Samsung to use KNOX to fix SwiftKey vulnerability

Samsung to use KNOX to fix SwiftKey vulnerability
The other day we told you about a serious vulnerability on Samsung Galaxy handsets that came with SwiftKey pre-installed. Over 600 million phones are believed to be at risk. The bad guys can use this opening to grab your GPS coordinates, access the camera and the microphone, install apps without your permission, intercept messages and calls, and steal locally-stored files.

SwiftKey, for those unaware, is a third-party QWERTY keyboard app. The vulnerability affects only those Samsung handsets that have the app pre-installed. Samsung says that it is going to use its KNOX secure sandbox to fix the problem. By using KNOX as the conduit for a fix, Samsung can prevent having to send out a firmware update that would have to wait for the carriers to test it.


The bottom line is that thanks to KNOX, this vulnerability will be closed in days instead of weeks or months. And that should make Samsung Galaxy owners feel more secure overall.

source: PocketNow via AndroidGuys

FEATURED VIDEO

27 Comments

1. DeusExCellula

Posts: 1390; Member since: Oct 05, 2014

mmmmhmmmm........................

12. waddup121 unregistered

Knox it up

22. rd_nest

Posts: 1656; Member since: Jun 06, 2010

Sometimes PhoneArena acts like pure uneducated person. Look at this statement - "Over 600 million phones are believed to be at risk. The bad guys can use this opening to grab your GPS coordinates, access the camera and the microphone, install apps without your permission, intercept messages and calls, and steal locally-stored files." Fact is following condition has to be met: - Samsung has already supplied the fix to carriers months ago, so your carrier must be one of those idiots who hasn't yet sent you the update. - You **MUST** be connected to unsecured, unencrypted spoofed network - You must be performing a language pack update over that spoofed unencrypted network at that time That's the fact. So, unless someone is doing all these things at same time, you're safe.

2. tacarat

Posts: 854; Member since: Apr 22, 2013

Nice. I was wondering what Knox was good for besides being rooted away.

3. kurwa23

Posts: 2; Member since: Jun 17, 2015

So carriers can void your warranty for getting rid of their ad revenue and bloatware

27. tacarat

Posts: 854; Member since: Apr 22, 2013

Meh. It invalidates your warranty with Samsung regardless of bloatware.

4. Jason2k13

Posts: 1469; Member since: Mar 28, 2013

I've pretty much owned most flagship Samsung devices starting from the original galaxy and not one of them had swift key pre-installed.

9. yoosufmuneer

Posts: 1518; Member since: Feb 14, 2015

Exactly! Same for me here.

5. Aquarius

Posts: 7; Member since: Aug 20, 2013

I will buy Note 4 edge next week

6. tedkurd unregistered

Incoming patch. 2 years.

8. yoosufmuneer

Posts: 1518; Member since: Feb 14, 2015

Another day, Another ripoff, Another Bobbybuster.

11. tedkurd unregistered

Another day, Another ripoff, Another butthurt. Accept the facts. Our OS, Android, sucks, when it comes to updates. Not to mention the OEMs that are partnered with Android. Le sigh. Don't worry, time has passed. 1 year, 364 days, 23:30 hours left.

15. vergil9

Posts: 517; Member since: Apr 06, 2015

*yawn*

16. BobbyBoster

Posts: 43; Member since: Jun 16, 2015

Don't mind us, we're attention seeking idiots

17. singhkaran9830 unregistered

Exactly cr@pple is the best.It took them 1 year to fix the bugs in ios 8 after numerous updates.I'm still hoping they will fix it in iOS 9.

18. tedkurd unregistered

1 year to fix a MAJOR SECURITY issue? LOL. In your dreams. And sorry but 600 million users. Open your eyes, fanboy. Don't get butthurt lol. Like I said, happy early 65th birthday in case I don't see you in time for the update.

19. BobbyBoster

Posts: 43; Member since: Jun 16, 2015

Don't tell people to not get butthurt if you yourself are more butthurt than him. LOL

20. BobbyBuster

Posts: 854; Member since: Jan 13, 2015

Looks like I just won a die-hard fan.

26. Crispin_Gatieza

Posts: 3163; Member since: Jan 23, 2014

It took BlackBerry getting involved with Knox for this to happen. Make no mistake, Knox will have the highest security layers in the Android world.

21. Cicero

Posts: 1144; Member since: Jan 22, 2014

Updates, updates, updates is all I can hear all the time from techie guys. You will have the right time and supported hardware os installed on the phone at buying time. Furthermore will receive one or two major updates. It's enough looking at the speed of hardware advanced. But ... don't stay and steer at "updates", coming or not, and enjoy the phone which you choose.

10. BobbyBuster

Posts: 854; Member since: Jan 13, 2015

For so long? ROFL

13. drunkenjay

Posts: 1699; Member since: Feb 11, 2013

well it did take apple 8 years for the message bug. 2 years is nothing.

14. Mxyzptlk unregistered

Not sure if serious.

7. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

Well that good and bad. It's good they are fixing it, but bad because Samsung Knox isn't openly available on the Verixon models of the phone.

23. dranonymus

Posts: 4; Member since: Jun 18, 2015

All this PA articles are blaming SwiftKey for this problem, however it is Samsung fault: techcrunch[dot]com/2015/06/17/no-its-samsung-not-s​wiftkey-that-is-to-blame-for-this-keyboard-securit​y-scare/#.5kplgh:kMHY

24. Osama99

Posts: 41; Member since: Nov 14, 2014

Watch Dogs gone real.

25. whoami_amiu

Posts: 12; Member since: Aug 22, 2013

30 DAYS in a month, 7 DAYS is a week.. . So how much will that makedo ;-)

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.