43
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 12 Sep 2024
43 points (100.0% liked)
Samsung
863 readers
1 users here now
Welcome to the Samsung community! This is a place to discuss everything related to Samsung devices, including news, reviews, tips, tutorials, rooting, and app discussions.
Rules
- Stay on topic: all posts should be related to Samsung devices, One UI, or the Samsung ecosystem.
- No support questions/rants/bug reports: please refrain from posting individual support questions, rants, or bug reports. This community is focused on providing general information and discussions.
- Describe images/videos: when sharing images or videos, please provide an explanation in the self-post body. Memes are not allowed.
- No self-promotional spam: active community members are welcome to post their apps but should also participate in comments and discussions. Please do not post links to your own website, YouTube channel, or blog.
- No reposts/rehosted content: whenever possible, submit original sources. If the original source is not available in English, you may provide a translation. Reposts of the same content are not allowed.
- No editorializing titles: when submitting articles, do not change the titles. You may add the author's name if it is relevant.
- No piracy: sharing or discussing pirated content is strictly prohibited.
- No unauthorized polls/bots/giveaways: please do not create unauthorized polls, use bots, or organize giveaways without proper authorization.
- No offensive/low-effort content: avoid posting offensive or low-effort content that does not contribute positively to the community.
- No affiliate links: posting affiliate links is not allowed.
founded 2 years ago
MODERATORS
I’m finding a vulnerability but not a data breach for the keyboard. Is that what you’re referring to?
https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/
“We analyzed Samsung Keyboard on Android as well as the versions of Sogou IME and Baidu IME that Samsung bundled with our test device, an SM-T220 tablet running ROM version T220CHN4CWF4. We found that Samsung Keyboard for Android and Samsung’s bundled version Baidu IME includes a vulnerability that allows network eavesdroppers to recover the plaintext of insufficiently encrypted network transmissions, revealing sensitive information including what users have typed (see Table 5 for details).”
This is probably what I'm thinking of. I'm wondering what unencrypted network transmissions your keyboard is sending? If I'm correct your keyboard shouldn't really be sending shit over any network.