Demonstrated method to force factory reset on Galaxy S3 alarming
For the over 20 million users who are the proud owner of a Galaxy S3, there lurks a rather serious problem which could wipe your phone clean. And this would then return it to the original factory settings for the phone. All of this can be done via a single line of code when you navigate to a web site that contains it. The most likely way for that to happen would be via a QRCode, NFC or your responding to a link to go to a web site. And all it takes is one line of code to basically remove all the hard work you have down to set it up and store all your valuable information on the S3.
This is being reported from a security conference being held in Argentina last week. In a demonstration, they showed just how easy it was to render the phone back to the original settings when it was sold. With this, they showed that it will kill the SIM card and reset the phone in 3 seconds. And there is nothing you can do to stop it. And it is not just the Galaxy S3, but also the Galaxy S II which this can happen to. Not good.
Others have taken the time to valiate the results and duplicated them. Calls to Samsung to issue an immediate software patch to prevent this are growing. This is a serious situation that only impacts these two phones at the moment. Questions are being raised as to how Samsung left this big hole in the phones allowing them to be reset in this manner. By all accounts, this is an unacceptable condition. Samsung needs to correct this as quickly as possible.
Update: – Samsung has acknowledged the security hole and has already issued an update to correct the problem before this was presented last week.
Here is a video of the presentation. The part showing the Galaxy S3 wipe starts at the 6:30 mark. The demonstration of wiping the phone starts at the 9:30 mark.