Replying to Avatar zk

Good question,

Simple answer:

If you stick to Play Store and your mobile number is not listed in the dark web, I wouldn't bother.

Users are the weak link always:

- Clicking on a link we should not.

- Downloading a file we should not.

- Installing an app we should not.

Now, if you are a targeted individual, then you need to hire a cyber sec expert to build you a tailored opsec. It will be worth it and is most of the time more affordable than expected
Avatar
LiZhang 4mo ago

hmm, well, I use F-Droid and Obtanium, thus, I am not free of potential malaware or malicious code injected in a FOSS app...

Just thinking I should increase my cyber security, things are getting quite ugly due to the LLMs weaponization... I keep thinking, best not to be a low hanging fruit. A hidden SMS with a built in malicious code can take over your mobile, that is most scary, more over you won't even see it coming, and bad actors (black hat hackers) are most probably already using forks of such three letter agencies tools and targeting any mobile number they suspect may have some value on their mobile to extract

Reply to this note

Please Login to reply.

Discussion

Avatar
zk 4mo ago

Okay, that is quite specific and a valid point, ironically, very easy to protect against it, it is just, a bit inconvenient.

Solution:

Get yourself a non smartphone for phone calls and SMS. The battery last like a week and you will need it mostly for insecure 2FA from decadent banks and services and not much more, unless you still use a mobile live to communicate with loved ones, strange nowadays but happens.

For data on your mobile use a mobile hostpost.

This opsec protects you from the SMS treat and from clicking on your mobile a link written in a SMS to a malicious site, some of this low end mobile have data and may have hotspost capability reducing opesec cost

Avatar
LiZhang 4mo ago

👀

wow, thanks!

this is amazing advice, tipping your unstoppable wallet now SIR, most grateful

Avatar
zk 4mo ago

you are welcome!