If you’re one of the millions of users of a Samsung Galaxy phone, you might be a potential target for a malicious hacker.
A report released today by NowSecure, a security firm located in Chicago, found that a glitch in Swift, the keyboard software used by default on all Samsung Galaxy devices could allow a remote attacker to compromise your phone.
This particular bug makes the phone vulnerable to what is known as a “man in the middle” attack. The Swift software consistently sends requests to a server, checking for updates. To someone with the right knowhow, though, it’s possible to impersonate Swift’s server and send through software that can be used to gain control of the device.
The main problem with this vulnerability is that there’s no real solution. The Swift keyboard is so integrated into Samsung’s software that it cannot be removed or disabled — even if it is switched out with a different keyboard app. Steering clear of unsecured Wi-Fi networks will make you less likely to be targeted, but it won’t render you invulnerable.
Swift runs with elevated permissions, giving it pretty much free rein around the phone. This means that a hacker that worms his way into it can also access the Galaxy’s microphone and camera, track the user’s location or listen to their calls. They can even install apps.
NowSecure claims to have made Samsung and Google’s Android team aware of this vulnerability in late 2014, and Samsung reportedly has made a patch available to network providers. It’s not clear, though, whether providers have pushed out the patch to users yet. Many networks have a record of being notoriously slow to push through updates and security patches, and NowSecure’s tests found a number of Galaxy phones on different carriers were still vulnerable as of Tuesday.
If you’re of a more technical bent, you may be interested in seeing the details of NowSecure’s report on their blog. If you’re of a less technical bent, you might want to check with your carrier and try to avoid insecure Wi-Fi networks.
Most business economists in the U.S. expect the economy to keep chugging along over the next three months, with rising corporate sales driving additional hiring and wage increases for workers.
The tax cuts, however, don’t seem to be playing a role in hiring and investment plans. And the trade conflicts stirred up by the Trump administration are having a negative influence, with the majority of economists at goods-producing firms who replied to the most recent survey by the National Association for Business Economics saying that their companies were putting investments on hold as they wait to see how things play out.
The Republican tax bill signed into law late last year imposed a 21 percent tax on employees at non-profits who earn more than $1 million a year. According to data from the Chronicle of Higher Education cited by Bloomberg, there were 12 presidents of public universities who received compensation of at least $1 million in 2017, with James Ramsey of the University of Louisville topping the list at $4.3 million. Endowment managers could also get hit with the tax, as could football coaches, some of whom earn substantially more than the presidents of their institutions.
The federal budget deficit rose by 16 percent in the first nine months of the 2018 fiscal year, which began last October. The shortfall came to $607 billion, compared to $523 billion in the same period the year before, according to a U.S. Treasury report released Thursday and reported by Bloomberg. Both revenue and spending rose, but spending rose faster. Revenues came to $2.54 trillion, up 1.3 percent from the same nine-month period in 2017, while spending came to $3.15 trillion, up 3.9 percent.
Pennsylvania’s insurance commissioner sent a letter this week to Health and Human Services Secretary Alex Azar and Centers for Medicare and Medicaid Services (CMS) Administrator Seema Verma requesting that they “immediately release the funding details for the Navigator program for the upcoming open enrollment period for 2019.” Navigators are the state and local groups that help people sign up for Affordable Care Act plans.
“In years past, grant applications and new funding opportunities were released by CMS in April, CMS required Navigator organizations to apply by June and approved applications and new funding by late August,” Pennsylvania’s Jessica Altman wrote. “The current lack of guidance has put Navigator organizations – and states - far behind in their planning and creates an inability for the Navigator organizations to design a successful plan for helping people enroll during the 2019 open enrollment period.”