Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Samsung Galaxy S3 has huge security flaw

ScottishDuck

ScottishDuck

macrumors 6502a
Original poster
Feb 17, 2010
664
986
Argyll, Scotland

Any Samsung Galaxy S3 can be remotely wiped if sent the following code

tel:*2767*3855%23
Click to expand...

This code can be embedded in HTML, sent in a text, email, anything...

This is a big one.
 
Last edited by a moderator:
T

The iGentleman

macrumors 6502a
Jul 13, 2012
543
0
ScottishDuck said:

Any Samsung Galaxy S3 can be remotely wiped if sent the following code



This code can be embedded in HTML, sent in a text, email, anything...

This is a big one.
Click to expand...

This doesn't work. I just sent a text to my GS3 with that number and nothing happened besides me receiving the text....nothing to see here.. :rolleyes:
 
Last edited by a moderator:
munkery

munkery

macrumors 68020
Dec 18, 2006
2,217
1
Remote wipe Samsung devices via the browser

Samsung devices don't use USSD codes securely.

The USSD code to factory data reset a Galaxy S3 is *2767*3855#

This can be triggered from browser like this: <frame src="tel:*2767*3855%23" />
 
GoCubsGo

GoCubsGo

macrumors Nehalem
Feb 19, 2005
35,742
155
And the point or you just exposing some issue? If it is the latter when maybe you can simply elaborate.
 
Sensamic

Sensamic

macrumors 68040
Mar 26, 2010
3,072
689
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...
 
tbayrgs

tbayrgs

macrumors 604
Jul 5, 2009
7,467
5,097
Sensamic said:
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...
Click to expand...

And this has what exactly to do with this thread?
 
munkery

munkery

macrumors 68020
Dec 18, 2006
2,217
1
Sensamic said:
IPhone has had several huge security flaws, like the one in messages two months ago where a Russian hacker could hack your phone and steal all your info and contacts.

And iPhone has had many other, like the one in safari that allowed jailbreakme.com.

So...
Click to expand...

Android has far more serious security issues than iOS.

This is exemplified by how much malware targets Android while iOS hasn't had any real malware threats.
 
ChazUK

ChazUK

macrumors 603
Feb 3, 2008
5,393
25
Essex (UK)
Possibly not as big an issue as the tech media made out to be?

http://www.androidpolice.com/2012/0...ng-exploit-it-was-already-fixed-in-an-update/

Most Galaxy S III Devices Are Not Vulnerable To USSD Wiping Exploit: It Was Already Fixed In An Update

There has been a lot of misinformation floating around this morning about an alleged "exploit" on Samsung phones that allows the entire device to be wiped from the browser using what's called a USSD code. Basically, a bit of Android intent code cleverly placed in a web page can call up your dialer and insert a code that wipes the whole device (the USSD code), all without you ever confirming anything.
Unfortunately, everyone (ourselves included) kind of jumped the gun on this without consulting the experts first, and things are more complicated than we thought. Some outlets are reporting that this glitch affects the Samsung Galaxy S III (such as the AT&T version here in the US), but our own evidence suggests otherwise. Here's a stock AT&T Galaxy S III on the latest OTA update (issued last week) initiating the exploit - it doesn't work. It just goes to a blank dialer.
Click to expand...


More page hit fodder! :D
 
Last edited by a moderator:
r.j.s

r.j.s

Moderator emeritus
Mar 7, 2007
15,026
52
Texas
3bs said:
As far as I know this is only on TouchWiz and I'm running an AOSP based ROM so I guess I'm safe :D
Click to expand...

Not true. This is an old android bug, which has been largely patched - but existed in the default browser and samsung dialer until a recent OTA fix.
 
S

Sincci

macrumors 6502
Aug 17, 2011
285
65
Finland
Doesn't do anything with my S3

Doesn't even launch the dialer app with the international Galaxy S3 (i9300) with latest official 4.0.4 XXBLH3 firmware and latest unofficial 4.1.1 leak for nordic countries (XXDLI8), haven't tried it with the official 4.1.1 for poland (XXDLIB), but I would assume that it doesn't have this bug either.
 
G51989

G51989

macrumors 68030
Feb 25, 2012
2,530
10
NYC NY/Pittsburgh PA
munkery said:
Android has far more serious security issues than iOS.

This is exemplified by how much malware targets Android while iOS hasn't had any real malware threats.
Click to expand...

Well, Malware targets the highest amount of users, and there are far more Android users than iOS users.

I've never had any security problems on any of my Android devices. Clearly it must actually be iOS.
 
munkery

munkery

macrumors 68020
Dec 18, 2006
2,217
1
G51989 said:
Well, Malware targets the highest amount of users, and there are far more Android users than iOS users.

I've never had any security problems on any of my Android devices. Clearly it must actually be iOS.
Click to expand...

Nope.

More Android phones but factor in iPads then way more devices running iOS.

At the moment: mobile & tablet only / overall

iOS = 66% / 6%

Android = 21% / 2%

http://www.netmarketshare.com/mobile-market-share

http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=8&qpcustomd=

Totally throws the market share theory in the garbage.
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom