Samsung to Patch Keyboard Security Hole in A Few Days
Samsung has responded to reports that a flaw in its keyboard software leaves Galaxy-branded smartphones open to attack. Specifically, a security firm called NowSecure discovered that language packs for the keyboard are updated through a plain-text, unencrypted connection. NowSecure says the problem is severe enough that it could let hackers: access sensors and resources, such as the GPS radio, camera, or microphone; install malicious apps; tamper with how apps work; eavesdrop on communications; and access sensitive personal data. "Samsung takes emerging security threats very seriously," said the company in a statement. "We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days." The problem stems from the use of Swiftkey's SDK. "In addition to the security policy update, we are also working with Swiftkey to address potential risks going forward." Swiftkey said its own apps do not pose any risk to consumers. The issue affects devices as far back as the Galaxy S4.
Aug 8, 2018
The Samsung Galaxy S7 has a serious security flaw, according to researchers from Austria’s Graz Technical University. A microchip security issue leaves the S7 open to Meltdown attacks.
Nov 6, 2017
Google today made its monthly security update available to its branded Android devices. November's patch plugs a handful of security holes that threaten Android devices.
Jul 24, 2018
Researchers at the Israel Institute of Technology discovered a vulnerability in Bluetooth's Secure Simple Pairing and LE Secure Connections features that could lead to man-in-the-middle attacks. According to the researchers, the Bluetooth specification doesn't require devices with these features to validate the public key when pairing with new hardware.
Oct 12, 2018
Facebook today provided an update on last month's hack. The hackers used accounts under their control to access the tokens of some 400,000 users.
Apr 12, 2018
Security Research Labs says Android phone makers often miss security patches but still tell owners the phones are up-to-date. Researchers Karsten Nohl and Jakob Lell examined the code of some 1,200 phones from more than a dozen phone makers for every security patch released during 2017.
i actually have proof of this
the reason, it stated the wrong pin was entered into the phone. she never had a pin set up on the phone. it was clearly hacked.
this happened many times when she was traveling on the highway
Maybe while they're at it...
I know they want everyone to have unlimited data plans but a quick setting shouldn't be too much to ask for, do I have to root and break your secure enterprise element to get back what was there last week?