• Onyx376@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Don't you think it's easier, due to inattention when installing a compromised app, a privilege escalation attack through root or actually an invasion due to the amount of bloatware from companies that take their piece of the pie in the Stock ROM (even though they do would cleaning via ADB) and even worse rooted to block these suspicious traffic be something more harmful for the user?

    Because the ability to steal the decryption password in RAM memory due to the unlocked bootloader is a little less likely for the thief to have.

    I use LineageOS and I feel much better, since my cell phone is Xiaomi, than using MIUI, which is from a chinese big tech company and has proprietary code.

    • TCB13@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      The attack you're describing is a typical automated thing where hackers are exploiting dozens of devices in some automated fashion, that can happen but the damage is different. They might get your data but that's usually sold on the black market in a bundle of compromised data. It will take some time for the info to get sold and for the buyer to act on it and sometimes it may never act - after all you're one compromised device among millions. Even if the buyer it's more likely he'll simply use your device in a botnet to fake clicks on ads or DDoS something and profit that way. The key aspect of those attacks is that you've time to flag suspicious activity and act.

      However if you carry an unlocked phone and someone steals that from you there's a very high chance that it isn't a random burglary, according to statistics most burglaries are committed by someone who knows victim aka is targeting you specifically. If you're targeted by someone or some entity they'll want your data and accounts and they'll have the time, resources and attention focuses towards you giving you little to no time to react. This is why I would NEVER use a phone without a secure bootloader.