Headlines

1 year ago

Samsung: Galaxy S3 already updated with USSD exploit fix, reviewing situation with other phones [updated]

11

Update, 7:40am EDT: Samsung tells us it's "currently in the process of conducting an internal review" into the situation with on the Galaxy S2 and other affected phones. Our own testing, and reports from readers, suggests that devices like the Galaxy S2 and Galaxy Note remain vulnerable to the USSD exploit.

Original story: Yesterday we reported on a particularly nasty security vulnerability in some Samsung smartphones, which could lead to a factory reset being triggered upon visiting a website containing malicious code. Phones confirmed to be affected included the Galaxy S2, Galaxy Beam and Galaxy Ace. Our testing on various Galaxy S3 models was inconclusive, though. Some models seemed vulnerable, while others were immune.

This morning, we have official confirmation from Samsung that Galaxy S3's around the world should indeed be protected from this exploit, assuming they're running the latest software update.

"We would like to assure our customers that the recent security issue concerning the GALAXY S III has already been resolved through a software update.

We recommend all GALAXY S III customers to download the latest software update, which can be done quickly and easily via the Over-The-Air (OTA) service."

Like Samsung, we always recommend keeping your phone up-to-date with the latest firmware. So if your Galaxy S3 phone is up-to-date, you shouldn't have anything to worry about. Of course, there's nothing in that statement about Galaxy S2-class devices, which our own tests, and reports from readers, have shown are still very much at risk from this latest vulnerability. We're sure Samsung will be hurriedly preparing updates for those devices, now that this exploit method is out in the open. Nevertheless, we'll update you with any new info they provide on the Galaxy S2 or other phones.

In the meantime, if you're still concerned that your Samsung phone may be vulnerable to the USSD bug, you can check our quick, easy USSD vulnerability test to see if you're protected or not.

Read more and comment

 
1 year ago

O2 UK to sell upcoming HTC flagship phone without charger

29

If you're anything like us, you'll have plenty of wall chargers left over from devices you've long since parted company with. Observe above, the battered husk of our two and a half year-old HTC Desire charger, still in service today. Knowing that many older chargers are still in use, O2 UK and HTC have decided to take a radical step to cut down on waste, and presumably save a bit of cash at the same time. 

The two are to offer an upcoming, unnamed HTC flagship device with a microUSB cable, but no charger, in an effort to improve their green credentials. The operator claims that 70 percent of all phone buyers already have a "relevant charger" at home. And according to a report on UK tech site Pocket-Lint this morning, O2 and HTC are serious about this latest endeavor.

"I have a simple vision for O2: we want to take chargers out of boxes full stop," said Ronan Dunne, CEO of O2. "Right now, O2 with HTC has to go it alone on this matter - we both believe in it passionately enough that we can’t wait for the industry as a whole to join us in this crusade. That said, we hope that we will be able to pave the way for others to follow us as this has to be a collective effort if we are to achieve the bigger aim of eliminating chargers sold with every new phone in the UK."

We're all for cutting down on unnecessary waste, but from our perspective, the most interesting thing about this story is that it tacitly confirms that we're due a new HTC flagship in the weeks ahead, and that O2 will offer it. The fact that the device itself is unnamed suggests it's yet to be announced -- possibilities include the rumored One X+ and One X 5. We'll be watching with interest to see what devices emerge from HTC and O2 as 2012 draws to a close.

Source: Pocket-Lint

Read more and comment

 
1 year ago

Texas Instruments getting ready to shift away from the smartphone chip business

21

Texas Instruments, possibly better known by most for their calculators than their smartphone chips, looks to be shifting away from the business of providing systems on a chip for smartphones and tablets. Some of the bigger names in processors, like Qualcomm and Samsung, have really run away with the top-of-the-line chip business, which has put TI in a tough position. Looking into the future, TI plans to move its focus from smartphones to hopefully more profitable areas such as the industrial and automobile sectors. Executives at the company indicate that they know the growth and profits may not be as strong as the smartphone arena, but should provide better stability in the long run.

Its really unfortunate to see TI move away from smartphones, as its chips have powered some of the best devices on the market, most recently the Samsung Galaxy Nexus and range of Kindle Fires. Instead of the next generation OMAP 5 platform competing for placement in tomorrow's smartphones, we may be looking at a market almost completely dominated by Qualcomm and Samsung chips.

Source: Reuters

Read more and comment

 
1 year ago

Jelly Bean factory images now available for the Verizon Galaxy Nexus

7

A few days back Verizon finally got the LTE Galaxy Nexus updated to Jelly Bean, and that means new factory images to play with. Google has updated the Nexus factory image page to include build JRO03O, which is unadulterated, pure Android and frankly sexy as hell. Ask anyone who just got the update -- Jelly Bean brings the Galaxy Nexus right up to the front of the smartphone pack, even with the "dated" hardware of the year-old Galaxy Nexus.

So, what does all this factory image stuff mean? Don't worry, it's nothing you have to fool with if you don't want to. It's a set of disk images that are flashable directly to the Galaxy Nexus hardware, to bring the phone back to a fully updated factory state. Think of it as a fail safe incase things get so screwed up that the path back is gone. It's great for hackers and flashers, but it's also a good thing to have on hand for regular folks as well. If you ever need them, there's people in the Verizon Nexus forums who enjoy nothing better than flashing phones, and they're ready to guide you. Hit the source link for the download.

Source: Google

Read more and comment

 
1 year ago

Water-resistant, LTE-connected Sony Xperia V tipped for December launch

12

As Sony prepares to launch the Xperia T in the UK this week, eyes are already on the T's quirky sibling, the Xperia V. Unveiled alongside the Xperia T at IFA last month, the V boasts water resistance and LTE connectivity, in addition to similar internals to the Sony flagship. The screen's been shrunk down to a 4.3-inch panel, although the resolution remains the same, at 1280x720.

Today a Swedish retailer has given us our first tentative Xperia V release date and price point. Dustin.se is now listing the Xperia V as available for pre-order, with a price tag of SEK 4299 (around $650) and a release date of Dec. 3. That's a long time to wait for Sony fans, who'll have plenty to tempt them in the fourth quarter. We'll be crossing our fingers for an earlier release, as it's not every day you see LTE, a 720p screen and water resistance in a single handset.

Tempted by a high-end waterproof device like this? Shout out in the comments.

Source: Dustin.se, via: XperiaBlog

Read more and comment

 
1 year ago

How to tell if your Samsung phone is vulnerable to today's USSD hack

156

A quick way to tell if your Samsung phone is at risk, and what to do if it is 

There's a lot of confusion as to exactly which Samsung phones are affected by today's big scary USSD vulnerability, which could cause some phones to factory reset themselves upon visiting a malicious web page. Some Galaxy S2 and S3-class phones are susceptible, others less so. In some cases it depends if you're running the latest firmware or not. In others, there's no patched firmware available yet.

Samsung will surely be hard at work rolling out fixes for devices that remain susceptible, but in the meantime we've got a quick, easy to tell if your phone is at risk, without taking the plunge and running the malicious code itself. Find out more after the break.

Read more and comment

 
1 year ago

Ice Cream Sandwich finally coming to the Motorola Atrix 2 - but first, a soak test!

18

Update: We've confirmed that this, indeed, is the Ice Cream Sandwich soak test. Huzzah!

Good news, everyone! Maybe. There apparently is a soak test going out for the Motorola Atrix 2 this afternoon. Is it the long-awaited Ice Cream Sandwich update? Dunno, and Motorola's site still just says "Further plans coming soon." We'll keep our fingers crossed, though.

Here's the text of the message:

Thanks for signing up for the Atrix 2 software test. Our apologies for the delay in starting this test! The software will begin to be pushed out later this afternoon; however, it may take several hours for all targeted devices to receive the update.

We're eager to hear your feedback. Please share your experience on the private community provided, and via the survey I will send out after you've had some time to work with the software.

To ensure we hear you, please follow these guidelines:

  • Please post all your feedback in our private community (link below). This also where you'll find help during the soak.
  • Please do not call or contact Motorola, AT&T or your carrier support for help during the soak. Those teams are not yet ready to support this software.
  • I'm not able to check private messages on the forums during soaks, so if you need immediate help that's not a good route to take. Post in the community instead.
  • If you have any problems accessing the private community, please click here for help.
  • Please do not post questions publicly, on our site or elsewhere.

Please start your visit to the private community here. You'll find additional important information in the Welcome message as soon as you sign in. (Note that you will not be able to post in the public communities during the soak test.)

Thanks so much for your participation! We really appreciate your time and insights.

Keep your ears to the ground, folks.

More: Atrix 2 forums; Thanks, anon

Read more and comment

 
1 year ago

Sony Xperia acro S now available unlocked in the U.S.

7

The Xperia acro S has been hanging out in the Sony online store for a few weeks marked as coming soon, and today it goes on sale for $599.99 unlocked. 

Just as a reminder, the Xperia acro S is a solid mid-range phone with respectable (if not top-of-the-line) specs. 

  • 4.3-inch 1280 x 720 display
  • 1.5 GHz dual-core Qualcomm processor and 1 GB of RAM
  • Android Ice Cream Sandwich
  • 11.9 mm thin
  • 12.1 megapixel camera with LED flash
  • Waterproof coating

You can get a quick glimpse of the device over here in our hands-on time at IFA, or dive into the official product page. The Xperia acro S definitely looks like a high-grade piece of equipment, but how many people will realistically be buying it unlocked? How much longer will it be until we hear some carrier announcements? Would any of you be interested in picking this one up if it was subsidized? 

Anyone with the coin can pick up the Sony Xperia acro S online here with black and white models available. 

Read more and comment

 
1 year ago

Major security vulnerability in some Samsung phones could trigger factory reset via web page

65

Update, 09/26: Samsung has told us that the latest Galaxy S3 firmware fixes this exploit. Our own testing has shown other phones, particularly Galaxy S2 models, may still be at risk, however. If you're still concerned, you can check our USSD vulnerability test to see if your phone is vulnerable.

A major security vulnerability has been discovered in some TouchWiz-based Samsung smartphones, including the Galaxy S2 and certain Galaxy S3 models on older firmware. The bug was first demonstrated days ago by security researcher Ravi Borgaonkar at the Ekoparty security conference. It involves the use of a single line of code in a malicious web page to immediately trigger a factory reset without prompting the user, or allowing them to cancel the process. Even more serious is the possibility that this could be paired with a similar glitch to render the user's SIM card inoperable. And as the malicious code is in URI form, it can also be delivered via NFC or QR code.

Our Verizon Galaxy S3 was not reset by the malicious code embedded in a web page, though we were able to trigger a reset using similar code tied to a hyperlink. Mobile dev Justin Case tells us the issue is fixed in the latest AT&T and international Galaxy S3 firmwares, though devices that have not been updated may remain vulnerable. Others have reported that devices like the Galaxy Ace and Galaxy Beam are also affected. As far as we can tell, though, the bug does not affect Samsung phones running stock Android, like the Galaxy Nexus.

The vulnerability is the result of the way the native Samsung dialer app handles USSD codes and telephone links. USSD codes are special combinations of characters that can be entered in the keypad to perform certain functions, like enabling call forwarding, or accessing hidden menus on the device. On Samsung phones, there's also a USSD code for factory resetting the phone (and presumably another for nuking your SIM). This, combined with the fact that the dialer automatically runs telephone links that are passed to it by other apps, results in a particularly nasty issue for anyone unfortunate enough to run by a malicious web page.

There are, of course, other applications of this glitch -- for example, the ability to automatically run numbers through the dialer could be used to call premium-rate phone numbers. But the fact that just visiting a web site could factory reset your phone, wipe your internal storage and nuke your SIM is a very serious issue. So we'd advise you update your software if you're running an S3, and if you're not, we'd recommend using a third-party dialer like Dialer One until all this has blown over.

We've reached out to Samsung for comment on this issue, and we'll keep you updated with any information they provide.

Source: @Paul Olvia; via SlashGear, @backlon, @teamandirc

Read more and comment

 
1 year ago

Samsung Galaxy Note 2 coming to UK on Oct. 1

13

Samsung has announced that its latest smartphone/tablet hybrid, the Galaxy Note 2, will land on British shores next Monday, Oct. 1. Like the Galaxy S3 and Galaxy Note 10.1 before it, the Note 2 will be available first at the Samsung brand store at the Westfield shopping center in Stratford, London, as well as major UK networks, and independent retailers. That roughly fits with what we were hearing yesterday from Phones4U, which expects to fulfill Note 2 orders from Oct 2.

The Galaxy Note 2 will become the first major non-Nexus Android device to hit store shelves with Android 4.1 Jelly Bean. And with a 1.6GHz quad-core Exynos CPU and 2GB of RAM, it's no slouch in terms of hardware specs either. Like its predecessor, the Note 2 comes with a Wacom-based Samsung "S Pen," which this time around has been redesigned for easier grip and better on-screen action. For more on the Galaxy Note 2, check out our hands-on coverage from IFA.

Samsung informs us that the Note 2 will be available in both marble white and titanium grey colors, so it looks like there'll be no waiting around for secondary color options, as was the case around Galaxy S3 launch time.

Anyone picking up a launch day Galaxy Note 2 in the UK? Hit the comments and let us know. We've got today's press release in full after the break.

Read more and comment

 
Show More Headlines

Pages