Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://social.coop/users/cwebber/statuses/113765256241096117">Christine Lemmer-Webber (cwebber@social.coop)'s status on Saturday, 04-Jan-2025 01:05:32 JST</a><a href="https://social.coop/@cwebber" title="cwebber@social.coop"><img src="https://gnusocial.jp/avatar/295917-48-20241114200524.webp" width="48" height="48" alt="Christine Lemmer-Webber" style="position: absolute; left: 0; top: 0;">Christine Lemmer-Webber</a><div><a href="https://social.coop/@cwebber/113765247772087114" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/312253" title="profdiggity@privacysafe.social">Sean O'Brien</a></li></ul></div></section><article><p><a href="https://fedi.simonwillison.net/@simon">@simon</a> <a href="https://privacysafe.social/@profdiggity">@profdiggity</a> Regarding separating malicious zero-days from potentially malicious actions by phone operating system providers and associated ad networks, I think that's true, but I'm responding to the *feasibility* paragraph in your article, which I think is fairly weak. It's incredibly feasible, technically, and claiming it isn't seems silly to me.</p><p>I'm not convinced such carriers are doing so, but I think it's worth understanding the security aspect that it would be easy to do so.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4306452#notice-8419054">In conversation</a><time datetime="2025-01-04T01:05:32+09:00" title="Saturday, 04-Jan-2025 01:05:32 JST">about 15 days ago</time> <span>from <span><a href="https://social.coop/@cwebber/113765256241096117" rel="external" title="Sent from social.coop via ActivityPub">social.coop</a></span></span><a href="https://social.coop/@cwebber/113765256241096117">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Christine Lemmer-Webber (cwebber@social.coop)'s status on Saturday, 04-Jan-2025 01:05:32 JSTChristine Lemmer-Webber
in reply to
- Simon Willison
- Sean O'Brien
@simon @profdiggity Regarding separating malicious zero-days from potentially malicious actions by phone operating system providers and associated ad networks, I think that's true, but I'm responding to the *feasibility* paragraph in your article, which I think is fairly weak. It's incredibly feasible, technically, and claiming it isn't seems silly to me.
I'm not convinced such carriers are doing so, but I think it's worth understanding the security aspect that it would be easy to do so.
In conversationabout 15 days ago from social.cooppermalink

Public

Embed Notice

HTML Code

Corresponding Notice