What risks are hidden in keyboards of Android smartphones?

Serious vulnerabilities have been discovered in the keyboards of some Android smartphones that could help hackers hack them. Researchers from Citizen Lab warn about this.

They examined the keyboards of Baidu, Honor, Huawei, iFlytek, OPPO, Samsung, Tencent, Vivo and Xiaomi phones for vulnerabilities. And 8 of them (with the exception of Huawei) were found to have vulnerabilities that allowed attackers to intercept and decrypt user keystrokes. Experts warn that these vulnerabilities can be used to gain unauthorized access to users' personal data.

The study authors have already notified all affected manufacturers about this issue. Most responded, took the problem seriously, and began fixing the vulnerabilities they found. However, some keyboard applications remain vulnerable.

Researchers give the following recommendations to users of phones from the above brands:

• Honor pre-installed keyboard users or QQ Pinyin users should start using a different keyboard.
• Users of any Sogou, Baidu or iFlytek keyboard, including versions that are included or pre-installed with operating systems, should ensure that their keyboards and operating systems are up to date.
• Users of any Baidu IME keyboard should consider switching to another keyboard or disabling the cloud function.
• Users concerned about privacy should not enable cloud features on their keyboards or IMEs, or switch to a keyboard that does not support cloud forecasts.
• iOS users with privacy concerns should not enable “Full Control” for their keyboards or IMEs.