With parties such as Apple keeping strict and improving security risks you would think the competition would do the same. Not true with the Samsung Galaxy SIII though as discovered in Samsung’s S-Memo app that shows your passwords in plain text, and if someone knows where the file is stored and how to access that file. They can read it. With the GS3 being the most popular Android smartphone it’s quite a shock that the security is so low, on such a high profile device.
If you have rooted your Android smartphone, then you should already know that all bets are off with vulnerabilities, just like with desktop Linux where you can break whatever you want and the OS can do almost nothing to stop you. S-Memo SQLite files can only be accessed by those who have rooted. Once you have access to the files though, you can now pull off Google passwords and you can bet that it won’t be encrypted either. The person can simply copy and paste to use your password to get into anything they’d like.
While not that many people actually root their Android phone, it still brings a big risk to give access to a malicious user to get control of your Google account. With the obvious security breach door wide open we hope Samsung will update their S-Memo app to protect and encrypt passwords, rather than displaying them in plain sight.
