Pages Menu
Categories Menu

Posted by on Sep 25, 2012 in Security | 0 comments

Vulnerability Samsung TouchWiz deletes content with a link

Vulnerability Samsung TouchWiz deletes content with a link

(CC) John Biehler

In Ekoparty computer security conference , one of the most prominent in Latin America, one of the exhibitors, Ravi Borgaonkar , made a presentation entitled “Malicious use codes in cellular networks”, which showed a vulnerability of certain Samsung phones with interface graphic TouchWiz .

Borgaonkar demonstrated in the conference with a simple USSD code (like when you score on some operators *300# or ##002# to get some information as voicemail or the balance of the phone) can force a Samsung device with Android and TouchWiz interface to perform a ‘factory reset’, ie to delete almost everything on the phone.

What happens is that the TouchWiz interface has a feature of automatically dial a USSD code when pressing on a link in the default browser of the phone (instead of, say, Chrome), and also through a code or by NFC.

Link: ‘Dirty USSD’ code Could Automatically wipe your device Samsung TouchWiz (Engadget)

Tags: , , , , , , , ,

Post a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>