Root users: Data could be at risk

[Sayasugizo]

I didn't know where to put this thread so I put it here. Feel free to move its rightful place. So here is an article I found on Phone Arena involving Samsung Galaxy S3 users.

Samsung S-Memo is insecurely storing your Google Account credentials. Root users: Samsung S-Memo is insecurely storing your Google Account credentials

 

[DragonSlayer95]

Very interesting since I'm considering switching to an s3 next week and that I'm an avid root user too

 

[airtioteclint]

I don't use S Memo so this may be a dumb question but. Where does S Memo store this data and how would people access it?? Is it sent to some database somewhere?

 

[Sayasugizo]

I don't use S Memo so this may be a dumb question but. Where does S Memo store this data and how would people access it?? Is it sent to some database somewhere?

Sorry, I don't know answer(s) about it. I just thought it's something you guys would want/like to know.

 

[airtioteclint]

Sorry, I don't know answer(s) about it. I just thought it's something you guys would want/like to know.

Gotcha. Hopefully somebody can fill us in more. I think I deleted S Memo the first day.

 

[Rxpert83]

Its stored locally on your phone. You'd be surprised how many big name apps have done this in the past. IM typing from one now that used to do it.

Anyway, the data is readable for by app given root (superuser) permissions that is programmed to search for it. Aka not any at all at the moment but its a risk nonetheless.

I'd expect Samsung to patch this shortly. Wouldn't be a difficult fix.


I'll leave this in the general s3 forum for now since there's no reason for 5 different threads

 

[SUroot]

Don't forget, up until android 2.3.4, ALL your passwords were transmitted wirelessly in plain text...