
Ask HN: Is accepting a phone call a threat vector? - _bxg1
Is it possible for someone to attack your device or gain information about you (other than the fact that your phone number is valid) by you simply answering a call? By which I mean native phone calls, not Whatsapp or Skype or anything. Is this something that could be a threat vector and just doesn&#x27;t have any currently-known vulnerabilities, or is it a limited enough channel that it can&#x27;t really even be one in theory? If it makes a difference, I&#x27;m on iOS.<p>The reason I ask is that I&#x27;ve suddenly gotten 42 calls from different states in the past 2 hours (up from the usual 1-2 spam calls per week). These are extra weird because they often don&#x27;t wait more than a second before hanging up and calling again, which makes it feel like they&#x27;re trying to brute-force something. They also sometimes-but-not-usually call from the same number multiple times in a row, which is unusual for spammers.<p>Part of me wants to answer one of them just to see if it is a garden-variety scammer, but I&#x27;m also pretty sketched-out. I wonder if it has to do with the &quot;Zoom Bombing&quot; or related activities.<p>Any info is appreciated.
======
davidajackson
I believe there are several dangers, some more likely than others.

1\. If you've enabled voice verification on a service, like your bank account,
recordings of your voice or AI generated recordings (based on you saying
Hello, Yes, No, etc.) could be used to attempt to access those records. Even
if you don't hear a lot about that today, I believe it's coming as a threat
vector and will be more frequent.

2\. I have a good friend whose family was scammed out of several thousand by
one of those "Your child has been kidnapped" type scams. Allowing people who
aren't authorized to call you enables these types of interactions. What
happens further down the line when AIs are able to imitate the voices of your
loved ones?

Some would see these comments as over-reacting which I totally understand. I'm
just pointing out that there are potential threats, and not assigning any
probabilities to them.

I do run a spam blocking app called CallStop that can try, it might solve your
problem: [https://apps.apple.com/us/app/callstop-call-
manager/id145589...](https://apps.apple.com/us/app/callstop-call-
manager/id1455892856)

It requires unknown callers to send you a whitelist request or enter a PIN to
call you.

~~~
_bxg1
They're points worth making, but not really relevant. All I want to know is,
if I answer a call and listen, and don't say anything, is there a chance my
device could be compromised?

~~~
bloodorange
If you were thoroughly paranoid, you could make a case that the background
noise might, at times, give hints enough for a clever man to roughly figure
out where you are.

~~~
davidajackson
Yes. Interesting but tangential: apparently gait can be used to identify a
person instead of facial recognition
[https://apnews.com/bf75dd1c26c947b7826d270a16e2658a](https://apnews.com/bf75dd1c26c947b7826d270a16e2658a)

------
jamieweb
I think what you're asking about is security threats such as RCE, information
disclosure, etc, rather than threat vectors based on social engineering.

Modern mobile phones do send/receive call data in a digital format (albeit
over an analogue transmission medium), so there is theoretically the potential
for deserialisation vulnerabilities, buffer overflows, etc.

I'm not an expert in mobile telephony protocols, however my current
understanding is that RCE/crashing a mobile device just by calling it using a
standard phone line is extremely unlikely, but not impossible.

However, for desktop phone equipment (think office IP phones), the attack
surface is significantly larger and there have been numerous proven attacks
and against them, but these (almost always) require access to the phone via an
IP network, rather than a traditional phone line.

Other 'calling' apps such as WhatsApp or Skype are a completely different
question, as you've already noted.

If you're not a high-value target, I'd say that it's not a risk to be
concerned about individually. Just keep your phone patched and follow other
general best-practises.

In the event that a major vulnerability via phone call was discovered, it
would most likely either be used in targeted attacks against high value
individuals, or it'd be used in large scale 'annoyances', e.g. by teenagers
pranking their friends.

As for your actual question, the repeated scam calls were most likely a broken
automation system (as @lima said), or just a nasty scammer that really wanted
you to answer.

As a side note, this article [1] by Google Project Zero goes into quite some
detail about the fully remote/unattended attack vectors present on an iPhone.
Though not directly related to your question, it's a very interesting read.

[1] [https://googleprojectzero.blogspot.com/2019/08/the-fully-
rem...](https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-
attack-surface-of.html)

------
president
I have heard that sometimes they are recording your voice to be used to
impersonate you for other scams (e.g. bank transactions).

~~~
AnimalMuppet
Yeah. Never just answer "Yes" to a question. That can be recorded and played
back as the answer to a different question. (By the way, the same thing is
true when talking to reporters.)

~~~
fergbrain
> “the same thing is true when talking to reporters”

Can you elaborate?

~~~
AnimalMuppet
Let's say a reporter asks me whether I think that the National Guard should be
used to keep people in their houses. I reply "Yes, but only as a last resort."
A, um, _creative_ reporter may just cut after the "yes". But if I said "I
think that, as a last resort, they might be used", it's a lot harder to play
that game with my answer.

Worse is if the reporter next asks if I think the federal government should
now declare martial law, and then pastes my "yes" from the previous question
as the answer to that question. This takes an even more unethical reporter
than the first scenario... but such reporters exist.

This kind of stunt can be done to you either by political or by business
reporters.

------
downshun
Maybe the risk of effectively bugging yourself by accepting the call by
accident. Answering UI varies by device.

------
lima
Certainly sounds like runaway automation - perhaps spammers do this to check
whether the number is valid?

~~~
president
Makes me wonder if this can be beaten by changing the telephone system to ring
continuously if an unused phone number is dialed.

