Today, the use of different services, products and apps online as well as offline require a password. This is done to ensure the security of a user’s data. However, it has now transpired that the S-Memo app in Samsung Galaxy S III does not encrypt the passwords it accepts in anyway, thus putting user accounts in imminent danger.
Encrypting password is the first and the foremost thing that any digital vendor would do when accepting passwords from the users. It is like the first rule of digital security. And it is rather shocking that S-Memo app folks would forget it.
What is even more intriguing is that Samsung Galaxy S III is currently the most popular smartphone in the Android arena, with millions of units being sold so far. The security vulnerability in S-Memo app puts the accounts of these millions of users at risk.
You wouldn’t be able to normally get your password from the S-Memo app’s files. But once you root Galaxy S III, you are immediately in a position to dig up the file and retrieve your password which it contains in plain text.
This may not immediately affect the security of a lot of user accounts. But the fact remains that it is a very significant vulnerability which can be used to hack user accounts and much more. Samsung must be quick to patch this vulnerability in the S-Memo app.
Source: XDA Developers