Home › News ›

Samsung to Patch Keyboard Security Hole in A Few Days

Jun 17, 2015, 1:55 PM by Eric M. Zeman
updated Jun 17, 2015, 1:56 PM

Samsung has responded to reports that a flaw in its keyboard software leaves Galaxy-branded smartphones open to attack. Specifically, a security firm called NowSecure discovered that language packs for the keyboard are updated through a plain-text, unencrypted connection. NowSecure says the problem is severe enough that it could let hackers: access sensors and resources, such as the GPS radio, camera, or microphone; install malicious apps; tamper with how apps work; eavesdrop on communications; and access sensitive personal data. "Samsung takes emerging security threats very seriously," said the company in a statement. "We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days." The problem stems from the use of Swiftkey's SDK. "In addition to the security policy update, we are also working with Swiftkey to address potential risks going forward." Swiftkey said its own apps do not pose any risk to consumers. The issue affects devices as far back as the Galaxy S4.

ZDNet »

Related

Samsung Refreshes Galaxy S Series with S Pen, New Cameras

Feb 9, 2022
Samsung today announced its lineup of flagship phones for 2022: the Galaxy S22 series. The top-end S22 Ultra sees the biggest changes as it essentially absorbs Samsung's Note series with an integrated S Pen stylus and a more Note-like shape and design, instead of the Contour Cut design of the other models.

Major Update to Google Messages Brings iPhone-Compatible Emoji Reactions

Mar 10, 2022
Google today started rolling out a major update to its Messages app, the default SMS and RCS messaging app on most new Android phones. It includes several major new features, but the biggest for most people may be automatic conversion and tidier display of emoji reactions from iPhone users .

iOS 16 Revamps the Lock Screen

Jun 6, 2022
Apple today announced iOS 16, the next version of its core software for iPhones. The new OS features a major revamp of the Lock Screen with new personalization, including font & color options, and widgets that are similar to complications on the Apple Watch.

Apple Watch Goes Ultra

Sep 7, 2022
Apple has refreshed its Apple Watch lineup with Series 8, a new Watch SE, and added a larger, more rugged Apple Watch Ultra for athletes and extreme adventurers. Apple Watch Series 8 has two main upgrades over Series 7: temperature sensors and Crash Detection.

Lenovo ThinkPhone by Motorola Caters to Businesses

Jan 5, 2023
Motorola's newest phone is the Lenovo ThinkPhone, a mobile phone designed to appeal to business customers and integrate seamlessly with Lenovo ThinkPad laptops. The ThinkPhone has high-end specs, a durable body, and extensive security features.

more news about:

Comments

This forum is closed.

This forum is closed.

Jonathanlc2005

Jun 17, 2015, 9:34 PM

i actually have proof of this

My cerberus app emailed me several times in 1 day taking photos and GPS location on a family members samsung S5.

the reason, it stated the wrong pin was entered into the phone. she never had a pin set up on the phone. it was clearly hacked.

this happened many times when she was traveling on the highway

thebriang

Jun 17, 2015, 3:52 PM

Maybe while they're at it...

They can fix the disappearing Mobile Network quick setting on the S6's.
I know they want everyone to have unlimited data plans but a quick setting shouldn't be too much to ask for, do I have to root and break your secure enterprise element to get back what was there last week?

Page 1 of 1