Millions of Samsung Galaxy Phones May Be Vulnerable to Hackers
If you’re one of the millions of users of a Samsung Galaxy phone, you might be a potential target for a malicious hacker.
A report released today by NowSecure, a security firm located in Chicago, found that a glitch in Swift, the keyboard software used by default on all Samsung Galaxy devices could allow a remote attacker to compromise your phone.
This particular bug makes the phone vulnerable to what is known as a “man in the middle” attack. The Swift software consistently sends requests to a server, checking for updates. To someone with the right knowhow, though, it’s possible to impersonate Swift’s server and send through software that can be used to gain control of the device.
The main problem with this vulnerability is that there’s no real solution. The Swift keyboard is so integrated into Samsung’s software that it cannot be removed or disabled — even if it is switched out with a different keyboard app. Steering clear of unsecured Wi-Fi networks will make you less likely to be targeted, but it won’t render you invulnerable.
Related: 10 Biggest Tech Flops of the Century
Swift runs with elevated permissions, giving it pretty much free rein around the phone. This means that a hacker that worms his way into it can also access the Galaxy’s microphone and camera, track the user’s location or listen to their calls. They can even install apps.
NowSecure claims to have made Samsung and Google’s Android team aware of this vulnerability in late 2014, and Samsung reportedly has made a patch available to network providers. It’s not clear, though, whether providers have pushed out the patch to users yet. Many networks have a record of being notoriously slow to push through updates and security patches, and NowSecure’s tests found a number of Galaxy phones on different carriers were still vulnerable as of Tuesday.
If you’re of a more technical bent, you may be interested in seeing the details of NowSecure’s report on their blog. If you’re of a less technical bent, you might want to check with your carrier and try to avoid insecure Wi-Fi networks.
Budget ‘Chaos’ Threatens Army Reset: Retired General
One thing is standing in the way of a major ongoing effort to reset the U.S. Army, writes Carter Ham, a retired four-star general who’s now president and CEO of the Association of the U.S. Army, at Defense One. “The problem is the Washington, D.C., budget quagmire.”
The issue is more than just a matter of funding levels. “What hurts more is the erratic, unreliable and downright harmful federal budget process,” which has forced the Army to plan based on stopgap “continuing resolutions” instead of approved budgets for nine straight fiscal years. “A slowdown in combat-related training, production delays in new weapons, and a postponement of increases in Army troop levels are among the immediate impacts of operating under this ill-named continuing resolution. It’s not continuous and it certainly doesn’t display resolve.”
Pentagon Pushes for Faster F-35 Cost Cuts
The Pentagon has taken over cost-cutting efforts for the F-35 program, which has been plagued by years of cost overruns, production delays and technical problems. The Defense Department rejected a cost-saving plan proposed by contractors including principal manufacturer Lockheed Martin as being too slow to produce substantial savings. Instead, it gave Lockheed a $60 million contract “to pursue further efficiency measures, with more oversight of how the money was spent,” The Wall Street Journal’s Doug Cameron reports. F-35 program leaders “say they want more of the cost-saving effort directed at smaller suppliers that haven’t been pressured enough.” The Pentagon plans to cut the price of the F-35A model used by the Air Force from a recent $94.6 million each to around $80 million by 2020. Overall, the price of developing the F-35 has climbed above $400 billion, with the total program cost now projected at $1.53 trillion. (Wall Street Journal, CNBC)
Chart of the Day - October 6, 2017
Financial performance for insurers in the individual Obamacare markets is improving, driven by higher premiums and slower growth in claims. This suggests that the market is stabilizing. (Kaiser Family Foundation)
Quote of the Day - October 5, 2017
"The train's left the station, and if you're a budget hawk, you were left at the station." -- Rep. Mark Sanford, R-S.C.