well-temperedforum.groupee.net    The Well-Tempered Forum  Hop To Forum Categories  Off Key    Security Flaws in Samsung's Chips

Moderators: QuirtEvans, pianojuggler, wtg
Go
New
Find
Notify
Tools
Reply
  
Security Flaws in Samsung's Chips
 Login/Join
 
Minor Deity
Picture of Axtremus
posted
https://techcrunch.com/2023/03...chips-flaws-android/

Google publicly warns about severe security flaws in Samsung chips, claiming that the flaws can be exploited without user interaction, that merely knowing the phone's number is enough to let a hacker exploit the flaws.

It's the modem's baseband processing unit.


--------------------------------
www.PianoRecital.org -- my piano recordings -- China Tune album

 
Posts: 12682 | Registered: 01 December 2006Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of Steve Miller
posted Hide Post
As a friend remarked the other day:

“Samsung should stick to making phones.” And


--------------------------------
Life is short. Play with your dog.

 
Posts: 34846 | Location: Hooterville, OH | Registered: 23 April 2005Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of CHAS
posted Hide Post
My television is Samsung. Neither the Comcast remote or the Roku remote will work with it. From googling Samsung seems to be the worst with this problem.
Samsung custormer service is also poor.


--------------------------------
Several people have eaten my cooking and survived.

 
Posts: 25677 | Location: Still living at 9000 feet in the High Rockies of Colorado | Registered: 20 April 2005Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of wtg
posted Hide Post
Mr wtg has a bottom of the line Samsung phone; it's not on the list of ones with a chip issue. If it was and we had to switch off wifi calling, we'd be in trouble because the cellular signal in our neighborhood is totally awful.

We have three Samsung TVs with Comcast and Roku, and they all play nicely with each other. I'm a pretty good troubleshooter and my consulting fees are reasonable for anyone who might need assistance... Hi


--------------------------------
We are all visitors to this time, this place. We are just passing through. Our purpose here is to observe, to learn, to grow, to love… and then we return home. - Australian Aboriginal proverb

Bazootiehead-in-training



 
Posts: 37786 | Location: Somewhere in the middle | Registered: 19 January 2010Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of CHAS
posted Hide Post
quote:
Originally posted by wtg:
Mr wtg has a bottom of the line Samsung phone; it's not on the list of ones with a chip issue. If it was and we had to switch off wifi calling, we'd be in trouble because the cellular signal in our neighborhood is totally awful.

We have three Samsung TVs with Comcast and Roku, and they all play nicely with each other. I'm a pretty good troubleshooter and my consulting fees are reasonable for anyone who might need assistance... Hi


ROTFLMAO


--------------------------------
Several people have eaten my cooking and survived.

 
Posts: 25677 | Location: Still living at 9000 feet in the High Rockies of Colorado | Registered: 20 April 2005Reply With QuoteReport This Post
Minor Deity
Picture of Axtremus
posted Hide Post
quote:
Originally posted by wtg:
Mr wtg has a bottom of the line Samsung phone; it's not on the list of ones with a chip issue. If it was and we had to switch off wifi calling, we'd be in trouble because the cellular signal in our neighborhood is totally awful.


The security flaws are in the Exynos modem chips that handle the cellular function. Turning off the cellular function and keeping all your calls and data on Wi-Fi will actually protect you from these security flaws. Big Grin


--------------------------------
www.PianoRecital.org -- my piano recordings -- China Tune album

 
Posts: 12682 | Registered: 01 December 2006Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of wtg
posted Hide Post
Out of my technical wheelhouse here and I only skimmed the article...why does Google say this? (from the article)

quote:
Until affected manufacturers push software updates to their customers, Google said users who wish to protect themselves can switch off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings, which will “remove the exploitation risk of these vulnerabilities.”


--------------------------------
We are all visitors to this time, this place. We are just passing through. Our purpose here is to observe, to learn, to grow, to love… and then we return home. - Australian Aboriginal proverb

Bazootiehead-in-training



 
Posts: 37786 | Location: Somewhere in the middle | Registered: 19 January 2010Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of Steve Miller
posted Hide Post
Oh. It does affect phones. Lots of phones, apparently. Frowner

But I wonder why anyone would hack a phone. What would be the point? Is there data on a phone that can be resold?

I wonder the same thing about WiFi. My SIL-the IT-guy thinks my WiFi password is too weak. If someone guesses it, what can they do with it?


--------------------------------
Life is short. Play with your dog.

 
Posts: 34846 | Location: Hooterville, OH | Registered: 23 April 2005Reply With QuoteReport This Post
Minor Deity
Picture of Axtremus
posted Hide Post
Has to do with “voice over IP” that at some level unifies “voice carried as data over Wi-Fi” and “voice carried as data over cellular.”

Google managed to narrow the problem down to certain “voice over IP” functions rather than implicating the entire modem baseband function (which was my old, not apparently wrong and outdated, reading at the time).

Had it still been the entire (cellular) modem baseband function that’s implicated, then switching the entire cellular function off would have been one way to avoid the security vulnerabilities.


--------------------------------
www.PianoRecital.org -- my piano recordings -- China Tune album

 
Posts: 12682 | Registered: 01 December 2006Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of QuirtEvans
posted Hide Post
quote:
Originally posted by Steve Miller:
Oh. It does affect phones. Lots of phones, apparently. Frowner

But I wonder why anyone would hack a phone. What would be the point? Is there data on a phone that can be resold?

I wonder the same thing about WiFi. My SIL-the IT-guy thinks my WiFi password is too weak. If someone guesses it, what can they do with it?


In theory (and I don't know whether this is true in the real world), anyone who can penetrate your WiFi network can see all the URLs you look at and everything you send out and receive ... including passwords, banking information, etc.

Whether that's true in an https environment, well, that's where my knowledge stops. I should probably know these things.
 
Posts: 45725 | Registered: 20 April 2005Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of QuirtEvans
posted Hide Post
This is the first thing that I found:

https://www.aura.com/learn/can...%20account%20details.
 
Posts: 45725 | Registered: 20 April 2005Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of QuirtEvans
posted Hide Post
Here's what the FTC says:

quote:
In the past, if you used a public Wi-Fi network to get online, your information was at risk. That’s because most websites didn’t use encryption to scramble the data and protect it from hackers snooping on the network.

Today, most websites do use encryption to protect your information. Because of the widespread use of encryption, connecting through a public Wi-Fi network is usually safe.

How do you know your connection is encrypted? Look for a lock symbol or https in the address bar to the left of the website address. This works on a mobile browser, too. It can be hard to tell if a mobile app uses encryption, but the majority do.


https://consumer.ftc.gov/artic...e-what-you-need-know
 
Posts: 45725 | Registered: 20 April 2005Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of Steve Miller
posted Hide Post
My banking sites all require two-step authentication these days.

Does that help solve the problem?


--------------------------------
Life is short. Play with your dog.

 
Posts: 34846 | Location: Hooterville, OH | Registered: 23 April 2005Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of wtg
posted Hide Post
For your weak password...used to be people would drive around neighborhoods and look for wifi signals. Lots of people didn't change the factory password or the SSID, so it could be pretty easy to guess the password and get access to the network in your house. Of course over time people automated the password guessing part. So the stronger the password, the less likely you'll get hacked. Another option is to turn off the broadcasting of your SSID so other people can't see the name of your network.

https://www.lifewire.com/disab...eless-routers-816569

Then there were the people who monitored unsecured networks in public places and were able to intercept traffic. I think what the article is saying is that more websites use encryption, which makes it harder to sneak a peek at what people are doing. I tend not to look at the lock symbol in my browser, except when I go to a new site that I haven't visited before.

For more about encryption, check out HTTPS Everywhere:

https://www.eff.org/https-everywhere

Even two-factor authentication isn't bullet-proof. There's SIM swapping:

https://us.norton.com/blog/mobile/sim-swap-fraud

At the end, we are left with...



https://www.youtube.com/watch?v=JW5bcI0ADCY


--------------------------------
We are all visitors to this time, this place. We are just passing through. Our purpose here is to observe, to learn, to grow, to love… and then we return home. - Australian Aboriginal proverb

Bazootiehead-in-training



 
Posts: 37786 | Location: Somewhere in the middle | Registered: 19 January 2010Reply With QuoteReport This Post
  Powered by Social Strata  
 

    well-temperedforum.groupee.net    The Well-Tempered Forum  Hop To Forum Categories  Off Key    Security Flaws in Samsung's Chips