this post was submitted on 04 Dec 2024
84 points (94.7% liked)

Technology

60021 readers
1944 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
84
US recommends encrypted messaging as Chinese hackers linger in telecom networks (arstechnica.com)
submitted 2 weeks ago by [email protected] to c/[email protected]
8 comments fedilink hide all child comments
top 8 comments
sorted by: hot top controversial new old
[–] [email protected] 27 points 2 weeks ago

Good thing banks use sms for two factor codes

[–] [email protected] 19 points 2 weeks ago (2 children)

An unnamed FBI official was quoted in the same report as saying that phone users "would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption, and phishing-resistant" multifactor authentication for email accounts, social media, and collaboration tools.

(Emphasis added)

I assume by “responsibly managed encryption” they mean something that still has a backdoor, even though backdoors seem to be a significant part of the problem?

[–] [email protected] 3 points 2 weeks ago

And will continue to be.

The industrial espionage sector usually cracks backdoors inside days of first release (unless they find a better exploit).

That was the point of NSA before 9/11 and the Patriot Act. Before it was completely captured.

[–] [email protected] 22 points 2 weeks ago

I don’t want the encryption equivalent of a TSA approved luggage lock.

[–] [email protected] 34 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

I love how this is painted as hacking when the root cause is an unrestricted number of telco subsideries that pay for access to the system, this then essentially gives them the powers and credentials to monitor, intercept, and clone anyone's phone and send/receive their messages/calls (Linus Tech Tips teamed up with Derek from Veritasium to show the extent to which it can be done, stealing his identity to intercept texts to and from his wife).

This is a product of the market deregulations of Capitalism. Capitalism is once again a security risk to citizens of free democracies. Shit happens all the time.

[–] [email protected] 3 points 2 weeks ago

The hacker known as "capitalism"

[–] [email protected] 9 points 2 weeks ago (1 children)

That's not what's happening here, though.

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago)

Gotta love when a comment complaining about something that didn't happen gets the most upvotes.

Edit: For those curious about what actually did happen

Salt Typhoon exploited technical vulnerabilities in some of the cybersecurity products like firewalls used to protect large organizations. Once inside the network, the attackers used more conventional tools and knowledge to expand their reach, gather information, stay hidden and deploy malware for later use.
Source

The hack revealed in the Linus video is concerning, but only if you're a targeted individual. This hack was used for mass surveillance, affected way more people, and was achieved by exploiting security vulnerabilities.

The technical deep dive is a pretty interesting read.