Hacker News new | ask | show | jobs
by ryanmacg 5009 days ago
The article is kind of misleading, the exploit was part of Android rather than anything to do with Samsung and was patched in AOSP as of 4.1.1(?). This meansn it was an issue on any phone that dialled automatically and doesn't run a build with the patch applied. Also the patch from Samsung was part of an OTA update from at least a week ago in the US, I know it pinged up just after I booted the S3 I bought on Saturday in the UK.
1 comments
estel 5009 days ago
In what way was the exploit a part of Android? I thought it was a touchwiz dialer issue that it automatically dialled USSD numbers without secondary confirmation from the user?
link
jrabone 5009 days ago
No, I've confirmed that a random sample of HTC & Huawei phones around my office are also vulnerable. Nothing specific to TouchWiz. The thing that MIGHT be specific to Samsung is the actual remote wipe code, but relying on that is simply security-by-obscurity. I'd bet ALL phones have got some USSD code you'd rather not be instantly triggerable by a web page.
link
andybak 5009 days ago
From what I understand stock Android doesn't have the problem. Multiple manufacturers seem to have introduced the flaw in the same way with their customizations.
link
ryanmacg 5009 days ago
See this commit https://android.googlesource.com/platform/packages/apps/Cont...

it was an issue in any Android variant that featured autodial, I saw someone reporting it worked on CyanogenMod 7 for example and it also worked on some HTC devices

link
spiffworks 5009 days ago
CM7 user here. Can confirm that it is vulnerable. Easily fixed by installing a second dialer so that you'll always get a prompt. Also I can't find any info on whether cm7 supports USSD factory reset. Anybody aware?
link
bmunro 5009 days ago
My Galaxy Nexus fails the test at http://dylanreeve.com/phone.php

Apparently the bug is fixed in 4.1 (I'm still on 4.0.4). I installed a temporary fix - TelStop. It just handles telephone Intents so that you get a popup asking you to choose an application.

link
dylancarruthers 5009 days ago
I'm not arguing either way but why would this be resetting via an USSD be a useful feature?
link
jrabone 5009 days ago
You can dial it blind on a bricked phone?
link