Comment C2Q8 Re: Samsung for the WIN

Story

Millions of Samsung Galaxy devices remotely exploitable

Preview

Samsung for the WIN (Score: 1)

by pete@pipedot.org on 2015-06-20 20:55 (#BY1E)

certificates are too expensive. god only knows what my smarTv is trying to do right now :/ it runs java and hasn't had an update in a year :o

Re: Samsung for the WIN (Score: 0)

by Anonymous Coward on 2015-06-21 01:03 (#BYF2)

Are you sure that updates can't be turned off? My SO has a Samsung phone and claims that she has set it to not update anything.

Re: Samsung for the WIN (Score: 2, Informative)

by pete@pipedot.org on 2015-06-21 01:41 (#BYGH)

you can tell the google play not to auto update, but it will still check. But this looks like a builtin 'feature' of the keyboard, with no options to turn it off, so like other system updates, you can't stop it from checking; and being a system app you can't disable it, or turn it off. Its certainly concerning that an app is attempting to sideload its own updates instead of using the Play Store.

i miss being able to run AOSP roms, this would have been a 2 second uninstall...but all the Nexus devices are now stupid large, and my galaxy nexus classic finally bit the dust. S4 mini fits the size requirements, but without rootability (thank you KNOX...grr)

Re: Samsung for the WIN (Score: 1)

by pete@pipedot.org on 2015-06-22 14:44 (#C2Q8)

i read a bit more - the updates are supposedly for getting fresh word lists, and the like. and using another keyboard doesn't help, it still checks in the background.

why does it seem like some programmers go out of their way to ensure vulnerabilities can't be mitigated?

Junk Status

Not marked as junk