Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»General Discussion»New Exploit Leaves Up To ...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums

Panich52

(5,829 posts) Fri Jun 19, 2015, 12:12 PM Jun 2015

New Exploit Leaves Up To 600M Samsung Galaxy Phones Vulnerable To Hack

Condumerist

New Exploit Leaves Up To 600M Samsung Galaxy Phones Vulnerable To Hack

Bad news for up to 600 million Samsung Galaxy phone owners worldwide: a big fat new vulnerability has been found that could let anyone with the inclination to cause trouble into your phone to read your messages, listen to your mic, watch your camera, and push malware at you. Oops.

The exploit is in Samsung’s keyboard, Ars Technica reports.

The keyboard is, of course, software and the phones come with a Samsung proprietary version of SwiftKey, the Samsung IME Keyboard, pre-installed. And like any other piece of software on the phone, the keyboard occasionally needs to be updated. So far so good.

So every so often, the phones query a particular server to see if there are updates available for the keyboard or for its language packs. However, any attacker can impersonate the server, sending back not just updates but also malicious code. Which Android, left to its own devices, might be able to catch — but Samsung grants their own updates way more privileges than other software might get, and so anything bundled in that keyboard update can just waltz right in and install itself.

The researcher who found the exploit confirmed its presence on Verizon and Sprint Galaxy S6 phones, T-Mobile Galaxy S5 phones, and the Galaxy S4 Mini on AT&T. (That vulnerabilities in other Galaxy models or the same models on other carriers have not been confirmed doesn’t mean those phones are in the clear, just that they have not yet been tested one way or the other.) The problem is specific to the Samsung custom version of the app, and not to the SwiftKey app that users (of any phone) can get from Apple’s App Store or Google Play.

More
http://consumerist.com/2015/06/17/new-exploit-leaves-up-to-600m-samsung-galaxy-phones-vulnerable-to-hack/

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 0 replies, 254 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (0) ReplyReply to this post
Reply to this discussion
Latest Discussions»General Discussion»New Exploit Leaves Up To ...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.