Tuesday, 25 September 2012

Staggering security flaw on Samsung Galaxy range

A hacker has found a way to seriously damage your Samsung phone - including the Galaxy S2 and S3. The hacker can:

  • Reformat your phone (destroying all data on it)
  • Destroy your SIM, requiring you to buy a new one from your telco
  • Change your PIN code
  • And a whole lot more.
How can this occur:
  • You visit a web page or view an email message and click a malicious link
  • S/he texts you a malicious link via WAP (and you don't even have to be present and click a link - the damage happens automatically and immediately) 
  • You scan a QR barcode
The common feature is that the link URI - it starts "tel". This is picked up by Samsung and passed to the Messaging client, which interprets the URI as a command, typically by running a device management feature. Samsung in its infinite madness has a whole lot of commands, and no prompts. 

This is frightening.

Luckily you can block this switching off the 'feature' that runs these commands automatically - it's called 'Service Loading'. Follow these instructions:
  1. Open the Messaging client
  2. Bring up the menu
  3. Click on the Settings menu item
  4. In the menu screen that appears, scroll down into the "Push message settings". You will see "Push Messages" and "Service Loading"
  5. Tap the "Service Loading" menu item, a list of options appears: Always, Prompt, Never
  6. Choose Never or Prompt
My advice to Samsung device owners: Do this right now. Very soon people will start placing these links on web sites, spam and even messaging these commands to your phone.

Message to Samsung: I understand why you would want such device management features on a phone. It allows you to optimise your manufacturing and support, decreasing your costs. But allowing these to be run automatically and remotely? What on earth were you thinking? Please place competent security professionals in your OS customization teams and conduct a full review.

UPDATE 27th Sept

Samsung have released an over-the-air patch for the Galaxy SIII with more devices to follow. For those on other devices, Collin Mulliner has released TelStop into the Google Play app store. Download, install, and TelStop will catch those nasty URIs.

Tuesday, 11 September 2012

java.sql.SQLException: - ORA-01000: maximum open cursors exceeded

I answered a question on StackExchange about Oracle ORA-01000 errors. The answer raised more questions; the answer to the new questions raised more questions. So, here is a consolidated guide to ORA-010000. It assumes a working knowledge of Java, JDBC and SQL:

ORA-010000

ORA-01000, the maximum-open-cursors error, is an extremely common error in Oracle database development. In the context of Java, it happens when the application attempts to open more ResultSets than there are configured cursors on a database instance.

Common causes are:
  1. Configuration mistake
    • You have more threads in your application querying the database than cursors on the DB. One case is where you have a connection and thread pool larger than the number of cursors on the database.
    • You have many developers or applications connected to the same DB instance (which will probably include many schemas) and together you are using too many connections.
    • Solutions:
  2. Cursor leak
    • The applications is not closing ResultSets (in JDBC) or cursors (in stored procedures on the database). Cursor leaks are bugs and increasing the number of cursors on the DB simply delays the inevitable failure.
    • Solution: Fix the bug. Find leaks can be found using static code analysis, JDBC or application-level logging, and database monitoring.
More below the break...