Home  ›  News  ›

Samsung to Patch Keyboard Security Hole in A Few Days

Article Comments  2  

Jun 17, 2015, 1:55 PM   by Eric M. Zeman   @zeman_e
updated Jun 17, 2015, 1:56 PM

Samsung has responded to reports that a flaw in its keyboard software leaves Galaxy-branded smartphones open to attack. Specifically, a security firm called NowSecure discovered that language packs for the keyboard are updated through a plain-text, unencrypted connection. NowSecure says the problem is severe enough that it could let hackers: access sensors and resources, such as the GPS radio, camera, or microphone; install malicious apps; tamper with how apps work; eavesdrop on communications; and access sensitive personal data. "Samsung takes emerging security threats very seriously," said the company in a statement. "We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days." The problem stems from the use of Swiftkey's SDK. "In addition to the security policy update, we are also working with Swiftkey to address potential risks going forward." Swiftkey said its own apps do not pose any risk to consumers. The issue affects devices as far back as the Galaxy S4.

ZDNet »

Related

more news about:

Samsung
 

AD

Comments

This forum is closed.

This forum is closed.

Jonathanlc2005

Jun 17, 2015, 9:34 PM

i actually have proof of this

My cerberus app emailed me several times in 1 day taking photos and GPS location on a family members samsung S5.

the reason, it stated the wrong pin was entered into the phone. she never had a pin set up on the phone. it was clearly hacked.

this happened many times when she was traveling on the highway
thebriang

Jun 17, 2015, 3:52 PM

Maybe while they're at it...

They can fix the disappearing Mobile Network quick setting on the S6's.
I know they want everyone to have unlimited data plans but a quick setting shouldn't be too much to ask for, do I have to root and break your secure enterprise element to get back what was there last week?
 
 
Page  1  of 1

Subscribe to news & reviews with RSS Follow @phonescoop on Twitter Phone Scoop on Facebook Subscribe to Phone Scoop on YouTube Follow on Instagram

 

All content Copyright 2001-2020 Phone Factor, LLC. All Rights Reserved.
Content on this site may not be copied or republished without formal permission.