Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Samsung Galaxy S3 has huge security flaw

ScottishDuck

ScottishDuck

macrumors 6502a
Original poster
Feb 17, 2010
666
993
Argyll, Scotland

Any Samsung Galaxy S3 can be remotely wiped if sent the following code

tel:*2767*3855%23
Click to expand...

This code can be embedded in HTML, sent in a text, email, anything...

This is a big one.
 
Last edited by a moderator:
ScottishDuck said:

Any Samsung Galaxy S3 can be remotely wiped if sent the following code



This code can be embedded in HTML, sent in a text, email, anything...

This is a big one.
Click to expand...

This doesn't work. I just sent a text to my GS3 with that number and nothing happened besides me receiving the text....nothing to see here.. :rolleyes:
 
Last edited by a moderator:
Remote wipe Samsung devices via the browser

Samsung devices don't use USSD codes securely.

The USSD code to factory data reset a Galaxy S3 is *2767*3855#

This can be triggered from browser like this: <frame src="tel:*2767*3855%23" />
 
And the point or you just exposing some issue? If it is the latter when maybe you can simply elaborate.
 
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...
 
Sensamic said:
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...
Click to expand...

And this has what exactly to do with this thread?
 
Sensamic said:
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...
Click to expand...

Android has far more serious security issues than iOS.

This is exemplified by how much malware targets Android while iOS hasn't had any real malware threats.
 
Possibly not as big an issue as the tech media made out to be?

http://www.androidpolice.com/2012/0...ng-exploit-it-was-already-fixed-in-an-update/

Most Galaxy S III Devices Are Not Vulnerable To USSD Wiping Exploit: It Was Already Fixed In An Update

There has been a lot of misinformation floating around this morning about an alleged "exploit" on Samsung phones that allows the entire device to be wiped from the browser using what's called a USSD code. Basically, a bit of Android intent code cleverly placed in a web page can call up your dialer and insert a code that wipes the whole device (the USSD code), all without you ever confirming anything.
Unfortunately, everyone (ourselves included) kind of jumped the gun on this without consulting the experts first, and things are more complicated than we thought. Some outlets are reporting that this glitch affects the Samsung Galaxy S III (such as the AT&T version here in the US), but our own evidence suggests otherwise. Here's a stock AT&T Galaxy S III on the latest OTA update (issued last week) initiating the exploit - it doesn't work. It just goes to a blank dialer.
Click to expand...


More page hit fodder! :D
 
Last edited by a moderator:
3bs said:
As far as I know this is only on TouchWiz and I'm running an AOSP based ROM so I guess I'm safe :D
Click to expand...

Not true. This is an old android bug, which has been largely patched - but existed in the default browser and samsung dialer until a recent OTA fix.
 
Doesn't do anything with my S3

Doesn't even launch the dialer app with the international Galaxy S3 (i9300) with latest official 4.0.4 XXBLH3 firmware and latest unofficial 4.1.1 leak for nordic countries (XXDLI8), haven't tried it with the official 4.1.1 for poland (XXDLIB), but I would assume that it doesn't have this bug either.
 
munkery said:
Android has far more serious security issues than iOS.

This is exemplified by how much malware targets Android while iOS hasn't had any real malware threats.
Click to expand...

Well, Malware targets the highest amount of users, and there are far more Android users than iOS users.

I've never had any security problems on any of my Android devices. Clearly it must actually be iOS.
 
G51989 said:
Well, Malware targets the highest amount of users, and there are far more Android users than iOS users.

I've never had any security problems on any of my Android devices. Clearly it must actually be iOS.
Click to expand...

Nope.

More Android phones but factor in iPads then way more devices running iOS.

At the moment: mobile & tablet only / overall

iOS = 66% / 6%

Android = 21% / 2%

http://www.netmarketshare.com/mobile-market-share

http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=8&qpcustomd=

Totally throws the market share theory in the garbage.
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back