Millions of Samsung Galaxy Phones May Be Vulnerable to Hackers

[froggyboy604]

If you’re one of the millions of users of a Samsung Galaxy phone, you might be a potential target for a malicious hacker.

A report released today by NowSecure, a security firm located in Chicago, found that a glitch in Swift, the keyboard software used by default on all Samsung Galaxy devices could allow a remote attacker to compromise your phone.

This particular bug makes the phone vulnerable to what is known as a “man in the middle” attack. The Swift software consistently sends requests to a server, checking for updates. To someone with the right knowhow, though, it’s possible to impersonate Swift’s server and send through software that can be used to gain control of the device.

- See more at: http://www.thefiscaltimes.com/2015/06/17/Millions-Samsung-Galaxy-Phones-May-Be-Vulnerable-Hackers#sthash.Y56Ysfw4.dpuf

Now is a good time to root your Samsung phone, and install a custom ROM like Cyanogenmod onto it which does not have this Swift vulnerability.

 

[Demon_Skeith]

Do all custom roms remove the swift program?

 

[froggyboy604]

Do all custom roms remove the swift program?

 
I think most custom roms don't come with the Swift program because Swift is a third-party keyboard app which used to be a paid keyboard app until it became a free app with in-app purchases.

Custom rom probably still need to ask for permission from Swift to use Swift in their custom rom.

 

[Demon_Skeith]

I'll have to look through my programs.

 

[SarahWorksAtHome]

Oh. Yay.  :down:

Gotta call my phone-techie friend over tomorrow.

 

[froggyboy604]

Oh. Yay.  :down:
 
Gotta call my phone-techie friend over tomorrow.

 
If you own a Galaxy S4, S5, and S6, this security problem will be fix through a firmware update in the coming days from Samsung according to http://www.ibtimes.com/samsung-issue-fix-swiftkey-keyboard-bug-affecting-galaxy-s6-coming-days-1974145
 
 

Samsung said its fix will be issued in the coming days. Users who want to receive the fix should make sure they update their settings to receive updates automatically. "To ensure your device receives the latest security updates, go to Settings > Lock Screen and Security > Other Security Settings > Security policy updates, and make sure the Automatic Updates option is activated. At the same screen, the user may also click Check for updates to manually retrieve any new security policy updates," Samsung said.
 
Unfortunately, this update will not resolve the issue for all Samsung smartphones, only its Knox-enabled devices, which include the Galaxy S6, S5 and S4. For users with other devices, Samsung said "we are currently working on an expedited firmware update that will be available upon completion of all testing and approvals.

But, I think it is still better to root your phone, and install a custom rom which does not come with Swift.

 

[Claraviolet]

Oh man!
they should seriously update the software then :/

 

[Demon_Skeith]

I couldn't find any swift programs via my back up mobile program. So hopefully my ROM removed it.

 

[SarahWorksAtHome]

Okay, so hypothetically, if someone uses a Galaxy S3 still instead of a 4, 5 or 6 (cuz they might be stuck in the dark ages or just broke, ya know), they are still needing to worry and/or get their phone techie friend to come over and protect their precious phone, right? 
Just... asking for... a friend. I totally have the newest and latest. It's not me. A friend.
:yes:
:whistling:

 

[froggyboy604]

Okay, so hypothetically, if someone uses a Galaxy S3 still instead of a 4, 5 or 6 (cuz they might be stuck in the dark ages or just broke, ya know), they are still needing to worry and/or get their phone techie friend to come over and protect their precious phone, right? 
Just... asking for... a friend. I totally have the newest and latest. It's not me. A friend.
:yes:
:whistling:

Yes, upgrading to a new phone, or asking a techie friend for help is a good idea.

Switching to another keyboard app may give you some protection. But, it is best to remove Swift by asking your techie friend to remove it for you by rooting your phone, replacing the keyboard app, and uninstalling Swift.

 

[SarahWorksAtHome]

Yes, upgrading to a new phone, or asking a techie friend for help is a good idea.

Switching to another keyboard app may give you some protection. But, it is best to remove Swift by asking your techie friend to remove it for you by rooting your phone, replacing the keyboard app, and uninstalling Swift.

So if my stuck in the dark ages friend, lol, downloads and starts using say, GoKeyboard until said techie friend gets over tonight, it would be a help?
Again, not I said the duck. I'm totally boasting a 6.    :lol:

 

[froggyboy604]

So if my stuck in the dark ages friend, lol, downloads and starts using say, GoKeyboard until said techie friend gets over tonight, it would be a help?
Again, not I said the duck. I'm totally boasting a 6.    :lol:

Yes, I think he should be safer using GoKeyboard, and other keyboard apps which are not made by Swiftkey, or based on Swift. I think in Google Android 4.1 and above, he can also disable the Swift Keyboard in the App uninstaller, or with an App called Disable Bloatware - HideApps to disable/hide Swift.