#Tag · bonfire.cafe

The "Bluetooth Headphone Jacking" talk at #39c3 was awesome, too. They reversed a popular SOC that powers Bluetooth earbuds and headphones.

They found that (even without being paired to the headphone), they could dump flash and RAM from the device. Then they dumped a bunch of info from the device - e.g. the #Bluetooth address and "master" encryption keys used for the communication with paired devices (e.g. a #phone).

Then they impersonated the headphone from their laptop and connected to the phone (pretending to be the headphone).
The headphone (or the laptop impersonating the phone) has permissions to do some things on the phone, e.g. accept calls, increase/decrease volume, etc.

Then they started recovering access a #WhatsApp account via some account recovery mechanisms. That required some one-time security key which would normally be delivered via SMS, but that could be delivered via phone call as a fallback option, too. Since the phone thought it was connected to the Bluetooth headphone, phone call audio would go to the laptop via Bluetooth.

As the cherry on top, they escalated into the victim's #Amazon account.

Scary shit. #YouCannotBeParanoidEnough #security

OOTS

@oots@infosec.exchange · 4 days ago

The "Bluetooth Headphone Jacking" talk at #39c3 was awesome, too. They reversed a popular SOC that powers Bluetooth earbuds and headphones.

As the cherry on top, they escalated into the victim's #Amazon account.

Scary shit. #YouCannotBeParanoidEnough #security

Chewie boosted

The New Oil

@thenewoil@mastodon.thenewoil.org · last week

There’s so much stolen data in the world, #SouthKorea will require face scans to buy a #SIM

https://www.theregister.com/2025/12/22/south_korea_facial_verification/

#biometrics #privacy #phone

South Korea to require face scans to buy a SIM

: SK Telecom's epic infosec fail will cost it another $1.5 billion

The New Oil

@thenewoil@mastodon.thenewoil.org · last week

There’s so much stolen data in the world, #SouthKorea will require face scans to buy a #SIM

https://www.theregister.com/2025/12/22/south_korea_facial_verification/

#biometrics #privacy #phone

South Korea to require face scans to buy a SIM

: SK Telecom's epic infosec fail will cost it another $1.5 billion

Indie Tech News

@indietechnews@flipboard.social · 2 weeks ago

Both #Mobian and #PostmarketOS ( #Alpine #Linux) repositories block updates over #Tor, but so does GrapheneOS. However, it is possible to have onionized repositories with #Debian on #Termux.

proot-distro with alpine can install (apk add) #rust and #cargo. Just add the required libraries and #Arti is built! PostmarketOS is built on Alpine and, interestingly, "apks" and "sdks" derive from Alpine, not from Google.
https://pkgs.alpinelinux.org/package/edge/main/x86/rust

I wonder if microG can be installed in PostmarketOS. The Tor Browser should install on mobile linux devices (whether #Posh or #Gnome, etc). Until then, you can modify the proxy settings in #Firefox to use Arti. Onionsites could also be accessed this way.
https://gitlab.com/postmarketOS/mobile-config-firefox

@torproject
@postmarketOS
@justsoup
#degoogle #LinuxOnMobile #FOSS #phone #rustlang

rust - Alpine Linux packages

VoxClamantisInDeserto boosted

Kristoffer Lawson

@Setok@attractive.space · 4 weeks ago

Major news as Finnish boutique mobile #phone and OS company, #Jolla, is looking to bring out a new phone, matching the vibe of their original. Preorder open.

Pity about the screen size, as it’s still too big (though a bit smaller than the huge C2). But definitely interesting otherwise and curious to see how that privacy button works.

Jolla has their own OS, #Sailfish, which is actually beautiful and different. Runs many/most Android apps.

From: @jolla
https://techhub.social/@jolla/115667090985495016

Stefan

@stefan@gardenstate.social · 2 weeks ago

Using my android phone as a desktop sounds cool and something I remember talking about in like 2008.

https://www.youtube.com/watch?v=yzDO-GS-Bm8

#phone #desktop #android

Esther Payne :bisexual_flag: boosted

News Beep

@newsbeep@newsbeep.org · 3 weeks ago

Dance teacher locked out from Meta business accounts in under-16s social media ban

A 30-year-old mother of three has been blocked from using her social media accounts in the wake of…
#NewsBeep #News #Headlines #16 #age #AnthonyAlbanese #AU #Australia #ban #bullying #child #Children #Cyber #e-safety #Facebook #Instagram #Internet #meta #Online #phone #Reddit #sixteen #SocialMedia #socialmediaban #verification #YouTube
https://www.newsbeep.com/304642/

News Beep

@newsbeep@newsbeep.org · 3 weeks ago

Dance teacher locked out from Meta business accounts in under-16s social media ban

VoxClamantisInDeserto boosted

Vesa Kaihlavirta

@vegai@sauna.social · 4 weeks ago

https://forum.sailfishos.org/t/jolla-phone-pre-order-campaign-has-started/25772

#linux #phone #jolla #nokia

Aral Balkan

@aral@mastodon.ar.al · 3 weeks ago

G’morning folks,

As you might know, Aseel, alongside @joynewacc, helps us carry out our verification calls at Gaza Verified.

Unfortunately, she cracked the screen of her phone and can’t unlock it now (she had one of those dot pattern locks). So she can’t take part in our calls until her phone is fixed and/or replaced.

Please, if you can, donate to her fundraiser so she can get her phone fixed and/or replaced as soon as possible so we can have her back (and because she needs it to communicate with the outside world in general and help her family survive Israel’s ongoing genocide).

PayPal (as much I hate it) is the easiest for her in terms of reaching the funds:

https://www.paypal.com/donate/?hosted_button_id=7DTFU9TQV44EY

She also has a GoFundMe:

https://www.gofundme.com/f/help-aseel-and-family-leave-gaza-before-its-too-late/cl/s

Thank you!

💕

#Gaza #Palestine #GazaVerified #mutualAid #Aseel #phone https://mastodon.social/@aseelfromgz/115683357626306628

Donate to mohammed turk

Help support mohammed turk by donating or sharing with your friends.

Vesa Kaihlavirta

@vegai@sauna.social · 4 weeks ago

https://forum.sailfishos.org/t/jolla-phone-pre-order-campaign-has-started/25772

#linux #phone #jolla #nokia

Kristoffer Lawson

@Setok@attractive.space · 4 weeks ago

Major news as Finnish boutique mobile #phone and OS company, #Jolla, is looking to bring out a new phone, matching the vibe of their original. Preorder open.

Pity about the screen size, as it’s still too big (though a bit smaller than the huge C2). But definitely interesting otherwise and curious to see how that privacy button works.

Jolla has their own OS, #Sailfish, which is actually beautiful and different. Runs many/most Android apps.

From: @jolla
https://techhub.social/@jolla/115667090985495016

Konstantin 🔭 and 1 other boosted

KDE

@kde@floss.social · 2 months ago

KDE's Plasma Mobile is out to challenge spying, wall-gardened, proprietary mobile ecosystems.

Help us break up the #mobile #phone #duopoly by donating to our #fundraiser:

https://kde.org/fundraisers/yearend2025/

Happy Birthday to KDE

This week is KDE’s 29th anniversary. It may not be a nice round number like 25 or 30, but whenever another birthday rolls around for an independent project the size and scope of KDE — powered by the goodwill of its contributors and users — that’s really quite something!

The KDE dragons, Katie (on the left) and Konqi (on the right), defy the likes of Google and Apple by using open source operating systems on upcycled devices.