• Max-P@lemmy.max-p.me
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Closing the vulnerability would require an overhaul of the global SMS system, Bitsikas says.

    Would it really be that hard to add a 200-1000ms random delay before sending the receipt and making statistical analysis moot?

    Carriers could easily even delay the forwarding of the receipt to aim for constant-time. Probably not a trivial software update, but I wouldn’t call it a major overhaul.

    Timing attacks aren’t exactly new.

  • vd1n@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    …you know for anyone that thought cell service was safe…

  • JoeKrogan@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Interesting, I guess a mobile hotspot and use your phone without its sim card with WiFi on connected to the hotspot would protect against this.

    • abrasiveteapot@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      A mobile hotspot is effectively just a mobile without a screen. It would only provide protection from this exploit if sms was fully disabled

      • JoeKrogan@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        1 year ago

        The hotspot would have its own sim card not the one that was in your phone. The one in your phone was removed in this case. The number of the hotspot is not known to the attacker and the phone can still be used for calls and texts via signal or WhatsApp or whatever

    • d3Xt3r@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      But then you won’t get any SMSes. A better option would be to use a second Android device with your main SIM, and use call forwarding and an SMS proxy app. Or you could get a virtual number online, and give that number out to people, and keep your main number private.

    • d3Xt3r@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      It’s not that serious.

      "The procedure might be difficult to scale. The attacker will need to have Android devices in multiple locations sending messages every hour and calculating the responses. The collection itself can take days or weeks depending on how many fingerprints the attacker wants to collect.

      “Not only are the collection and the analysis difficult, but then you have also the problem of sufficiently and appropriately configuring the machine-learning model, which is related to deep learning.”

      The concern, says Bitsikas, is that a deep-pocketed organization could exploit the flaw to locate government leaders, activists, CEOs and others who desire to keep their whereabouts private.

      TLDR this requires a big infrastructure, planning, and a ML model tailored specifically towards you, which means this only really affects big targets like public figures - who wouldn’t be using SMS in the first place if they value privacy.