azrienoch · Nov 15, 2011 at 12:00 am

Location Security Exploit on Samsung Devices

XDA Recognized Developer pedrodh recently identified an exploit in Samsung devices running AccuWeather, and developed an app for demonstration.  The app can poll your location without granting any permissions–not even Superuser permissions–using two lines of code.

As a system app, AccuWeather is automatically granted access to your GPS settings.  There are two ways to avoid giving away your location.  Under the AccuWeather settings you can set your location manually.  The developer recommends some remote village in China.  Unless, of course, you live in a remote Chinese village.  The second way is to gain root access to your Samsung device and remove the widget entirely.

The developer provides those two lines of code if you want to create your own app, or you can use his.  Hopefully this demonstration is enough to alert less enthusiastic Samsung users to where they are vulnerable.

Originally posted by pedrodh
The problem is even more serious than I first though, because you only need to have the widget on the launcher once, and that info will remain in the system informations when you remote it from the launcher, even across reboots or even if you clear the widget’s data and cache (pretty scary :S). Sometimes (I don’t know why exactly yet) the info goes away for good, but only if you don’t have this widget on your launcher!

Please see the development thread for more information.


_________
Want something on the XDA Portal? Send us a tip!
Jimmy McGee · Jan 30, 2015 at 06:00 am · no comments

Note 4 CM12 Nightlies, Microsoft Investing in Cyanogen – XDA TV

CyanogenMod 12 Nightlies are now available for the Samsung Galaxy Note 4! That and much more news is covered by Jordan when he reviews all the important stories from this week. Included in this week's news is the announcement of factory images for the YU Yureka and be sure to check out the article talking about Microsoft investing in Cyanogen, Inc! That's not all that's covered in today's video! Jordan talks about the other videos released this week on XDA...

XDA NEWS
Mario Tomás Serrafero · Jan 29, 2015 at 04:28 pm · 4 comments

Microsoft To Invest in Cyanogen’s Future OS War?

Reports indicate that Microsoft is investing in the rogue Android forker Cyanogen. The funding round is said to be upwards of $70 million, and could allow for a cooperation between Cyanogen and the Silicon Valley giant in the ongoing battle of mobile operating systems. This could be a strategic movement in coordination with other investors given Cyanogen's expression of rebellion against Google's tightening control over Android, as the custom ROM maker has recently spoken out against the "tyranny" of Google in regards...

XDA NEWS
Mario Tomás Serrafero · Jan 29, 2015 at 02:29 pm · 2 comments

Samsung Cutting Bloat, Trimming TouchWiz

Reports keep iterating over the rumors that Samsung has been trimming down TouchWiz for its upcoming devices. After years of customer complaints, particularly from power users, Samsung seems to finally have taken initiative towards cracking down the stutters that often plague some of its devices, particularly older ones or those that see a long life without clean-ups. But even handsets like the Galaxy S5 managed to be outperformed by low range devices. Android enthusiasts as a whole took disdain in Samsung's...

XDA NEWS