Find My Mobile is one of those Samsung services that are quite useful, as it lets users keep track of their device and wipe/lock it in case it gets stolen or misplaced. However, security researchers have warned that Find My Mobile might have a very serious bug that makes it more of a liability than a boon – according to security researcher Mohamed Baset and the National Institute of Standards and Technology (NIST), an exploit in Find My Mobile can allow those with harmful intentions remotely lock, ring or wipe Samsung phones. Apparently, the service doesn't have any system in place to validate a lock code that it receives, which can allow an attacker to use heavy network traffic to gain control of the device.
That's a pretty dangerous exploit, at least on the surface, so it looks like turning off Find My Mobile on your Samsung device might be the only way to stay safe before the company comes up with an official statement or solution. In the meantime, you can always use Android Device Manager, which is Google's own take on securing a lost or misplaced device and is available freely from the Play Store for all Android devices.
UPDATE: According to Philip Berne, Samsung's Marketing Manager for Technical Media, the Samsung Find My Mobile team has confirmed that the aforementioned exploit has already been fixed on October 13. That's good to hear, and here's hoping Find My Mobile doesn't has any other weaknesses that might be putting users and their devices at risk.
