Millions of Samsung Galaxy Phones May Be Vulnerable to Hackers
If you’re one of the millions of users of a Samsung Galaxy phone, you might be a potential target for a malicious hacker.
A report released today by NowSecure, a security firm located in Chicago, found that a glitch in Swift, the keyboard software used by default on all Samsung Galaxy devices could allow a remote attacker to compromise your phone.
This particular bug makes the phone vulnerable to what is known as a “man in the middle” attack. The Swift software consistently sends requests to a server, checking for updates. To someone with the right knowhow, though, it’s possible to impersonate Swift’s server and send through software that can be used to gain control of the device.
The main problem with this vulnerability is that there’s no real solution. The Swift keyboard is so integrated into Samsung’s software that it cannot be removed or disabled — even if it is switched out with a different keyboard app. Steering clear of unsecured Wi-Fi networks will make you less likely to be targeted, but it won’t render you invulnerable.
Related: 10 Biggest Tech Flops of the Century
Swift runs with elevated permissions, giving it pretty much free rein around the phone. This means that a hacker that worms his way into it can also access the Galaxy’s microphone and camera, track the user’s location or listen to their calls. They can even install apps.
NowSecure claims to have made Samsung and Google’s Android team aware of this vulnerability in late 2014, and Samsung reportedly has made a patch available to network providers. It’s not clear, though, whether providers have pushed out the patch to users yet. Many networks have a record of being notoriously slow to push through updates and security patches, and NowSecure’s tests found a number of Galaxy phones on different carriers were still vulnerable as of Tuesday.
If you’re of a more technical bent, you may be interested in seeing the details of NowSecure’s report on their blog. If you’re of a less technical bent, you might want to check with your carrier and try to avoid insecure Wi-Fi networks.
Stat of the Day: 0.2%
The New York Times’ Jim Tankersley tweets: “In order to raise enough revenue to start paying down the debt, Trump would need tariffs to be ~4% of GDP. They're currently 0.2%.”
Read Tankersley’s full breakdown of why tariffs won’t come close to eliminating the deficit or paying down the national debt here.
Number of the Day: 44%
The “short-term” health plans the Trump administration is promoting as low-cost alternatives to Obamacare aren’t bound by the Affordable Care Act’s requirement to spend a substantial majority of their premium revenues on medical care. UnitedHealth is the largest seller of short-term plans, according to Axios, which provided this interesting detail on just how profitable this type of insurance can be: “United’s short-term plans paid out 44% of their premium revenues last year for medical care. ACA plans have to pay out at least 80%.”
Number of the Day: 4,229
The Washington Post’s Fact Checkers on Wednesday updated their database of false and misleading claims made by President Trump: “As of day 558, he’s made 4,229 Trumpian claims — an increase of 978 in just two months.”
The tally, which works out to an average of almost 7.6 false or misleading claims a day, includes 432 problematics statements on trade and 336 claims on taxes. “Eighty-eight times, he has made the false assertion that he passed the biggest tax cut in U.S. history,” the Post says.
Number of the Day: $3 Billion
A new analysis by the Department of Health and Human Services finds that Medicare’s prescription drug program could have saved almost $3 billion in 2016 if pharmacies dispensed generic drugs instead of their brand-name counterparts, Axios reports. “But the savings total is inflated a bit, which HHS admits, because it doesn’t include rebates that brand-name drug makers give to [pharmacy benefit managers] and health plans — and PBMs are known to play games with generic drugs to juice their profits.”
Chart of the Day: Public Spending on Job Programs
President Trump announced on Thursday the creation of a National Council for the American Worker, charged with developing “a national strategy for training and retraining workers for high-demand industries,” his daughter Ivanka wrote in The Wall Street Journal. A report from the president’s National Council on Economic Advisers earlier this week made it clear that the U.S. currently spends less public money on job programs than many other developed countries.
