Security risk at the root of a rooted Samsung Galaxy S3
Thinking of rooting your Android phone? Read this cautionary tale first.
For all the flexibility that comes with rooting an Android smartphone, there are always intrinsic risks. Such is the case with at least one Samsung Galaxy S3. A moderator over at XDA forums recently discovered that his handset was storing his Google account password in clear text in the S-Memo application.
While this isn't so much of an issue for nonrooted Galaxy S3 users, it's worth a reminder that rooting could give novices more than they bargained for. Not all developers are trustworthy, not all custom ROMs are stable and secure, and you do put yourself at risk if you fly blindly into the world of rooted Android devices.
As it stands today, only an SQLite reader is required to look at the Google Account data. It isn't clear if there are other applications on the Galaxy S3 or if additional models are affected in the same capacity.
Having said all this, I'd be unsurprised if Samsung finds a way to patch this problem in a future update. You know, one of those "bug fixes" that seems to come with every firmware or software update. Then again, remember that you assume the risk and responsibility when deviating from the warranty, so take care.