Tuesday, June 16, 2015

Attention, Samsung Users With Swift Keyboard Installed: You've Got A Serious Security Issue

Samsung has been trying very hard to offer its Galaxy flagship smartphones as secured devices suited for government and business uses.  However, it has left open a serious security hole: in using Swift as a keyboard option, it has left a rather big hole that is dangerous enough that a hacker can trigger various functions on the device to track or listen in on the users. (Source:  Urbergizmo)

This serious security flaw stems from the fact that it uses the private signing key which grants high level functions.  And yes, a patch is already available.  However, you know how carriers around the world works, right?  It's not known just how many tens of vulnerable Galaxy devices have been patched or not.

And to be honest, no one knows whether this security is already being used to evedrop on voice calls or data.  And it has the potential to allow hackers to install malware as well.

All in all, it's pretty bad and makes the case for buying devices from Google which does seem to be able to issue patches in a more timely manner and to make sure they get to the users. 

No comments: