Samsung ‘1’ Notification Was a Data Breach After All

Reading Time: 3 minutes.

Samsung notification from last week, just a "1 1"Are you a Samsung user? You might have gotten a strange notification last week simply saying “1 1.” The notification came from an app called “Find My Mobile,” an app that’s pre-installed on all Samsung devices, and can’t be uninstalled without rooting your device.

Samsung was quick to say that there was nothing to worry about. They said they were just conducting internal tests and accidentally sent out a notification. This still set off a few alarm bells. Many users who received the notification disabled the app. While they couldn’t delete Samsung’s app, they were able to disable it. This should have been enough to prevent notifications from the app from showing up. After all, if the app is actually disabled, how could it respond to a notification? Yet here they were with a mysterious notification.

As it turns out, there was far more to the story than just Samsung secretly enabling apps that users had disabled. The notification was the result of a breach, not internal testing, as Samsung initially claimed.

Disabling Apps

As an Android user and developer, I have to touch on this first. Now, fret not, Android is just my profession, I don’t use an Android device as my personal primary device. Your girl still has some taste, after all. However, ribbing aside, I was appalled to hear this. For Apple’s customers, some explanation is required. Often, Android phones come with lots of bloatware. This will come from the manufacturer as well as the cellular company, and anyone they made a deal with. If Amazon paid your phone’s manufacturer to get their app on your phone, you’re not getting it off without rooting your device. That’s basically jailbreaking-lite, it’s far more simple than jailbreaking, but it’s not for the tech-illiterate.

So, let’s say you don’t want to root your device. Some apps detect rooting and won’t work if you’ve rooted your device, so it’s understandable. But perhaps you don’t want all that bloatware sending you notifications, using your data, and wasting your battery life. Naturally, you’ll want to disable it. Unlike Samsung’s horrifically annoying and useless Bixby, you can disable pre-installed apps. It’s your only defense against their evil ways without rooting. It’s that thing that makes you feel “free” as an Android user, not trapped like one of those iOS users (who can actually disable Apple apps, by the way).

You see, as it turns out, Samsung wasn’t actually disabling these apps. They may have simply been turning off everyday notifications, but, as this shows, they still could access your device through those apps. Yes, access your device. Samsung wouldn’t answer questions about the full capabilities of this app that can’t actually be disabled, but claims to do so.

Frankly, Samsung was lying to their users, forcing an app on them and claiming it could be disabled when that clearly wasn’t the case, and that app may have deep-reaching capabilities.

The Breach

When people, concerned that their account may have been hacked, logged on to Samsung’s website, they found something even more troubling: other people’s data. If you log in and see someone else’s personal information, that means someone else is logging in and seeing your information. Furthermore, it means Samsung isn’t encrypting your personal information with your password, meaning they’re extremely vulnerable to attacks and breaches. Like this one.

Despite trying to brush it off as an internal test earlier, Samsung confessed. Somewhat. They’re still not saying exactly what happened, or how customers could see other people’s data. If they did, would you believe them? They lied about disabling apps and about the supposed “testing,” what else could they lie about?

Samsung’s not giving us all the details, but what they have admitted is that a number of users have been able to see and potentially download data for other customers. This can include personal information. Samsung says the issue is fixed, but it reveals exceedingly lax security on their end.

Lax security, apps that can’t even be disabled, and potential personal data tracking.

At this point, why would you trust Samsung about anything, let alone your phone?


UPDATE:

Samsung is now reporting that the hack and and ‘1’ notification are actually unrelated. It’s just a coincidence that the hack and the notification happened at the same time. Furthermore, they have no explanation as to how a disabled app is still receiving notifications.


Sources: