New exploit turns Samsung Galaxy phones into remote bugging devices – Ars Technica (Jan 25, 2017)

This is another one of those occasions where Android’s relatively open and complex structure allows for malware which couldn’t exist on iOS. In this particular case, it’s the layering of third party software (a customized version of the SwiftKey keyboard) on top of a customization of the UI and services (by Samsung) on top of the Android base layer. To be fair, this attack isn’t nearly as broad a threat as malware distributed through the Google Play Store – it requires a man in the middle attack and is therefore mostly a risk to those who might be deliberately targeted by hackers – but it’s still not good news, especially given the wide distribution of the devices in question. The complex route security patches have to take in the Android world is another element that will hamper the resolution of this issue.

via Ars Technica


The company, topic, and narrative tags below will take you to other posts with the same tags. The narrative link(s) will also take you to the narrative essay which provides additional context behind the post.

Vote for or share this post

Use the Like button below to vote for this post as one of the most important of the week. The posts voted most important are more likely to be included in the News Roundup podcast episode I do each week. Or use the sharing buttons to share a link to this post to social networks or other services.