Couldn't somebody make a phone company with better security? It seems stories about accounts being stolen via the phone company as weak link have been around for several years now.
Why would you want to trust the phone company? This is a solved problem, use IP and SSL. Of course you can't implement the really dumb "half factor" SMS authentication this way (because it's shown for what it is.)
