LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 07-01-2019, 09:48 PM   #1
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware = Main OpSys for decades while testing others to keep up
Posts: 2,262

Rep: Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283
If You Have a Smartphone.... you need to see this


Greetings Ladies and Gents

Perhaps you've been online long enough to recall the days when, typically from some AOL member, we would get a frantic email alert for some supposed virus that could not only wipe your hard drive but change the temperature setting on your refrigerator, as we jokers used to say before there actually was any attacks on firmware. The only difficulty with those emails was figuring out a polite way to inform the sender, or many many senders, that was not possible but the "virus" was the email itself, hackers trying to earn "rep" for numbers in social engineering. This is not one of those.

As more and more devices are net connected and store information on us all (to varying degrees but very few are at zero) the greater is the attack surface. Smartphones combined with The Cloud have increased that surface by orders of magnitude and unfortunately some web-based devices have very low requirements for security. One of those is smartphone service.

If you forget any part of your account info it is easy to get it back, commonly just by stating your phone or account number. It isn't hard for others to get that data and on it's own it seems harmless enough...
...BUT....
Just as you can get into your account easily if you've lost your password so can anyone else if they have just a slight bit of information commonly and readily available to almost anyone, certainly practiced criminal hackers. With this they can contact your provider and once told "you" have a new phone to replace your old one, their SIM gets your phone number and your "old" SIM gets locked out.

Especially if you send/receive email on your phone it is not very hard to access every other account you may have - Facebook, Twitter, all the way up to and including banking. Just recently tech savvy people are getting locked out, losing all of their accounts, including bank accounts. It's kinda like living in Fort Knox but leaving a first floor window open.

Here's a decent article about the increasing issue and a little bit of how you can protect yourself.

https://www.engadget.com/2019/06/28/...h-ZB1YMoOInlnx

Last edited by enorbet; 07-03-2019 at 01:54 AM.
 
Old 07-02-2019, 12:47 AM   #2
Michael Uplawski
Member
 
Registered: Dec 2015
Location: Normandy, France
Distribution: Debian “testing” with very little “unstable”
Posts: 771
Blog Entries: 25

Rep: Reputation: 475Reputation: 475Reputation: 475Reputation: 475Reputation: 475
Sorry, I cannot but become aggressive in real life; here I try my best, but as my English keeps failing me...

With an article containing the word “ Smartphone ” in this Forum, you will always stir my interest. Although I cannot but use Dumbphone as a collective noun, grouping people with tunnel vision.

“ According to Google, victims of account hijacking should fill out this claim form ”

Once you have come down with food poisoning, bawl at your merchant.

Or more authentically and related : « We had to register our own F*c*book account as others were publishing false information in our name »

How about not having any of these three ? You have to put utility in the bigger context and to do that, must get out of habits... This is the hardest part of it, I know. As habit is a natural law and more powerful than thermodynamics. I mentioned that somewhere else, I know.

You shoot yourself in the head. You die. Change that, if you can.
 
Old 07-02-2019, 06:50 AM   #3
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware = Main OpSys for decades while testing others to keep up
Posts: 2,262

Original Poster
Rep: Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283
One problem is that before long it appears there will be no more "dumbphones". I have been using one for several years but just this last month my provider informed me their new network would soon no longer support that phone and I will be forced to "upgrade" to a smartphone. I'm looking for a new provider instead but apparently the "writing is on the wall". They, as a whole industry, own the access so they call the shots.

As for "The Big Three", I have never joined Facebook nor Twitter and I only use the cloud for games with an limited email account expressly for verification for such services... no other usage. I'v e switched my search engine to Duck Duck Go but I do use Gmail for regular email service and Hangouts. My passwords are written on paper. In light of the above linked article it seems it has been a good thing I've never used my phone for email though it appears I should be more diligent and regular at clearing SMS records. It's by no means truly secure, just a reduced attack surface.

I'm actually hoping this thread can help me find a better balance,especially since I'm assuming my dumbphone days are numbered.
 
Old 07-02-2019, 11:21 AM   #4
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 3,051
Blog Entries: 8

Rep: Reputation: 1603Reputation: 1603Reputation: 1603Reputation: 1603Reputation: 1603Reputation: 1603Reputation: 1603Reputation: 1603Reputation: 1603Reputation: 1603Reputation: 1603
I don't have a smartphone and don't expect ever to have one. I do have an old Nokia "dumbphone" but it barely works as there's something wrong with the mic. I can send texts with it and that's all. I don't have a Facebook or Twitter account either. Who needs that?

I do have a gmail account, which is where my various mailing list posts go, including LQ notifications. But even if someone hacked it, I don't see how he could get at my bank account. I don't do any online banking. Again, who needs that?

Last edited by hazel; 07-02-2019 at 11:22 AM.
 
Old 07-02-2019, 11:35 AM   #5
jazzy_mood
Member
 
Registered: Mar 2019
Posts: 39

Rep: Reputation: 25
Quote:
Originally Posted by enorbet View Post
One problem is that before long it appears there will be no more "dumbphones". I have been using one for several years but just this last month my provider informed me their new network would soon no longer support that phone and I will be forced to "upgrade" to a smartphone. I'm looking for a new provider instead but apparently the "writing is on the wall". They, as a whole industry, own the access so they call the shots.

As for "The Big Three", I have never joined Facebook nor Twitter and I only use the cloud for games with an limited email account expressly for verification for such services... no other usage. I'v e switched my search engine to Duck Duck Go but I do use Gmail for regular email service and Hangouts. My passwords are written on paper. In light of the above linked article it seems it has been a good thing I've never used my phone for email though it appears I should be more diligent and regular at clearing SMS records. It's by no means truly secure, just a reduced attack surface.

I'm actually hoping this thread can help me find a better balance,especially since I'm assuming my dumbphone days are numbered.
There's always the possibility of using a smartphone without a data plan, if this possible in your country or with your ISP. (As for me, I can't do without data, since I need it for work, plus it's very convenient).
 
Old 07-02-2019, 12:54 PM   #6
Michael Uplawski
Member
 
Registered: Dec 2015
Location: Normandy, France
Distribution: Debian “testing” with very little “unstable”
Posts: 771
Blog Entries: 25

Rep: Reputation: 475Reputation: 475Reputation: 475Reputation: 475Reputation: 475
I did not know, the word Dubphone is already in use at your's. PSE understand my usage of it as a malapropism of Smartphone... puzzling. Sorry.
 
Old 07-02-2019, 05:10 PM   #7
ChuangTzu
Senior Member
 
Registered: May 2015
Location: Where ever needed
Distribution: Slackware/Salix while testing others
Posts: 1,336

Rep: Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245
In the US (and I would imagine the EU is similar) non smartphones aka regular cell phones are required by law (I recall) to be available by carriers. Most will only offer one option, however, they are required to. I believe it was part of a disability act or senior/elder law, or poverty law etc.... One of those, will need to check my bookmarks, I have it somewhere.

Regarding the inter-connectedness leading to easier crime that is a given and reminds us of the wonderful paradigm: do one thing and do it well. I have a flip phone, I have a point and click camera and I have a GPS. The phone is only on when I am making a call, sending a text or retrieving voicemail, otherwise its off. Camera is off unless I am taking a picture. GPS is off, unplugged unless I am using it. Basic appliances will always be available, basic cars, homes etc... will also always be available. We can learn alot from the Amish/Mountain Men, etc... every country/culture has them, most wise they are. You have to be willing to follow the advice:

Quote:
Two roads diverged in a yellow wood,
And sorry I could not travel both
And be one traveler, long I stood
And looked down one as far as I could
To where it bent in the undergrowth;

Then took the other, as just as fair,
And having perhaps the better claim
Because it was grassy and wanted wear,
Though as for that the passing there
Had worn them really about the same,

And both that morning equally lay
In leaves no step had trodden black.
Oh, I kept the first for another day!
Yet knowing how way leads on to way
I doubted if I should ever come back.

I shall be telling this with a sigh
Somewhere ages and ages hence:
Two roads diverged in a wood, and I,
I took the one less traveled by,
And that has made all the difference.
---Robert Frost
PS: Alot of information here: https://www.fcc.gov/consumer-governm...k-menu-block-4
 
Old 07-02-2019, 07:31 PM   #8
ordealbyfire83
Member
 
Registered: Oct 2006
Location: Leiden, Netherlands
Distribution: LFS, Ubuntu Hardy
Posts: 256

Rep: Reputation: 47
More than likely the decline in dumb phones that you mention is due to carriers phasing out 2G service. This is not surprising. With more iterations of *G's and other networks going online, ones getting little use aren't going to be around much longer. Not only that, making voice calls over 2G is not a good idea - apparently it's easier to easier to eavesdrop on 2G calls than on other networks. However, what is needed is an understanding that future dumbphones need to support 3G and up. Handset manufactures apparently do not care about this. They think that any user of 3G automatically wants fast data, and therefore, a smartphone. Even a reissue of a classic Nokia featurephone supporting 3G networks couldn't hit the market without Facebook pre-installed.

It seems the best bet nowadays would be to use an _older_ Android smartphone without a data plan and keep Wifi, bluetooth, GPS, etc. turned off, and never connect it to the internet, period. To mitigate manufacturer-level access to your radios and cameras it would be advisable to buy one that supports Replicant so as to keep the modem firmware (ie the phone) separate from the rest of the system (ie the computer).
 
Old 07-02-2019, 08:14 PM   #9
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.6
Posts: 3,271

Rep: Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106
I loved my Motorola StarTac flip-phone. Small, clipped to my belt.
Had to change it out because it didn't have GPS, and that became required for E911 support.

Then I worked as contractor for a defense company that didn't allow contractors to have phones with cameras. Had a cheap flip-phone that complied. The carrier normally sold it as a pre-paid phone, so I had to jump through some hoops to get it on a post-paid account.

I said for years that a cell phone was for phone calls, and I was happy.

Then I got an iPhone. I don't know how I survived without it
 
Old 07-03-2019, 02:10 AM   #10
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware = Main OpSys for decades while testing others to keep up
Posts: 2,262

Original Poster
Rep: Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283Reputation: 2283
I probably should make it clear that I don't find online banking less secure than "old school", just a bit different. Most banks have extreme levels of security since if your account is at risk, all of their accounts are at risk. Also in "old school" not only is/was there a paper trail (prompting many to shred paper refuse) but we would commonly hand our card to a clerk who was privy to all our info and had a copy of our receipt with several important, and vulnerable, items of data. It may be that before the internet explosion and the increased understanding of the value of information that few understood a store's dumpster could be a gold mine and criminals instead had to result to mostly brute force.

Already in this thread I'm seeing that some form of dumbphone may still exist for quite some time and from my Son who has a smartphone that is more powerful (excepting screen size) than some PCs I regularly used just 5-7 years ago. Perhaps what I need is just a better understanding of how to keep "things" separate enough to have not created a "ladder" to that window on the second floor. There are docks now, right?, by which a person can effectively connect a smartphone to a mouse/kbd and full-sized screen, no? Since I like being able to build my own PCs from as "scratch" as they can get allowing me to upgrade parts for a few years, it might be a difficult switch for me but it does have some appeal and it is possibly a solution given that it is possible to separate considerably by installing a parallel Linux on an Android phone.

These are some of the issues I am considering. Thanks again for all the input here, guys and gals. It feels interesting, informative and fun.
 
Old 07-03-2019, 04:33 PM   #11
ChuangTzu
Senior Member
 
Registered: May 2015
Location: Where ever needed
Distribution: Slackware/Salix while testing others
Posts: 1,336

Rep: Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245Reputation: 1245
enorbet, I would try to have separate devices for separate purposes. There is a fairly good book: "Hiding from the Internet, eliminating personal online information" that has good tips for avoiding the "all roads lead back to one" problem that you appear to want to avoid.

PS: Actually all three of Michael's books are good.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] I now have no idea how to update my Lineage running smartphone mark_alfred Linux - Mobile 11 07-01-2018 01:46 PM
LXer: LG G7 ThinQ Leak Shows the Android-Powered Smartphone Will Have a Notch Design LXer Syndicated Linux News 0 04-25-2018 04:31 AM
I have an old laptop[8yrs] and I have tried to operate a Fedora 16 program alas I have no idea what my root ID is or my passwords. need to dickidido Linux - Newbie 6 03-10-2016 04:08 PM
Do you use a smartphone? corbintechboy General 19 05-04-2010 11:51 AM
LXer: Does Dell's Primordial Smartphone Have an Android Inside? LXer Syndicated Linux News 0 08-18-2009 11:20 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 11:41 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration