“We analyzed Samsung Keyboard on Android as well as the versions of Sogou IME and Baidu IME that Samsung bundled with our test device, an SM-T220 tablet running ROM version T220CHN4CWF4. We found that Samsung Keyboard for Android and Samsung’s bundled version Baidu IME includes a vulnerability that allows network eavesdroppers to recover the plaintext of insufficiently encrypted network transmissions, revealing sensitive information including what users have typed (see Table 5 for details).”
This is probably what I’m thinking of. I’m wondering what unencrypted network transmissions your keyboard is sending? If I’m correct your keyboard shouldn’t really be sending shit over any network.
I’m finding a vulnerability but not a data breach for the keyboard. Is that what you’re referring to?
https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/
“We analyzed Samsung Keyboard on Android as well as the versions of Sogou IME and Baidu IME that Samsung bundled with our test device, an SM-T220 tablet running ROM version T220CHN4CWF4. We found that Samsung Keyboard for Android and Samsung’s bundled version Baidu IME includes a vulnerability that allows network eavesdroppers to recover the plaintext of insufficiently encrypted network transmissions, revealing sensitive information including what users have typed (see Table 5 for details).”
This is probably what I’m thinking of. I’m wondering what unencrypted network transmissions your keyboard is sending? If I’m correct your keyboard shouldn’t really be sending shit over any network.