During a recent security conference in South America, a Berlin-based researcher revealed that Samsung has a major problem with its iPhone challengers, the Galaxy 3 and Galaxy S2 smartphones.
Both can easily be remotely wiped by code embedded in a web page.
Ravi Borgaonkar found that the Galaxy’s “service loading” feature, its method of communicating with application servers, can be exploited with just one line of code tucked away in a web page’s HTML. If the attack is successful, the malicious code reverts the phones to their factory settings. Worse still, once the attack begins, the phone’s user can’t do a thing about it.