Monday, June 22, 2015

Samsung's Security Failure Has Left 600M Android Users Vulnerable To Keyboard Hack



Samsung has been in the news for the security issue that has been caused by the in-house SwiftKey keyboard which is incorporated mostly in its Galaxy devices.

Latest Samsung news is about the accusations and issues that the company is facing. There had been a research conducted by NowSecure that points out to a serious flaw in the handsets by the tech giant that has left approximately 600 million users with their android devices being vulnerable to a classis hack known as man-in-the-middle attack. It has to be noted that this is not the first time in the year that the company has been come under the issue of security practises being poor. However, this issue pertaining to the mobile flaw is the same as that of Smart TV issues related to encryption. There is the same root cause to the problem, the security measures that are poor and also the non-existent encryption practises.
In the case being discussed here, the tech giant has shipped the in-house version of SwiftKey with the devices, it is an Android keyboard. The statement by the developers of SwiftKey expressed that this bug is not in the original version of the keyboard’s code. This points out that the tech giant is responsible for not only creating but also distributing the flaw.
The update process of SwiftKey runs in the background being invisible but it is run at the permission level of System User. This is merely a step away from the root access, the admin access that means, and also has the ability to give the permission to process to bypass the security checks and also the safeguards which shall prevent this operation in other way. There is pretty less of confirmation or file checking, the process for update does hash check on the downloaded ZIP file, however the researchers have already routed the way of bypassing it.
Since the tech giant performs all this in plain text, it is pretty easy for anyone who is on the same Wi-Fi to be able to perform man-in-the-middle attack and also put the similar SHA1 hash along with the infected file. This will be able to monitor the microphone, camera, install applications, read messages and also without users knowing about them. If the users think that not using this keyboard will help then they are wrong, it won’t. It will be checking for the background updates even then and will be vulnerable all of this time.
Samsung news reports that the company had fixed the bug back in the start of this year but not even a single carrier included the fix to this bug. That points to the fact that everyone who has these devices is vulnerable to the MitM attack. While the tech giant is surely deserving the major chunk of blame for being failed in respect to checking the security measures, that institution is not the only one whom we shall blame. Nobody here is taking the security seriously at their levels.

No comments:

Post a Comment