Samsung Addresses Galaxy Exploit - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile
News
9/26/2012
11:21 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Samsung Addresses Galaxy Exploit

Exploit that triggers certain Samsung Galaxy smartphones to reset poses fewer risks than initially reported.

Headlines were abuzz Tuesday morning with reports that some Samsung Galaxy smartphones are vulnerable to an exploit that could reset the devices to their factory settings. Initially an all-out alert, the news has since evolved into a wide-reaching but nonetheless modest concern--and with Samsung promising action, the threat should soon be downgraded even further.

Early reports cited Technical University Berlin researcher Ravi Borgaonkar's presentation at the Ekoparty security conference in Argentina. He demonstrated that a line of HTML code can dial USSD codes that trigger Samsung Galaxy SII and SIII smartphones to initiate full data wipes.

[ The number of malicious Android apps is increasing. Read more at Android Warning: 50% Of Devices Need Patching. ]

The exploit--which can be executed via an embedded link, a QR code, or an NFC connection--was initially blamed on Samsung's TouchWiz UI, which the manufacturer layers over the base Android OS. Testing by the blog Android Police revealed, however, that the flaw originates in older versions of Google's mobile OS, meaning that the vulnerability is not Samsung-specific. The site additionally found that the exploit is not new, and that recent patches should effectively disable the threat.

Samsung has since responded, with a tweet promising action and a statement to TechCrunch that confirmed Android Police's assertion that "the security issue … has already been resolved." The statement urged SIII users to update if they have not already done so, but the status of older devices, such as the SII, is not yet clear. Updates can be downloaded using Samsung's Over-The-Air service.

Borgaonkar offered a test site for users to assess whether their phones are vulnerable, and at least one other such tool has appeared online. In addition to the patches, suggested workarounds have included turning off the phone's Service Loading feature, uninstalling barcode scanners, disabling NFC connectivity, and using a third-party dialer app.

Chris Morales, 451 Research's senior security analyst for enterprise security practice, said in an interview that it is "very important" to understand that "the real problem is what permissions Android allows," pointing out that developer APIs don't adequately block such vulnerabilities from surfacing. Nonetheless, Morales said this particular exploit is a relatively minor threat, even to those with unpatched devices.

"Wiping a phone is not as bad as losing data," he said, since the factory reset is only a true risk to users who don't back up their content. He likened the exploit to a denial-of-service attack: "It's annoying and no one likes it, [but it] scares me less than when [attackers] get root access."

Alexandru Catalin Cosoi, chief security research for Bitdefender, said in an interview that the exploit's future will probably involve pranks, if anything, rather than legitimately sinister schemes. Calling the vulnerability a "proof of concept," he stated that once such flaws become public, "they aren't actually implemented by malware writers because everyone expects them."

"Most of the vulnerabilities that get exploited are ones that aren't public yet," he asserted, adding, "[This vulnerability] works in a lab but should be fixed on most devices."

Mobile employees' data and apps need protecting. Here are 10 ways to get the job done. Also in the new, all-digital 10 Steps To E-Commerce Security special issue of Dark Reading: Mobile technology is forcing businesses to rethink the fundamentals of how their networks work. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Number 6
50%
50%
Number 6,
User Rank: Moderator
9/27/2012 | 7:22:18 PM
re: Samsung Addresses Galaxy Exploit
"'Wiping a phone is not as bad as losing data,' he said, since the factory reset is only a true risk to users who don't back up their content."

Huh? Last I heard, wiping a phone wipes out the data, so how can that not be as bad?

And does this pass the "Grandmom" test, as in does you grandmother routinely back up the photos and contacts on her phone? These are sold as consumer devices to average people, not as only as high-tech IT machines to computer geeks like us.
Commentary
What Becomes of CFOs During Digital Transformation?
Joao-Pierre S. Ruth, Senior Writer,  2/4/2020
News
Fighting the Coronavirus with Analytics and GIS
Jessica Davis, Senior Editor, Enterprise Apps,  2/3/2020
Slideshows
IT Careers: 10 Job Skills in High Demand This Year
Cynthia Harvey, Freelance Journalist, InformationWeek,  2/3/2020
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Slideshows
Flash Poll