back to article Dear Samsung mobe owners: It may leak your private pics to randoms

Samsung's Messages app bundled with the South Korean giant's latest smartphones and tablets may silently send people's private photos to random contacts, it is claimed. An unlucky bunch of Sammy phone fans – including owners of Galaxy S9, S9+ and Note 8 gadgets – have complained on Reddit and the official support forums that …

  1. Richard 12 Silver badge

    Or you're worried about the bill?

    MMS messages are incredibly expensive on most plans.

    1. Anonymous Coward
      Anonymous Coward

      Re: Or you're worried about the bill?

      Is that really the case these days? In Australia (not a country known for being a telecomms value leader) my $10 plan includes unlimited MMS to other Australian numbers.

      1. BinkyTheMagicPaperclip Silver badge

        Re: Or you're worried about the bill?

        In the UK MMS are less expensive than they were, but are not included in many mobile plans.. Vodafone is 45p for instance!

        1. grep-v

          Re: Or you're worried about the bill?

          The last time I sent an MMS it was 10 years ago and I don't think it reached its recipient.

        2. born_free_taxed_for_life

          Re: Or you're worried about the bill?

          Vodafone include mms for all my 300 odd connections

      2. katrinab Silver badge

        Re: Or you're worried about the bill?

        O2 charge 50p per message or £5.11 per month for a 50 message bundle. I'm pretty sure nobody uses it.

        1. James O'Shea Silver badge

          Re: Or you're worried about the bill?

          If one of the majors here tried to charge what O2 does, there’d be a revolt.

      3. Daniel 18

        Re: Or you're worried about the bill?

        "In Australia (not a country known for being a telecomms value leader) my $10 plan includes unlimited MMS to other Australian numbers."

        Lucky you. My plan includes 150 SMS messages (out) a month, 100 prime time minutes, free nights and weekends, no data, for only $30 but I had to threaten to drop the carrier to get a special plan.

    2. James O'Shea Silver badge

      Re: Or you're worried about the bill?

      Here in Deepest South Florida, just about all plans from just about all the major carriers feature unlimited texts. Data is a whole other thing. My T-Mobile plan gives me unlimited voice/texts in the US Canada, and (wall or no wall) Mexico. (T-Mob’s color is pink, not orange...) There is ‘unlimited’ data, but it slows to 3g after I use 5 GB/month. And tethering is 3G unless I pay extra, which I don’t. I haven’t had to pay for texts for the better part of a decade.

      1. David Nash

        Re: Or you're worried about the bill?

        It's not texts, it's MMS. Does anyone use them anyway? On the rare occasions that someone tried to send me one, it has hardly ever worked properly. Doesn't everyone use WhatsApp or something similar?

        1. BinkyTheMagicPaperclip Silver badge

          Re: Or you're worried about the bill?

          I do occasionally use MMS, usually only to my parents as it (generally) just works.

          Of course most of the time now on holiday they have both tablets and laptops, so e-mail is easier.

          1. Bernard M. Orwell

            So, have I got this right....?

            Provider pushes out an update that causes all your pictures to be sent, via MMS, to a random contact. Provider denies they did any such thing. Provider bills people for vast number of MMS sent at premium rates.

            Not a bad scam.

      2. steviebuk Silver badge

        Re: Or you're worried about the bill?

        MMS are different to SMS messages. Most providers in the UK include "unlimited*" sms in their plans. But pretty much none of them include MMS messages.

        *In the UK unlimited oddly doesn't mean what the fucking word means when it comes to phone and ISP providers. So there is a fair usage policy on most. I think Three's is max of 3000 SMS free on their "unlimited" plan. Why the UK government hasn't banned them from using the word unlimited when it's not is beyond me.

        1. onefang
          Gimp

          Re: Or you're worried about the bill?

          And apparently the bug was sending entire albums of photos, not just one or two random ones. With 64 GB phones, hooked up to 256 GB micro SD cards, that could be a very large amount of photos sent. Bill shock, and maybe something even more shocking if your phone sends GBs of your personal naughty photos to your mother or boss. Photos like this for instance ->

  2. Anonymous Coward
    Anonymous Coward

    Stasi Phone

    running Stasi O/S.

    1. Voland's right hand Silver badge

      Re: Stasi Phone

      Stasi was not about sharing.

      It shares.

      You should share. All of your private stuff. With the entire world.

      Sharing is caring you know.

  3. Anonymous Coward
    Anonymous Coward

    Now you don't even need to be hacked, photo leaking is built straight into your phone!

    1. Waseem Alkurdi

      It's not a bug; it's a feature!

      1. VinceH
        Holmes

        It is indeed - it's designed to discourage people, particularly teens, from taking dodgy selfies, on the basis that they'll never know who will end up seeing them.

  4. Waseem Alkurdi

    Incredibly pathetic, Sammy.

    Sueball incoming. And had I had this phone, from me too.

  5. Anonymous Coward
    Anonymous Coward

    My iPhone is fine.

    Just wanted to let you all know, in case you were worried.

    1. Anonymous Coward
      Anonymous Coward

      Re: My iPhone is fine.

      Because you have no friends?

      </obvious retort>

      1. Anonymous Coward
        Anonymous Coward

        Re: My iPhone is fine.

        "Because you have no friends?

        </obvious retort>"

        More likely because it's switched off and buried underneath the swimming pool.

    2. Waseem Alkurdi

      Re: My iPhone is fine.

      Fine and only a teeny tiny bit less slurpy, with a completely closed-source OS and no way it could be “liberated” of closed source. Your iPhone you say?

  6. Anonymous Coward
    Anonymous Coward

    'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

    Must get me one of these along with Amazon Alexa! Who needs enemies when these are your friends. Can you trust Samsung anyway? Ever since their Smart TV's got caught snooping & phoning home, they've been tainted!

    1. Avatar of They
      Meh

      Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

      Recent security survey suggested 90% of all smart TV's are hackable, by the aerial. So not just Samsung.

      1. Paul Crawford Silver badge

        Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

        But at least they can't send back via the aerial, so by keeping the pointless fsckers off your network the hack would at worst brick the thing.

        1. DropBear
          Trollface

          Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

          "But at least they can't send back via the aerial"

          Wait a few decades until everything runs on dynamically reconfigurable universal silicon (as a more general version of current FPGAs) and your hacked TV will spontaneously grow a transmitter if hacked...

        2. Anonymous Coward
          Anonymous Coward

          Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

          "But at least they can't send back via the aerial, so by keeping the pointless fsckers off your network the hack would at worst brick the thing."

          Not at all.

          Known exfiltration routes include varying screen output, or modulating current draw to send a signal out the power line.

          Unknown routes... probably exist.

          Playing with the screen could send a light signal, or properly done, a radio signal.

          For a big TV and a decent receiving antenna that could have quite a large range... given that the low power record for signalling from North America to Australia was achieved decades ago with 7 milliwatts. Proper choice of covert signal frequency could guarantee over the horizon ranges.

      2. katrinab Silver badge
        Black Helicopters

        Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

        I remember about 20 years ago, Mike Corley was spamming usenet with claims that MI5 and the BBC were spying on him via his TV set. Everyone thought he was completely crazy. Now, if someone said that, people would just nod in agreement and think it is a perfectly credible claim.

      3. Mark 85

        Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

        Aerial? How quaint. Here I thought they needed to be hardwired to a copper connection.

      4. Anonymous Coward
        Anonymous Coward

        Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

        "Recent security survey suggested 90% of all smart TV's are hackable, by the aerial."

        Good thing my TV has neither aerial nor cable attached. Nor any Internet connection. If it didn't come from the DVD player or my computer, it has no business on my TV.

  7. Doctor Syntax Silver badge

    And in the new world of GDPR are they going to turn themselves into the ICO (other regulators are available)?

    1. Paratrooping Parrot
      Mushroom

      I think everyone will want to report themselves to ICO because they are so useless.

    2. Doctor Syntax Silver badge

      "are they going to turn themselves into the ICO"

      Clarification: by "they" I mean Samsung. They're turning themselves into data processors on behalf of all their customers.

  8. _LC_
    Meh

    Sounds like sabotage to me

    Could anybody think of a bug that accidentally leads to this complex behavior? I don't believe this is a 'happenstance'.

    1. A. Coatsworth Silver badge
      Black Helicopters

      Re: Sounds like sabotage to me

      It happened to Google StreetView vans... that one time they spontaneously grew the ability to sniff and record WIFI traffic.

      It can happen t o anyone

  9. Anonymous Coward
    Anonymous Coward

    And this is why...

    ...you've got a personal phone, and another for work. If applicable another one each for the missus for the mistress.

    Had a colleague whos spouse was sleeping around with one or more of her subordinates at work. Got into the phone and started forwarding off the sexts to the contact list with snarky comments such as "you know why Jack got the promotion and you didn't?"

    Note the latter COA does not work in your favor when going before the courts. Indeed, if you get the spouse fired your alimony payments go through the roof.

    1. James 51

      Re: And this is why...

      The UK doesn't have alimony payments.

      1. Anonymous Coward
        Anonymous Coward

        Re: And this is why...

        No alimony payments? Nice. On this side of the pond divorce is the process by which a man's wallet is extracted from him by way of his genitals.

  10. Potemkine! Silver badge

    Gullible wanted

    If anyone believes whatever data on a smartphone is private, let him/her contact me, I've got an Eiffel Tower to sell.

    1. Jedit Silver badge
      Devil

      Re: Gullible wanted

      An Eiffel Tower? It's amazing what you can buy with the proceeds from selling slurped data.

  11. tiggity Silver badge

    If anyone was randomly sent my phone photos

    They would be very bored, most of them being snaps of items in shops so I can send message to partner asking if that item meets requirements and is OK price. *

    * Most shopping is offline (online only for stuff cannot get locally or if local prices too extreme (happy to pay a reasonable local shop convenience / supporting workers extra charge)) , plus bonus that most spending habits are private (cash is (privacy) king - obv. using cards scuppers privacy)

    1. onefang

      Re: If anyone was randomly sent my phone photos

      "plus bonus that most spending habits are private"

      Or where private, if your galleries of shopping photos just got sent to a random from your contact list.

  12. Crisp

    Unsolicited Leaky Dick Pic As A Service

    I honestly had no idea my phone had that as a feature.

    1. This post has been deleted by its author

  13. Dan 55 Silver badge
    Devil

    Samsung software

    Just say no.

    1. Dan 55 Silver badge

      Re: Samsung software

      The person who downvoted that obviously hadn't read the Enlightened thread on TDWTF.

      1. J. Cook Silver badge
        Pint

        Re: Samsung software

        *reads the daily WTF article*

        I'm guessing I'll need a drink! *wanders off to find some memory remover*

    2. Giovani Tapini
      Trollface

      Re: Samsung software

      If, just saying no was good enough for Zammo its good enough for me.

  14. adam payne

    Samsung's Messages app bundled with the South Korean giant's latest smartphones and tablets may silently send people's private photos to random contacts, it is claimed.

    That could be quite embarrassing for some people.

  15. Anonymous South African Coward Silver badge

    Sagsmug.

    So glad I decided not to use their products anymore.

    1. Anonymous Coward
      Anonymous Coward

      Sagsmug.

      So glad I decided not to use their products anymore.

      --------------------------------------

      The story for most if not all smart TVs will be similar.

  16. Anonymous Coward
    Anonymous Coward

    what a bunch of arseholes...

    ...and samsung as well.

  17. Multivac

    I didn't send you that cock pic, honest, it was my phone!

    This is a very elaborate setup to get someone high up in Samsung off the hook for sending a cock picture to one of their colleagues.

  18. Anonymous Coward
    Anonymous Coward

    finally a sound legal defence...

    ... for us serial guerilla dick pic posters.

    you get a pic, you get a pic, and you get a pic, and yes, you too.

    1. DryBones

      Re: finally a sound legal defence...

      I think I'd almost go out of my way to fill my phone with dick pics.

      Dick Cheney.

      Dick Van Dyke.

      Dick Tracy.

      Dick Clark.

      Richard Feynman.

      Richard Nixon.

  19. David Gosnell

    Assuming this is using MMS...

    ... who still uses MMS anyway? Forget blocking permissions, just delete the MMS settings from the APN and never risk any other app doing the same, or a plain-text SMS being misidentified and overcharged. The only justification for MMS is if you're roaming, when (bizarrely) they can be cheaper than an SMS, but data (via pretty much any messaging app of choice) is likely to be cheaper and superior image quality anyway.

  20. Anonymous Coward
    Anonymous Coward

    I received random photos from a Samsung owner

    About a month ago, in the middle of the night. Fortunately I silence it at night so it didn't wake me up. Unfortunately nothing that exciting, just some pics of her dad's birthday party and her dog covered in mud. Definitely not her entire photo album - she's a habitual picture taker so it would have taken hours to send them all!

    When I texted her that morning and asked "why did you send me these pics" she insisted she didn't send me anything. Last week she texted me and said the same thing happened to her with another friend. I told her she might have some malware, because I couldn't see any other reason her phone would randomly text pics. I should send her a link to this Reg article...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like