Huge Samsung security vulnerability: are you affected?

Another reason not to use the stock Samsung keyboard - much prefer the Google one anyway.
 
Another reason not to use the stock Samsung keyboard - much prefer the Google one anyway.

Even using another keyboard won't avoid the vulnerability, and it isn't possible to easily uninstall it either. NowSecure said that the Samsung keyboard keeps checking for updates in the background even if you're not using it.
 
Even using another keyboard won't avoid the vulnerability, and it isn't possible to easily uninstall it either. NowSecure said that the Samsung keyboard keeps checking for updates in the background even if you're not using it.

Big whoops and haha there.

Installing Cyanogenmod (or any other ROM) should help, but will void your warranty.

Samsung's getting hardegat with custom ROM installations, one of the reasons why I want to switch to a different make, one which'll allow you to install Cyanogenmod (or any other custom ROM) without hassles....
 
Have not read the article (at work) - what does it mean for the average user?
Must one reset one's phone?
(PS. If someone would be so kind as to post the article into the thread, it would be greatly appreciated.)
 
Have not read the article (at work) - what does it mean for the average user?
Must one reset one's phone?
(PS. If someone would be so kind as to post the article into the thread, it would be greatly appreciated.)

Reset doesn't work.

What happens is the keyboard app checks for updates frequently from a particular website (hardcoded). So it is quite easy to spoof DNS, and get the app to download a malicious package from another server. The app doesn't run any sanity checks, and will unzip the package after downloading it... installing some nasty malware in the process IF it is a compromised package...
 
Reset doesn't work.

What happens is the keyboard app checks for updates frequently from a particular website (hardcoded). So it is quite easy to spoof DNS, and get the app to download a malicious package from another server. The app doesn't run any sanity checks, and will unzip the package after downloading it... installing some nasty malware in the process IF it is a compromised package...

...so it is bad.
 
Nah. Certain conditions have to be met for the attacker to exploit this and as for me the chances are quite slim
 
From Android Central:

The crux of the issue came from the way the language packs in Samsung's keyboard are updated. (The language packs are part of the SwiftKey SDK, but the retail version of the SwiftKey keyboard wasn't involved in any of this in any way.) If your phone was connected to an unsecure access point and an attacker was able to catch you at the moment your phone was updating the language pack, they'd be able to replace the update payload with something nefarious. That would require a lot of things to line up at once, of course. But while the exploit is obscure, it's still real and needs to be fixed.

Source: http://www.androidcentral.com/samsung-preparing-security-update-close-keyboard-exploit

Like all of these so called exploits, this is being blown out of proportion...
 
Don't blame the OS - it is Samsung's devs that are to blame.

Same thing could happen to any mobile OS.
Should the OS be allowing devs to overide and get this kind of high level access to the file system.
If a Samsung dev can do it, then any dev can do it.
 
Should the OS be allowing devs to overide and get this kind of high level access to the file system.
If a Samsung dev can do it, then any dev can do it.
What a silly comment...

The Samsung devs have to have kernel level access as they need to write device drivers for their hardware.
 
Top
Sign up to the MyBroadband newsletter
X