12-09-2017 10:25 PM
Evening all, can anyone let me know please when Samsung will release a patch for blueborne?
13-09-2017 02:42 PM
13-09-2017 03:04 PM
MHJ, you obviously have no clue what you are talking about and are dangerously ignorant about the situation.
You want details as to how the new exploit works? There you go: http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf?t=1505222709963
This is the technical documentation with all the details. Do your research instead of just brushing this off.
The vulnerability currently affects ALL Samsung devices and the only things you can currently do to 'fix' the problem is disabling bluetooth, which, needless to say, is an important feature for many users.
This is one of the most significant exploits seen in history as it allows full, privilidged, remote code execution without having to trick the user into anything or physically access the device.This could theoretically be turned into a worm spreading from one device to the next. The exploit has been acknowledged by Google, Apple, Microsoft and Linux and fixes have been published. But not by Samsung. It was clearly stated that the bug was communicated to Samsung in April and nothing has happened yet. This needs to be fixed ASAP. I also just tested my Galaxy S6 myself that just got an update 2 days ago and it is still vulnerable.
I will be turning off bluetooth for now and I recommend everyone to do the same until a fix is published. This is URGENT.
13-09-2017 03:14 PM
13-09-2017 03:14 PM
13-09-2017 03:18 PM
Okay, so you just admitted that you do not understand the problem and that you just blidnly trust companies to fix it, even though there is evidence that Samsung has not fixed the bug yet. I am sorry, but at this point I have to consider your opinion uninformed and irrelevant. In the mean time, more technically savvy users should continue to push Samsung for a fix ASAP.
13-09-2017 03:19 PM
You can check your devices using a tool Armis has released yesterday. You can install it on a phone and have it scan other devices per bluetooth for the vulnerability.
13-09-2017 03:21 PM
13-09-2017 03:32 PM
Maybe its a fake, ok. After digging some more into CVE/Bug details, im concerned too.
We will see clearer in the days coming.
13-09-2017 03:37 PM
Well, the bug has apparently been adressed by Google, Linux, Microsoft and Apple and there is detailed technical documentation available that could quickly be taken apart by any security expert. It therefore seems like this is very legit, unfortunately.
13-09-2017 04:58 PM
Found some proof:
https://usn.ubuntu.com/usn/usn-3413-1/
Sounds like this is not a fake.