Samsung Galaxy S22 Hacked Again On Second Day of Pwn2Own (bleepingcomputer.com) 18
Contestants hacked the Samsung Galaxy S22 again during the second day of the consumer-focused Pwn2Own 2022 competition in Toronto, Canada. They also demoed exploits targeting zero-day vulnerabilities in routers, printers, smart speakers, and Network Attached Storage (NAS) devices from HP, NETGEAR, Synology, Sonos, TP-Link, Canon, Lexmark, and Western Digital. BleepingComputer reports: Security researchers representing the vulnerability research company Interrupt Labs were the ones to demonstrate a successful exploit against Samsung's flagship device on Wednesday. They executed an improper input validation attack and earned $25,000, 50% of the total cash award, because this was the third time the Galaxy S22 was hacked during the competition.
On the first day of Pwn2Own Toronto, the STAR Labs team and a contestant known as Chim demoed two other zero-day exploits as part of successful improper input validation attacks against the Galaxy S22. In all three cases, according to the contest rules, the devices ran the latest version of the Android operating system with all available updates installed.
The second day of Pwn2Own Toronto wrapped up with Trend Micro's Zero Day Initiative awarding $281,500 for 17 unique bugs across multiple categories. This brings the first two days of Pwn2Own total to $681,250 awarded for 46 unique zero-days, as ZDI's Head of Threat Awareness Dustin Childs revealed. The full schedule for Pwn2Own Toronto 2022's second day and the results for each challenge are available here. You can also find the complete schedule of the competition here.
On the first day of Pwn2Own Toronto, the STAR Labs team and a contestant known as Chim demoed two other zero-day exploits as part of successful improper input validation attacks against the Galaxy S22. In all three cases, according to the contest rules, the devices ran the latest version of the Android operating system with all available updates installed.
The second day of Pwn2Own Toronto wrapped up with Trend Micro's Zero Day Initiative awarding $281,500 for 17 unique bugs across multiple categories. This brings the first two days of Pwn2Own total to $681,250 awarded for 46 unique zero-days, as ZDI's Head of Threat Awareness Dustin Childs revealed. The full schedule for Pwn2Own Toronto 2022's second day and the results for each challenge are available here. You can also find the complete schedule of the competition here.
It's why... (Score:2)
Re: (Score:2)
Good luck doing that on any Samsung device, my friend.
Re: (Score:3)
Re: (Score:2)
I have a Note9 which I planned to repurpose, but it looks like LineageOS doesn't have it in the list.
Re: (Score:3)
Re: (Score:3)
I'm just a regular consumer, willing to experiment with older phones. Not going to go out of my way to buy a brand new one and experiment with it, sorry.
Re: It's why... (Score:2)
Re: (Score:2)
Probably there's other ROMs that support it, look in https://forum.xda-developers.c... [xda-developers.com]
ROMs.
What an ignorant misuse of an acronym. It is not a "Read-Only-Memory"!
Not your fault; but to name a piece of Firmware that is to be loaded into a Reprogrammable Hardware, after a piece of Non-Reprogammable piece of Hardware, is just a symptom of the constant march of Idiocracy!
I'd expect that in a newspaper article; but not on a Geek Site like Slashdot. . .
Call it what it is, FFS! Firmware.
Just like the ignoramouses that call a desktop computer a "Hard Drive". Grrr!
EndOfRant.
Re: It's why... (Score:2)
Re: (Score:2)
Re: It's why... (Score:2)
These bounties are laughable (Score:4, Interesting)
Duh, try to hack the iPhone for a change (Score:2)
if you're up for a challenge
Just when I switched back. (Score:3)
I bought an S22 back in August after my LG G8 started acting up. I was torn between the S22, Pixel 6 or waiting a few of months for the Pixel 7, but I was tired of dealing with the problems that the LG had developed, so I wanted a new phone now. The Pixel 6 was still having reported problems, and I didn't want to purchase the 7 right out of the door in case it did as well, so decided to go with the Samsung S22, whch I purchased unlocked directly from Samsung. My last Samsung was the S4, which I'd kept for five years or so before moving on, and I've had a few Samsung tablets. I never have liked One UI, but deal with it on the tablets, and figured I'd get used to it on the phone, which I have, but still don't care for it.
After reading about this security issue with Samsung's phones, I'm done with them. Yesterday, I ordered a Pixel 7 direct from Google. They offered me a $600 trade in from my S22, which left the Pixel 7 costing me $155 including tax.
TLDR: Fuck Samsung.
Nice deal (Score:3)
Put wireguard on, connect to your own VPN, and don't forget to encrypt your DNS lookups, and you have the best online privacy you can reasonably achieve.
I can't say much about the security of the device itself, but I think graphene addr
Repeat after me... (Score:2)
Repeat after me... Samsung can't "do" software.
They're good at hardware (for sure), they're also quite good at picking features to offer, but every single time... their software sucks.
F-Droid (Score:2)