[grlass]

I don't have a source to hand, but I've heard from other post-mortems that in SIM-jacking attack the carrier has been socially engineered into not bothering with the pin, ongoing court cases RE negligence perhaps on-going.

[grishka]

If they're able to issue a new SIM card without the system requiring them to enter the PIN first, then it's a very terribly designed system.

[mook]

They have to be able to issue a new SIM card without a pin in the case of a lost phone though. In that case they should probably check government identification, of course, and not be available remotely.

[grishka]

I thought you needed the PIN if you wanted that, too? As in, if you lose your phone and don't have the PIN set up with your carrier, you've lost your number and can't restore it.

[bombcar]

That would mean eventually there would be no phone numbers left for anyone.

[grishka]

No, that would mean they would eventually disconnect the service on that line for non-payment and give that number to a new subscriber.