starred/sms-backup-plus-jberkel
1
0
Fork 0
mirror of https://github.com/jberkel/sms-backup-plus.git synced 2026-04-25 17:05:59 +03:00
Code Issues 181 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #657] Filter out selected sender numbers in SMS backup #557

New issue
Closed
opened 2026-02-26 01:30:57 +03:00 by kerem · 2 comments
kerem commented 2026-02-26 01:30:57 +03:00
Owner
Copy link

Originally created by @kibeb on GitHub (Jun 12, 2016).
Original GitHub issue: https://github.com/jberkel/sms-backup-plus/issues/657

I'd like to be able to create a list of numbers SMS Backup+ would not backup messages from.

Why?

More and more companies send SMS messages to deliver one-time passwords and some of them choose not to use flash SMS (I don't know why), so the sensitive info stores with other regular SMSes. SMS Backup+ then relays them into user's Gmail, so the confidence that only authorized user who is in possession of the SIM card can log-in is broken.

I'm aware that we can set SMS Backup+ to only backup messages from a specific group, but it could be very hard to maintain a group of all senders minus the few that pose the security risk. Plus the attacker who already cracked into user's Gmail can modify such Google Contacts Group to contain the number he's interested in without user's knowledge.

I know two factor authentication enabled on user's Google Account would mitigate this scenario to some extent, but then there are apps that can access user's Gmail and someone can crack into these etc. If we could prevent this sensitive info to ever reach Gmail, it would be a huge plus, IMHO.
TIA -- and thank you for such a wonderful app.

Originally created by @kibeb on GitHub (Jun 12, 2016). Original GitHub issue: https://github.com/jberkel/sms-backup-plus/issues/657 I'd like to be able to create a list of numbers SMS Backup+ would not backup messages from. Why? More and more companies send SMS messages to deliver one-time passwords and some of them choose not to use flash SMS (I don't know why), so the sensitive info stores with other regular SMSes. SMS Backup+ then relays them into user's Gmail, so the confidence that only authorized user who is in possession of the SIM card can log-in is broken. I'm aware that we can set SMS Backup+ to only backup messages from a specific group, but it could be very hard to maintain a group of all senders minus the few that pose the security risk. Plus the attacker who already cracked into user's Gmail can modify such Google Contacts Group to contain the number he's interested in without user's knowledge. I know two factor authentication enabled on user's Google Account would mitigate this scenario to some extent, but then there are apps that can access user's Gmail and someone can crack into these etc. If we could prevent this sensitive info to ever reach Gmail, it would be a huge plus, IMHO. TIA -- and thank you for such a wonderful app.
kerem 2026-02-26 01:30:57 +03:00
kerem commented 2026-02-26 01:30:57 +03:00
Author
Owner
Copy link

@wilsoc5 commented on GitHub (Jul 20, 2016):

You can always spin up a linux vm on your computer with postfix and dovecot to backup to. That way it never leaves your local network. See: https://help.ubuntu.com/community/MailServer

Just go into Advanced Settings and change the IMAP server settings with the ip address of your linux vm (in bridged networking mode). If your VM's behind your host NAT, the forward ports X and Y to the VM's 143 or 993 and update the imap settings to use ports X or Y.

Then again, your local computer could be hacked too. Alas. There's always some risk.

<!-- gh-comment-id:233829149 --> @wilsoc5 commented on GitHub (Jul 20, 2016): You can always spin up a linux vm on your computer with postfix and dovecot to backup to. That way it never leaves your local network. See: https://help.ubuntu.com/community/MailServer Just go into Advanced Settings and change the IMAP server settings with the ip address of your linux vm (in bridged networking mode). If your VM's behind your host NAT, the forward ports X and Y to the VM's 143 or 993 and update the imap settings to use ports X or Y. Then again, your local computer could be hacked too. Alas. There's always some risk.
kerem commented 2026-02-26 01:30:57 +03:00
Author
Owner
Copy link

@kurahaupo commented on GitHub (Jul 15, 2020):

re-reading the description of this issue, it's about backup up SMS rather than call logs.

Which means this is (yet another) duplicate of #254 and #984.

Closing this ticket, please send follow up on #984.

<!-- gh-comment-id:658738108 --> @kurahaupo commented on GitHub (Jul 15, 2020): re-reading the description of this issue, it's about backup up SMS rather than call logs. Which means this is (yet another) duplicate of #254 and #984. Closing this ticket, please send follow up on #984.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
cyber1000-docker
multisim
update-build-process
gh-pages
jcrben-patch-1
workmanager
jcrben-patch-2
old-sms-backup
1.6.0-BETA2
1.6.0-BETA1
1.5.11
1.5.11-BETA22
1.5.11-BETA21
1.5.11-BETA20
1.5.11-BETA19
1.5.11-BETA18
1.5.11-BETA17
1.5.11-BETA16
1.5.11-BETA15
1.5.11-BETA14
1.5.11-BETA13
1.5.11-BETA12
1.5.11-BETA11
1.5.11-BETA10
1.5.11-BETA9
1.5.11-BETA8
1.5.11-BETA7
1.5.11-BETA6
1.5.11-BETA5
1.5.11-BETA4
1.5.11-BETA3
1.5.11-BETA2
1.5.11-BETA1
1.5.10
1.5.10-BETA1
1.5.9
1.5.9-BETA6
1.5.9-BETA5
1.5.9-BETA4
1.5.9-BETA3
1.5.9-BETA2
1.5.9-BETA1
1.5.8
1.5.8-BETA2
1.5.8-BETA1
1.5.7
1.5.7-BETA2
1.5.7-BETA1
1.5.6-DEBUG
1.5.6
1.5.6-RC1
1.5.6-BETA11
1.5.6-BETA10
1.5.6-BETA9
1.5.6-BETA8
1.5.6-BETA7
1.5.6-BETA6
1.5.6-BETA5
1.5.6-BETA4
1.5.6-BETA3
1.5.6-BETA2
1.5.6-BETA1
1.5.5
1.5.5-BETA2
1.5.5-BETA1
1.5.4
1.5.4-BETA2
1.5.4-BETA1
1.5.3
1.5.2
1.5.1
1.5.0
1.4.8
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.1
1.4.0
1.3.7
1.3.6
1.3.5
1.3.4
1.3.3
1.3.1
1.3.2
1.3
1.2
1.1.5
1.1.4
1.1.3
1.1.2
1.1.1
1.1
1.0.11
1.0.10
1.0.9
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0
Labels
Clear labels   
AM+RCS

   
FAQ

   
awaiting response

   
backup

   
bespoke

   
bug

   
calendar

   
call log

   
cannot reproduce

   
cloudless

   
device-specific

   
documentation

   
dual- & multi-SIM

   
duplicate

   
feature-request

   
fixed in beta

   
good first issue

   
half-missing

   
help wanted

   
helpful

   
meta

   
misattribution

   
mms

   
other message sources

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
rejuvenation

   
restore

   
schedule

   
security

   
stale

   
task

   
thanks

   
v1.5.1

   
v1.5.10

   
v1.5.11

   
v1.5.2

   
v1.5.3

   
v1.5.3

   
v1.5.4

   
v1.5.4

   
v1.5.5

   
v1.5.5

   
v1.5.6

   
v1.5.7

   
v1.5.8

   
v1.5.9

   
v1.6β

   
xoauth

   
~$ bounty $~
No labels
AM+RCS
FAQ
awaiting response
backup
bespoke
bug
calendar
call log
cannot reproduce
cloudless
device-specific
documentation
dual- & multi-SIM
duplicate
feature-request
fixed in beta
good first issue
half-missing
help wanted
helpful
meta
misattribution
mms
other message sources
pull-request
question
rejuvenation
restore
schedule
security
stale
task
thanks
v1.5.1
v1.5.10
v1.5.11
v1.5.2
v1.5.3
v1.5.3
v1.5.4
v1.5.4
v1.5.5
v1.5.5
v1.5.6
v1.5.7
v1.5.8
v1.5.9
v1.6β
xoauth
~$ bounty $~
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/sms-backup-plus-jberkel#557
No description provided.