Top Menu

Storing Passwords on Galaxy S3 is a Very Big Risk than You Think

In this advanced era of technology, we are excessively much dependent on the emerging smart phone technology. For our ease, we store our confidential data on the same smart phones that we use in our daily life’s. The confidential data can include your passwords, bank details, personal details, and much more. We store these things in the smart phone because we think that we are more secure than keeping or writing these details somewhere. If you think that you your data is secure in the expensive smart phone that you bought, think once again.

Recently, the market leader of Android Phones, Samsung Galaxy S3 was storing your passwords on a plain text file. This behavior was not done by any other App in Galaxy S3 than its own S-Memo App. It has been discovered that Galaxy S3 S-Memo built App has been storing your confidential data as a plain text in its SQL Database. This means, any one knowing the location of the file storage can easily get the hold of your confidential data and read it without any hustle or technical skills.

This issue is limited to those who have rooted their Samsung Galaxy S3 as noted by XDA Developers. When you root your Android Device, first you are voiding the warranty, second you are giving an open invitation to different kinds of Vulnerabilities to come and enjoy the confidential fun of yours. We mentioned earlier that the access to S-Memo Database is done only after rooting. Those of you are not rooted on Samsung Galaxy S3 are somewhat on the safe side.


How to Check if you are infected or not on Samsung Galaxy S3 S-Memo (Rooted Users only)

We don’t recommend you to root your Samsung Galaxy S3 because people without rooted Galaxy S3 are on safe side.

To check you need to be rooted and have SQLite editor installed.

Steps to check
1. Set up S-Memo to sync with your Google account
2. Use SQLite editor and navigate to /data/data/
3. Open the Pen_memo.db file and select the CommonSettings table. Look to see if your Google account info is stored in plain text.

However, the number of people affected by this vulnerability is relatively small and the issue has been captured at the initial stage. It is highly expected that Samsung will fix this issue as soon as possible because as the issue gets wider, it will give more opportunities to hackers to work out on this security hole and they can grab vast amount of information in not time.

Did you enjoy this article? If so, we’d love to hear your thoughts in the comments below. It would be great if you subscribed to our RSS feed or get signed up for email updates to get more goodness. There’s lots more where this came from!