Ryan Welton is the mind behind the discovery of this bug and here is what he has to say about it, "The keyboard was signed with Samsung’s private signing key and runs in one of the most privileged contexts on the device, system user, which is a notch short of being root,”The problem was found out last year and Samsung was duly informed. The information, however was suppose to be kept confidential until Samsung comes up with a solution. Unlike Apple's secure software update, Samsung has always been one step lagging in this regard.
More Problems For The Cellphone GiantThe biggest problem is that the defected keyboard app can't be disabled or uninstalled (at least by an average user.) Now to add insult to injury, it is not even easy for users to tell if their carrier has come up with an update to resolve this problem. In case you're wondering how does the bug makes your phone vulnerable, there actually is a hole with Samsung's Swiftkey Keyboard - the latest function that detects what you're trying to type and then completes it, making you type faster and easier.
How it Happens?When you're connected to an unsecured WiFi and when the keyboard attempts to download the language pack or trending phrases, a hacker can easily replace the files with his own and win a free ticket to your phone's inside. A complete access! Android is known for its 3rd party apps but this is not much of a help here. Installing any other keyboard is highly unlikely to set you free from the problem as Android's native keyboard will continue to work in the background. All you can do is try and stay away from un-trusted networks. The problem affects more than six million Android devices world over.
Similar / posts
August 16 2019
August 12 2019