On Tuesday, a website called NowSecure posted a report discussing a security flaw in the stock keyboard of several Samsung devices. If you take a few minutes to get past the fire-engine-red background, the death’s head skulls designed to elicit fear, and the panic-inducing headline, you’ll understand that you probably shouldn’t throw away your Samsung phone.
The security flaw revolves around the stock keyboard on Samsung S4 mini, S4, S5, & S6. No Note devices are listed as being impacted, although the website gives the caveat that the devices listed are the “known” devices. The risk could potentially allow a remote user to take over a device while the stock keyboard is updating itself. As noted on the NowSecure article:
If the flaw in the keyboard is exploited, an attacker could remotely: Access sensors and resources like GPS, camera and microphone; Secretly install malicious app(s) without the user knowing; Tamper with how other apps work or how the phone works; Eavesdrop on incoming/outgoing messages or voice calls; and Attempt to access sensitive personal data like pictures and text messages
Samsung began pushing a patch to carriers in early 2015. However, it’s not known where the carriers are at with pushing that patch to the end users.
It should be noted that in the NowSecure article, they refer to the stock Samsung keyboard as Swift, when in reality they should be calling it SwiftKey. Keep in mind this is the stock Samsung SwiftKey, not the SwiftKey available in Google Play and the iOS App Store.
So what should you do? Buy a different phone? Smash your Samsung with a hammer? Not really. How this exploit works is that it is dependent on you connecting to an unsecured wifi network at the exact same time your keyboard decides to download language pack updates, and someone has to be sitting there waiting for you to do this. You can take the first step toward protecting yourself by not using wifi networks that don’t use security.
Being able to piggyback your data is bad, for sure. But keep in mind that for this exploit to work it requires a very specific set of circumstances. It also requires for your phone to be unpatched, which should be a bigger part of this conversation – the lack of speed with which the carriers push important updates.
There’s definitely a problem here – I don’t want to be accused of being a fanboy sweeping it under the rug. But at the same time, be careful where you’re connecting to wifi and you should be ok.Source: NowSecure