SMS is mostly used for 2-factor authentication, transaction status.

Which they really shouldn’t as it’s still in the clear. But banks are slow to change, especially if it costs them money. As for mostly, I think it depends on the region. I think I’ve read that the US, Canada, and a few (not all) European countries still use SMS.

I use Signal, which is widely considered the gold standard for E2EE apps, with the client app of Molly specifically (a hardened version of Signal).

I’m not downplaying it or saying it shouldn’t be fixed, but…

Effectively, due to modifications made to the standard Telephony package left the app open to abuse, allowing any installed application on an affected OnePlus device to access SMS and MMS data, along with metadata, “without permission, user interaction, or consent.”

Just another vector. SMS is already plaintext/unencrypted, so shouldn’t be used unless you’re saying something you’re comfortable with the world knowing. Switch to E2EE apps

It’s the whole “if a fine is less than the profit, the fine is just considered a cost of business.”