Samsung TouchWiz vulnerability will wipe some phones after just clicking a

By +Frank B.
in Back Page News

 Share

Recommended Posts

Grand Master

+Frank B. Subscriber²

Posted
  • Subscriber²
Posted

Samsung TouchWiz vulnerability will wipe some phones after just clicking a link

Samsung is finding itself in a spot of bother this morning, as a particular piece of HTML code has emerged that, when clicked, instantly resets the Galaxy S II ? and potentially other Android devices running the TouchWiz UI. Posted by Pau Oliva earlier today, the code was initially thought to affect the current flagship Galaxy S III model, however multiple negative reports and our own testing have shown that it only brings up the phone's dialer, failing to execute the full reset without user intervention. The latter is really the issue here: Samsung's software changes atop stock Android are allowing the GS II to automatically dial the hard reset code, taking away a critical aspect of user control.

The Galaxy S II is the only device we're certain is affected by the problem so far, though Tweakers.net reports successfully recreating it on the Galaxy S Advance as well. We're in touch with Samsung to get a better idea of the full scale and depth of this vulnerability.

Update: we have now managed to test this on an AT&T Samsung Galaxy S III and have confirmed it works on the device. Samsung tells us it's "looking into" the reports.

Source: The Verge

Grand Master

+Frank B. Subscriber²

Posted
  • Author
  • Subscriber²
Posted

did apple pay those people?

Heaven forbid there is an actual vulnerability in a Samsung product. No, let's blame the evil empire Apple.

Fail comment is fail, remixedcat.

The front page beat you to it, Meph. :p

Meh, I'm not overly concerned. So we just need to avoid TouchWiz, right?

... whoops, I swear I checked the front page and didn't see it. Mea culpa.

Grand Master

techbeck

Posted
Posted

Samsung Galaxy S III, designed for humans exploits.

Like there isnt exploits on all other systems as well. There will be a patched released for TW as soon as Samsung readys a patch for it. They were quick to release other patches/changes in TW before...so lets hope they are quick here as well.

The front page beat you to it, Meph. :p

Meh, I'm not overly concerned. So we just need to avoid TouchWiz, right?

Wish Samsung would wake up and just ditch TW.

Grand Master

tsupersonic

Posted
Posted

It's not just Samsung phones (with Touchwiz)...

Update: This issue is, unsurprisingly, a lot more nuanced than the video here lets on. The bug is based in the stock Android browser, is in fact quite old, and has been patched in more recent builds of Android - this is probably why Nexus devices running the most recent OTAs are unaffected. The fact is, this is not a Samsung problem, it's an old Android problem that has been known about for some time. More recent versions of Android avoid the wipe issue, but unpatched devices (like some Samsung phones) may still be vulnerable.

http://www.androidpolice.com/2012/09/25/new-exploit-could-force-factory-reset-on-many-samsung-phones-running-touchwiz/

Grand Master

techbeck

Posted
Posted

Did I say otherwise? No.

But yet you only mentioned Samsung.

We all know you dont like android and if all you are going to do is make comments like "Samsung Galaxy S III, designed for humans exploits." here and then again on TFP, then keep it to yourself.

Grand Master

.Neo

Posted
Posted

But yet you only mentioned Samsung.

That's because this thread involves Samsung only. Let me hold up a mirror for a second or two: Did you mention how most, if not all, major companies tend to spin things around if it suits their needs and thus can use it to their advantage? No, you did not. You purely talked about how Apple does it. I suggest you at least try to drop the display of double standards before calling others out. If not take a page from your own book and simply keep the remarks to yourself.

We all know you dont like android and if all you are going to do is make comments like "Samsung Galaxy S III, designed for humans exploits." here and then again on TFP, then keep it to yourself.

I have very little against Android in its vanilla state. In fact I recently bought my mom a Nexus 7 as a birthday present to take with her on holiday. Very nice device, especially for its price. Too bad huh?

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • draw.io Desktop 30.2.6

      By Copernic · Posted

      draw.io Desktop 30.2.6 by Razvan Serea draw.io desktop is a downloadable security-first diagramming application that runs on Windows, MacOS and Linux. Creating diagrams in the desktop app doesn’t need an internet connection. This is useful when you are disconnected or when you must create diagrams in a highly secure environment, where data protection is of the utmost importance. When you use the draw.io desktop app, your diagrams will be stored on your local device. Because this is a stand-alone application, also designed to run offline, there are no interfaces to cloud storage platforms available. Of course, you can still store your diagrams in folders that are synchronised to your cloud storage if you wish. Easy-to-use diagram editor The draw.io apps work just like the office and drawing tools you are used to using. Drag and drop shapes from the shape libraries and drag to draw connectors between them. Drag connectors to add waypoints and set a precise shape and position, or let them reroute automatically. Double click and start typing to add a label to anything. Create tables and swimlane flows with a familiar tool. Style shapes and connectors with customisable palettes, sketch options, fonts and text formatting tools. Search for shapes, including in open-source icon libraries. Use our vast libraries of shapes and templates, organised into logical categories, to create a range of diagrams and infographics. Generate diagrams from text descriptions using our smart templates. Diagram faster with keyboard shortcuts. draw.io Desktop 30.2.6 changelog: Uses electron 42.5.0 #2452 Updates to draw.io core 30.2.6. Download: draw.io 64-bit | Standalone (Open Source) Download: draw.io 32-bit | ARM64 | ARM64 Standalone Links: draw.io Home Page | Project page @GitHub | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Politically funny images of the World

      By +Edouard · Posted

    • Politically funny images of the World

      By +primortal · Posted

    • Politically funny images of the World

      By +primortal · Posted

    • The official Funny Pictures thread

      By +primortal · Posted

  • Recent Achievements

    • One Month Later
      Excellence2025 earned a badge
      One Month Later
    • Week One Done
      Excellence2025 earned a badge
      Week One Done
    • Week One Done
      flexorcist earned a badge
      Week One Done
    • One Month Later
      Woland13 earned a badge
      One Month Later
    • Week One Done
      Woland13 earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      497
    2. 2
      +Edouard
      207
    3. 3
      PsYcHoKiLLa
      146
    4. 4
      Steven P.
      74
    5. 5
      FloatingFatMan
      69
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!