Do you own a Galaxy phone? Are you worried about the hackers may target your phone? You must have heard that 600 million Samsung Galaxy phones are exposed to hackers! You can’t personally eliminate the vulnerability in you Galaxy phone. You can, however, understand what it means for you.
It has been reported that the attacker can use the opportunity to get their software onto your phone when your phone checks for updates and it could give them full amount of control over your device and then they can do things like access sensors on your phone like the keyboard, the microphone, GPS, camera etc.
Also it has been found that every Samsung Galaxy device — from the S3 to the latest S6 — has a significant flaw that lets in hackers. The vulnerability lives in the phones’ keyboard software, which can’t be deleted. The flaw potentially allows hackers to spy on anyone using a Samsung Galaxy phone.
First let us understand the difference between vulnerability and a hack. The vulnerability means the window is unlocked. The hack is when the hacker comes through the unlocked window. To actually execute the hack, someone would have to camp out on a Wi-Fi hub, identify your device when you connect to it, and catch your phone asking the network for an update.
It is always advisable not to use public Wi-Fi
In a open wireless there are a bunch of other people there using the Wi-Fi and you don’t really know what those people are doing. Hackers can wreak all kinds of havoc through Wi-Fi, even without a known vulnerability. They can pretend to be the wireless access point, the part that your computer is communicating with to get to the internet. If they can pretend to be that, then they can pass your traffic on to the real access point, and then sniff out everything in between. It’s called a man-in-the-middle attack.
Even at your private home wireless set up you should keep a password on your home Wi-Fi network, because if not, someone could be sitting on your network, sniffing out your traffic, listening to what you’re doing on the internet. So watch where you connect.
How serious is this problem?
According to sources this vulnerability stood at 8.3 on a well-established system that ranks cybersecurity problems from 1 to 10. Tests were performed on several Galaxy models on many different cell phone carriers. All were vulnerable. Assuming every Galaxy out there is the same, and it was estimated that 600 million devices are affected.
The problem involves the word prediction software used by Samsung devices. It’s made by British tech firm SwiftKey, which Samsung installs in devices at the factory. The SwiftKey keyboard can be tricked to accept a malicious file when the software updates. Because of the way the keyboard is installed, that virus can access some of the deepest, core parts of the phone’s computer system. With that level of access, a hacker can then do pretty much anything to your phone.
To calm down worried users, the British firm argued that this hack isn’t easy to pull off. It involves particular timing. A hacker can only sneak into a device when the keyboard software is applying a software update.
In a statement to reporters, Samsung said it “takes emerging security threats very seriously… and [is] committed to providing the latest in mobile security.”
The company also said it’s about to patch the issue through its Samsung KNOX service. “Updates will begin rolling out in a few days,” the company said, although it’s unclear whether all devices will receive the fix.
Part of the incredibly long delay to fix this problem is due to the way phone manufacturers work with cell phone carriers like AT&T, Sprint, T-Mobile and Verizon. Samsung could race to create a fix, but people must wait until carriers get around to distributing them.
— overpasses4America (@o4america) June 17, 2015