Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It is more prone to social engineering hacks.

If you order an eSim in someone's online account, you can activate it. Done. hacked.

With a normal SIM card it will be sent to your home/office. Unless someone changed that somehow.



It's not that simple. A profile is generated for a specific, unique eSIM chip. You cannot install nor use a profile on another eSIM. The target device is tracked. That gives some traceability and security.

Then there are two variants of eSIM, for M2M and for consumer devices.

With the consumer variant the profile is requested from the target device itself. So you must own the device to install a new profile, and also have the needed credentials. So this is more than inserting a physical SIM today, where you also need the device but there's no local credentials and no SIM/device mapping.

For M2M, the profile is explicitly pushed to a specific device, which is remotely managed.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: