• @AndreyAsimow
    link
    English
    181 year ago

    Does this mean that hackers can do what corporates did for years now?

  • @JoeKrogan
    link
    English
    1
    edit-2
    1 year ago

    Interesting, I guess a mobile hotspot and use your phone without its sim card with WiFi on connected to the hotspot would protect against this.

    • @[email protected]
      link
      fedilink
      English
      21 year ago

      A mobile hotspot is effectively just a mobile without a screen. It would only provide protection from this exploit if sms was fully disabled

      • @JoeKrogan
        link
        English
        2
        edit-2
        1 year ago

        The hotspot would have its own sim card not the one that was in your phone. The one in your phone was removed in this case. The number of the hotspot is not known to the attacker and the phone can still be used for calls and texts via signal or WhatsApp or whatever

    • @d3Xt3r
      link
      English
      11 year ago

      But then you won’t get any SMSes. A better option would be to use a second Android device with your main SIM, and use call forwarding and an SMS proxy app. Or you could get a virtual number online, and give that number out to people, and keep your main number private.

  • @xc2215x
    link
    English
    01 year ago

    That is very serious. Unfortunate to see.

    • @d3Xt3r
      link
      English
      21 year ago

      It’s not that serious.

      "The procedure might be difficult to scale. The attacker will need to have Android devices in multiple locations sending messages every hour and calculating the responses. The collection itself can take days or weeks depending on how many fingerprints the attacker wants to collect.

      “Not only are the collection and the analysis difficult, but then you have also the problem of sufficiently and appropriately configuring the machine-learning model, which is related to deep learning.”

      The concern, says Bitsikas, is that a deep-pocketed organization could exploit the flaw to locate government leaders, activists, CEOs and others who desire to keep their whereabouts private.

      TLDR this requires a big infrastructure, planning, and a ML model tailored specifically towards you, which means this only really affects big targets like public figures - who wouldn’t be using SMS in the first place if they value privacy.