Why did those credit managers start to burn my phone after I visited bank?

Why did those credit managers start to burn my phone after I visited bank?

[znavko]

Hello, dear Guix hackers! I want to understand how they could get my phone number.

Last week I've visited a bank and spent there an hour waiting they make a payment to custom.
I had Redmi Mi 9T smartphone in my hands, Android 10 QKQ 1.190825.002,
MIUI Global 11.0.4 Stable 11.0.4.0 (QFJMIXM)

Waiting in the bank, I uploaded one video on YouTube channel on which
my phone is in the contacts.
4g connection was so slow that I spent time waiting percent by percent of uploading.

I use mobile operator Beeline. In Russia I have no any operator I can believe,
but this is less problematic from all, cause its managers are not oligarchs.

After two hours I came back home I received two calls from different
money credit companies
(just like "fast money", "take money and go away that way")
and one SMS from another company.

And the next day three calls more and two SMS with offers of money credit.

Those were robots autocallers.

I'd never used that phone number where I've got calls, and never took credits,
never gave that my phone number anywhere
(cause I usually use another phone number).

This case shows not free software and not free hardware adds bothers.

This may be so:

1) They can track phones with Geo data (but I have switched off Geo location)
2) They may invade bank workers phones with viruses that
connect with clients phones, get clients phone numbers and send this info.
3) They may track mobile operator data (4g) from antennas
4) Also the same mobile operator may sell info which client locate near that
antenna near the bank
5) May be some of my applications does track me.

How do you think?

Do you use Telegram, Whatsapp?

Is it comfortable to use jami, tox chat?

Re: Why did those credit managers start to burn my phone after I visited bank?

[Leo Famulari]

It's not related to Guix, but places like retail shops, banks, etc host
phone location tracking equipment that is used to target advertising.

On Mon, Mar 30, 2020 at 11:33:10AM +0000, znavko@disroot.org wrote:
> Hello, dear Guix hackers! I want to understand how they could get my phone number.
> 
> Last week I've visited a bank and spent there an hour waiting they make a payment to custom.
> I had Redmi Mi 9T smartphone in my hands, Android 10 QKQ 1.190825.002,
> MIUI Global 11.0.4 Stable 11.0.4.0 (QFJMIXM)
> 
> Waiting in the bank, I uploaded one video on YouTube channel on which
> my phone is in the contacts.
> 4g connection was so slow that I spent time waiting percent by percent of uploading.
> 
> I use mobile operator Beeline. In Russia I have no any operator I can believe,
> but this is less problematic from all, cause its managers are not oligarchs.
> 
> After two hours I came back home I received two calls from different
> money credit companies
> (just like "fast money", "take money and go away that way")
> and one SMS from another company.
> 
> And the next day three calls more and two SMS with offers of money credit.
> 
> Those were robots autocallers.
> 
> I'd never used that phone number where I've got calls, and never took credits,
> never gave that my phone number anywhere
> (cause I usually use another phone number).
> 
> This case shows not free software and not free hardware adds bothers.
> 
> This may be so:
> 
> 1) They can track phones with Geo data (but I have switched off Geo location)
> 2) They may invade bank workers phones with viruses that
> connect with clients phones, get clients phone numbers and send this info.
> 3) They may track mobile operator data (4g) from antennas
> 4) Also the same mobile operator may sell info which client locate near that
> antenna near the bank
> 5) May be some of my applications does track me.
> 
> How do you think?
> 
> Do you use Telegram, Whatsapp?
> 
> Is it comfortable to use jami, tox chat?

Re: Why did those credit managers start to burn my phone after I visited bank?

[znavko]

Sorry for mention of trade marks.
I am interested in 
devices with such characteristics cpu speed, memory, battery, weight and UIX,
applications that will be useful for me and other not programmers,
some good practices.



March 30, 2020 5:36 PM, "Leo Famulari" <leo@famulari.name> wrote:

> It's not related to Guix, but places like retail shops, banks, etc host
> phone location tracking equipment that is used to target advertising.
> 
> On Mon, Mar 30, 2020 at 11:33:10AM +0000, znavko@disroot.org wrote:
> 
>> Hello, dear Guix hackers! I want to understand how they could get my phone number.
>> 
>> Last week I've visited a bank and spent there an hour waiting they make a payment to custom.
>> I had Redmi Mi 9T smartphone in my hands, Android 10 QKQ 1.190825.002,
>> MIUI Global 11.0.4 Stable 11.0.4.0 (QFJMIXM)
>> 
>> Waiting in the bank, I uploaded one video on YouTube channel on which
>> my phone is in the contacts.
>> 4g connection was so slow that I spent time waiting percent by percent of uploading.
>> 
>> I use mobile operator Beeline. In Russia I have no any operator I can believe,
>> but this is less problematic from all, cause its managers are not oligarchs.
>> 
>> After two hours I came back home I received two calls from different
>> money credit companies
>> (just like "fast money", "take money and go away that way")
>> and one SMS from another company.
>> 
>> And the next day three calls more and two SMS with offers of money credit.
>> 
>> Those were robots autocallers.
>> 
>> I'd never used that phone number where I've got calls, and never took credits,
>> never gave that my phone number anywhere
>> (cause I usually use another phone number).
>> 
>> This case shows not free software and not free hardware adds bothers.
>> 
>> This may be so:
>> 
>> 1) They can track phones with Geo data (but I have switched off Geo location)
>> 2) They may invade bank workers phones with viruses that
>> connect with clients phones, get clients phone numbers and send this info.
>> 3) They may track mobile operator data (4g) from antennas
>> 4) Also the same mobile operator may sell info which client locate near that
>> antenna near the bank
>> 5) May be some of my applications does track me.
>> 
>> How do you think?
>> 
>> Do you use Telegram, Whatsapp?
>> 
>> Is it comfortable to use jami, tox chat?

Re: Why did those credit managers start to burn my phone after I visited bank?

[Leo Famulari]

On Mon, Mar 30, 2020 at 06:32:38PM +0000, znavko@disroot.org wrote:
> Sorry for mention of trade marks.
> I am interested in 
> devices with such characteristics cpu speed, memory, battery, weight and UIX,
> applications that will be useful for me and other not programmers,
> some good practices.

It doesn't matter what phone or apps you use. If you carry a mobile
phone, you will be tracked.

Why did those credit managers start to burn my phone after I visited bank?

[Adonay Felipe Nogueira via]

[-- Attachment #1.1: Type: text/plain, Size: 1959 bytes --]

One thing that might help is switching to free/libre system
distributions for phones[1], there is Replicant in that list currently.
There are somethings that it doesn't protect from, but for that you
should ask them.

Besides, install GNU Icecat to have various other security and software
freedom improvements, besides LibreJS to avoid the JavaScript trap[2] or
have JS entirely disabled and a paranoid browser as default.

Even with that, be careful with ultrasound cross device tracking[3] and
other nasty stuff that autoexecuted JS brings[4] both to browsers and
applications which only download webapage from specific provider to
brand the application as their own (while most of the stuff is really in
the webpage).


# References


[1]: https://www.gnu.org/distros/free-non-gnu-distros.html

[2]: https://www.gnu.org/philosophy/javascript-trap.html

[3]:
https://media.libreplanet.org/u/libreplanet/m/the-surreptitious-assault-on-privacy-security-and-freedom/

[4]:
https://www.fsfla.org/ikiwiki/blogs/lxo/pub/who-is-afraid-of-spectre-and-meltdown

-- 
* Ativista do software livre
	* https://libreplanet.org/wiki/User:Adfeno
	* Membro dos grupos avaliadores de
		* Software (Free Software Directory)
		* Distribuições de sistemas (FreedSoftware)
		* Sites (Free JavaScript Action Team)
	* Não sou advogado e não fomento os não livres
* Sempre veja o spam/lixo eletrônico do teu e-mail
	* Ou coloque todos os recebidos na caixa de entrada
* Sempre assino e-mails com OpenPGP
	* Chave pública: vide endereço anterior
	* Qualquer outro pode ser fraude
	* Se não tens OpenPGP, ignore o anexo "signature.asc"
* Ao enviar anexos
	* Docs., planilhas e apresentações: use OpenDocument
	* Outros tipos: vide endereço anterior
* Use protocolos de comunicação federadas
	* Vide endereço anterior
* Mensagens secretas somente via
	* XMPP com OMEMO
	* E-mail criptografado e assinado com OpenPGP


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 213 bytes --]