Could e/OS keyboard be vulnarable to this attack?

A few years ago Androidusers reported strange behavior of their swiftkey on-screen keyboard
Could e/OS be vulnerable to a similar keylogger?

1 Like

I don’t think the e keyboard could be vulnerable. It is using the default android keyboard and does not have network access, so there is no cloud sync.

1 Like

Thanks Keplyx, thats reassuring, What about in-app keyboards though, do they use their own software or do they use the default android keyboard as well?

I try to use only open-source apps but have some flaws.
Telegram for example, could their keyboard be compromised in this way?

Apart from very rare occasions, there is no such thing as “in App keyboards”. Text input is handeled by the Android system via your system keyboard.

2 Likes

As said @ljahn, apps use the system keyboard so they only receive what you type. They cannot access your typing history, but they can access what your are typing inside the app. So if you do not trust an app, do not write stuff in it or simply do not install it.

Keyboard handle very sensitive data and you should be careful when changing it. Android even displays a warning when you try to change it, telling you the newly installed keyboard will have access to everything you type, in any app.

Just like every software, before installing it you should check who is the author: ask yourself the question “do I trust them?”, “what can they do with my data?”. If I am not mistaken, Swift key is made by Microsoft, so it is no surprise they connected their keyboard to the cloud and are harvesting data, the same is done by Google and Apple.

If you want to be safe with a keyboard, first check if it has internet access. If not, this is very unlikely it will be able to leak your data.

2 Likes