Jump to content

Recommended Posts

I was recording my network during the time of the mass alert text message. What I found is my current gps location, contacts list and phone operating system version and other device information was sent to a server with insecure plain text protocol.

 

This was a proof of concept alert(hello world) test. Direct code injection on a mass scale.

 

Ill post my findings on github. 

  • Like 1
Link to comment
Share on other sites

  • 3 weeks later...

I for some reason did not get the text message.

I was traveling that day but I assume that if it was sent while my phone was in airplane mode, it would been pushed through when my radios were turned off.

While I do have Amber Alerts turned off, I do have government warning turned on.

If I had been more thoughful, I should have looked into my DNS log to see if Adblock blocked it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...