this post was submitted on 22 Dec 2024
95 points (91.3% liked)

Technology

60062 readers
4379 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

Smartphone makers will soon face an unlikely competitor. Concerns about the impact of social media are driving demand for old-school Nokia brick-like handsets...

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 7 points 14 hours ago* (last edited 14 hours ago) (1 children)

If only every service I need gave other options. In any case, the card numbers are not connected to me or the account in any publicly accessible way. Thats part of the whole point of running them off a separate phone. I dont give anyone that number except for the purpose of 2FA, so SIM swapping wont work, the sim card never leaves the house, so scan based exploits wont work, and the phone doesnt have the hardware required to be vulnerable to more sophisticated phone based attacks. If any major government intelligence agency wants in theyll find a way, but using a separate dumb phone should be significantly more secure than using the SIM in my regular phone.

[โ€“] [email protected] 1 points 3 hours ago* (last edited 3 hours ago)

I dont give anyone that number except for the purpose of 2FA, so SIM swapping wont work, the sim card never leaves the house, so scan based exploits wont work, and the phone doesnt have the hardware required to be vulnerable to more sophisticated phone based attacks.

I understand what you're saying. But the reality is everything you just said doesn't matter for SIM swapping. The fact that you use the phone number for that service says that the number you use is out in the wild. Typically when SIM swapping is used is when there's a data breach and your username, email, password, and phone number are leaked. But they still can't get in because of the extra 2FA step.

So they HAVE that phone number. SIM swapping is done at the carrier level. It's when the associated number is "swapped" to a different SIM card (one that the hackers own). Which means you can get totally screwed over without lifting a finger and not a single person touching your computer or phone.

Like I said before, the damage to you would be done before you even knew what happened.

Edit: autocorrect

Edit 2: and yes, I understand many services have no other options than SMS, which is why it's such a huge massive problem.