Slashdot Mirror
Samsung Phones Are Spontaneously Texting Users' Photos To Random Contacts Without Their Permission (theverge.com)
Some Samsung smartphones are randomly sending pictures from the device to a user's contacts without explicit permission, according to users and media outlets. From a report: Users are complaining about the issue on Reddit and the company's official forums. One user says his phone sent all his photos to his girlfriend. The messages are being sent through Samsung's default texting app Samsung Messages, and the photos are being sent as SMS messages. According to reports, the Messages app does not even show users that files have been sent; many just find out after they get a response from the recipient of the random photos sent to them. Samsung told the news outlet it was aware of the issue and was looking into it.
A followup question is: How many wang pics were sent out because of this?
How's that agile development coming along?
I assume from this comment you've never gotten an OTA update from your carrier for a Samsung or any other brand. They're months and months between; hardly agile.
Some years ago, a co-worker of mine showed me his Samsung phone. It was a beauty, and he let me play with it for a bit. The hardware was wonderful. The proprietary Samsung crap-ware that was on it was what made me decide that I would never get a Samsung phone. It's just like the branded crap-ware on Windows machines. I have a Nexus 6P and I think it's wonderful. It's Android the way it was intended. Yes, I know Google spies on me.
It's not the release schedule that's Agile, its' the development process...
deleting the extra space after periods so i can stay relevant, yeah.
It's called MMS...
deleting the extra space after periods so i can stay relevant, yeah.
Samsung is just trying to show that it cares by connecting you with your friends.
I blame Bixby, about the worst digital "assistant" I've ever seen. I bet that Bixby is "interpreting" actions or words to do something stupid...
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
I imagine this is probably a troll, but just in case:
The language chosen would have very, very little effect on this. This is a problem with the overall design of the app.
Rust, like Python, Java, Perl, PHP, VBScript, JavaScript, and most other languages, doesn't lend itself to one very specific type of bug called a buffer overflow. That specific issue is mostly just seen in C. Rust is like most languages in that buffer overflow isn't the bug you have to worry about in Rust (or in Perl, PHP, Python, Java, etc.)
What's different about Rust is a very clever marketing thing they did. They took the fact that most languages, including Rust, don't have buffer overflows and hyped it to Trumpian proportions. In marketing material that would make PT Barnum blush, they exclaimed "Rust is secure because it doesn't have buffer overflows! Write all your software in Rust and you'll never have another bug!" Understand this is analogous to saying "spiders are venomous, don't use spiders. Tigers have no venom! If you use tigers, you never have to worry about venom at all. Buy some tigers from us today so you can be safe!"
The problem then is that newbies who don't understand much about programming *think* they're safe because they're using tigers. No need to be careful with tigers because they aren't venomous. Er, I mean no need to be careful when you're using Rust because it doesn't have buffer overflows. That makes it slightly more dangerous, since a lot of people aren't being as careful as they should, thinking Rust is somehow magic.
I maintain a database of every CVE (security bug) ever reported. Well under 1% of them are buffer overflows, so it's a tiny percentage of problems that Rust protects against.
Who gets arrested when it sends out nude selfies from someone under 18? The coders? The CEO of Samsung?
Lawyers love this kind of stuff, lol
The app is designed to send messages, to contacts, with pictures attached. Obviously that code didn't appear by accident, it was included because that's the purpose of the app. The question is "why is the app doing its thing without being told by the user?" It's as if it's especially prone to "pocket dialing" (or accidental voice dialing?) for some reason.
> This smells like some debugging function left in accidentally
Specifically, a test script. Unit testing could easily have behavior similar to what was described.
> What API would exist that hides SMS messages
The problem is in the messaging app. Where do you see your text messages other than in your messaging app? There is no hiding happening (no active hiding), rather the "display sent message" function is not being run. Normally the messaging app would do two things - display the message the user types and send the message. The app is not displaying messages that the user isn't typing, so that's normal behavior.
Programmers would write separate unit tests to test those two different parts of the program - the local UI would have tests, and sending messages over the network would have separate unit tests. Running the unit test for the internal process for sending an attachment would be expected to have this behavior - and would not be expected to run anything in the UI. So it would send messages, not display them.
It's ALSO possible that this is nefarious code. That's possible. Pocket dialing while it the screen is supposed to be locked is also possible.
I can send several thousand SMS messages this month and it wont cost me a penny.
Each MMS message will cost me 50p. Automatically sending all the images from my phone via MMS to even a single recipient would cost me a three digit sum.
I can imagine for some people you could add a digit with ease.