2 Questions - Bluetooth security and "unknown" calls/sms

plywood

I have two questions regarding security.

Can a unpatched (?) Bluetooth device paired with my Pixel take control of my phone, read data (eg contacts, call log and stuff), or even "eavesdrop" on me?
I saw this video on YouTube, don't know if its ai tho or even real 😅
(https://www.youtube.com/watch?v=2OgtFEblmo4)

And another question: if there were an unknown exploit via text message or phone call, would blocking unknown numbers/not stored contacts "block" this attack? I’m talking about the feature you can set in the dialer.

I used translation tools.

MetropleX

No they can't, it's also down to the Bluetooth devices themselves to be patched not the phone.

Take the Pixel Buds Pro 2 listed, Google has patched, fixed the issue and pushed updated firmware:

https://support.google.com/googlepixelbuds/thread/402474752?hl=en&msgid=404162831

plywood And another question: if there were an unknown exploit via text message or phone call, would blocking unknown numbers/not stored contacts "block" this attack? I’m talking about the feature you can set in the dialer.

I believe you maybe found some concern over this due to maybe hearing about things like Silent SMS etc.

A silent SMS is simply an SMS without content. You can send a silent SMS yourself. It's not an attack.

Trusting networks is a bad idea in general and should be avoided in the first place. You should use encrypted calls and texts rather than trusting carriers and other parties.

Cellular protocols are however becoming more secure to the point that disabling older protocol versions, null ciphers, etc. can provide a properly secure connection to the infrastructure but that doesn't mean it makes sense to trust your carrier, other carriers and other parties with it.

Silent SMS is simply an SMS without content. You can send them yourself. It's not an attack. There is nothing specific which needs to be done to defend against an SMS without content. It's the same set of defenses against exploitation for an SMS with content. It's not different.

The standard defences against exploitation combined with https://grapheneos.org/features#exploit-protection which gives an overview of the defences added by GrapheneOS. Silent SMS doesn't present a special attack vector beyond regular non-silent SMS. They're simply SMS messages without content to show.

The OS protects the device from known knowns, known unknowns but no system is entirely invulnerable. Yet discussing unknown unknowns and hypotheticals isn't often a productive or worthwhile discussion. The cellular systems are widely used and have a lot of scrutiny, it would take a special adversary to be able to use their protocols to impact a GrapheneOS device.

plywood

MetropleX thanks for answering my question. But I don't get one thing:
Can't SMS (silent or not silent/or spam) be blocked by the toggle in the dialer app via "block not stored numbers (?)"?

Just a thought. Let's say there's an exploit for even grapheneos via sms* (spam/silent/whatever). Would blocking unknown and not stored numbers "protect" in that case, or doesn't it work that way?

*highly unlikely, but I'm just curious :)

de0u

plywood Can't SMS (silent or not silent/or spam) be blocked by the toggle in the dialer app via "block not stored numbers (?)"?

That check is done after the message has been received. If the code that received the message contains a vulnerability, it's probably too late.

It's true that some code runs after the check, so blocking at the high level is not of zero value, but it's not very strong.

plywood

de0u so it's more of a convenience than a security feature, so you don't see spam(?)
(if I understand it correctly)?

de0u

plywood That is my understanding. Also it would suppress any sound or vibration that an incoming text message would normally generate. Finally, I suspect (though I haven't checked) that if it's an MMS rather than an SMS then the body (e.g., a picture) wouldn't be fetched.