Samsung accidentally sends 'Find My Mobile' notifications to Galaxy phones(androidcentral.com)
androidcentral.com
Samsung accidentally sends 'Find My Mobile' notifications to Galaxy phones
https://www.androidcentral.com/samsung-accidentally-sends-out-find-my-mobile-push-notification-galaxy-phones-worldwide
71 comments
This spooked me as well. I never used any of the Samsung apps on my phone and never created the Samsung account. Since apps come pre-installed, it was in the back of my head that Samsung could access the data anyway, but I dismissed it as company suicide to do something like this.
Since so many people received notification, it could be that some "Samsung God mode" exists.
Since so many people received notification, it could be that some "Samsung God mode" exists.
On the idea that taking and sharing your personal data without an opt-in would be company suicide:
Samsung has already hit this sort of scandal with its smart televisions and nobody really cared.
https://www.cnet.com/news/samsungs-warning-our-smart-tvs-rec...
The expectation that the free market will keep companies from spying on us...well, it would be nice, but increasingly it seems to be wishful thinking.
Samsung has already hit this sort of scandal with its smart televisions and nobody really cared.
https://www.cnet.com/news/samsungs-warning-our-smart-tvs-rec...
The expectation that the free market will keep companies from spying on us...well, it would be nice, but increasingly it seems to be wishful thinking.
Samsung can already do OTA updates. Their software runs on the phone. You already have to put some trust on them.
AFAIK, LG also doesn't manufacture in China. It used to manufacture in SK until last year, then it moved production to Vietnam.
LG and Samsung both manufacture a small portion of their handsets in China if I'm not mistaken.
But yes, LG did move South Korean production to Vietnam. Aside from these countries, LG also produces in Brazil and India: https://www.reuters.com/article/us-lg-elec-mobile/lg-electro...
However, Samsung represents approximately a third of the world's smartphone market, while LG is something like 3% -- tagging along behind Samsung, Huawei, Apple, Xiaomi, and Oppo.
But yes, LG did move South Korean production to Vietnam. Aside from these countries, LG also produces in Brazil and India: https://www.reuters.com/article/us-lg-elec-mobile/lg-electro...
However, Samsung represents approximately a third of the world's smartphone market, while LG is something like 3% -- tagging along behind Samsung, Huawei, Apple, Xiaomi, and Oppo.
My LG G8 ThinQ was made in Vietnam
I don't know the best way to handle customer worries after sth like this, but I'm sure "a samsung care ambassador replied on page 22" is not the best way.
At the very least, ensure that a google/bing/ddg/... search ends up in that thread, where a pinned note explains it.
At the very least, ensure that a google/bing/ddg/... search ends up in that thread, where a pinned note explains it.
Here's a screenshot I took of what it looks like
https://pbs.twimg.com/media/ERM8lVvUwAA9kSl?format=jpg&name=...
Not touching it.
Not touching it.
If you touch it it goes away.
From a Samsung Care Abassador on page 22 of comments:
> Hey everyone,
> From what I can tell, this is a some test on Samsung's end to assure services are working. U expect Samsung will make an official statement explaining but I want to mention it now to hopefully put some of you at ease.
> I hope this helps.
> Hey everyone,
> From what I can tell, this is a some test on Samsung's end to assure services are working. U expect Samsung will make an official statement explaining but I want to mention it now to hopefully put some of you at ease.
> I hope this helps.
Linux phones can't come soon enough. I don't need many features, I just need calls, texts, a web browser, and an SSH utility. I'm willing to give up a lot of features just to have control over my phone.
Is it too much to ask for me to have exclusive control over my devices?
Is it too much to ask for me to have exclusive control over my devices?
A symbian phone from the 90’s could do all of this. Blackberry phones could do this.
I miss the days where different manufacturers actually created their own phone Firmware/OS.
I miss the days where different manufacturers actually created their own phone Firmware/OS.
Happened to me too this morning! Spooky! I had to figure out how to delete this app as it's not possible to do using normal interface:
In "About Phone" tap 7 times on the "Build Number" to enable "Developer Options"
In "Developer Options" enable "USB Debugging"
Connect your phone to your laptop with your USB cable
Install "adb" (android-tools) on your computer
In a terminal type: adb devices
Then type: adb shell
Then type: pm uninstall -k --user 0 com.samsung.android.fmm
"FMM" is what they call "Find My Mobile"
You can remove other bloat too. Search for example for all Samsung apps using: pm list packages | grep 'samsung'
That's it. Worked fine for me. Phone still works without any issues. Hopefully I now get better battery too!
In "About Phone" tap 7 times on the "Build Number" to enable "Developer Options"
In "Developer Options" enable "USB Debugging"
Connect your phone to your laptop with your USB cable
Install "adb" (android-tools) on your computer
In a terminal type: adb devices
Then type: adb shell
Then type: pm uninstall -k --user 0 com.samsung.android.fmm
"FMM" is what they call "Find My Mobile"
You can remove other bloat too. Search for example for all Samsung apps using: pm list packages | grep 'samsung'
That's it. Worked fine for me. Phone still works without any issues. Hopefully I now get better battery too!
Genuinely curious who comes up with titles like: Samsung Care Ambassador
I wouldn't be surprised if that's one of those unpaid / volunteer things -- you know, where the company allows one to provide free support to other customers for, um, the "prestige" or "recognition" or something. Dell used to do that with their forums and such, not sure if they still do.
Kinda like how years ago [0] folks who wanted you to design a web site for them for free would try to bullshit you into believing that "the exposure" would be worth waaaaaaay more than any money that they might pay you.
---
[0]: I'm assuming enough people finally said "FYPM" that this doesn't happen so much anymore but I would not be shocked to find out I'm wrong.
Kinda like how years ago [0] folks who wanted you to design a web site for them for free would try to bullshit you into believing that "the exposure" would be worth waaaaaaay more than any money that they might pay you.
---
[0]: I'm assuming enough people finally said "FYPM" that this doesn't happen so much anymore but I would not be shocked to find out I'm wrong.
The same person who decided to rename helpdesk/support to "Customer Success Executives"
This also freaked me out in the morning. Right after that, I randomly heard about Google accusing Samsung of increasing the attack vector on their phones [1].
[1] https://www.zdnet.com/article/google-to-samsung-stop-messing...
[1] https://www.zdnet.com/article/google-to-samsung-stop-messing...
Either a dev was playing around and oopsied or they got hacked.
1 (number one) is popular in "injection" attacks as it is likely to go through and not throw an error. If you login as admin to your web based control panel and is greeted with an alert(1) you know you are fucked.
Almost certainly the former. Careful people need to be in charge and keep a tight leash on people who are careless until they are careful.
Also pre-emptive response to “something something about systems something cgpgrey”. At the end of the day we live in the real world with imperfections everywhere. Every system eventually boils down to trust in humans.
Also pre-emptive response to “something something about systems something cgpgrey”. At the end of the day we live in the real world with imperfections everywhere. Every system eventually boils down to trust in humans.
I've never been a dev in such a large environment but devs shouldn't even be able to touch such a production environment imo.
They do their testing and then hand over to deployment. After that they're out of the picture until the next update needs to roll out.
They can't have direct access to API keys for live apps in production.
They do their testing and then hand over to deployment. After that they're out of the picture until the next update needs to roll out.
They can't have direct access to API keys for live apps in production.
and this is the reason why all my tests are reasonable sane strings which customers could see and not something like "fuck 1", "fuck 2", etc
On the other hand I'd say that having them be that is more incentive to keep things safe.
Samsung phones have only gotten worse over the years with the additional bloatware that they preinstall on phones. All Android phones get 'Find my Device' which is a service provided by google which works well. There is no reason for Samsung to install an app which can remotely track location data on it's phones and send data to it's own servers.
Another prime example of it is the preinstalled bloatware 'Samsung pay mini' that they bundle with all phones. My phone has samsung pay mini installed and I cannot remove or uninstall it. It is a persistent and annoying bar which sits at the bottom of my launcher screen so it's always visible. Force stopping it only makes it restart in a few minutes. I am never buying a Samsung again
Another prime example of it is the preinstalled bloatware 'Samsung pay mini' that they bundle with all phones. My phone has samsung pay mini installed and I cannot remove or uninstall it. It is a persistent and annoying bar which sits at the bottom of my launcher screen so it's always visible. Force stopping it only makes it restart in a few minutes. I am never buying a Samsung again
There actually is a reason for find my Samsung. It works better than Google's find my Android [1].
The pay mini thing can also be disabled from within the Samsung pay settings [2].
[1] https://www.reddit.com/r/Android/comments/f4wq35/i_lost_my_d... [2] https://imgur.com/a/H9ht808
[1] https://www.reddit.com/r/Android/comments/f4wq35/i_lost_my_d... [2] https://imgur.com/a/H9ht808
On my S10+ the option to disable Pay Mini seems to be called: "Use Favorite Cards" (not "Quick Access").
I'm not an Android dev, but isn't it nothing about privacy or remote control (apart from sending the notification) contrary to the reactions in the comments?
AFAIK, Android/iOS push notifications works quite independently from the app itself. Even if the app is not running in the background the app server can send a message to Google/Apple (not to Samsung) and Google/Apple send the message to the device to show the message. Correct me if I'm wrong.
AFAIK, Android/iOS push notifications works quite independently from the app itself. Even if the app is not running in the background the app server can send a message to Google/Apple (not to Samsung) and Google/Apple send the message to the device to show the message. Correct me if I'm wrong.
On Android the app needs code to receive the push message and post a notification.
On IOS, the app developer has less control.
On IOS, the app developer has less control.
Samsung officially announced (at least in Korea region) that it was an accident during internal app testing and there is no effect on the device.
(The link is from a korean forum)
https://clien.net/service/board/park/14612726
(The link is from a korean forum)
https://clien.net/service/board/park/14612726
Just noticed the notification today morning and was wondering which bloatware app I missed when uninstalling them all and accidentally bricking the device couple of times. Meantime I'm still not able to set up properly the notifications for WhatsApp, RSS client, and email client to let me know when email/message/call is arriving, just random notification sounds and no clue what happened and where... all I know is that "the phone needs attention". Bring back the 3.5mm audio jack to the iPhone and I'm buying it instantly.
I'm starting to think Samsung is running a social experiment instead
That's hilarious, this happened to me right before I saw this was my top story. (I use the hide feature a lot.)
Anyway I guess no one's targeting me personally, so I'll just wait for the post mortem.
Anyway I guess no one's targeting me personally, so I'll just wait for the post mortem.
These companies have an insane amount of control, power and insight into our lifes via our telephones. When we see but a sliver of said power, we freak out.
At least LineageOS's notification (2018) that they were going to use your phone to mine some custom crypto currency turned out to be a joke and not an error :) [0] Also freaked me out btw.
[0] https://www.androidauthority.com/lineageos-april-fools-85270...
[0] https://www.androidauthority.com/lineageos-april-fools-85270...
As someone who was once "all Samsung", Samsung are really bad at software. Their apps crashed all the time, their websites frequently errored out, they managed to make using Android painful, SmartThings is a fiasco etc.
I wouldn't trust them with any of my personal data.
I wouldn't trust them with any of my personal data.
While remote tracking, bricking, etc is very useful, I do not trust any company to make it secure enough, so the features becomes moot. It would be better if I could create a encryption key myself to be sure that only I had access to those features.
Wow, is there an article for this yet? Just happened to me. Not good.
A bunch of people got the single digit 1 as a notification.
Sounds pretty benign to me. I can think of a half dozen ways to accidentally do that (assuming an environment without adequate safeguards)
Sounds pretty benign to me. I can think of a half dozen ways to accidentally do that (assuming an environment without adequate safeguards)
> assuming an environment without adequate safeguards
This is the bit that worries me.
This is the bit that worries me.
Last year some time I got about half a dozen ‘test message’ notifications from a ride share app in the middle of the night. It’s a pretty easy mistake to make.
They just obtained the location of EVERY phone - you don't think that wasn't an invasion of privacy
There's no evidence of that.
I got the '1' on one of my Samsung Galaxys before I saw this. I tried using FMP from another device on the same Samsung account. I got separate notifications regarding that it reported my location and reported nearby WiFi servers it could find.
The '1' notification indicated no such detail.
I got the '1' on one of my Samsung Galaxys before I saw this. I tried using FMP from another device on the same Samsung account. I got separate notifications regarding that it reported my location and reported nearby WiFi servers it could find.
The '1' notification indicated no such detail.
[deleted]
I am thinking of buying a new android device, but it seems all manufacturers include loads of bloatware. Is there any manufacturer apart from Google who offer lean android devices?
I got a Samsung S10 a few days ago.
If you are technical, the debloating process isn't so bad. You enable debug mode, hook your phone to PC, and run a bunch of "adb pm remove" commands. (Google for "xda S10 debloat".) I was able to remove pre-installed Bixby, Facebook, Microsoft, Samsung apps, etc.
If you're not technical, its a fucking shame that you end up with a phone with loads of pre-loaded stuff.
If you are technical, the debloating process isn't so bad. You enable debug mode, hook your phone to PC, and run a bunch of "adb pm remove" commands. (Google for "xda S10 debloat".) I was able to remove pre-installed Bixby, Facebook, Microsoft, Samsung apps, etc.
If you're not technical, its a fucking shame that you end up with a phone with loads of pre-loaded stuff.
I think any AndroidOne phone should. A major issue for me is that there is almost no Android phone that is not quite bad. I had a Nokia 7 Plus which ran AnroidOne and it was probably one of the worst phones I ever had. I bought a Samsung afterwards because the Nokia was not usable and while the Samsung was also quite horrible it was at least usable. Motorola also offers the Motorola One Vision but I can't vouch for their quality and I would guess it is also rather bad.
What were your issues with the Nokia? I've had mine sitting around for several months now with a broken charging port, a persistent smudge down the left side of the screen and it likes to restart when fast charging.
Other than that, it was a great budget phone. For now, I'm using the Motorola One Vision and have found it to be great for the price too.
Other than that, it was a great budget phone. For now, I'm using the Motorola One Vision and have found it to be great for the price too.
You know what... I hated the iPhone since the 3G when an update made it so slow to be unusable. Android all the way since. But then I got tired of having to install third party ROMs that vary a lot in quality, crash often, aren't updated anymore... So I bought a used 6S for 150$. Absolutely no regrets. It just works. It's not slow even on the latest iOS. It'll be hard to make me switch back to Android again. Maybe worth considering?
Caterpillar?
Their ruggedized Android phones aren't bad. I even took almost all the Google stuff off of mine and use F-Droid. About the only thing they stick you with that you can't delete is App Toolbox, which is an app store for useful things like bulldozer rental and excavation calculations.
You don't need a case with those phones.
Their ruggedized Android phones aren't bad. I even took almost all the Google stuff off of mine and use F-Droid. About the only thing they stick you with that you can't delete is App Toolbox, which is an app store for useful things like bulldozer rental and excavation calculations.
You don't need a case with those phones.
Their ruggedized Android phones aren't bad.
Let me take that back. The nonremovable battery has started to bulge and the case back has bent by 2mm. I'm currently trying to find out how to ship HAZMAT back for repair.
Let me take that back. The nonremovable battery has started to bulge and the case back has bent by 2mm. I'm currently trying to find out how to ship HAZMAT back for repair.
The Chinese Umidigi brand sells a few minimal-bloatware phones.
Obviously you run the risk of all your data being funnelled to China...
Obviously you run the risk of all your data being funnelled to China...
I’ve heard good things about Nokia devices. YMMV
A Nokia with Android One certainly has less bloatware than most cheap phones, but you WILL still get pestered by Google Assistant incessantly. There's no way to turn it off. No matter how many settings you disable, it will always pop up when it thinks you've said 'ok google', and sometimes sporadically.
You can't get rid of it via adb pm uninstall?
99pi just released an episode about that font. (https://us.community.samsung.com/t5/image/serverpage/image-i... )
https://99percentinvisible.org/episode/fraktur/
Same here. I saw it literally 1 minute ago and there is already a hackernews article.
[deleted]
Just saw it.
It said
" 1 1 "
It said
" 1 1 "
+1 here
Question:
I never ever created an account with Samsung. Can I still ask for all their collected data under GDPR for my phone ID (MAC address, IMEI)? I'm guessing something in that phone is probably calling home, right?
I never ever created an account with Samsung. Can I still ask for all their collected data under GDPR for my phone ID (MAC address, IMEI)? I'm guessing something in that phone is probably calling home, right?
A better article perhaps:
https://www.androidcentral.com/samsung-accidentally-sends-ou...
https://www.androidcentral.com/samsung-accidentally-sends-ou...
Ok, we've changed to that from https://us.community.samsung.com/t5/Note10/Find-my-mobile-se.... Thanks!
[deleted]
Why was the title changed? This is a samsung specific issue and the loss of specificity detracts from the title.
If the title includes the name of the site, please take it out, because the site name will be displayed after the link.
https://news.ycombinator.com/newsguidelines.html
(this will be moot shortly, because I'm going to change the URL)
https://news.ycombinator.com/newsguidelines.html
(this will be moot shortly, because I'm going to change the URL)
I’d say “you get what you pay for” but it’s Samsung; I don’t know what you’re paying for.
I dismissed the notification, deleted as much data from Samsung apps as possible, and turned my phone off.
Rough moment to be a Samsung executive. They're just about the only top smartphone manufacturer that doesn't manufacture the vast majority of their handsets in China so presumably they are in position to take some market share from the competition. Yet today we are seeing some fear about contagion in SK, and this very strange notification that -- benign or not -- is going to scare some users (e.g. me). I for one would like to see a formal statement made to the public.