Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Android Bug Cellphones Handhelds Security

LG G3 'Snap' Vulnerability Leaves Owners At Risk of Data Theft (betanews.com) 39

Mark Wilson writes: Security researchers have discovered a vulnerability in LG G3 smartphones which could be exploited to run arbitrary JavaScript to steal data. The issue has been named Snap, and was discovered by Israeli security firms BugSec and Cynet. What is particularly concerning about Snap is that it affects the Smart Notice which is installed on all LG G3s by default. By embedding malicious script in a contact, it is possible to use WebView to run server side code via JavaScript. If exploited, the vulnerability could be used to gather information from SD cards, steal data from the likes of WhatsApp, and steal private photos.
This discussion has been archived. No new comments can be posted.

LG G3 'Snap' Vulnerability Leaves Owners At Risk of Data Theft

Comments Filter:
  • by Anonymous Coward

    When you use javasscript in places it shouldn't, thats what you get. Next up, javascript based self driving cars.

  • Stop using your phone's in-house launcher.
  • by Overzeetop ( 214511 ) on Sunday January 31, 2016 @05:07PM (#51410539) Journal

    ...it should be patched by early February. In the year 2245.

    Well, unless you have your G3 on Verizon, then you might just need to leave a note for Buck Rogers so that he can apply the patch. when it comes out.

    • ...it should be patched by early February. In the year 2245.

      And this is why LG is losing me as a customer. They drag their feet with every single security update, probably to "encourage" owners to upgrade. You'd think that they could afford to hire someone just to take care of the occasional security patch and update. That and they should be sued for their phones overheating because of the 810 processor. As good as the LG G4's camera is, Samsung's is on par with it and other's are catching up as well.

      • My G4 has been running marshmallow from the carrier's ota update for close to a month, it was one of the first phones in the states to get it. My G3 before it also got lollipop very quick, among the first phones to get it as well. The G4 uses the snapdragon 808, not 810, by the way. I used to be a Samsung user until I broke my galaxy s4 and decided to try out LG... I was tired of touchwiz, tired of the physical home button and capacitive keys... When I broke my galaxy s4, I looked at YouTube videos on repai
  • All they have to do is wait for the user to upload them to facebook.

Make sure your code does nothing gracefully.

Working...