top | item 35949498

(no title)

roessland | 2 years ago

Some telecom providers actually provide a public IP address that maps directly to your phone. You might have to change your APN settings to get one, and it might be dynamic.

It's a spectacularly bad idea that lets you serve HTTP (and any other port) directly from your phone without a SSH tunnel. You can also debug your Android with ADB... over the internet.

discuss

smorrebrod|2 years ago

That last part scared me! I tend to have ADB debug over USB always enabled on my phone but I'm not in any way enabling debug over wifi now I know this.

pimterry|2 years ago

Whilst publicly exposing ports from a phone is still certainly scary, for ADB specifically it's actually not as bad as it sounds - wifi debugging requires an explicit & bi-directionally initiated pairing process beforehand (sharing a 6 digit code or scanning a QR code to do so) and then also separately trusting the public key of the connecting computer at the moment when it connects.

To allow untrusted access, you'd have to have the ADB port accessible to the attacker, and then intentionally open developer options and tap "pair for wifi debugging", and then enter/scan a malicious pairing code, and then accept the unrecognized public key when the device connected. And if that does happen, there's a persistent notification that a debugger is connected.

KomoD|2 years ago

I wish my provider gave me that, would be so cool