A potential flaw in Samsung’s TouchWiz user interface has left a number of the Korean manufacturer’s smartphones, including the massively popular Samsung Galaxy S III, vulnerable to remote wiping.
The flaw relates to the way the phone reads specially-crafted USSD (Unstructured Supplementary Service Data) code that could cause the phone to perform a factory reset, lock the SIM card so that the device cannot be used or a variety of other malicious acts.
The vulnerability was discovered by Ravi Borgaonkar, who successfully wiped a Samsung Galaxy S III at the Ekoparty security conference.
The devices affected are the Samsung Galaxy S Advance, Galaxy S II, Galaxy S III, Galaxy Ace and Galaxy Beam. The Samsung Galaxy Nexus is not affected.
The Next Web was unable to wipe a Samsung Galaxy S running the latest version of Android, 4.1 Jelly Bean, but noted the device wiped by Borgaonkar appeared to be running Ice Cream Sandwich.
This has raised the possibility that it could only affect smartphones running Ice Cream Sandwich, while it has also been suggested that Chrome doesn’t allow the code to be executed, meaning it is only an issue for other browsers.
At the time of publication, Samsung had not responded to TechWeekEurope’s requests for comment.
Are you a security expert? Try our quiz and find out!
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
New chapter for LastPass as it becomes an independent company to focus on cybersecurity, after…
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…
View Comments
The reason your galaxy S running JB couldn't be wiped is because it does not have the Touch Wiz interface.. That's where the vulnerability lies...
. Source-your own article
Great article. With all of the recent high-profile security breaches, it is important for everyone to be extra careful with their information. This is definitely an issue that needs to be addressed. At Mosaic Technology, we are huge proponents of being preventative in data security.
Meaghen
Mosaic Technology
http://www.mosaictec.com