x PhoneArena is looking for new authors! To view all available positions, click here.
  • Options
    Close




Samsung's TouchWiz vulnerable to one-click data wipe or reset attack (video)

0. phoneArena 25 Sep 2012, 07:44 posted on

The same goes for QR scans and NFC - Samsung's TouchWiz UI makes the dialer automatically execute the sequence, which can potentially force a factory reset code onto your unsuspecting phone, and wipe your data. Here is a video demonstrating the theoretical disaster...

This is a discussion for a news. To read the whole news, click here

posted on 25 Sep 2012, 07:51 15

1. md227a (Posts: 121; Member since: 20 Mar 2012)


Glad my S3 isn't running touchwiz! That would suck haha

posted on 25 Sep 2012, 09:10 7

6. phljcnth (Posts: 255; Member since: 30 Apr 2012)


But aren't we using TouchWiz UX? :-0

posted on 25 Sep 2012, 10:52 4

12. dexter_jdr (Posts: 1090; Member since: 28 Jun 2012)


S3 still got OWNED!!! watch the last minutes of the video, the S3 got attacked by nfc...woohoo!!!

posted on 25 Sep 2012, 14:33 2

18. adelta90 (Posts: 63; Member since: 14 Sep 2012)


yeah guess the S3 did get owned
but lets face it, unless someone deliberately tries to do this, its not likely for it to happen
At least this is something that can be corrected quite easily, but lets see if it does get corrected

posted on 25 Sep 2012, 20:16 1

23. PapaSmurf (Posts: 7370; Member since: 14 May 2012)


Chances of you receiving that through NFC?

0.000257812%.

posted on 26 Sep 2012, 03:16

26. brar.arsh (Posts: 121; Member since: 12 Sep 2012)


Thanks To CM10 team that I am not on TouchWiz for my S3.. :D

posted on 25 Sep 2012, 07:54 8

2. neutralguy (Posts: 1152; Member since: 30 Apr 2012)


A good thing is, there's tons of solution for this. Change a ROM if you want to :)

posted on 25 Sep 2012, 08:01 7

3. kartik4u98 (Posts: 511; Member since: 19 May 2012)


Ya exactly...who likes Touchwiz by the way?!

posted on 25 Sep 2012, 10:04 1

8. JonBjSig (Posts: 176; Member since: 17 Nov 2011)


You can also just download a different dialer, then you'll be prompted first.

posted on 25 Sep 2012, 08:20 6

4. kamil (Posts: 115; Member since: 07 Feb 2012)


touchwiz UI is the most boringest (if there is word for that) UI you can ever get on an Android platform device literally.

posted on 25 Sep 2012, 08:32 2

5. OpTiMuS_BlAcK (Posts: 411; Member since: 04 May 2012)


All the data gone, ouch.

posted on 25 Sep 2012, 10:18 4

9. kreneo (Posts: 13; Member since: 29 Aug 2011)


samsung fanboys giving out excuses! LoL

posted on 25 Sep 2012, 10:46 2

10. som (Posts: 768; Member since: 10 Nov 2009)


It is just a test nothing will harm your phone.

posted on 25 Sep 2012, 10:49 3

11. Berzerk000 (Posts: 3881; Member since: 26 Jun 2011)


Another reason added to my list of why Touchwiz is not to be trusted.

posted on 25 Sep 2012, 11:36 6

13. bigstrudel (Posts: 518; Member since: 20 Aug 2012)


Sense don't look so bad now huh

posted on 25 Sep 2012, 13:51 4

17. EclipseGSX (Posts: 1551; Member since: 18 Oct 2011)


I love HTC Sense. Back in the day I preferred my OG EVO over the SGSII even though the screen was beautiful it still felt like a downgrade going to Touchwiz

posted on 25 Sep 2012, 11:46

14. taz89 (Posts: 2009; Member since: 03 May 2011)


Does this affect everyone or just US PHONES... verge reports they only got it to work on a at&t s3...either way let's hope this is fixed ASAP and should not be a problem unless you or on dodgy sites

posted on 25 Sep 2012, 13:05

15. tedkord (Posts: 4282; Member since: 17 Jun 2009)


Come on, Samsung. Address this. It should be as easy as having a confirm factory reset dialog box poo up for all hidden code disks.

posted on 25 Sep 2012, 13:41 5

16. Gingershnaps (Posts: 18; Member since: 27 Feb 2012)


Per another android site:
Update: This issue is, unsurprisingly, a lot more nuanced than the video here lets on. The bug is based in the stock Android browser, is in fact quite old, and has been patched in more recent builds of Android - this is probably why Nexus devices running the most recent OTAs are unaffected. The fact is, this is not a Samsung problem, it's an old Android problem that has been known about for some time.

Any of the U.S. SGs3 that have their OTA updates aren't able to be affected.

posted on 25 Sep 2012, 15:34 2

19. christianqwerty (Posts: 460; Member since: 05 May 2011)


touchwiz has crashed on my s3 so many times

posted on 25 Sep 2012, 19:51 1

22. tedkord (Posts: 4282; Member since: 17 Jun 2009)


Really? I don't think I've had TouchWIZ crash even once in the two months I've had my GS3. And I tinker a lot.

posted on 25 Sep 2012, 20:19

24. PapaSmurf (Posts: 7370; Member since: 14 May 2012)


^ This.

And I've managed to reach 1.56GB of RAM of 1.59 and it didn't crash or lag, at all.

posted on 25 Sep 2012, 16:32

20. Martine (Posts: 102; Member since: 20 Oct 2011)


@ Phonearena.

This has been confirmed to be a vulnerability of the stock Android browser. A fix for this hack was released with the latest Jelly bean update.
Therefore, the hack will affect any android device running previous versions of Android.

You can use a simple google search to confirm this info.

Please update the post.

Thanks.

Jokesy

posted on 25 Sep 2012, 16:49

21. geesanut (Posts: 3; Member since: 16 Aug 2012)


Looks like a conspiracy to me.? (LoL)! Phones not meeting expectations,android haters, could it be possible!?

posted on 25 Sep 2012, 20:20

25. PapaSmurf (Posts: 7370; Member since: 14 May 2012)


Why is there no source listed?

* Some comments have been hidden, because they don't meet the discussions rules.

Want to comment? Please login or register.

Latest stories