Samsung's TouchWiz vulnerable to one-click data wipe or reset attack (video)
0. phoneArena 25 Sep 2012, 07:44 posted on
The same goes for QR scans and NFC - Samsung's TouchWiz UI makes the dialer automatically execute the sequence, which can potentially force a factory reset code onto your unsuspecting phone, and wipe your data. Here is a video demonstrating the theoretical disaster...
This is a discussion for a news. To read the whole news, click here
1. md227a (Posts: 137; Member since: 20 Mar 2012)
Glad my S3 isn't running touchwiz! That would suck haha
12. dexter_jdr (Posts: 1163; Member since: 28 Jun 2012)
S3 still got OWNED!!! watch the last minutes of the video, the S3 got attacked by nfc...woohoo!!!
18. adelta90 (Posts: 63; Member since: 14 Sep 2012)
yeah guess the S3 did get owned
but lets face it, unless someone deliberately tries to do this, its not likely for it to happen
At least this is something that can be corrected quite easily, but lets see if it does get corrected
23. PapaSmurf (Posts: 9723; Member since: 14 May 2012)
Chances of you receiving that through NFC?
26. brar.arsh (Posts: 177; Member since: 12 Sep 2012)
Thanks To CM10 team that I am not on TouchWiz for my S3.. :D
2. neutralguy (Posts: 1152; Member since: 30 Apr 2012)
A good thing is, there's tons of solution for this. Change a ROM if you want to :)
3. kartik4u98 (Posts: 511; Member since: 19 May 2012)
Ya exactly...who likes Touchwiz by the way?!
8. JonBjSig (Posts: 176; Member since: 17 Nov 2011)
You can also just download a different dialer, then you'll be prompted first.
4. kamil (Posts: 115; Member since: 07 Feb 2012)
touchwiz UI is the most boringest (if there is word for that) UI you can ever get on an Android platform device literally.
10. som (Posts: 768; Member since: 10 Nov 2009)
It is just a test nothing will harm your phone.
11. Berzerk000 (Posts: 4166; Member since: 26 Jun 2011)
Another reason added to my list of why Touchwiz is not to be trusted.
17. EclipseGSX (Posts: 1702; Member since: 18 Oct 2011)
I love HTC Sense. Back in the day I preferred my OG EVO over the SGSII even though the screen was beautiful it still felt like a downgrade going to Touchwiz
14. taz89 (Posts: 2014; Member since: 03 May 2011)
Does this affect everyone or just US PHONES... verge reports they only got it to work on a at&t s3...either way let's hope this is fixed ASAP and should not be a problem unless you or on dodgy sites
15. tedkord (Posts: 6780; Member since: 17 Jun 2009)
Come on, Samsung. Address this. It should be as easy as having a confirm factory reset dialog box poo up for all hidden code disks.
16. Gingershnaps (Posts: 18; Member since: 27 Feb 2012)
Per another android site:
Update: This issue is, unsurprisingly, a lot more nuanced than the video here lets on. The bug is based in the stock Android browser, is in fact quite old, and has been patched in more recent builds of Android - this is probably why Nexus devices running the most recent OTAs are unaffected. The fact is, this is not a Samsung problem, it's an old Android problem that has been known about for some time.
Any of the U.S. SGs3 that have their OTA updates aren't able to be affected.
19. christianqwerty (Posts: 463; Member since: 05 May 2011)
touchwiz has crashed on my s3 so many times
22. tedkord (Posts: 6780; Member since: 17 Jun 2009)
Really? I don't think I've had TouchWIZ crash even once in the two months I've had my GS3. And I tinker a lot.
24. PapaSmurf (Posts: 9723; Member since: 14 May 2012)
And I've managed to reach 1.56GB of RAM of 1.59 and it didn't crash or lag, at all.
20. Martine (Posts: 102; Member since: 20 Oct 2011)
This has been confirmed to be a vulnerability of the stock Android browser. A fix for this hack was released with the latest Jelly bean update.
Therefore, the hack will affect any android device running previous versions of Android.
You can use a simple google search to confirm this info.
Please update the post.
21. geesanut (Posts: 3; Member since: 16 Aug 2012)
Looks like a conspiracy to me.? (LoL)! Phones not meeting expectations,android haters, could it be possible!?