this post was submitted on 27 Jan 2024
274 points (98.9% liked)
Asklemmy
44151 readers
1178 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- [email protected]: a community for finding communities
~Icon~ ~by~ ~@Double_[email protected]~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
What a load of crap. My phone is 5 years old and the only security risk is me blindly installing questionable APKs off the Internet or clicking pop-up ads or something. It's not like I'm walking around with a time bomb or anything when all I do is browse a few apps and text and call.
Also the new pixel 8 supposedly is supposed to come with 7 years of updates. It's entirely possible Google abandons that plan though, given their track record.
There have been a few bugs in the past years that let you take over a phone without user interaction. There was one where you only need to receive an SMS (it was invisible even) and your phone is infected. Another one was a vulnerability in wifi calling and voice over lte.
A phone is not a passive device that only gets something when you request it. You take also it with you to public places, use it in open wifi networks and you get calls. All that while being used for security critical stuff like 2FA, banking and payment.
You shouldn't use a phone without current security updates for much more than calling. It is a time bomb. If you want to educate yourself further you should look at "zero click vulnerabilities".
And if you happen to be in Vegas during Def con you should probably just turn off your phone and leave it in the room.