HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Digital Life / Samsung Patches Wipe Vulnerability
Neustar, Inc.
Protect your website & network using real-time information & analysis
www.neustar.biz
Samsung Patches Remote Wipe Vulnerability
Samsung Patches Remote Wipe Vulnerability
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
26
2012


Putting an end to potential panic, Samsung is delivering a patch to fix a remote wipe vulnerability over the air. But that's not the only trouble story about the Android operating system coming out of the security world this week.

Samsung Galaxy S III owners are ripe for attack in the face of a vulnerability that could allow a remote attacker to wipe all of their personal data from the mobile device. According to Ravi Borgaonkar, a researcher from the Security in Communications Department at Technical University Berlin, Samsung smartphones with the TouchWiz interface appear to be the only Android phone the flaw affects.

"This is a scary vulnerability because we are already troubled by the thought that the companies we work for can just reach out and destroy our data," Brad Shimmin, an analyst at Current Analysis, told us. "From a corporate perspective one of the biggest concerns you have is data leakage. So it's imperative that the company be able to take remote control of that information."

More Android Flaws

But this vulnerability goes beyond corporate concerns for ex-employees. Should all Android users be worried? What about iPhone users? Windows Phone users? Although the vulnerability is seemingly only on Samsung devices, Shimmin said security experts from both the white-hat and black-hat camps are no doubt testing other platforms. If the vulnerability is on other platforms, Shimmin is confident there will be a report and a fix within the next week.

Meanwhile, subway riders in the New Jersey and San Francisco transit systems can use near-field communication (NFC) Android smartphones to endlessly replenish their fare cards for free, according to Sophos security analyst Lisa Vaas. The app is called UltraReset and researchers at Intrepidus Group developed it.

"Don't bother searching on Google Play for it, though -- the researchers aren't in the business of enabling people to rip off transit systems," Vaas said. "Instead, they've put out a tweaked version, called UltraCardTester, to allow people to test their local transit system's security. You can't rewrite your subway card balance, but you can let the transit people know that their system might be insecure."

Does Your Phone Have Malware?

With stories like these continuing to arise, does that mean the Android platform is less secure than others? This has been hotly debated for years now. But one thing is certain: if you own a device that's running the Android operating system, chances are good that your device is vulnerable to attack, according to Duo Security. Duo's data, collected by its mobile "vulnerability assessment" app, shows that more than half of Android devices have unpatched vulnerabilities.

"Since we launched X-Ray, we've already collected results from over 20,000 Android devices worldwide. Based on these initial results, we estimate that over half of Android devices worldwide have unpatched vulnerabilities that could be exploited by a malicious app or adversary," Duo's Jon Oberheide wrote in a blog post.

"Yes, it's a scary number, but it exemplifies how important expedient patching is to mobile security and how poorly the industry (carriers, device manufacturers, etc) has performed thus far. We feel this is actually a fairly conservative estimate based on our preliminary results, the current set of vulnerabilities detected by X-Ray, and the current distribution of Android versions globally."

Tell Us What You Think
Comment:

Name:

Meaghen:
Posted: 2012-09-26 @ 11:47am PT
Great article. With all of the recent high-profile security breaches, it is important for everyone to be extra careful with their information. This is definitely an issue that needs to be addressed. At Mosaic Technology, we are huge proponents of being preventative in data security.

Meaghen

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN DIGITAL LIFE
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
Following last week's cyberattack on Sony and a vow by the U.S. to take action, the entire country of North Korea has been "disconnected" from the Internet for more than 9 hours.

ENTERPRISE HARDWARE SPOTLIGHT
Remember the classic BlackBerry that took the cell phone market by storm in its heyday? Well, it’s retro time at the Canadian handset maker as it rolls out the aptly-named BlackBerry Classic.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.