ATTENTION: if you have a google pixel 6+ or a galaxy S22 or medium-to-lower-end samsung galaxy phone in the last few years, you need to turn off Voice/video over LTE, and Wifi Calling, as soon as you can. there's instructions in the article at the bottom of this post

edit3: maybe not VoLTE as it might just straight up disable your ability to call (i can't check, p6 doesn't have the option), but in those cases if you have Google voice you might be able to set up call forwarding for now

there's a remote code execution vulnerability in your phone's baseband firmware. they're disclosing early, but not disclosing the vulns, so there's a chance it's not in the wild yet, but people may start trying to reverse engineer it from the details

check if your car or watch are vulnerable, if they also run android.
edit: I believe on the pixels, they've moved to 5g so VoLTE isn't there. I'd still maybe disable video-over-carrier just in case.
edit2: maybe not, check comments edit 4: Check bottom for errata

it goes directly from internet to baseband-level (tl;dr: the second OS inside your phone that powers the LTE/5G modem) remote code execution. This is morally equivalent to getting code running on your WiFi card [something with direct low-level access to everything your phone does].

Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.

I haven't looked deep enough to know if they've found anything in the wild, but after things are announced is the time to be... even more careful, because, well, now even more people will be looking for it.

errata:

sorry. we know turning off your phone's ability to make calls is really, really inconvenient. the potential implications, especially if you're any sort of activist or other medium-value target, are also quite bad.

Just disables calls over data; it'll still use the regular GSM cell network to make voice calls. So few downsides to disabling until a patch is available, unless you're travelling somewhere that you have wifi access but no access to the local cell network.

Should I:

1. Order a Sausage and Egg McMuffin?
2. Make Toast?

So, this was a little experiment. I mean, I really was undecided on whether to order food or just toast some bread, but I thought I'd have fun with it. So, I asked for suggestions!

Here, and on Twitter, and on Mastodon, and on Hive.

Now, let's be clear, this was in no way a fair or scentific test. I've been on Twitter for far too long. Mastodon is the new one I've spent the most time on apart from Twitter. Cohost and Hive; I've literally posted once before on each of them, and both of those was a meta-post about the current situation. I'm also following, and more importantly followed by, far fewer people on any of the latter 3 than I am on Twitter (and I don't really have a big following there). I'm also linked with more people that I know in real life on Twitter than any ot the others, and that means more likilihood of people up and online at the times I post.

One other little difference was that, on the other sites, I ran this as a poll. Here, I was instead inviting comment; I don't know if there's a built-in way to run polls on Cohost, but if there was, I couldn't find it.

Here and on Hive, no response. Which, again, completely not surprising; I'm a nobody here, followed by nobody, with no real engagement with other accounts. (I also didn't add any tags, which probably mattered more here on Cohost than anywhere else.)

I got 4 poll responses on Twitter which, honestly, for me, is pretty high for a one hour poll. I don't tend to get much engagement there, regularly get no response even to things which, I assure you, were comedy gold, no I'm not going to give examples, don't you trust me, why don't you trust me? (Slightly notably, all 4 responses voted for the McMuffin. Twitter users like to encourage indulgement, apparently.)

Interestingly, the biggest response was on Mastodon. 7 votes, and a comment! I have roughly 30% the followers on Mastodon as on Twitter, but I got roughly double the responses. While I have spent some time actually using Mastodon, it's not much, and especially not in recent months; maybe 5 posts earlier this month, and before that, nothing since April. (Also, the vote was a 4/3 split in favour of the McMuffin there. A split vote on a decentralised platform - quite symbolic.)

This is pure speculation, but I have a feeling there's a demographic difference at play here. Twitter is used globally, sure, but it definitely feels like the user base tends more towards the US, while Mastodon feels like it tends more towards European. Also, for all the hate Mastodon gets for... <gestures vaguely at a combination of reasonable and absurd things people mention>... It feels an awful lot like the people that are there want to be. The way Twitter users talk about the platform, in my experience, make it seem like an obligation. Mastodon users just seem to want to find people to talk to.

But hey, y'know what? When it came to putting my thoughts about this down in text, this is where I came. The biggest flaw of microblogging sites in general, and especially on Twitter, is that people expect to get nuanced takes, despite there not being enough room to give them. It's unreasonable to expect complex ideas to be summarised in 280 (or even 500) characters, and yet it's an expectation people have, which is why so many people spend so much time having to clarify that, no, when they said they like pancakes, that did not in fact mean they hate waffles.

Cohost has room to stretch. I don't need to edit this to an arbitrary character limit. And that feels so freeing.

Should I:

1. Order a Sausage and Egg McMuffin?
2. Make Toast?