Last year some time I got about half a dozen ‘test message’ notifications from a ride share app in the middle of the night. It’s a pretty easy mistake to make.
I got the '1' on one of my Samsung Galaxys before I saw this. I tried using FMP from another device on the same Samsung account. I got separate notifications regarding that it reported my location and reported nearby WiFi servers it could find.
I don't know the best way to handle customer worries after sth like this, but I'm sure "a samsung care ambassador replied on page 22" is not the best way.
At the very least, ensure that a google/bing/ddg/... search ends up in that thread, where a pinned note explains it.
I wouldn't be surprised if that's one of those unpaid / volunteer things -- you know, where the company allows one to provide free support to other customers for, um, the "prestige" or "recognition" or something. Dell used to do that with their forums and such, not sure if they still do.
Kinda like how years ago [0] folks who wanted you to design a web site for them for free would try to bullshit you into believing that "the exposure" would be worth waaaaaaay more than any money that they might pay you.
---
[0]: I'm assuming enough people finally said "FYPM" that this doesn't happen so much anymore but I would not be shocked to find out I'm wrong.
Almost certainly the former. Careful people need to be in charge and keep a tight leash on people who are careless until they are careful.
Also pre-emptive response to “something something about systems something cgpgrey”. At the end of the day we live in the real world with imperfections everywhere. Every system eventually boils down to trust in humans.
1 (number one) is popular in "injection" attacks as it is likely to go through and not throw an error. If you login as admin to your web based control panel and is greeted with an alert(1) you know you are fucked.
From a Samsung Care Abassador on page 22 of comments:
> Hey everyone,
> From what I can tell, this is a some test on Samsung's end to assure services are working. U expect Samsung will make an official statement explaining but I want to mention it now to hopefully put some of you at ease.
This notification comes from an app that is designed to tell a remote user where you are located. That was enough to spook me.
I dismissed the notification, deleted as much data from Samsung apps as possible, and turned my phone off.
Rough moment to be a Samsung executive. They're just about the only top smartphone manufacturer that doesn't manufacture the vast majority of their handsets in China so presumably they are in position to take some market share from the competition. Yet today we are seeing some fear about contagion in SK, and this very strange notification that -- benign or not -- is going to scare some users (e.g. me). I for one would like to see a formal statement made to the public.
This spooked me as well. I never used any of the Samsung apps on my phone and never created the Samsung account. Since apps come pre-installed, it was in the back of my head that Samsung could access the data anyway, but I dismissed it as company suicide to do something like this.
Since so many people received notification, it could be that some "Samsung God mode" exists.
However, Samsung represents approximately a third of the world's smartphone market, while LG is something like 3% -- tagging along behind Samsung, Huawei, Apple, Xiaomi, and Oppo.
While remote tracking, bricking, etc is very useful, I do not trust any company to make it secure enough, so the features becomes moot. It would be better if I could create a encryption key myself to be sure that only I had access to those features.
This also freaked me out in the morning. Right after that, I randomly heard about Google accusing Samsung of increasing the attack vector on their phones [1].
At least LineageOS's notification (2018) that they were going to use your phone to mine some custom crypto currency turned out to be a joke and not an error :) [0] Also freaked me out btw.
These companies have an insane amount of control, power and insight into our lifes via our telephones. When we see but a sliver of said power, we freak out.
I'm not an Android dev, but isn't it nothing about privacy or remote control (apart from sending the notification) contrary to the reactions in the comments?
AFAIK, Android/iOS push notifications works quite independently from the app itself. Even if the app is not running in the background the app server can send a message to Google/Apple (not to Samsung) and Google/Apple send the message to the device to show the message. Correct me if I'm wrong.
71 comments
[ 2.8 ms ] story [ 134 ms ] threadSounds pretty benign to me. I can think of a half dozen ways to accidentally do that (assuming an environment without adequate safeguards)
This is the bit that worries me.
I got the '1' on one of my Samsung Galaxys before I saw this. I tried using FMP from another device on the same Samsung account. I got separate notifications regarding that it reported my location and reported nearby WiFi servers it could find.
The '1' notification indicated no such detail.
It said
" 1 1 "
Not touching it.
Anyway I guess no one's targeting me personally, so I'll just wait for the post mortem.
At the very least, ensure that a google/bing/ddg/... search ends up in that thread, where a pinned note explains it.
Kinda like how years ago [0] folks who wanted you to design a web site for them for free would try to bullshit you into believing that "the exposure" would be worth waaaaaaay more than any money that they might pay you.
---
[0]: I'm assuming enough people finally said "FYPM" that this doesn't happen so much anymore but I would not be shocked to find out I'm wrong.
Also pre-emptive response to “something something about systems something cgpgrey”. At the end of the day we live in the real world with imperfections everywhere. Every system eventually boils down to trust in humans.
They do their testing and then hand over to deployment. After that they're out of the picture until the next update needs to roll out.
They can't have direct access to API keys for live apps in production.
> Hey everyone,
> From what I can tell, this is a some test on Samsung's end to assure services are working. U expect Samsung will make an official statement explaining but I want to mention it now to hopefully put some of you at ease.
> I hope this helps.
I dismissed the notification, deleted as much data from Samsung apps as possible, and turned my phone off.
Rough moment to be a Samsung executive. They're just about the only top smartphone manufacturer that doesn't manufacture the vast majority of their handsets in China so presumably they are in position to take some market share from the competition. Yet today we are seeing some fear about contagion in SK, and this very strange notification that -- benign or not -- is going to scare some users (e.g. me). I for one would like to see a formal statement made to the public.
Since so many people received notification, it could be that some "Samsung God mode" exists.
Samsung has already hit this sort of scandal with its smart televisions and nobody really cared.
https://www.cnet.com/news/samsungs-warning-our-smart-tvs-rec...
The expectation that the free market will keep companies from spying on us...well, it would be nice, but increasingly it seems to be wishful thinking.
But yes, LG did move South Korean production to Vietnam. Aside from these countries, LG also produces in Brazil and India: https://www.reuters.com/article/us-lg-elec-mobile/lg-electro...
However, Samsung represents approximately a third of the world's smartphone market, while LG is something like 3% -- tagging along behind Samsung, Huawei, Apple, Xiaomi, and Oppo.
https://www.androidcentral.com/samsung-accidentally-sends-ou...
(The link is from a korean forum)
https://clien.net/service/board/park/14612726
[1] https://www.zdnet.com/article/google-to-samsung-stop-messing...
https://news.ycombinator.com/newsguidelines.html
(this will be moot shortly, because I'm going to change the URL)
[0] https://www.androidauthority.com/lineageos-april-fools-85270...
AFAIK, Android/iOS push notifications works quite independently from the app itself. Even if the app is not running in the background the app server can send a message to Google/Apple (not to Samsung) and Google/Apple send the message to the device to show the message. Correct me if I'm wrong.
On IOS, the app developer has less control.