(07-29-2020, 09:38 PM)daniel Wrote:(07-29-2020, 03:55 PM)RTP Wrote:Oh wow! Reading this, better I do not put my SIM in PP. We better buy a cheap prepaid sim for testing PP until can be used securely.(07-29-2020, 01:54 PM)Athansor Wrote: I don't know if this is occurring on the UBports end of things or the carrier end, but this is a somewhat concerning security bug.
I can send but do not receive SMS messages, I'm on dev channel, up to date as of today. I've filed a bug on that elsewhere. A couple of times a day I message my wife to see if she gets mine and to see if I get her reply. I never do. Today, I messaged her and she replied to the received message. I did not receive her reply, though her iPhone noted that the message had been received. She then got a message saying "Who is this?" to which she responded "It's your wife," and then a reply back saying "Huh?"
I did not receive any of her messages, nor did I receive any of the replies to those messages from whoever was sending them.
About 20 minutes after that, I DID receive a text message. It was an automated message from Venmo (or purporting to be so), with a 2-factor authorization code. That is the only text message I have received in several weeks. I have never had a venmo account.
My wife is using an iPhone, recent version, never has had any difficulties with SMS.
Can somebody explain to me what is going on, and how to fix it? I mean, like ASAP? I have no idea how much of my data is being compromised.
I am, to put it mildly, a little bit freaked.
Thanks for the warning!
Why not? I use Pinephone as my daily driver with UT and I feel secure about it. Ubuntu Touch has been around for years and we haven't heard any stories like this til OP (sounds specific to his situation).
Listening to OP situation reminded me of some of existing sim card vulnerabilities (where most attacks target specific "important people"/crypto traders as result of IMEI/phone number and other personal information gathered).
Venmo 2fa part could have been one of those scam txts trying to get him to click a link.
If concerned make sure to run Ubuntu Touch Stable.
- RTP
"In the beginner's mind there are many possibilities, in the expert's mind there are few." -Shunryu Suzuki
[ Pinephone Original | Pinetab v1 / v2 Enjoyer ]
Linux Device Privacy / Security Playlist
"In the beginner's mind there are many possibilities, in the expert's mind there are few." -Shunryu Suzuki
[ Pinephone Original | Pinetab v1 / v2 Enjoyer ]
Linux Device Privacy / Security Playlist