Wiping Samsung Phones in Single Link (and lasers, hotmail)

If someone can get you to open a URL on a Samsung smartphone, they can trigger a factory reset that you can’t stop. Boom, data gone byebye. And your SIM card might be dead too.

Band-aid fix is dumping the manufacturer’s version of the OS and getting a standard one (maybe a community-created one). Real fix is selling the thing on Craigslist and using the money to buy yourself a few prepaid phones. And some conductive fabric to make yourself a Faraday-cage jacket pocket to keep them in…

Offtopic but insanely cool: guy builds a variable frequency laser at home, just by shaking a vial of Rhodamine dye full of ball bearings with a speaker. I wonder, if it turns out he’s getting above the lasing threshold, what the coherence length of the output is, and if it’s enough to make holograms with.

http://hackaday.com/2012/09/19/variable-frequency-laser-using-shaken-ball-berings/ http://brainsinjars.com/archives/2012/09/build-log-shaken-granular-laser/

Lastly, looks like Hotmail has indeed been only using the first 16 characters of passwords all these years: http://arstechnica.com/security/2012/09/secret-microsoft-policy-limited-hotmail-passwords-to-16-characters/

http://www.ibtimes.co.uk/articles/387852/20120925/samsung-smartphone-hack-remote-wipe-galaxy-touchwiz.htm

“Samsung smartphones including the Galaxy S3, Galaxy S2, Galaxy Ace, Galaxy Beam and Galaxy S Advance all appear to be affected by the bug which triggers a factory reset on your phone if your web browser is pointed to a particular website.

Smartphones can also be directed to the code through NFC or using a QR code. Once the process has been initiated, users are have no way of stopping it.

If a user taps an NFC tag which has the website pre-loaded onto it, there will be no warning for the user, which is the same if a user scans a QR code with the website URL embedded in it.”

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: