this post was submitted on 17 Aug 2023
373 points (97.2% liked)

Technology

60436 readers
3581 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s
enu
technopagan
373
This $70 device can spoof an Apple device and trick you into sharing your password (techcrunch.com)
submitted 1 year ago* (last edited 1 year ago) by ugjka to c/technology
30 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] chrisphero 27 points 1 year ago (11 children)

And once again, the weakest link in the security chain are humans…

[–] [email protected] 62 points 1 year ago (9 children)

Which humans are you blaming exactly?

I don't think it's fair to blame the users. They toggle bluetooth off and think it's off. How are they supposed to know "Bluetooth Off" means "Only some amount of Bluetooth is off"?
And I don't think designing a convincing phishing device is that much of a leap in logic. Bluetooth is off, so maybe the notification is legit from apple and needs authority for a connection?

If you blame the designers who left a backdoor in the bluetooth, then yea that's fair.

[–] chrisphero 9 points 1 year ago

I was indeed blaming the end users. Yes, the bluetooth off thing on apple devices is super annoying and I don’t know why they still force it…

Bluetooth is off, so maybe the notification is legit from apple and needs authority for a connection? The thing is, why would you connect to an Apple TV when you are not at home? Or share your password with another device when nobody asked you in person (e.g. WiFi password)?

Form my understanding, this falls into the same category as phishing SMS or mails. You as a user need to know if this is legit or not.

The target audience for this are not people here on lemmy… it’s our parents, grandparents and more in generally people who are not tach savvy… and/or just don’t care.

This is why we need to make people aware of this and teach them how to respond, basically not to click on everything you see. I’m still doing this in my family and I’m very proud of my 80 year old grandma, that dodged a few very convincing scams. :)

And haha, I never thought of backdoors, but yes, they are also produced by humans.

load more comments (8 replies)
load more comments (9 replies)