Want CNET to notify you of price drops and the latest stories?

Security risk at the root of a rooted Samsung Galaxy S3

Thinking of rooting your Android phone? Read this cautionary tale first.

Scott Webster
Scott Webster has spent the better part of his adult life playing with cell phones and gadgets. When not looking for the latest Android news and rumors, he relaxes with his wife and son. Scott also is the senior editor for AndroidGuys. E-mail Scott.
Scott Webster
Rooted users beware, the S-Memo is display is not exactly hiding your Google Account info. CNET UK

For all the flexibility that comes with rooting an Android smartphone, there are always intrinsic risks. Such is the case with at least one Samsung Galaxy S3. A moderator over at XDA forums recently discovered that his handset was storing his Google account password in clear text in the S-Memo application.

While this isn't so much of an issue for nonrooted Galaxy S3 users, it's worth a reminder that rooting could give novices more than they bargained for. Not all developers are trustworthy, not all custom ROMs are stable and secure, and you do put yourself at risk if you fly blindly into the world of rooted Android devices.

As it stands today, only an SQLite reader is required to look at the Google Account data. It isn't clear if there are other applications on the Galaxy S3 or if additional models are affected in the same capacity.

Having said all this, I'd be unsurprised if Samsung finds a way to patch this problem in a future update. You know, one of those "bug fixes" that seems to come with every firmware or software update. Then again, remember that you assume the risk and responsibility when deviating from the warranty, so take care.