Millions of Samsung Galaxy Phones May Be Vulnerable to Hackers

Millions of Samsung Galaxy Phones May Be Vulnerable to Hackers

Samsung's Galaxy S4 emerges to do battle on Apple's home turf
Reuters
By Andrew Lumby

If you’re one of the millions of users of a Samsung Galaxy phone, you might be a potential target for a malicious hacker.

A report released today by NowSecure, a security firm located in Chicago, found that a glitch in Swift, the keyboard software used by default on all Samsung Galaxy devices could allow a remote attacker to compromise your phone.

This particular bug makes the phone vulnerable to what is known as a “man in the middle” attack. The Swift software consistently sends requests to a server, checking for updates. To someone with the right knowhow, though, it’s possible to impersonate Swift’s server and send through software that can be used to gain control of the device.

The main problem with this vulnerability is that there’s no real solution. The Swift keyboard is so integrated into Samsung’s software that it cannot be removed or disabled — even if it is switched out with a different keyboard app. Steering clear of unsecured Wi-Fi networks will make you less likely to be targeted, but it won’t render you invulnerable.

Related: 10 Biggest Tech Flops of the Century​

Swift runs with elevated permissions, giving it pretty much free rein around the phone. This means that a hacker that worms his way into it can also access the Galaxy’s microphone and camera, track the user’s location or listen to their calls. They can even install apps.

NowSecure claims to have made Samsung and Google’s Android team aware of this vulnerability in late 2014, and Samsung reportedly has made a patch available to network providers. It’s not clear, though, whether providers have pushed out the patch to users yet. Many networks have a record of being notoriously slow to push through updates and security patches, and NowSecure’s tests found a number of Galaxy phones on different carriers were still vulnerable as of Tuesday.

If you’re of a more technical bent, you may be interested in seeing the details of NowSecure’s report on their blog. If you’re of a less technical bent, you might want to check with your carrier and try to avoid insecure Wi-Fi networks.

A New Plan to Expand Health Care Coverage — and Contain Costs

medical stethoscope
iStockphoto/vetkit
By Yuval Rosenberg

Economists at the Urban Institute this week released a new health-care policy proposal. The plan would leave Medicare and employer-based health care coverage in place but add a new, Medicare-style “Healthy America” marketplace with public and private insurer options for everyone else. The Urban economists say their plan “is less ambitious than a single-payer system (i.e., Medicare for All), but it would get close to universal coverage with much lower increases in federal spending and less disruption for people currently enrolled in employer coverage or Medicare.”

As for the costs, the authors estimate it would be about $98 billion in the first year.

The Washington Post Editorial Board says the proposal serves as a reminder that “there are options that are neither as cruel as the GOP’s miserly repeal-and-replace nor as disruptive as the more sweeping left-wing proposals” for single-payer plans. “In other words, they are compassionate and realistic.” Read the Urban Institute’s plan here.

Quote of the Day: A Big Hurdle for the Tax Cuts

Reuters/Joshua Roberts
By The Fiscal Times Staff

“He goes in and campaigns on an issue, and the challenge is he then talks about executing drug dealers. Why do you think the press is going to cover the tax cuts if you’ve given them the much more exciting issue?”

-- Grover Norquist, president of tax-cutting advocacy group Americans for Tax Reform, on President Trump’s failure to sell the tax law.

Chart of the Day: It’s Still the Economy, Stupid

iStockphoto
By Yuval Rosenberg

Security may be the top policy issue for Republican voters, but the economy is the top concern for Democrats, independents and voters overall, according to Morning Consult’s latest polling on the midterm elections. Health care is third on the list, followed by “seniors’ issues.” The results are based on surveys with more than 275,000 registered U.S. voters from February 1 to April 30.

Number of the Day: $13 Billion

A congressional aide places a placard on a podium for the House Republican's legislation to overhaul the tax code on Capitol Hill in Washington
JOSHUA ROBERTS/Reuters
By The Fiscal Times Staff

An analysis by Bloomberg finds that the roughly 180 companies in the S&P 500 that have reported earnings for the first three months of the year saved almost $13 billion thanks to the corporate tax cut enacted late last year. Those companies’ effective tax rate dropped by more than 6 percentage points on average. About a third of the tax savings went to 44 financial firms.

How a Florida Doctor with Social Ties to Trump Delayed a $16B Billion VA Project

McDonald delivers an apology, for recent misstatements about his military record, to reporters outside VA headquarters in Washington
REUTERS/Jonathan Ernst
By The Fiscal Times Staff

A West Palm Beach doctor who is friends with Ike Perlmutter, the chairman of Marvel Entertainment and an informal adviser to President Trump on veterans’ issues, has held up “the biggest health information technology project in history — the transformation of the VA’s digital records system,” Politico’s Arthur Allen reports. Dr. Bruce Moskowitz “objected to the $16 billion Department of Veterans Affairs project because he doesn’t like the Cerner Corp. software he uses at two Florida hospitals, according to four former and current senior VA officials. Cerner technology is a cornerstone of the VA project. … Moskowitz’s concerns effectively delayed the agreement for months, the sources said.” Read the full story.