[ad_1]
The Samsung Galaxy S8 is one of the most popular smartphones among our readers. In the ranking, it ranks 15th in three years after market launch. A recently revealed Galaxy S8 security vulnerability threatens users of the popular smartphone.
Galaxy S8 vulnerability in detail
The vulnerability was addressed by the security researcher. Jiska discovered and published. It is a weak point in the Bluetooth connection of smartphones. Attackers can connect the smartphone’s Bluetooth connection to other devices and intercept and decrypt data. The Galaxy S8 vulnerability is made possible by the lack of a random number generator on Broadcom’s Bluetooth chip. A wide variety of data can be transmitted via Bluetooth. When connected to a car, for example, messages and contacts are transmitted, which can be read. Calls can also be heard. If you have connected a fitness tracker, the messages and fitness data are also transmitted here. With Bluetooth keyboards, even entered passwords are transmitted.
Users themselves are not aware of the attack. Entering a security code, as is common for many connections, does not provide security either. However, since the attacks are limited to the Bluetooth range of the devices, it is not possible to systematically listen to multiple devices. Therefore, only attacks targeting individual users are possible.
Which smartphones are affected?
The Galaxy S8 vulnerability affects all Galaxy S8 and Galaxy S8 Plus models sold outside of North America. So also devices purchased in Germany. The Galaxy Note 8 is also affected regardless of the point of sale, as is the Meizu 15 Plus, which is not very common in Germany.
The Samsung Galaxy S8’s Bluetooth chip is missing a hardware random number generator, and the support for the pseudo-random number generator is weak. The S8 is still in Samsung’s monthly patch cycle, but they missed the 90-day deadline. https://t.co/9sHbmmgyMQ pic.twitter.com/UiuoR6QSLh
– Jiska (@naehrdine) April 30, 2020
The security researcher also verified other devices from different manufacturers, but was unable to identify any other affected devices. The following devices have been verified and do not have the Galaxy S8 security hole: Galaxy S6, S10, Note 10, S20, iPhone SE, 6, 7, 8 ,, X, XR, 11, Nexus 5, 6P. Devices that are not listed here most likely do not have the vulnerability either.
What can I do to protect myself?
The easiest way to protect yourself is to disable Bluetooth in the settings of the smartphone in question. Samsung has already confirmed the problem and announced that it will release an update for the affected devices in the coming days.
[ad_2]
