PDA

View Full Version : Samsung Galaxy S3 has huge security flaw




ScottishDuck
Sep 25, 2012, 07:22 AM
Q2-0B04HPhs

Any Samsung Galaxy S3 can be remotely wiped if sent the following code

tel:*2767*3855%23

This code can be embedded in HTML, sent in a text, email, anything...

This is a big one.



kdarling
Sep 25, 2012, 08:22 AM
If so, then how about not printing the code, please.

No reason to make it any easier for lazy jerks to screw someone up.

The iGentleman
Sep 25, 2012, 08:48 AM
Q2-0B04HPhs

Any Samsung Galaxy S3 can be remotely wiped if sent the following code



This code can be embedded in HTML, sent in a text, email, anything...

This is a big one.

This doesn't work. I just sent a text to my GS3 with that number and nothing happened besides me receiving the text....nothing to see here.. :rolleyes:

munkery
Sep 25, 2012, 08:52 AM
Samsung devices don't use USSD codes securely.

The USSD code to factory data reset a Galaxy S3 is *2767*3855#

This can be triggered from browser like this: <frame src="tel:*2767*3855%23" />

GoCubsGo
Sep 25, 2012, 08:55 AM
And the point or you just exposing some issue? If it is the latter when maybe you can simply elaborate.

b24pgg
Sep 25, 2012, 09:00 AM
not true, troll thread

ugahairydawgs
Sep 25, 2012, 09:08 AM
not true, troll thread

It's a thing...

http://www.androidcentral.com/major-security-vulnerability-samsung-phones-could-trigger-factory-reset-web-browser

b24pgg
Sep 25, 2012, 09:17 AM
It's a thing...

http://www.androidcentral.com/major-security-vulnerability-samsung-phones-could-trigger-factory-reset-web-browser

"certain Galaxy S3 models on older firmware"

flopticalcube
Sep 25, 2012, 09:19 AM
"certain Galaxy S3 models on older firmware"

So thread title should be "Samsung Galaxy S3 had huge security flaw"

Rodimus Prime
Sep 25, 2012, 09:35 AM
So thread title should be "Samsung Galaxy S3 had huge security flaw"

And added to it a work around to prevent it from happening. Using a 3rd party dailer until it is patch. This was just sloppy coding on Samsung's part.

r.j.s
Sep 25, 2012, 09:36 AM
It can be avoided by simply using Chrome as the browser as well.

Sensamic
Sep 25, 2012, 09:37 AM
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...

tbayrgs
Sep 25, 2012, 09:46 AM
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...

And this has what exactly to do with this thread?

munkery
Sep 25, 2012, 09:58 AM
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...

Android has far more serious security issues than iOS.

This is exemplified by how much malware targets Android while iOS hasn't had any real malware threats.

ChazUK
Sep 25, 2012, 11:32 AM
Possibly not as big an issue as the tech media made out to be?

http://www.androidpolice.com/2012/09/25/video-most-galaxy-s-iii-devices-are-not-vulnerable-to-ussd-wiping-exploit-it-was-already-fixed-in-an-update/

Most Galaxy S III Devices Are Not Vulnerable To USSD Wiping Exploit: It Was Already Fixed In An Update

There has been a lot of misinformation floating around this morning about an alleged "exploit" on Samsung phones that allows the entire device to be wiped from the browser using what's called a USSD code. Basically, a bit of Android intent code cleverly placed in a web page can call up your dialer and insert a code that wipes the whole device (the USSD code), all without you ever confirming anything.
Unfortunately, everyone (ourselves included) kind of jumped the gun on this without consulting the experts first, and things are more complicated than we thought. Some outlets are reporting that this glitch affects the Samsung Galaxy S III (such as the AT&T version here in the US), but our own evidence suggests otherwise. Here's a stock AT&T Galaxy S III on the latest OTA update (issued last week) initiating the exploit - it doesn't work. It just goes to a blank dialer.

Mm2xVmrDJZU

More page hit fodder! :D

3bs
Sep 25, 2012, 11:41 AM
As far as I know this is only on TouchWiz and I'm running an AOSP based ROM so I guess I'm safe :D

r.j.s
Sep 25, 2012, 11:58 AM
As far as I know this is only on TouchWiz and I'm running an AOSP based ROM so I guess I'm safe :D

Not true. This is an old android bug, which has been largely patched - but existed in the default browser and samsung dialer until a recent OTA fix.

Sincci
Sep 25, 2012, 12:11 PM
Doesn't even launch the dialer app with the international Galaxy S3 (i9300) with latest official 4.0.4 XXBLH3 firmware and latest unofficial 4.1.1 leak for nordic countries (XXDLI8), haven't tried it with the official 4.1.1 for poland (XXDLIB), but I would assume that it doesn't have this bug either.

Wrathwitch
Sep 25, 2012, 06:37 PM
It can be avoided by simply using Chrome as the browser as well.

Exactly what this guy/gal said....

3bs
Sep 25, 2012, 06:52 PM
Not true. This is an old android bug, which has been largely patched - but existed in the default browser and samsung dialer until a recent OTA fix.

I guess I had it mixed up with this http://www.theverge.com/2012/9/25/3403928/samsung-touchwiz-reset-vulnerability

r.j.s
Sep 25, 2012, 06:56 PM
I guess I had it mixed up with this http://www.theverge.com/2012/9/25/3403928/samsung-touchwiz-reset-vulnerability

That's the same bug - and it was clarified to be a generic (patched) android flaw on several android-centric sites earlier today.

Solomani
Sep 25, 2012, 09:10 PM
The code is: 867-5309

NbinHD
Sep 25, 2012, 10:57 PM
He is using a Samsung Galaxy S2?

G51989
Sep 25, 2012, 11:22 PM
Android has far more serious security issues than iOS.

This is exemplified by how much malware targets Android while iOS hasn't had any real malware threats.

Well, Malware targets the highest amount of users, and there are far more Android users than iOS users.

I've never had any security problems on any of my Android devices. Clearly it must actually be iOS.

munkery
Sep 26, 2012, 01:07 PM
Well, Malware targets the highest amount of users, and there are far more Android users than iOS users.

I've never had any security problems on any of my Android devices. Clearly it must actually be iOS.

Nope.

More Android phones but factor in iPads then way more devices running iOS.

At the moment: mobile & tablet only / overall

iOS = 66% / 6%

Android = 21% / 2%

http://www.netmarketshare.com/mobile-market-share

http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=8&qpcustomd=

Totally throws the market share theory in the garbage.

munkery
Sep 26, 2012, 04:16 PM
Remote wipe issue not limited to Samsung.

http://www.theverge.com/2012/9/26/3412432/samsung-touchwiz-remote-wipe-vulnerability-android-dialer

Stuntman06
Sep 27, 2012, 07:43 PM
It can be avoided by simply using Chrome as the browser as well.

Oh. I didn't know it was limited to the stock browser. I use Chrome as default and ran the test and it passed.

lavrishevo
Sep 27, 2012, 08:04 PM
Just checked on my S3 and it was not vulnerable.