LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   General (https://www.linuxquestions.org/questions/general-10/)
-   -   If You Have a Smartphone.... you need to see this (https://www.linuxquestions.org/questions/general-10/if-you-have-a-smartphone-you-need-to-see-this-4175656705/)

enorbet 07-01-2019 09:48 PM

If You Have a Smartphone.... you need to see this
 
Greetings Ladies and Gents

Perhaps you've been online long enough to recall the days when, typically from some AOL member, we would get a frantic email alert for some supposed virus that could not only wipe your hard drive but change the temperature setting on your refrigerator, as we jokers used to say before there actually was any attacks on firmware. The only difficulty with those emails was figuring out a polite way to inform the sender, or many many senders, that was not possible but the "virus" was the email itself, hackers trying to earn "rep" for numbers in social engineering. This is not one of those.

As more and more devices are net connected and store information on us all (to varying degrees but very few are at zero) the greater is the attack surface. Smartphones combined with The Cloud have increased that surface by orders of magnitude and unfortunately some web-based devices have very low requirements for security. One of those is smartphone service.

If you forget any part of your account info it is easy to get it back, commonly just by stating your phone or account number. It isn't hard for others to get that data and on it's own it seems harmless enough...
...BUT....
Just as you can get into your account easily if you've lost your password so can anyone else if they have just a slight bit of information commonly and readily available to almost anyone, certainly practiced criminal hackers. With this they can contact your provider and once told "you" have a new phone to replace your old one, their SIM gets your phone number and your "old" SIM gets locked out.

Especially if you send/receive email on your phone it is not very hard to access every other account you may have - Facebook, Twitter, all the way up to and including banking. Just recently tech savvy people are getting locked out, losing all of their accounts, including bank accounts. It's kinda like living in Fort Knox but leaving a first floor window open.

Here's a decent article about the increasing issue and a little bit of how you can protect yourself.

https://www.engadget.com/2019/06/28/...h-ZB1YMoOInlnx

Michael Uplawski 07-02-2019 12:47 AM

Sorry, I cannot but become aggressive in real life; here I try my best, but as my English keeps failing me...

With an article containing the word “ Smartphone ” in this Forum, you will always stir my interest. Although I cannot but use Dumbphone as a collective noun, grouping people with tunnel vision.

“ According to Google, victims of account hijacking should fill out this claim form ”

Once you have come down with food poisoning, bawl at your merchant.

Or more authentically and related : We had to register our own F*c*book account as others were publishing false information in our name

How about not having any of these three ? You have to put utility in the bigger context and to do that, must get out of habits... This is the hardest part of it, I know. As habit is a natural law and more powerful than thermodynamics. I mentioned that somewhere else, I know.

You shoot yourself in the head. You die. Change that, if you can.

enorbet 07-02-2019 06:50 AM

One problem is that before long it appears there will be no more "dumbphones". I have been using one for several years but just this last month my provider informed me their new network would soon no longer support that phone and I will be forced to "upgrade" to a smartphone. I'm looking for a new provider instead but apparently the "writing is on the wall". They, as a whole industry, own the access so they call the shots.

As for "The Big Three", I have never joined Facebook nor Twitter and I only use the cloud for games with an limited email account expressly for verification for such services... no other usage. I'v e switched my search engine to Duck Duck Go but I do use Gmail for regular email service and Hangouts. My passwords are written on paper. In light of the above linked article it seems it has been a good thing I've never used my phone for email though it appears I should be more diligent and regular at clearing SMS records. It's by no means truly secure, just a reduced attack surface.

I'm actually hoping this thread can help me find a better balance,especially since I'm assuming my dumbphone days are numbered.

hazel 07-02-2019 11:21 AM

I don't have a smartphone and don't expect ever to have one. I do have an old Nokia "dumbphone" but it barely works as there's something wrong with the mic. I can send texts with it and that's all. I don't have a Facebook or Twitter account either. Who needs that?

I do have a gmail account, which is where my various mailing list posts go, including LQ notifications. But even if someone hacked it, I don't see how he could get at my bank account. I don't do any online banking. Again, who needs that?

jazzy_mood 07-02-2019 11:35 AM

Quote:

Originally Posted by enorbet (Post 6011131)
One problem is that before long it appears there will be no more "dumbphones". I have been using one for several years but just this last month my provider informed me their new network would soon no longer support that phone and I will be forced to "upgrade" to a smartphone. I'm looking for a new provider instead but apparently the "writing is on the wall". They, as a whole industry, own the access so they call the shots.

As for "The Big Three", I have never joined Facebook nor Twitter and I only use the cloud for games with an limited email account expressly for verification for such services... no other usage. I'v e switched my search engine to Duck Duck Go but I do use Gmail for regular email service and Hangouts. My passwords are written on paper. In light of the above linked article it seems it has been a good thing I've never used my phone for email though it appears I should be more diligent and regular at clearing SMS records. It's by no means truly secure, just a reduced attack surface.

I'm actually hoping this thread can help me find a better balance,especially since I'm assuming my dumbphone days are numbered.

There's always the possibility of using a smartphone without a data plan, if this possible in your country or with your ISP. (As for me, I can't do without data, since I need it for work, plus it's very convenient).

Michael Uplawski 07-02-2019 12:54 PM

I did not know, the word Dubphone is already in use at your's. PSE understand my usage of it as a malapropism of Smartphone... puzzling. Sorry.

ChuangTzu 07-02-2019 05:10 PM

In the US (and I would imagine the EU is similar) non smartphones aka regular cell phones are required by law (I recall) to be available by carriers. Most will only offer one option, however, they are required to. I believe it was part of a disability act or senior/elder law, or poverty law etc.... One of those, will need to check my bookmarks, I have it somewhere. :)

Regarding the inter-connectedness leading to easier crime that is a given and reminds us of the wonderful paradigm: do one thing and do it well. I have a flip phone, I have a point and click camera and I have a GPS. The phone is only on when I am making a call, sending a text or retrieving voicemail, otherwise its off. Camera is off unless I am taking a picture. GPS is off, unplugged unless I am using it. Basic appliances will always be available, basic cars, homes etc... will also always be available. We can learn alot from the Amish/Mountain Men, etc... every country/culture has them, most wise they are. You have to be willing to follow the advice:

Quote:

Two roads diverged in a yellow wood,
And sorry I could not travel both
And be one traveler, long I stood
And looked down one as far as I could
To where it bent in the undergrowth;

Then took the other, as just as fair,
And having perhaps the better claim
Because it was grassy and wanted wear,
Though as for that the passing there
Had worn them really about the same,

And both that morning equally lay
In leaves no step had trodden black.
Oh, I kept the first for another day!
Yet knowing how way leads on to way
I doubted if I should ever come back.

I shall be telling this with a sigh
Somewhere ages and ages hence:
Two roads diverged in a wood, and I,
I took the one less traveled by,
And that has made all the difference.
---Robert Frost
PS: Alot of information here: https://www.fcc.gov/consumer-governm...k-menu-block-4

ordealbyfire83 07-02-2019 07:31 PM

More than likely the decline in dumb phones that you mention is due to carriers phasing out 2G service. This is not surprising. With more iterations of *G's and other networks going online, ones getting little use aren't going to be around much longer. Not only that, making voice calls over 2G is not a good idea - apparently it's easier to easier to eavesdrop on 2G calls than on other networks. However, what is needed is an understanding that future dumbphones need to support 3G and up. Handset manufactures apparently do not care about this. They think that any user of 3G automatically wants fast data, and therefore, a smartphone. Even a reissue of a classic Nokia featurephone supporting 3G networks couldn't hit the market without Facebook pre-installed.

It seems the best bet nowadays would be to use an _older_ Android smartphone without a data plan and keep Wifi, bluetooth, GPS, etc. turned off, and never connect it to the internet, period. To mitigate manufacturer-level access to your radios and cameras it would be advisable to buy one that supports Replicant so as to keep the modem firmware (ie the phone) separate from the rest of the system (ie the computer).

scasey 07-02-2019 08:14 PM

I loved my Motorola StarTac flip-phone. Small, clipped to my belt.
Had to change it out because it didn't have GPS, and that became required for E911 support.

Then I worked as contractor for a defense company that didn't allow contractors to have phones with cameras. Had a cheap flip-phone that complied. The carrier normally sold it as a pre-paid phone, so I had to jump through some hoops to get it on a post-paid account.

I said for years that a cell phone was for phone calls, and I was happy.

Then I got an iPhone. I don't know how I survived without it ;)

enorbet 07-03-2019 02:10 AM

I probably should make it clear that I don't find online banking less secure than "old school", just a bit different. Most banks have extreme levels of security since if your account is at risk, all of their accounts are at risk. Also in "old school" not only is/was there a paper trail (prompting many to shred paper refuse) but we would commonly hand our card to a clerk who was privy to all our info and had a copy of our receipt with several important, and vulnerable, items of data. It may be that before the internet explosion and the increased understanding of the value of information that few understood a store's dumpster could be a gold mine and criminals instead had to result to mostly brute force.

Already in this thread I'm seeing that some form of dumbphone may still exist for quite some time and from my Son who has a smartphone that is more powerful (excepting screen size) than some PCs I regularly used just 5-7 years ago. Perhaps what I need is just a better understanding of how to keep "things" separate enough to have not created a "ladder" to that window on the second floor. There are docks now, right?, by which a person can effectively connect a smartphone to a mouse/kbd and full-sized screen, no? Since I like being able to build my own PCs from as "scratch" as they can get allowing me to upgrade parts for a few years, it might be a difficult switch for me but it does have some appeal and it is possibly a solution given that it is possible to separate considerably by installing a parallel Linux on an Android phone.

These are some of the issues I am considering. Thanks again for all the input here, guys and gals. It feels interesting, informative and fun.

ChuangTzu 07-03-2019 04:33 PM

enorbet, I would try to have separate devices for separate purposes. There is a fairly good book: "Hiding from the Internet, eliminating personal online information" that has good tips for avoiding the "all roads lead back to one" problem that you appear to want to avoid.

PS: Actually all three of Michael's books are good.


All times are GMT -5. The time now is 02:52 AM.