this post was submitted on 22 Sep 2024
72 points (100.0% liked)

Privacy

789 readers
4 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

SS7 is vulnerable to attack. However, the types off attacks on the video don't affect Signal as it requires a pin. (Make sure you set your pin to something strong and secure)

top 23 comments
sorted by: hot top controversial new old
[–] floofloof@lemmy.ca 29 points 1 month ago (1 children)

It's 30 minutes. Anyone have a quick summary?

[–] Corgana@startrek.website 19 points 1 month ago (2 children)

when I read comments like these it makes me realize that maybe all the money flowing to OpenAI isn't folly and there really are people out there trying to tl;dr their own lives

[–] terminal@lemmy.ml 14 points 1 month ago (1 children)

If that guy is like me i prefer to digest text rather than video.

[–] Corgana@startrek.website 5 points 1 month ago (3 children)

What feels alien to me is the idea that experiencing a creative work is itself a means to an end.

I prefer to digest text too, but still would choose to taste a meal than read a typed up printout of the flavors it contains.

[–] tetris11@lemmy.ml 10 points 1 month ago* (last edited 1 month ago) (1 children)

unfortunately, sometimes the chef likes to ascend from a golden staircase first to tell you about who they are and what the meal means to them, whilst passionately discussing their good friend's VPN company, before finally, dramatically, letting you actually sit down and eat.

It wasn't always like that. I remember when dishes were thrown fresh out of the kitchen without even a "heads up" call. Those were good meals.

[–] Corgana@startrek.website 3 points 1 month ago (1 children)

Exactly! Why go to the first restaurant (video) at all if you don't like the experience? You're really going to wait outside the door of the first one asking the people leaving what the food tastes like? How is that better than the restaurant (videos) you do like?

[–] tetris11@lemmy.ml 2 points 1 month ago (1 children)

Because when I told the taxi driver that I was "a bit peckish", rather than take me to a nice greasy spoon where I can swallow a nice meal in 5 minutes, pay $5 and leave.... he took me to the Ritz where I had to wait for a waiter to talk my ear off about the pastrami whilst being presented a wine menu.

I ain't got time for that, I just wanted to satiate my hunger!

[–] Corgana@startrek.website 2 points 1 month ago (1 children)

We seem to agree that actually eating real food at a greasy spoon is preferable to reading a description of the dining experience offered at the Ritz. But your replies give me the impression we disagree?

[–] tetris11@lemmy.ml 3 points 1 month ago (1 children)

Im likely mixing metaphors, but the general gist is that reading an article is like eating a good cheap meal, whilst seeing a whole youtube video is like being treated to tiny portions at a fancy restaurant

[–] Corgana@startrek.website 2 points 1 month ago

I see, I wasn't comparing an article to a video, I was comparing a video to a text summary of the same video.

[–] unconfirmedsourcesDOTgov@lemmy.sdf.org 5 points 1 month ago (1 children)

I prefer to digest text too, but still would choose to taste a meal than read a typed up printout of the flavors it contains.

If I showed up at a restaurant and was presented with a menu that didn't describe anything about the dishes on offer, I'd be pretty disappointed.

Point being that we have limited time and a nearly limitless amount of options for how to spend it. Text summaries are a tool we can use to decide whether something is worth our time (and money) investment if we're on the fence about it.

[–] Corgana@startrek.website 2 points 1 month ago* (last edited 1 month ago)

A menu is not a creative work it's a means to convey information. Veritasium is not reading wikipedia articles on screen, he's creating an original work.

Listen I am not criticizing how you choose to enjoy your time I just find the entire concept of finding the experience of reading a text summary to be more to be more rewarding than experiencing the thing itself to be alien.

[–] sqgl 3 points 1 month ago* (last edited 1 month ago) (1 children)

You make it sound like an arthouse movie yet it is the extreme geeky opposite.

Or were you talking about AI summaries in general rather than this one?

[–] terminal@lemmy.ml 3 points 1 month ago (1 children)

Im with this guy. Its a video about hacking a phone.

[–] Corgana@startrek.website 1 points 1 month ago* (last edited 1 month ago)

It's a creative work, you are talking about Veritasium as if it he's reading out a written a security bulletin on camera.

[–] MonkderVierte@lemmy.ml 5 points 1 month ago

Can't do text skimming in a video.

[–] Charger8232@lemmy.ml 10 points 1 month ago (1 children)

I've never had a cellular provider for this reason among others. Here is NBTV's video with some alternatives to directly having a SIM card, which I combine with MySudo to get phone numbers as well.

[–] dysprosium@lemmy.dbzer0.com 4 points 1 month ago

Silent.link is also worth considering. I think it also works for people in the EU.

[–] sqgl 2 points 1 month ago

I found it confusing. Did he explain how the IMSI number is obtained?

Towards the end he said there was a special “interrogation” command that would reveal the IMSI but that loophole is now closed.

[–] sqgl 2 points 1 month ago* (last edited 1 month ago)

He says nothing about the PIN, so I don't think that is what protects Signal as OP writes. It simply doesn't rely on SS7.

You only type your PIN into Signal about once a month.

[–] theroff@aussie.zone 1 points 1 month ago

PSA: if your financial institution/government/ is using SMS codes (aka PSTN MFA) for multi-factor authentication they are practically worthless against a determined attacker who can use SIM swap or an SS7 attack to obtain the code. Basically you are secured by a single factor, your password. If your password is compromised it may be sold via black hat marketplaces and purchased by an attacker who would then likely attempt to break that second factor.

The best way to protect yourself is to use a unique password; a password manager especially helps with this. Sometimes institutions will offer "Authenticator" (TOTP) as a second factor, or PassKey authentication, both secure alternatives to SMS codes.

Here in Aus I'm working with Electronic Frontiers Australia to try and force some change within government and financial institutions (via the financial regulator). Most banks here use SMS codes and occasionally offer a proprietary app. One of the well-known international banks, ING Bank, even uses a 4 pin code to login to their online banking portal. 😖

Unfortunately SMS codes are a legacy left from old technology and a lack of understanding or resourcing by organisations that implement it. Authenticator/TOTP tokens have been around for 16 years (and standardised for 13 years), and PassKeys are relatively newer. There is a learning curve but at the very least every organisation should at least provide either TOTP or PassKeys as an option for security-minded users.

[–] pmc@lemmy.blahaj.zone 1 points 1 month ago (1 children)

Would GrapheneOS with default settings be immune since 2G is disabled and networks don't have 3G anymore?

[–] possiblylinux127@lemmy.zip 5 points 1 month ago

No as ss7 is still widely used for compatibility