Cellphones using Google’s Android operating system are at risk of being disabled or wiped clean of their data, including contacts, music and photos, because of a security flaw that was discovered several months ago but went unnoticed until now.
Opening a link to a Web site or a mobile application embedded with malicious code can trigger an attack capable of destroying the memory card in Android-equipped handsets made by Samsung, HTC Corp (宏達電), Motorola and Sony Ericsson, rendering the devices useless, computer security researcher Ravi Borgaonkar wrote in a blog post on Friday.
Another code that can erase a user’s data by performing a factory reset of the device appears to target only the newly released and top-selling Galaxy S III and other Samsung phones, he wrote.
Borgaonkar informed Google of the vulnerability in June, he said.
A fix was issued quickly, he said, but it was not publicized, leaving smartphone owners largely unaware that the problem existed and how they could fix it.
Google declined to comment. Android debuted in 2008 and now dominates the smartphone market.
Nearly 198 million smartphones using Android were sold in the first six months of this year, according to the research firm IDC. About 243 million Android-equipped phones were sold last year, IDC said.
Versions of Android that are vulnerable include Gingerbread, Ice Cream Sandwich and Jelly Bean, according to Borgaonkar. He said the Honeycomb version of Android, designed for tablets, needs to be tested to determine if it is at risk as well.
Samsung, which makes most of the Android phones, said only early production models of the Galaxy S III were affected and a software update has been issued for that model.
The company said it is conducting an internal review to determine if other devices are affected and what, if any, action is needed. Samsung said it is advising customers to check for software updates through the “Settings: About device: Software update” menu available on Samsung phones.
Borgaonkar, a researcher at Germany’s Technical University Berlin, said the bug works by taking advantage of functions in phones that allow them to dial a telephone number directly from a Web browser.
However, that convenience comes with risk. A hacker, or anyone with ill intent, can create a Web site or an app with codes that instruct the phones linking to those numbers to execute commands automatically, such as a full factory reset.
While Borgaonkar has drawn attention to the problem, it is unclear how useful the vulnerability would be to cybercriminals who are primarily interested in profits or gaining a competitive advantage, said Jimmy Shah, a mobile security researcher at McAfee.
“There’s no benefit to the attacker if they can’t make money off it or they can’t steal your data,” Shah said.
However, the technique could cause huge headaches if it were harnessed to issue outbound phone calls, said Mikko Hypponen, chief research officer at F-Secure, a digital security company in Helsinki, Finland.
Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) founder Morris Chang (張忠謀) yesterday said that Intel Corp would find itself in the same predicament as it did four years ago if its board does not come up with a core business strategy. Chang made the remarks in response to reporters’ questions about the ailing US chipmaker, once an archrival of TSMC, during a news conference in Taipei for the launch of the second volume of his autobiography. Intel unexpectedly announced the immediate retirement of former chief executive officer Pat Gelsinger last week, ending his nearly four-year tenure and ending his attempts to revive the
WORLD DOMINATION: TSMC’s lead over second-placed Samsung has grown as the latter faces increased Chinese competition and the end of clients’ product life cycles Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) retained the No. 1 title in the global pure-play wafer foundry business in the third quarter of this year, seeing its market share growing to 64.9 percent to leave South Korea’s Samsung Electronics Co, the No. 2 supplier, further behind, Taipei-based TrendForce Corp (集邦科技) said in a report. TSMC posted US$23.53 billion in sales in the July-September period, up 13.0 percent from a quarter earlier, which boosted its market share to 64.9 percent, up from 62.3 percent in the second quarter, the report issued on Monday last week showed. TSMC benefited from the debut of flagship
A former ASML Holding NV employee is facing a lawsuit in the Netherlands over suspected theft of trade secrets, Dutch public broadcaster NOS said, in the latest breach of the maker of advanced chip-manufacturing equipment. The 43-year-old Russian engineer, who is suspected of stealing documents such as microchip manuals from ASML, is expected to appear at a court in Rotterdam today, NOS reported on Friday. He is accused of multiple violations of the sanctions legislation and has been given a 20-year entry ban by the Dutch government, the report said. The Dutch company makes machines needed to produce high-end chips that power
As South Korea descends into political chaos, its equity market risks falling further behind major tech rival Taiwan, which is basking in the glory of a global artificial intelligence (AI) boom. A near-30 percent surge in Taiwan’s stock benchmark this year, set to be the best since 2009, has already helped spur a historic divergence between Asia’s two tech-dominated markets. The nation’s market capitalization now exceeds South Korea’s by about US$950 billion as the world’s AI frontrunners from Nvidia Corp and Microsoft Corp to OpenAI all increasingly turn to Taiwanese firms for supply. Looking ahead to next year, while both export-oriented economies