Poking Holes In Samsung's Android Security

Orome1 writes "Tired of waiting for Samsung to fix a string of critical flaws in their smartphones running Android, Italian security researcher Roberto Paleari has decided to inform the public about the seriousness of the matter and maybe make the company pick up the pace. Mindful of the danger that the vulnerabilities present to the users if they are exploited by malicious individuals, he decided not to share any technical details, but to just give a broad overview of what their misuse would allow. This includes a silent installation of highly-privileged applications with no user interaction and an app performing almost any action on the victim's phone."

Re:Learn from the past

[SirJorgelOfBorgel]

After some further investigation, it seems all these exploits are fixed in the latest 4.2 leaked firmware for the SGS3, so ... they're actually fixed, just maybe not rolled out yet.

CDMA2000 is the problem

[tepples]

PCs don't require the user to bring in the computer to have it reprogrammed to use a different ISP. CDMA2000 without CSIM, the typical setup on U.S. prepaid carriers such as Ting and Page Plus, does.

Re:Already tarnished for me

[TheGratefulNet]

it would be hard to find someone who does NOT use cheap 'china caps' inside instead of proper panasonic (japan) or nichicon or any of the other *reliable* electrolytic makers.

badcaps.net is informative for those that have not heard of this 15+ yr old problem in the parts industry. worldwide! china fucked the world on this and we're still paying with blown caps on nearly everything that uses them.

buy the parts from known places (digikey, mouser, newark, jameco, etc) and you'll get guaranteed real parts, not fakes. even the vendors who build boards tend to use fake caps (bad formula) and they last about a year before they fail.