this post was submitted on 09 Aug 2023
34 points (100.0% liked)

United Kingdom

4082 readers
110 users here now

General community for news/discussion in the UK.

Less serious posts should go in !casualuk@feddit.uk or !andfinally@feddit.uk
More serious politics should go in !uk_politics@feddit.uk.

Try not to spam the same link to multiple feddit.uk communities.
Pick the most appropriate, and put it there.

Posts should be related to UK-centric news, and should be either a link to a reputable source, or a text post on this community.

Opinion pieces are also allowed, provided they are not misleading/misrepresented/drivel, and have proper sources.

If you think "reputable news source" needs some definition, by all means start a meta thread.

Posts should be manually submitted, not by bot. Link titles should not be editorialised.

Disappointing comments will generally be left to fester in ratio, outright horrible comments will be removed.
Message the mods if you feel something really should be removed, or if a user seems to have a pattern of awful comments.

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] 520@kbin.social 2 points 1 year ago (2 children)

The usual tactic is to send a phishing text to a number that calls it pretending to be Apple. They then get your Apple ID credentials and use that to unlock the device.

[–] frazorth@feddit.uk 2 points 1 year ago (1 children)

How do you send a phishing text to a phone you have stolen? The owner would either not get the text, or get it via iMessage which the response wouldn't appear on the stolen phone. I'm not following this tactic, so I'm obviously missing something.

[–] 520@kbin.social 2 points 1 year ago* (last edited 1 year ago) (1 children)

The owner tries to call the number from another phone, usually a mobile. The hope is that the phone was misplaced and not stolen.

[–] frazorth@feddit.uk 2 points 1 year ago (1 children)

So the owner calls the phone, which is answered by the thief who pretends to be Apple?

Interesting.

[–] 520@kbin.social 3 points 1 year ago* (last edited 1 year ago)

They don't necessarily have to answer. They can just note the number that appears on-screen and text it later from a different device.

Usually the next step for the owner is to try get into their Apple ID to access the lost phone functions. That's where the texts come in.

[–] blake@kbin.social 1 points 1 year ago (1 children)

As usual, people are the weakest link in security.

[–] 520@kbin.social 1 points 1 year ago (1 children)

Exactly. The protections on the iPhone themselves are actually very strong for the time the phone released in. Unless you've got NSA-level hardware hackers in your org, this is by far your best bet.

[–] smeg@feddit.uk 1 points 1 year ago (1 children)

Very much depends on your threat model. An iPhone is great if you trust Apple with the backdoor to your phone, if not then you're probably much more secure with GrapheneOS.

[–] 520@kbin.social 2 points 1 year ago

I mean yeah, obviously Apple isn't going to be able protect you much against a state-sponsored threat with their own private list of zero days, or Apple itself, but right now that's a small amount of people either are truly interested in fucking over.