The problem appears to be the Android dialer itself. Websites are able to link characters with a special prefix in order to pass digits to the dialer in a phone -- the same functionality that allows you to initiate a phone call from a site, for example. However, the dialers in phones also support specialized strings of characters that can do anything from displaying a phone's IMEI code to wiping the device itself. In devices vulnerable to the attack, the dialer treats these special codes the same as any other phone number, allowing a website to initiate a reset without the user authorizing it to do so.http://tinyurl.com/not-just-samsung
Please enter a valid email to subscribe
We need to confirm your email address.
To complete the subscription, please click the link in the
email we just sent you.
Thank you for subscribing!
via Egeo 16