Samsung Smartphones Vulnerable To Remote Wipe Hack 151
DavidGilbert99 writes "Security researchers have discovered a single line of code embedded in websites which could wipe all data from your Samsung Galaxy S3 and other smartphones. Samsung smartphones including the Galaxy S3, Galaxy S2, Galaxy Ace, Galaxy Beam and Galaxy S Advance all appear to be affected by the bug which triggers a factory reset on your phone if your web browser is pointed to a particular website. Smartphones can also be directed to the code through NFC or using a QR code. Once the process has been initiated, users are have no way of stopping it. The hack was unveiled at the Ekoparty 2012 security conference in Argentina by Ravi Borgaonkar, a security researcher at the Security in Communications department at Technical University Berlin. ... Only Samsung smartphones running the company's proprietary TouchWiz user interface appear to be affected. According to telecoms engineer Pau Oliva, the Samsung Galaxy Nexus is not affected, as it runs on stock Android and doesn't use the TouchWiz skin on top." Hit the link above for a video demonstration.
Re:Manufacturer's Android (Score:4, Insightful)
Correct. Yay freedom!
Re:That's what backups are for (Score:3, Insightful)
Release the patch soon!? Obviously, you've never tried updating an android phone :D
Re:That's what backups are for (Score:5, Insightful)
Mod Up! Carriers have no motivation to send ROM upgrades. Even if samsung makes them available, I am pretty sure the carriers would never find it worth the airtime to send you the upgrade.
Re:Manufacturer's Android (Score:5, Insightful)
Because this is what the average person does when they buy a driod?
You have to realize...the greatest strength of Andriod is also its greatest failing. Sure, you CAN load a custom firmware...but outside of the tech circles, who the fuck actually DOES it?
Re:The problem can be avoided by using another dia (Score:4, Insightful)
I mentioned this in another post, but the exploit was already patched a few weeks ago. Source [androidpolice.com].