Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
Wireless Security
Tame your scariest paperwork. Find Out How
Average Rating:
Rate this article:  
Samsung Patches Remote Wipe Vulnerability
Samsung Patches Remote Wipe Vulnerability

By Jennifer LeClaire
September 26, 2012 10:17AM

    Bookmark and Share
The Samsung remote wipe vulnerability goes beyond corporate concerns for ex-employees. Should all Android users be worried? What about iPhone users? Windows Phone users? Analyst Brad Shimmin said security experts from both the white-hat and black-hat camps are no doubt testing other platforms.
 



Putting an end to potential panic, Samsung is delivering a patch to fix a remote wipe vulnerability over the air. But that's not the only trouble story about the Android operating system coming out of the security world this week.

Samsung Galaxy S III owners are ripe for attack in the face of a vulnerability that could allow a remote attacker to wipe all of their personal data from the mobile device. According to Ravi Borgaonkar, a researcher from the Security in Communications Department at Technical University Berlin, Samsung smartphones with the TouchWiz interface appear to be the only Android phone the flaw affects.

"This is a scary vulnerability because we are already troubled by the thought that the companies we work for can just reach out and destroy our data," Brad Shimmin, an analyst at Current Analysis, told us. "From a corporate perspective one of the biggest concerns you have is data leakage. So it's imperative that the company be able to take remote control of that information."

More Android Flaws

But this vulnerability goes beyond corporate concerns for ex-employees. Should all Android users be worried? What about iPhone users? Windows Phone users? Although the vulnerability is seemingly only on Samsung devices, Shimmin said security experts from both the white-hat and black-hat camps are no doubt testing other platforms. If the vulnerability is on other platforms, Shimmin is confident there will be a report and a fix within the next week.

Meanwhile, subway riders in the New Jersey and San Francisco transit systems can use near-field communication (NFC) Android smartphones to endlessly replenish their fare cards for free, according to Sophos security analyst Lisa Vaas. The app is called UltraReset and researchers at Intrepidus Group developed it.

"Don't bother searching on Google Play for it, though -- the researchers aren't in the business of enabling people to rip off transit systems," Vaas said. "Instead, they've put out a tweaked version, called UltraCardTester, to allow people to test their local transit system's security. You can't rewrite your subway card balance, but you can let the transit people know that their system might be insecure."

Does Your Phone Have Malware?

With stories like these continuing to arise, does that mean the Android platform is less secure than others? This has been hotly debated for years now. But one thing is certain: if you own a device that's running the Android operating system, chances are good that your device is vulnerable to attack, according to Duo Security. Duo's data, collected by its mobile "vulnerability assessment" app, shows that more than half of Android devices have unpatched vulnerabilities.

"Since we launched X-Ray, we've already collected results from over 20,000 Android devices worldwide. Based on these initial results, we estimate that over half of Android devices worldwide have unpatched vulnerabilities that could be exploited by a malicious app or adversary," Duo's Jon Oberheide wrote in a blog post.

"Yes, it's a scary number, but it exemplifies how important expedient patching is to mobile security and how poorly the industry (carriers, device manufacturers, etc) has performed thus far. We feel this is actually a fairly conservative estimate based on our preliminary results, the current set of vulnerabilities detected by X-Ray, and the current distribution of Android versions globally."
 

Tell Us What You Think
Comment:

Name:

Meaghen:

Posted: 2012-09-26 @ 11:47am PT
Great article. With all of the recent high-profile security breaches, it is important for everyone to be extra careful with their information. This is definitely an issue that needs to be addressed. At Mosaic Technology, we are huge proponents of being preventative in data security.

Meaghen



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Wireless Security
1.   Banks Hit by Android-Skirting Malware
2.   Mac OS Yosemite Beta 4 Released
3.   Chinese Man Charged with Hacking
4.   Silent Circle Offers Roam-Free Plan
5.   Data Recovered from 'Wiped' Phones


advertisement
Banks Hit by Android-Skirting Malware
34 institutions, four European countries
Average Rating:
Mac OS Yosemite Beta 4 Released
Public preview could be coming soon.
Average Rating:
Silent Circle Offers Roam-Free Plan
Takes on Skype, Viber, Google Voice.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 
New Web Tracking Technologies Defeat Privacy Protections
Recently developed Web tracking tools are able to circumvent even the best privacy defenses, according to a new study by researchers at Princeton and the University of Leuven in Belgium.
 
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 

Enterprise Hardware Spotlight
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 
Another Day, Another Internet of Things Consortium Is Born
In the emerging Internet of Things, zillions of devices will be talking to each other. Samsung, Intel and Dell just formed a consortium to ensure each thing can understand what others are saying.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.