New Exploit Can Wipe Your Samsung Galaxy S III with a Single Line of Code

[Rob Williams]

We posted a story last week where Android phones, the S III in particular, could be compromised via NFC, and this week, we have one that definitely beats it. In last week's story, the major risk was that the person who gained access could suck down all of your data, while with this recently-unveiled exploit, you could quickly find your phone completely reset. Data gone, configuration gone, and probably your day gone.

Read the rest of our post and then discuss it here!

 

[DarkStarr]

Annnnnnnd this is why you run custom roms..... lmao Faster, safer and just much more buttery.

 

[Rob Williams]

I still don't get the appeal of custom ROMs, aside from this particular sort of thing. I'm fine with what I'm given for the most part, but I do spruce things up with GO Launcher on either the phone or tablet. I rooted my tablet last month and I am still not sure what benefit that availed me.

 

[DarkStarr]

Why not? You run straight ICS/JB and its faster and has better tweaking options.

Rooting gives many benefits, such as using Titanium Backup or Nova launcher with the widgets in the app drawer (separate tab). You can remove bloat move system apps to user so they don't take double space. You can overclock (or underclock) with a custom kernel if your rooted, you can make your multi core phone sleep the cores better.

Now with a custom rom, you can do that and more plus you have a somewhat nexus like experience. Not to mention the T-Mobile Theme Engine that's built into the main big versions like AOKP and Cyanogenmod, it allows you change the appearance of android at your whim.

My lockscreen, with no apps to modify it at all, shows the time, date, owner info, a weather icon (to represent the conditions) high low and current temps. It also shows my next calendar event and my lockring has spaces for 4 other things BESIDES unlocking the phone. Not to mention soon you should have an option for more.

 

[RainMotorsports]

Galaxy S3 (almost all) was patched before this even came to light and Jelly Bean patches the exploit for all Manufacturers. Dont get it twisted its only that Samsung was open to wiping that brings Samsung to light. The dialer code is there for a reason its just the fact it can be launched from the browser is a huge issue.

From what i heard CM9 builds with debug menu implemented are vulnerable for Samsung devices as well.

If your not on a Nexus device then you already use custom android. I bet stripping you down to the same version in AOSP form you will start crying abouy features that are missing. The reasons are various and for a given device there are often custom stock roms. But when I discuss the virtues of custom roms I discuss custom AOSP based roms which is a little more legit. At this point the difference is your developer is not an OEM but usually a team of community coders.

One of the easy arguments is updates. Even decent phones get screwed out of updates and heck I am on a 2 year contract. There is of good reason not to squeeze an oem build onto an old phone but my fathers Droid X2 is screwed out of an ICS update which would take full advantage of the dual core CPU. In my case I am on a varient of the GS2 so our updates come slower and often have more issues. We had CM9 in "stable" fashion before this phone had ICS. The Samsung version of ICS on this phone has many issues that our CM9 builds dont. Our Vanilla Jelly Bean build and CM10 builds are nearly stable and will be stable well before TouchWiz JB even makes it assuming Sprint even approves such an update.

My phone itself is a testament to community development. During the G Nexus development google discovered a bug in the eMMC firmware triggered by the android 4.0 kernel and had Samsung write new firmware. The Galaxy S2 range and Galaxy Note shipped with this older firmware and cant be updated outside of a service center. The i9100 was patched with a work around but the Note shipped 4.0 with no work around and people could superbrick (read as JTAG wont fix) by simply performing a factory reset. The Epic 4G Touch community eventually with help from Note and other devs brought the issue to Samsung, Google and Sprint. They almost OTA'd 4.0 with no work around but that was shifted. In the end Samsungs work around was weak but no matter as the community with kernel source now in hand has attacked it from every angle. Now we have stock and aosp kernels available that are as safe as it gets.

CyanogenMod is an exception and is aimed to be as professional a build as any OEM build. Also remember while MIUI is considered a custom rom on other phones its actually OEM firmware for the MI phones.

 

[DarkStarr]

Miui/CM/AOKP Those are the "true" custom roms. There are several out there based on stock for the phone and based on AOKP or MC with cherry picked features but, the point remains the same, run anything based on AOSP and not stock and you will be much happier overall. Your phone will be faster and typically have better battery life, with more tweaks and options and responsiveness.

Finally, CM added a stopwatch and time to the android clock app, its awesome! and they added quick reply (also awesome).

Oh and my T-mobile SGSII probably will never see an official JB rom, or if it does its another few months down the line, meanwhile I run JB every day just fine. No lag and no real issues.