Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Samsung SwiftKey Security Advisory: Unencrypted Update Exploits Detected

General Esm H446
Given everything that The problem, uncovered by Ryan Welton from mobile security specialists NowSecure, was a blatant one: the SwiftKey keyboard pre-installed on Samsung phones looked for language pack updates over unencrypted lines, in plain text. That meant it was possible for Welton to create a spoof proxy server and send malicious security updates to affected devices, along with some validating data to ensure the bad code remained on the device. This gave him a hook from which to find ways to escalate his attack and exploit the device without the users

The link for this article located at Forbes is no longer available.

Your message here