Koodo Community

Community

Solved

Samsung Keyboard Security Risk


Are the Samsung phones from Koodo affected by the Samsung Keyboard Security Risk? Will there be a patch for the security risk sometime in future? I bought the Samsung Galaxy S5 in May 2015 from Koodo. https://www.nowsecure.com/keyboard-vulnerability/

7 replies

Userlevel 1
Sounds like this may affect all cellphone companies in canada although the list in the article doesn't state canadian providers.
Userlevel 7
Badge +4
IMO it's really nothing to worry about as there is a bunch of things that have to line up for an attack to actually occur and chances of that are pretty darn low. First off it can only happen when your on an open public wifi network and the attacker is on the same public wifi network, it can also only happen when your phones keyboard updates and the attacker has to attack at that exact time. Samsung has already started pushing out updates to the affected devices but it will take a little time to patch all models, until then if your worried about the .00000001% chance of it happening to you then just stay off of any open public networks and your perfectly safe. I'm using a Galaxy S6 and I have no worry about it at all and nobody else really should either
Thank you for the clarifications. The .00000001% chance is comforting. What do you mean by "it can also only happen when your phones keyboard updates"? Did you mean when a software update is occurring for the keyboard?
Userlevel 7
Badge +4
Billy Bob wrote:

Thank you for the clarifications. The .00000001% chance is comforting. What do you mean by "it ca...

The keyboard automatically updates in the background for predictions and such, it's not like an actual update from the playstore.
Billy Bob wrote:

Thank you for the clarifications. The .00000001% chance is comforting. What do you mean by "it ca...

ok, thanks
Badge +4
According to one poster in the technical blog of that article, you can check if your phone is affected. Download the Terminal Emulator written by Jack Palevich. https://play.google.com/store/apps/details... In the terminal emulator, type the following as shown: -l /system/app/SamsungIME.apk (the first character is a lowercase L with a minus sign before it). If you see "No such file or directory" then you are not vulnerable. If you see a line beginning with "-rw-r--r-- root root..." then you are vulnerable. As Paul mentions, I think the chances of an attack are slim to none unless all of the criteria for an attack are met. If your phone shows as vulnerable to attack, simply refrain from using public Wi-Fi networks and you should be fine until an update from Samsung resolves the issue.
Thank you, Rikkster for the further information.

Reply