Lemming421 @ Lemming421 @lemmy.world

Posts

0

Comments

265

Joined

2 yr. ago

Ok, so not great, but not terrible.

Firstly you had to fall for social engineering to get the dodgy app via TestFlight. Later on, you had to fall for social engineering to get the dodgy app via you installing an MDM profile on your own device. In the future, you'll doubtless be able to get socially engineered to sideload it.

Currently, in the UK (I don't know what this is like in other countries), we get regular prompts from our banks not to share one-time codes with anyone, not even bank employees. And not to transfer money to 'safe' accounts, even if someone claiming to be the bank or the police tell you to. They'll just need to update those to also say "We at Bank will never ask you to install test or special versions of our app, or update them anywhere other than the official Apple/Google app store".

This is a social engineering problem, not really an iOS (or Android) technical one.

EDIT: The article is suspiciously vague one one point:

Once installed on either an iPhone or an Android phone, GoldPickaxe can collect facial recognition data, identity documents and intercepted text messages, all to make it easier to siphon off funds from banking and other financial apps. To make matters worse, this biometric data is then used to create AI deepfakes to impersonate victims and access their bank accounts.

What 'facial recognition data' is it gathering, and how? As I understand it, FaceID is processed in a secure enclave, and regular apps don't have access to that - they send a 'verify this person' request, the phone itself triggers a FaceID scan, does the verification itself and sends back a 'yes, all good' reply to the app - the app itself does not get FaceID or biometric data. So unless it's just doing something like using the camera to take some photos or videos of the user, I'd like to know what the article is talking about there...

1990 to 2010 is 20 years. In film terms, that's a massive age! That gets you from Back to the Future Part 3, Batman Returns, Jurassic Park, Tremors and The Hunt for Red October through things like GoldenEye (in fact, the entire Brosnan Bond era!) the entire Star Wars prequel trilogy, Leon, The Fifth Element, The Matrix, Swordfish, The Bourne Identity reinventing the action genre, Blade, Fantastic Four, Batman Begins, Iron Man all the way up to Salt, RED and The Expendables. Jesus, a quick Google reminds me that Inception was 2010.

Christ, I feel old now.

I imagine almost a bigger issue than the cost would be the... what's the American equivalent of a Gammon?... you know, those people that wouldn't change to Metric if their life depended on it. Four rods to the hogshead was good enough for their grandpappy and no filthy pinko liberal commie will get them to change. The ones that still don't wear seatbelts unless a cop is watching.

But if you want to have a favorite one just for fun, I think that’s ok.

Mine is probably the 'NASA wanted to fake the moon landings, so they got Kubrick in to direct. But he was such a perfectionist, he insisted on filming on location' one.

If you want David Warner, you could just watch 6... ;)

5 has an absolutely awesome orchestral version of the Star Trek theme though, as well as all your points.