Samsung reveals Find My Mobile is safe, far too long after vulnerability goes public

Samsung's Find My Mobile device-tracking service was revealed last month to be vulnerable to a denial of service attack, which would allow hackers to lock and wipe enrolled handsets. The media quickly jumped on this, with some pundits suggesting that users should stop using Find My Mobile as soon as possible, due to the apparent risks involved.

Samsung today finally decided to chime in, telling its customers that they actually have nothing to worry about. The vulnerability in question, Samsung says, was fixed more than a week before it went public, resulting in no user data being compromised. Well, it sure took Samsung a long time to come forward with this information, seeing as news about it started to surface a week ago.

If indeed the vulnerability was fixed when Samsung says it was -- that would be October 13 -- why didn't the South Korean maker make a public announcement sooner? Coming forward this late raises more serious questions than it answers, like why isn't Samsung making customer communication a priority?

Surely, sending something as simple as a tweet like "Don't worry, we fixed that long ago" would have been easy to do, and a much better way to handle things than making customers wait this long for an answer.

Samsung says that Find My Mobile was patched through an update but even before that happened, "any data from the phone or on the server could not be accessed by the hacker", as long as users didn't do anything foolish, like clicking on malicious links to the Find My Mobile site in text messages or emails, after logging in the browser.

Image Credit: Richard M Lee / Shutterstock