(no title)

> a SIM card

That's basically what remote attestation is. But it's using TPMs (or similar) rather than SIM cards. The TPM has a key signed by the manufacturer, and that key can be used to sign tokens to prove that you possess a physical TPM and have it in a mode that provides access to that key.

The problem with either is that the system doesn't work if you can get access to the keys behind the system. That means banning everyone who uses a vulnerable model of SIM card/TPM implementation. SIMs are cheaper to replace, but you'd have to replace millions of them every time someone manages to voltage glitch a SIM card.

If you own an iPhone or Macbook, you have access to a browser you already does this: https://developer.apple.com/news/?id=huqjyh7k

> I was wondering if more sites will start to drift to a system where they require you to be logged in to an account attached to a SIM card in some ways.

I hope we move away from SIM cards - they'll require SIM based auth checks and low paid staff at cell phone companies will happily give away my SIM card to another phone to get a kickback from robbing people.

Such site is better provide some unique service no one else can.

There is no way I am sharing my phone number with random sites unless I absolutely have to, I get enough spam & scam already, and tracking potential is enormous.

No need for the SIM, just being logged in to something will probably be enough to stop most crawlers.

Then, if someone is logged in, you can throw TOS their way, and make it a legal problem.

Yes because having an account gets around adblockers, anti tracking, age verification and section 230 removal issues. ToS is already weaponized.

Phone number is also good because you can be reasonably sure as to whether it's voip or not. It is literally the one non-awful solution to the sybil problem we have discovered (the awful ones being things like gov id).