.
| systemvoltage wrote:
| I think OP meant microchips that cannot be detached from
| the device.
|
| Physical SIMs can be easily disconnected and destroyed
| without destroying the device.
| Nextgrid wrote:
| Which doesn't help from a tracking point of view because
| the device still retains a persistent, unchangeable
| identifier (the IMEI) which will be broadcasted as soon
| as you insert a new SIM (and maybe without one even,
| since in certain locations SIM-less emergency calls are
| possible).
| [deleted]
| softfalcon wrote:
| I'm seeing a lot of people advocating for either eSIM or standard
| SIM slot. I feel like the real question should be "why not both?"
|
| I know there are economics, control, tracking, or whatever at
| play. Regardless, I think the phone should have a SIM slot and it
| should ALSO have eSIM functionality.
|
| I can almost guarantee the reason they're pushing for eSIM is
| because it's cheaper to manufacture a phone without a milled out
| slot with water sealant lining, little switch to pop out the SIM
| deck, etc.
|
| Can we all not agree that the real "enemy" here is the
| corporations taking away your options? If we were really thinking
| about the consumer here, we'd be ensuring you had access to both
| technologies to ensure your phone is robust and capable of
| working on any network regardless of their SIM requirements.
|
| Maybe this is crazy talk though. Maybe eSIM is so amazing, old
| SIM doesn't even matter anymore, but I can't help but feel like
| I'm right here, because having both quite literally appeases
| everyone except rich corpo's trying to save a buck.
| tekchip wrote:
| Wow, eSIMs hit first in this discussion? Not the glaring
| nightmare of security QR codes are. I thought about providing
| links but there's such a vast host of writeups about it I'll
| leave it for the reader to search and discover. Yikes.
| bhc wrote:
| >But in recent years, nearly every modern phone shipped today has
| an eSIM
|
| How many phones other than iPhone, Pixel, and (very recent)
| Galaxy S/Z have eSIM? There aren't that many cellular IoT boards
| that support swappable eSIM either (some boards say eSIM, but
| what they mean is that the IoT vendor's SIM is soldered onto the
| board - thus "embedded SIM"- not that you're allowed to load eSIM
| of your choice).
| easton wrote:
| Is the idea with this that it'll be a data-only eSIM? I'm not
| seeing any mentions of phone service in the blog post (maybe it's
| just implied and I'm dumb). I think iOS and Android have support
| for multiple eSIMs where one is used for data service, so that
| would work, although I don't know if companies want to pay for
| everyone to have a data plan AND a SMS+phone plan.
| jgrahamc wrote:
| Currently data only.
| wilde wrote:
| > And all this is before you add in the further complication of
| Bring Your Own Device (BYOD) that more employees are using --
| you're trying to deploy Zero Trust on a device that doesn't
| belong to the company.
|
| Yeah, this is a pretty impressive technical solution to a problem
| created by the company. "We're too cheap to buy equipment for our
| employees to use, so instead we need to spy on all of your
| personal data."
| base0010 wrote:
| I had hopes this product would be way less draconian. People miss
| the real reason you should push back on eSIM-only devices! It
| seems that most of HN hasn't done their DD on how eSIM
| provisioning dosen't work unless you're a billion dollar telco
| incumbant..... The eSIM-only precedent telco tech giants are
| pushing towards is part of the time honored tradition of locking
| consumers out of their own hardware. Indeed, this is another
| version of "the carrier owns the hardware you've purchased".
|
| TL;DR in order to provision an eSIM to live inside the eUICC
| (secure element inside phone); as per GSMA standards your eSIM
| HAS to have a key signed by a SOLE CA determined by the GSMA and
| the incumbent billion dollar telco industry cartel!!! With a SIM-
| card you have the freedom to connect to any network you want
| including those that aren't inside the realm of:
|
| "Only eUICC manufacturers, and SM-SR and SM-DP hosting
| organisations that have successfully been accredited by the GSMA
| SAS can apply for the necessary certificates from the GSMA
| Certificate Issuer to participate in the GSMA approved
| ecosystem."
|
| Please push back on this draconian nonsense as a whole people!!!
|
| eSIM Whitepaper: https://www.gsma.com/esim/wp-
| content/uploads/2018/06/eSIM-Wh...
| jackson1442 wrote:
| Should we reject TLS certificates for the same reason then? If
| they aren't trusted by the "TLS cartel" then your users are
| told that the site is "not secure" and shouldn't be trusted.
| Many browsers will even completely block you from accessing
| pages without valid trust roots.
| barathr wrote:
| I think the term "zero trust" creates a bit of confusion, in this
| and other contexts -- not Cloudflare's fault, because the term
| has been used/abused quite a bit. I think it's a good idea to
| prevent SIM swapping attacks, and it looks like this will, like
| Efani does.
|
| TLDR: this will lock a corporate SIM to a device and then connect
| the device to the perimeterless corporate network.
| Nextgrid wrote:
| > then connect the device to the perimeterless corporate
| network
|
| With the huge caveat that the carrier can still see all the
| traffic and reissue the "trusted" eSIM to a different device
| and take over this data connection.
| neatze wrote:
| Even for basic https request, would you need certificates ?
| vl wrote:
| I'm confused about what it is.
|
| It looks like it's Cloudfare's MVNO eSIM. What's zero trust about
| it?
| judge2020 wrote:
| > Preventing employees from visiting phishing and malware
| sites: DNS requests leaving the device can automatically and
| implicitly use Cloudflare Gateway for DNS filtering.
|
| > Mitigating common SIM attacks: an eSIM-first approach allows
| us to prevent SIM-swapping or cloning attacks, and by locking
| SIMs to individual employee devices, bring the same protections
| to physical SIMs.
|
| > Enabling secure, identity-based private connectivity to cloud
| services, on-premise infrastructure and even other devices
| (think: fleets of IoT devices) via Magic WAN. Each SIM can be
| strongly tied to a specific employee, and treated as an
| identity signal in conjunction with other device posture
| signals already supported by WARP.
| ranger_danger wrote:
| How are they the first? MobileIron and others have been offering
| solutions for at least 2.5 years now.
| greenie_beans wrote:
| I can't help but think of Room 641A every time they announce a
| new project where they're like "we'll take care of it by
| directing your traffic through our network"
|
| https://en.wikipedia.org/wiki/Room_641A
|
| edit: whoops. let me be clear that i'm a big fan of cloudflare!
| that's just where my brain wanders sometimes
| dannyw wrote:
| For most companies, the NSA is not part of their threat space.
| orthecreedence wrote:
| The NSA is in everyone's threat space, because who knows how
| the information will be used _later_. "Well, they aren't
| using it to hurt me at the moment" isn't a great reason to be
| non-critical of mass surveillance.
| supertrope wrote:
| For targeted surveillance yeah guarding against intelligence
| agencies is extremely difficult. But there are choices like
| self-hosting file storage versus putting it in the cloud. One
| option makes your data easily collectible.
| lizardactivist wrote:
| But the company is part of the USA's threat space -- everyone
| is an adversary and potential enemy, and all information that
| can be useful will be collected.
| ezekg wrote:
| Yep. I'm convinced CF is government-backed mass-surveillance
| through a "private company." I'd love to be convinced
| otherwise, but it's the NSA's dream to man-in-the-middle the
| Internet.
| eastdakota wrote:
| Except it'd be the end of a $20B company that I have a huge
| stake in ensuring doesn't end. So, so long as I'm CEO,
| there's no way in hell that'll happen. If all you believe in
| is my economic interest, it's far more lucrative to be the
| trusted, private network over time than any alternative. And
| so we'll invest like crazy to ensure, even if compelled, we
| wouldn't have the ability to compromise the integrity of the
| data flowing through our network.
| orthecreedence wrote:
| You don't have a choice in the matter. Your refusal would
| simply mean your imprisonment. Economics has absolutely
| nothing to do with it. Welcome to the modern surveillance
| state.
| eftychis wrote:
| It is not even his choice necessarily. They can go to a
| different person in the company with the notorious
| letter.
| orthecreedence wrote:
| Agreed. And let's be honest...they already have.
| amoshi wrote:
| Imprisonment or the company being bled dry[0].
|
| [0] -
| https://www.theguardian.com/world/2014/sep/11/yahoo-nsa-
| laws...
| humanistbot wrote:
| If I was the US Government / NSA, I'd pay $20 billion to
| secretly own cloudflare.
| eftychis wrote:
| Plus premium. It would be free in practice.
| bogomipz wrote:
| >"If all you believe in is my economic interest, it's far
| more lucrative to be the trusted, private network over time
| than any alternative."
|
| And yet AT&T has proven otherwise. [1][2]
|
| [1] https://www.macrotrends.net/stocks/charts/T/at-t/stock-
| price...
|
| [2] https://en.wikipedia.org/wiki/Room_641A
| iknowstuff wrote:
| The person you are responding to wasn't suggesting you are
| altering the data ("compromising its integrity"), but
| snooping on it, which you obviously have the ability to do
| and can be compelled to do it.
| yabones wrote:
| Right, but 641 wasn't about the integrity of the data, it
| was about the confidentiality. They had a big-ass fibre
| splitter intercepting the firehose of the internet, and
| presumably running protocol analysis on "their" copy of it.
| They weren't injecting malware into it a la Sony, just
| grabbing a carbon copy. And largely, people were okay with
| it in the name of "national security" following the
| September 11th attacks.
|
| I have every confidence that CF doesn't do that _today_ ,
| but since it's the termination point for TLS for a HUGE
| portion of the internet (including my own sites ;p), that
| seems like a huge target for feds to try to tap into. I
| think a lot of peoples' concern is that someday it could
| happen under a more authoritarian cabinet and court. As
| long as it _can_ be done, it eventually will.
|
| Absolutely nobody wants that, save for a couple very under-
| educated and highly powerful individuals. But the rest of
| us might not have a choice.
| ranger_danger wrote:
| Why do you continue to provide services to 0chan.life who
| openly post massive amounts of monkey torture videos?
| tgsovlerkhgsel wrote:
| Counterarguments to that:
|
| - Room 641A wasn't the end of AT&T, and I'm sure the three-
| letter agencies have a way to make your economic interest
| align with theirs (e.g. through legal or extralegal
| threats).
|
| - Even if you personally are trying to prevent it, they can
| compel employees and plant a backdoor, possibly a non-
| obvious kleptographic one in the encryption you use in the
| backbone. You might genuinely not know if it was happening
| (and if you knew, you'd be forced to deny it, both to
| preserve the stake you mentioned and presumably due to dire
| consequences from the three-letter agencies if you talked).
|
| - Snowden revealed the existence PRISM, but the details and
| level of collaboration are still not really known today.
| The companies have certainly survived it. All the negatives
| sides of collaboration only manifest if it is discovered,
| which is far from guaranteed.
|
| Just to be clear, this is not accusing you of being
| corrupt, malicious, or a willing participant, just pointing
| out the harsh reality that your wish to not participate in
| this may not matter much.
| peterhadlaw wrote:
| Would be nice if you acted as a neutral infrastructure
| party.
| kebdjsvdjsbs wrote:
| hi. love CF and all the free services.
|
| care to elaborate on the interview you mention the DHS
| hinted to the value of CF (nee honepot)?
|
| was it a formal feedback? from a person related to dhs but
| in a personal setting? how that happened? and what
| relationship continued/started from it?
| LightHugger wrote:
| You already have? You've proven that you'll just do
| whatever media tells you to do. Media is not exactly very
| dangerous. Why wouldn't you also fold to far more dangerous
| government pressure, especially if you're also being
| pressured by media at the same time?
| temptemptemp111 wrote:
| johnklos wrote:
| Even if we take what you say at face value, you've already
| done too many things that err much more on the side of
| money than on the side of doing the right thing.
|
| But honestly, any casual consideration of Occam's razor
| with relation to your company's actions would be much more
| simply understood if we consider that Cloudflare wants to
| be a monopoly.
|
| Is Cloudflare ever going to stop trying to centralize more
| and more of the Internet? Please - go ahead and tell me
| about how, at some point, because you care so much about
| being trusted, you'll say, "You know what? We're getting
| too big. Let's pump the brakes on that and help out some
| other companies so the Internet's resilience won't be
| harmed."
|
| Could that ever happen? Would that ever happen? Or will you
| just keep finding excuses and telling lies about how what
| you're doing for the world is for "everyone's own good"?
| mike_d wrote:
| > we'll invest like crazy to ensure, even if compelled, we
| wouldn't have the ability to compromise the integrity of
| the data flowing through our network
|
| By aggregating the whole internet onto Cloudflare you are
| creating choke points where fiber taps are far more
| effective to deploy than the previous situation where they
| needed to tap hundreds of different regional providers.
|
| Sure you can do encryption for data in flight, but your
| keys and CA infrastructure now become one of the most
| valuable intelligence targets. Unless you can attest that
| not a single CF employee has family in China, or gambling
| problems here in the US, was born in Russia, etc. there is
| a weakness somewhere waiting to be exploited.
|
| We don't care what makes financial sense for you now. One
| day you will be dead, and what you created will be taken
| private by a well resourced entity with less morals.
| orthecreedence wrote:
| > whoops. let me be clear that i'm a big fan of cloudflare!
| that's just where my brain wanders sometimes
|
| I'm not. They're one of the biggest vectors for the
| centralization of the entire internet. You're right to be
| critical of every single thing they do.
| greenie_beans wrote:
| agreed, i'm just a fan of their innovation. would be cool if
| we could decentralize their tech. somehow use their data and
| code to standup my own ddos detection system without having
| to proxy through them
| neilv wrote:
| > _By integrating Cloudflare 's security capabilities at the SIM-
| level, teams can better secure their fleets of mobile devices,
| especially in a world where BYOD is the norm and no longer the
| exception._
|
| Please consider _not_ doing BYOD for company business.
|
| Quick summary of IMHO, from some companies where I've defined or
| advised on infosec policy...
|
| From the employer side, BYOD is bad for security and liability.
| From the employee side, BYOD is bad for privacy&security.
|
| Regarding employee's personal info on BYOD (since it's less
| familiar concern than company protecting IP and operations)...
| Whether or not there's MDM, it's a big problem for employee and
| company, when security team needs to investigate an incident, or
| when legal proceedings mandate that forensics expert clone/search
| a device, and that bumps into personal info. (Personal info
| revealed can include private personal conversations, intimate
| photos/videos of employee and partners, job searching, medical
| information, non-public sex/gender/etc. identity, protected
| classes for discrimination, Web history, etc., to possibly the
| company or some outsiders.) Also a big problem if the company
| needs to wipe or lock a device to secure IP, and that would wipe
| personal data or lock employee out of it.
|
| No work on personal devices. No personal on work devices. Being
| strict about this from the start is to everyone's benefit (before
| complicating practices set in, the wrong services are
| bought/deployed, etc.).
|
| For employees who actually need to carry smartphones for business
| (e.g., executives, marketing, sales, other non-engineers), the
| company should issue devices with plans, to be used exclusively
| for business.
|
| For work calls for people who don't get issued company
| smartphones, use a service from the work laptop.
|
| For rare alerting eng/ops/etc. in the off-hours, when they don't
| have a company-issued smartphone, alerting can be to a personal
| device, but the alert should convey no info other than what is
| the urgency to get to the company laptop.
|
| Also possible side life balance benefit of strict work and
| personal separation on devices, especially with WFH/hybrid and
| carrying a laptop home: without work on personal devices, an
| employee can just physically put the work device(s) in a
| drawer/bag for the evening, and call work over for the day, or
| until they're ready to take it out. (No associating their
| personal devices with work, no interrupting with work off-hours
| while people recharging and with family, no trying to use
| unreliable software settings correctly to suppress work messages
| at some times and not others, etc.)
| BrainVirus wrote:
| They want to be in front of every website, behind every DNS
| request and now they want to control your cellphone traffic -
| while bleeding money by tens of millions of dollars a year and
| making promises they don't intent to keep. The trajectory of this
| company's life is obvious in advance.
| c8g wrote:
| Unfortunately, I guess, it won't available in the most part of
| the of the world at a competitive price to local operator.
| nanankcornering wrote:
| Please make this product available for non-enterprises too (at a
| cost, of course.) @jgrahamc @eastdakota
| jgrahamc wrote:
| That's kind of our playbook, right?
| edsimpson wrote:
| As a consumer, if pricing was reasonable, I would switch to
| this is a heartbeat.
| chris_st wrote:
| Looking forward to hearing about it -- but I really do want
| to be able to use it with my phone ISP (Irritating Service
| Provider :-) and not have to switch to some specific
| provider. I use MVNOs (specifically, Ting Mobile now, but
| I'll be switching to US Mobile soon).
|
| Also, I'd like to be able to use your DNS _and_ NextDNS 's
| one -- I love your security, but (particularly on mobile
| where I pay per byte for data!) I love that NextDNS blocks
| tons of ads and trackers. So much less data downloaded. So
| much faster internet. So much nicer too.
|
| Thanks for doing CloudFlare! I use it for my websites, would
| be cool to know it's (deeply) protecting my phone too.
| systemvoltage wrote:
| I know you're the CTO, I just wanted to say that Cloudflare
| is an amazing company that recently took a couple of steps in
| the wrong direction. The new playbook seems like it has added
| a page of crayon doodles.
|
| Intellectuals understand what happened with the censorship
| incident on both sides of the argument, but both agree that
| _trust_ is one of those things that builds over time and
| difficult to achieve. IMO a company such as Cloudflare needs
| to build trust through extreme sense of stability and
| guarantee. Rule book needs to be super explicit with zero
| ambiguity written with a precision pencil, not a spray can.
| navigate8310 wrote:
| Also, countries specifically South Asia
| nanankcornering wrote:
| that's great to hear. thought it was going to be locked
| behind enterprise door.
| jacooper wrote:
| So its basically a Sim with a VPN Built in?
| Nextgrid wrote:
| VPN in the sense that it puts you on the company LAN, yes.
|
| VPN in the sense that it's private and secure, no - the carrier
| has full access to the traffic.
|
| (that's not a dig at Cloudflare, it is a shortcoming of the
| mobile protocols - the network _has_ to have access to the
| traffic by design)
| death_syn wrote:
| It sounds a lot like Enterprise Google Fi to me.
| swyx wrote:
| yeah. pretty innovative, love this kind of unconventional
| thinking. good "why now" as well with the iphone supporting
| esims first class
| ignoramous wrote:
| It is amazing that Cloudflare is going after CrowdStrike,
| AWS, ZScaler, Vimeo, Twilio, Netifly, Cisco, PA Networks,
| Tanium, Wiz all at once.
| swyx wrote:
| fwiw its not all sunshine and roses. have had a couple
| chats with recent ex employees that this has caused
| internal strain. nothing unexpected ofc
| silentlinkuser wrote:
| yellow_lead wrote:
| > What if employers could offer their employees a deal: we'll
| cover your monthly data costs if you agree to let us direct your
| work-related traffic through a network that has Zero Trust
| protections built right in?
|
| No thanks..What is "work-related" and what isn't? I see huge
| privacy implications here. If my company wants to install this
| potential-spyware on my phone then they should just offer a
| separate phone. Personally, I don't mind carrying it if I'm "on-
| call" one week out of the month or whatever.
| ok_dad wrote:
| I wonder if it is easy enough to "swap" e-SIMs that one could
| load your work profile on your phone (can iOS do that? I am not
| sure, but Android can anyways), swap sims before work starts,
| do work, "go home", swap back to your personal phone profile
| and personal sim.
|
| Otherwise, I agree: give me a work phone if you want to snoop
| on it, otherwise please just text or call me on my personal.
|
| My current company pays partly for my phone (like half?) and
| don't expect anything in return, they just wanted to make sure
| if I used it to make calls for work I was paid for that (I
| never do anyways).
| jackson1442 wrote:
| iOS can swap, it's just a flag in your phone app/control
| center.
|
| My personal preference is expensing a phone bill. That way I
| maintain billing control and just save some money. Or a
| company phone, but I've yet to have that offered to me.
| dathinab wrote:
| > [..] logs only what it blogs
|
| putting aside that it's not clear weather it can be configured to
| do so or always does so and if the employee has any way to know
| if it is configured to log only blocked content or log everything
| its still a no-go
|
| the things is that content which is fully legal no-risk is feed
| all the time into block list and fishing protection to make it
| less accessible
|
| for example the CCC ticket selling side was frequently "somehow"
| in the minor protection DNS filter enabled by default by all UK
| ISPs...
|
| you can be pretty sure that union and employer right protection
| related sites will "somehow" end up in the filter and not only
| will that bar the employee from realizing their information
| need/rights, it will also show up in the log accessible to the
| employer
|
| then you probably can configure the "protection". How long will
| it take to be possible to enable blocking of adult-content or
| similar? This would lead to a potential indirectly exposing of
| employee sex related preferences to the employer, or religion, or
| ...
|
| Trying to pretend this system is not incredible invasive to
| employees privacy is hypocrisy and puts a pretty bad light on
| cloudflair. I mean they could say it's less invasive then many
| other existing methods, I guess that might be right, but that
| doesn't mean it's okay at all.
|
| In the end trying to marry BYOD with security is just nonsense.
| If the work tasks need a phone then provide a phone to the
| employee (which could use this system). If you only worry about
| 2FA use HSKs. Remove phones out of any security related
| procedure, that is anyway recommended for other reasons like SIM-
| hijacking. Then don't require or allow employees to install
| anything which could be used as a attack vector on their private
| phone, no slack, no teams no nothing. If there is an emergency
| you can call them and tell them to use their employer provided
| device, it's that simple.
| rasz wrote:
| That is a lot of text to say "trust us bro". First we gave cf
| decryption keys to most of https web traffic, now they want to
| own cellphones, for our privacy of course!
| 2Gkashmiri wrote:
| wait till clouflare decides to ban a website from their network
| and you suddenly cannot access them unless YOU CHANGE YOUR SIM
| PROVIDER, that sounds fun
| MrBuddyCasino wrote:
| Wait until they block your SIM for posting wrongthink. Now you
| cannot access any website on your phone!
| lizardactivist wrote:
| You can say that again. Zero trust that Cloudflare, the largest
| man-in-the-middle of the Internet which began its life as a CIA
| honeypot, will not abuse this.
| INTPenis wrote:
| Yeah I was just thinking the same thing, zero trust except of
| course for CloudFlare, you have to trust them implicitly.
| beeenthusiast wrote:
| I'd not heard of Cloudflare starting out as a CIA honeypot.
| What are the details on this?
| throwaway29812 wrote:
| Also looking for a source for this claim.
| rglover wrote:
| Bingo. Way too much centralization of communications in
| exchange for mild convenience.
|
| And of course, it will be dismissed with a "you're just
| paranoid" pat on the back until, inevitably, and predictably,
| they weaponize it (with the back-patters being nowhere to be
| found).
| mschuster91 wrote:
| The only attack this is preventing is corrupt or confused mobile
| network customer service representatives issuing a valid SIM card
| to an attacker so that the attacker can intercept 2FA SMS
| messages, but any larger-ish company should already have a
| corporate phone plan with _clearly_ established contact points to
| do any kind of change.
|
| So what I don't really get is, what is the actual advantage? And
| besides, Cloudflare _will_ have to run as an MVNO if they 're
| rolling their own SIM cards / eSIM keys, which almost always
| means lower quality of service in congested network areas - there
| is no requirement for equal treatment of MVNOs I'm aware of, and
| even here in the EU you can clearly see that providers
| discriminate even between premium post-paid contracts and pre-
| paid contracts. Switching from Telekom's _own_ MVNO Congstar to
| Telekom proper was night and day.
| cr3ative wrote:
| The attack you describe (somewhat dismissively) is extremely
| common.
| mschuster91 wrote:
| Against private phone contracts, yes indeed - but as I said,
| large companies (which CF targets here) already shouldn't be
| vulnerable.
|
| For private phone contracts, we should kick the arses of our
| politicians and the regulatory agencies to finally do their
| job.
| staticassertion wrote:
| > but as I said, large companies (which CF targets here)
| already shouldn't be vulnerable.
|
| Only if you're willing to trust the reset process. The
| whole point of this is to remove that trust.
|
| Further, as noted, this doesn't just protect against that
| attack. It also allows for filtering at the data layer, so
| you can remove malicious traffic. And it also gives SIM a
| stronger identity, so if you're using a heuristic for
| identification (as you always are) it becomes a much more
| powerful entry.
| vinay_ys wrote:
| The same attack can be mounted against your corp IT admin in
| charge of your Cloudflare account.
| gigel82 wrote:
| Oh, that's disappointing, I was hoping they're entering the MVNO
| space with a consumer offer. Instead, it's an offer for companies
| to further spy on their employees :(
| jupp0r wrote:
| "We have sophisticated logging set up as part of Cloudflare One,
| and this will extend to Cloudflare SIM. Today, Cloudflare One can
| be explicitly configured to log only the resources it blocks --
| the threats it's protecting employees from -- without logging
| every domain visited beyond that."
|
| So my employer can log all of my network traffic metadata, but I
| can take their word for it that they have some setting set that
| it only logs hits on their deny list that they are filtering my
| private internet usage with? CloudFlare needs to give more power
| to employees here to make sure that employers are completely
| unable to monitor any traffic that doesn't go to their networks.
| The abuse potential for this in its current form is gigantic.
| stickfigure wrote:
| If your phone service is provided by your employer, they have
| control.
|
| Phone service is cheap. Get your own.
|
| See also: Email.
___________________________________________________________________
(page generated 2022-09-26 23:01 UTC)