Linked by Thom Holwerda on Tue 25th Sep 2012 21:14 UTC, submitted by bowkota
PDAs, Cellphones, Wireless On the same day I bought a brand new iMac and switched back to Mac (no joke!), and teased the employees at the Apple retailer with my Galaxy SII, Samsung goes around and pulls something idiotic like this. TouchWiz, Samsung's Android skin, has a very severe flaw which passes digits along from JavaScript (via their modified browser) to the modified dialler, allowing your device to be factory reset (!) by just visiting a link - via NFC, QR, or plain. This doesn't affect all Samsung devices, but those that are affected are all TouchWiz devices. This just proves once again that you should either buy Nexus, or make the switch to Cyanogenmod (or any of the other AOSP-based ROMs).
Thread beginning with comment 536533
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Comment by some1
by phoudoin on Wed 26th Sep 2012 12:35 UTC in reply to "RE[2]: Comment by some1"
Member since:

Androidpolice says most US carriers likely pushed a fix last week.

They didn't pushed a *fix*, but a full upgrade to Android 4.0.4 or sooner, which already include the fix.
I'll bet that they didn't even knew that the issue existed on the first place and that only this upgrade comes with the fix. May Jelly Bean was not ready to broadcast, I'm pretty sure no official fix will be available yet.

Reply Parent Score: 2

RE[4]: Comment by some1
by some1 on Wed 26th Sep 2012 12:43 in reply to "RE[3]: Comment by some1"
some1 Member since:

Or maybe they knew. They rarely push updates at the same time otherwise. And who cares if this was one patch or 4.0.4 update, which is just a few patches itself. The point is that most S3s are already patched, even those with carrier ROMs.

Reply Parent Score: 2