Samsung is known for a history of pretty secure and powerful devices, problems only occur when they allow third party developers to produce crucial components of their system for them. In a report from NowSecure this vulnerability is found within the SwiftKeys keyboard, the default keyboard software that ships with all Samsung devices.
The problem with SwiftKey is that the software gets updated over an HTTP connection opposed to an HTTPS connection, resulting in a plain text transfer and an unencrypted update sent to the devices, not only that but SwiftKey is given system level access to the device. By allowing the device system level access malicious code can get uploaded to the phone by tricking the device into believing it's getting an update, which seeing as it is plain text isn't all too difficult.
To only make things worse, android devices don't get updates until the carriers push them through. As NowSecure alerted Samsung of the vulnerability back in December of 2014, and the patch was completed early 2015, distribution of the patch has yet to be distributed by any carriers according to research once again posed by NowSecure.
The issue doesn't apply to any old scenario, as any attempt for hackers to gain access requires to be on the same network. Devices can't become compromised unless they share the same connection. To prevent this vulnerability from happening until the patch is officially distributed by the carrier, the simplest solution is to completely avoid using any open WiFi or shared WiFi at all costs. If there is no option but to use open WiFi, be sure to use a secure VPN connection to disallow any nefarious interaction to occur without your first hand notice.
These precautions will block any attempts at sending a spoofed update message to the users devices in plain text and upload malicious code. And as always, be safe my goblins.
0 comments:
Post a Comment