About the security content of iOS 14.4 and iPadOS 14.4
support.apple.comI’m curious if my phone has been compromised. The amount of spam calls and texts I get have gone through the roof. Many texts are filled with odd characters or appear to be normal HTTP links but I’m guessing they are trying to exploit something.
Does restarting help? I am hesitant to do a clean install after receiving a weird text but I usually delete the text and restart my phone.
Even my work phone is starting to get spam calls and texts and I haven’t even given the number to more than 5 people.
Your phone probably isn't compromised.
It's common where I am to get spam phone calls that spoof Caller ID to match the area code and first 3 digits of your own number, to appear "local" and make you think it might be someone you know.
I tend to get calls in bursts. Sometimes it's the same robocall 3 times a day for a week.
Phone companies also reuse numbers, and their lists of active numbers leak now and then, so even if you get a "new" number, you can still get spam. I don't know how feasible it is for spammers to wardial every number, but it might be possible.
And I think there used to be a bug where certain characters in a text could crash am iPhone, or something to that effect.
Apple has spam detection in the Messages app now. If it's anything like email, spammers will try anything to bypass it, like replacing characters.
So in conclusion, there's not much you can do about it until phone companies fix Caller ID.
> It's common where I am to get spam phone calls that spoof Caller ID to match the area code and first 3 digits of your own number, to appear "local" and make you think it might be someone you know.
I see this technique very frequently too - I have to wonder if this technique work to get people to answer!? Personally if I see a call from a 415 number that isn't already saved in my contacts list, I hang up and block it immediately because the chance it is spam is so high!
> It's common where I am to get spam phone calls that spoof Caller ID to match the area code and first 3 digits of your own number, to appear "local" and make you think it might be someone you know.
I always find it hilarious when the spammers accidentally spoof a leading "+" and I get a phone call from Romania.
> Many texts are filled with odd characters or appear to be normal HTTP links
From random @gmail.com addresses, right? I've gotten a lot of those recently. Probably because registering new email addresses and sending messages to each carrier's email to text bridge is free.
Yes both random emails and from phone numbers.
macOS Big Sur 11.2 Release Candidate 2 was released Monday to beta testers, but 11.2 has not yet shipped to the public. iOS and macOS share a lot of code, as you can see in the security release notes for previous OS updates, so it's likely that Tuesday's iOS update has now 0dayed at least Safari Mac if not macOS too. Hopefully Mac updates are coming today.
After Apple dumped Parler from the App Store, A piece of fake news was immediately circulating telling people to "turn off auto-update" on their phones to "prevent apple from removing Parler".
After Apple fell for the fake news that the attacks were planned on Parler (they were planned on Facebook), their predictable reaction seems to have played right into the hands of attackers.
Fascinating game of chess, but unfortunately normal people are on the losing end. A bunch of exploited devices in the wild is good for exactly nobody, no matter your political opinion.
Here is an extensive list of videos being posted by Parler users during the riot: https://projects.propublica.org/parler-capitol-videos/
Apple isn't going to stop enforcing their content policies just because someone chooses to lie about auto-update. Parler absolutely did play a role here due to their repeated and documented refusals to abide by terms and conditions and Apple isn't to blame for rumours that bad actors choose to spread.
You're suggesting that they should refrain from regulating one bad actor which they do control because they would then somehow be responsible for the actions of bad actors which they do not control.
My take is that users are coming to view upgrades as dangerous because tech companies have made them stupidly dangerous.
Upgrades should never be irreversible. If something breaks, or a feature you rely on is removed, you should be able to downgrade—preferably to a snapshot which was automatically created for precisely this circumstance.
Indeed. In particular is when an update is released for an app on the App Store where the developer removes or moves features to subscription or 'in app purchase'. "Free to Fee". If this isn't mentioned in the update notes, and you update, there is no way to go back to the functionality you were 'happy with' at "Free". Given most users exchanged their privacy for "free", and typically that exchange is irreversible once completed, the option to revert to a previous version should be made available.