Feature: Droid Does Apps

A Grinch (Flaw) Steals Samsung’s Christmas

Author: Ed Valdez
Published: December 18, 2012 at 4:22 pm

Grinch and SamsungIn How the Grinch Stole Christmas, Dr. Seuss tells a story about a Grinch who tries to steal Christmas from the Whos in Who-ville, yet in the end realizes that Christmas is more than presents so there’s a happy ending. Let’s hope for the same end result after a security flaw was recently found in millions of Samsung gadgets . Even though tablets are more popular than world peace for the holidays, shoppers may need to be more cautious about which gadgets they buy.

According to Alephzain, a user at the XDA Developers forum, a security flaw in many of Samsung’s latest smartphones and tablets can allow malicious apps to install malware, steal personal data and/or wipe/brick the device. He notes that the loophole is a huge mistake by Samsung. The flaw results from specific versions of Samsung’s proprietary Exynos microprocessor and allegedly affects the following products: International Samsung Galaxy SII and S III; Samsung Galaxy Note I, II and 10.1, Samsung Galaxy Tab 7.0 Plus and 7.7 as well as various devices from Meizu, Lenovo and other Asian manufacturers. Over 60 million of the Samsung devices have been sold worldwide. This is a preliminary list of products because (at the time of this article) Samsung has not confirmed or denied which products are vulnerable to the security loophole, although an internal review has been launched. If/when confirmed, Samsung will likely announce an OTA (over the air) update.

The good news is that the Samsung Galaxy SII and SII smartphones in the U.S. don’t seem to be affected. However the other devices listed above that are sold in the U.S. are consistently identified with the flaw in several Android forums. So here’s what you need to do:

  • Check with your service provider or retailer before purchasing any new device;
  • Use the FCC Smartphone Security Checker (released today);
  • Use mobile anti-virus software;
  • Watch for a Samsung announcement related to this issue;
  • Avoid installing any App from an untrusted source (yet proceed with caution on Google Play because malicious apps still exist according to Gartner research VP Peter Firstbrook);
  • Consider installing an Android App that was developed by Chainfire, another XDA developer, that reportedly fixes the flaw; and
  • Monitor Samsung and Android User Forums.

Continued on the next page

About this article

Profile image for ecoleader

Article Author: Ed Valdez

As a mobile/wireless industry analyst, Ed Valdez leverages his MIT background to provide mobile tech insights on trends/culture. He is co-author of Samsung 3.0: Talent, Technology & Timing. @edvaldez8888.

Ed Valdez's author pageAuthor's Blog

Article Tags

Share: Bookmark and Share