Security Researchers Warn that Third-Party GO Keyboard App is Spying on Millions of Android Users (betanews.com)

← Back to Stories (view on slashdot.org)

Security Researchers Warn that Third-Party GO Keyboard App is Spying on Millions of Android Users (betanews.com)

Posted by msmash on Thursday September 21, 2017 @08:30AM from the nightmare dept.

An anonymous reader shares a report: Security researchers from Adguard have issued a warning that the popular GO Keyboard app is spying on users. Produced by Chinese developers GOMO Dev Team, GO Keyboard was found to be transmitting personal information about users back to remote servers, as well as "using a prohibited technique to download dangerous executable code." Adguard made the discovery while conducting research into the traffic consumption and unwanted behavior of various Android keyboards. The AdGuard for Android app makes it possible to see exactly what traffic an app is generating, and it showed that GO Keyboard was making worrying connections, making use of trackers, and sharing personal information. Adguard notes that there are two versions of the keyboard in Google Play which it claims have more than 200 million users in total.

65 comments

Min score:

Reason:

Sort:

Ok...why do you need multiple keyboards? by cayenne8 · 2017-09-21 08:34 · Score: 1, Interesting

ON a digital product like a phone, I'm at a loss to know why someone would need another keyboard?
What does the default keyboard not offer?

--
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
1. Re:Ok...why do you need multiple keyboards? by fisted · 2017-09-21 08:38 · Score: 3, Informative
  
  I need a different keyboard because the default keyboard doesn't have a ton of standard keys.
  
  --
  CLI paste? paste.pr0.tips!
2. Re:Ok...why do you need multiple keyboards? by gnick · 2017-09-21 08:40 · Score: 1
  
  ON a digital product like a phone, I'm at a loss to know why someone would need another keyboard?
  I found a "Key Features" blurb for GO Keyboard:
  
  GO Keyboard (Emoji Free) enables to quickly type a text on the Android device. Integrated with an accurate auto-correction and a next-word prediction, the number of mistakes on each typed phrase is greatly reduced. The Swipe typing Mode is enhanced for this version. This application gathers about 800 free Emoji, emoticons and text face display that can be used directly via the keyboard. Apart from that, it also offers no less than 140 personalized themes that are constantly updated. Thanks to this app, the user can be sure to have all his sensitive private data entirely secure. Indeed, GO Keyboard (Emoji Free) is designed to block collecting private information such as password or credit cards. This is making the app quite interesting compared to other keyboard apps of its genre. More than 60 languages are supported by this application. This is essential if the user has to type other language than English. GO Keyboard (Emoji Free) can support English, French and German and still many others.
  
  It sounds like it offers very little.
  
  --
  He's getting rather old, but he's a good mouse.
3. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 08:41 · Score: 0
  
  swipe
4. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 08:42 · Score: 0
  
  Because why not? It's not like it's difficult to provide API into the OS.
  You can then push forward advances like Swype, or if you're old school, have a retro Morse Code keyboard. Or if you're into the OEM Inventory control software, you can drop in a UPC/barcode scan (like most do with computers at the moment) into any app.
5. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 08:43 · Score: 0
  
  The kids these days, they communicate through a series of animated gifs sent to one another over MMS. Does the default keyboard let me reply to this post with an animated gif of an old asian lady giving the thumbs up? No, which is why we need other keyboards.
6. Re:Ok...why do you need multiple keyboards? by Infiniti2000 · 2017-09-21 08:43 · Score: 1
  
  ...the user can be sure to have all his sensitive private data entirely secure.
  And, sent to China for free backup protection!
7. Re:Ok...why do you need multiple keyboards? by cayenne8 · 2017-09-21 08:47 · Score: 1
  
  swipe
  Hmm..guess I need to go look up what a "swipe" keyboard is.....?
  
  --
  Light travels faster than sound. This is why some people appear bright until you hear them speak.........
8. Re: Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 08:48 · Score: 0
  
  > This application gathers about 800 free Emoji, emoticons and text face display that can be used directly via the keyboard.
  I don't even understand how that is "emoji free"
  But yeah, they claim this keyboard makes your passwods more secure , that practically screaming malware isnide
9. Re: Ok...why do you need multiple keyboards? by gnick · 2017-09-21 08:57 · Score: 3, Informative
  
  I don't even understand how that is "emoji free"
  GO Keyboard: Emoji free. Other keyboard: Emoji cost extra. gnick understand.
  
  --
  He's getting rather old, but he's a good mouse.
10. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 09:03 · Score: 0
  
  ON a digital product like a phone, I'm at a loss to know why someone would need another keyboard?
  What does the default keyboard not offer?
  It's called wanting a choice. Same reason we all don't use the same web browser, calendar or email app or other apps that may come with a device.
  What is it with people like you pigeon holing everyone into the same mindset as yourself? Are you incapable of even beginning to grasp the concept that not everyone likes the same shit you do?
  Wow, you really must have an incredibly tiny mind to have asked this...
11. Re:Ok...why do you need multiple keyboards? by AuMatar · 2017-09-21 09:03 · Score: 4, Informative
  
  Swyping functionality used to be a big one.
  Language support that the default phone doesn't include.
  Handwriting mode, if you're into that.
  Better autocorrect libraries
  Alternative layouts, if you like dvorak
  New features, such as syncing personal word lists to the cloud.
  That's what comes off the top of my head, if I thought about it I could come up with dozens more.
  (Bias note: I worked at Swype, the first popular 3rd party keyboard).
  
  --
  I still have more fans than freaks. WTF is wrong with you people?
12. Re:Ok...why do you need multiple keyboards? by R4D4R · 2017-09-21 09:08 · Score: 3, Informative
  
  I use Hacker keyboard for Tab (autocomplete) in BASH, plus the arrow keys, plus Ctrl/Alt.
13. Re:Ok...why do you need multiple keyboards? by mattgoldey · 2017-09-21 09:10 · Score: 1
  
  Personal preferences or needs. Some keyboards are better at handling multiple languages. Some are better at gesture-typing. Some are better with predictions. Some are better for one-handed use. Some people like to apply themes and colors to their keyboard. And sometimes the stock keyboards just stink. Personally, I use GBoard because I'm accustomed to the layout and the way it does gesture-typing, but I've also liked using Swype.
14. Re:Ok...why do you need multiple keyboards? by tlhIngan · 2017-09-21 09:14 · Score: 1
  
  ON a digital product like a phone, I'm at a loss to know why someone would need another keyboard?
  What does the default keyboard not offer?
  The standard Android keyboard is terrible. I don't know what it is, but for some reason, typing on my Nexus 6p is full of errors, yet if I use my iPhone 4s, it works fine (and well, despite the screen bein g almost half the size).
  The only good thing I can say about the Android keyboard is it pops up the number bar when I enter passwords so I don't have to switch to the symbol set to type numbers.
15. Re:Ok...why do you need multiple keyboards? by ctilsie242 · 2017-09-21 09:19 · Score: 1
  
  There was a decent keyboard app, but forgot the name, which was great for UNIX stuff, and offered a bunch of customizations, be it arrow keys, key size, color, and a lot of other options. I think it was Swiftkey, but not sure.
  Of course, the nice thing about Android and a rooted device... the keyboard could be firewalled, just in case it decided to try to phone home.
16. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 09:26 · Score: 0
  
  UNDO/REDO.
  Just kidding, no Android keyboard offers that.
17. Re:Ok...why do you need multiple keyboards? by hey! · 2017-09-21 09:28 · Score: 1
  
  If you spend a lot of time entering text on your phone minor conveniences would add up over the course of a day.
  It wouldn't make a difference for someone like me, since I at most spend a couple of minutes a day on my phone keyboard. On the other hand for most people the old buckling spring Model M keyboard I use when I'm coding is just a weird, ugly, noisy old dinosaur (kind of like me I guess). They wouldn't see the point, until they spend all day typing on the thing.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
18. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 09:50 · Score: 1
  
  Now. Back when it first came out, it was much better than the standard Android keyboard. I think a lot of people are still using it just because they have always used it.
19. Re: Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 09:57 · Score: 0
  
  Oh... people pay for those emoji so... wow that's retarded.
20. Re:Ok...why do you need multiple keyboards? by thegarbz · 2017-09-21 09:59 · Score: 1
  
  What does the default keyboard not offer?
  You own an iPhone and can't change the keyboard don't you?
21. Re:Ok...why do you need multiple keyboards? by PsychoSlashDot · 2017-09-21 10:09 · Score: 1
  
  ON a digital product like a phone, I'm at a loss to know why someone would need another keyboard?
  What does the default keyboard not offer?
  I use "Hacker's Keyboard", which offers full QWERTY layout, with optional additional numbers/symbols row, has a Ctrl, Alt, tab and arrow buttons. All at once. That lets me type on my phone like a normal keyboard. No pressing a button to toggle into "number mode" or "symbol mode". When typing mixtures of things, such as complex passwords, or when using proper punctuation, it's way faster than traditional mobile keyboards.
  
  In short, I don't type things like "i b cn u ok lol", so a richer keyboard experience is appropriate for me. Others' mileage may vary (and likely does).
  
  --
  "Oh no... he found the .sig setting."
22. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 10:19 · Score: 0
  
  Huh? You can install third-party keyboards on iOS no problem. Also, they need special permission to access the Internet, so crap like this can't happen.
23. Re: Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 10:24 · Score: 0
  
  You should check out a review of the emoji movie.
  It's literally an ad for animated emojis. The morale of the story is "you don't have to be just one thing, you can be anything! SO BUY ANIMATED EMOJIS YOU LITTLE FUCK!"
24. Re:Ok...why do you need multiple keyboards? by fisted · 2017-09-21 10:37 · Score: 1
  
  Same here, why do you spell bash in all caps?
  
  --
  CLI paste? paste.pr0.tips!
25. Re:Ok...why do you need multiple keyboards? by tepples · 2017-09-21 10:43 · Score: 2
  
  It's an acronym for Bourne Again SHell.
26. Re:Ok...why do you need multiple keyboards? by Frosty+Piss · 2017-09-21 10:56 · Score: 1
  
  You own an iPhone and can't change the keyboard don't you?
  Why would I need to?
  
  --
  If you want news from today, you have to come back tomorrow.
27. Re:Ok...why do you need multiple keyboards? by stephanruby · 2017-09-21 10:57 · Score: 4, Interesting
  
  I can't speak for the Go keyboard. I've never used it. Nor am I going to tell you the 3rd party software keyboard that I use, I think people should just try different keyboards until they find one that's right for them.
  But for me, it offers speed and convenience (at the cost of privacy).
  In other words, if privacy is your number one concern, please read no further, custom 3rd party keyboards are not for you.
  My own keyboard knows what I'm going to say before I say it. It has access to my last twenty years of emails, sms/texts, and the little bit of social media content I've generated. It remembers previously used phone numbers, email addresses, and physical addresses. It shares information to the cloud and across devices. If I'm typing a previously used address into Waze or Google Maps on a new phone, it will do a better job of completing that address than either of those two applications will.
  But don't visualize the typical auto-complete search form you might find on google, nor the typical PC auto expander application you might download from a shareware site, my keyboard may know the next words that I'm going to write, since it doesn't need me to type a single letter before suggesting words, but it still offers its suggestions word by word in case I need to deviate from my usual pattern (and offers me alternative suggestions from other patterns I've used). And in that sense, I think it's much less distracting than the auto-complete mechanism used on a google search form (on the google search form, auto-complete is more of an exploratory mechanism).
  My keyboard knows grammar and spelling for my native French which I do not remember perfectly. It can do French accents, without me having to press and hold a key, or without me having to go into an alternate keyboard. It allows me to mix French and English when writing to family members (instead of highlighting all my mistakes in French when enabling the English spell checker, or highlighting all my mistakes in English when enabling the French spell checker). If you're trilingual, it allows you to use or mix up to three European languages at the same time.
  I don't know how it handles non-European languages, but I would assume that there are third-party keyboards that specialize in Asian, Middle-Eastern, and other exotic languages. And if god forbid, if I don't want it to remember a particular porn website I use or the search keywords that I use on that porn site, I just long press on the suggestion to delete it from its database. Also, the keyboard is designed not to save what's entered into password fields.
  And the default Android keyboard is great, in fact, it copied many of the great features 3rd party Android keyboards pioneered, but it is still playing catch up to some of those other 3rd party keyboards.
28. Re:Ok...why do you need multiple keyboards? by jnork · 2017-09-21 11:15 · Score: 2
  
  Swype, not Swipe. It's the one I use. It's got its pros and cons.
  http://www.swype.com/
  
  --
  Cleverly disguised as a responsible adult.
29. Re:Ok...why do you need multiple keyboards? by fisted · 2017-09-21 11:39 · Score: 1
  
  I know that, I just looks weird and un-unixish to capitalize it. The binary is called bash, the documentation uses Bash or bash.
  
  --
  CLI paste? paste.pr0.tips!
30. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 12:16 · Score: 0
  
  Ah, Apple has raised you well.
  Is Apple's one-sized-corporate-cock-fits-all as satisfying as Apple says it is? iKid.
31. Re: Ok...why do you need multiple keyboards? by Miamicanes · 2017-09-21 13:18 · Score: 1
  
  > ON a digital product like a phone, I'm at a loss to know
  > why someone would need another keyboard?
  Graffiti. Laugh if you must, but I've been using Graffiti for more than 20 years (I got my first Palm Pilot in 1997). By now, it's burned into muscle memory... I don't even have to think about it anymore. It's subconscious. Without it, I'm totally handicapped.
  The sad thing, though, is accuracy. A 16MHz Palm III achieved nearly flawless recognition. An 8-core 2GHz+ Nexus 6p still struggles to not fuck up 1 in 20-30 characters. I think cpu speed management is the main culprit... if I lock the cpu governor to max performance with a custom kernel, the accuracy problems mostly go away. The elimination of physical hardkeys on new Android phones also aggravates the problem... every few minutes, my finger will graze a softkey below the input area & trigger an undesired back/home/history keypress. My previous phone (a Galaxy Note 4) also had some serious issues with Graffiti that seemed to be due to Samsung doing funky global things with gesture-recognition in the background... certain strokes seemed to trigger a spike in background activity that caused Graffiti to miss what should have been the next 10-25 samples.
  So yes, thirdparty keyboards matter to me. A lot.
32. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 13:19 · Score: 0
  
  What does the default keyboard not offer?
  It does not spy on you and report back to China...
33. Re:Ok...why do you need multiple keyboards? by zedaroca · 2017-09-21 14:35 · Score: 1
  
  Does your keyboard have Chinese?
  I actually have two google keyboards, not that I trust google, it's just that the standard keyboard doesn't have Chinese and Microsoft bought swiftkey.
  But if you look at the big example of a phone with ONE keyboard, it doesn't offer swipe/slide to type (or at least it didn't for a very long time, I have no idea about how iphones are these days). It also still doesn't have decent autocorrection.
  Different keyboards focus on different things. Better predictive text, better emojis, better interaction.
34. Re:Ok...why do you need multiple keyboards? by rtb61 · 2017-09-21 17:22 · Score: 1
  
  Hmm, let me see, ohh, how about the fucking alphabet, you know the silly shit, ABCDEF instead of fucking QWERTY, why querty because you need it for manual mechanical typewriters https://en.wikipedia.org/wiki/... so the type bars wont jam. Apparently the gender conused don't like the alphabet because it is too traditional and demand the alphabet be altered from ABCDEF to QWERTY, why because they are gender confused and that's enough reason for anything and everything, challenge that and be publicly attacked.
  
  --
  Chaos - everything, everywhere, everywhen
35. Re:Ok...why do you need multiple keyboards? by thegarbz · 2017-09-21 20:24 · Score: 1
  
  Don't know. All software runs on Windows and Android, why would you "need" Apple or Linux?
  The point was, people who are locked into a keyboard don't understand that alternatives exist with widely different feature sets. E.g. the keyboard I installed intelligently flips between multiple languages for the spell checker. I also used to use a Swipe keyboard which was much easier to write with than the stock Samsung or Google one, though Google has closed the feature and quality gap with Swipe.
36. Re: Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 20:30 · Score: 0
  
  Auto corrected by the Go keyboard.
37. Re:Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 21:34 · Score: 0
  
  What the fuck is a "digital product"? Like my computer? I can buy a keyboard for it too.
38. Re:Ok...why do you need multiple keyboards? by Zero__Kelvin · 2017-09-21 22:05 · Score: 1
  
  If it was an acronym it would be called BAS.
  
  --
  Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
39. Re: Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 23:13 · Score: 0
  
  I bought my phone in Norway, so the default keyboard only supports western languages. However, I regularly text in Russian and Korean (since I lived a year in Korea and am currently learning Russian), so I need a new keyboard for its language support. I currently use SwiftKey for that; swipe-typing is a nice bonus.
40. Re: Ok...why do you need multiple keyboards? by Anonymous Coward · 2017-09-21 23:36 · Score: 0
  
  Because Samsung does not provide a Russian keyboard for my wife to speak to her Mom. I think really the question should be, why does Samsung expect that users should write keyboard apps?
  I'm so angry, I just installed this for my wife 2 days ago because of said previous problem.
41. Re:Ok...why do you need multiple keyboards? by Godwin+O'Hitler · 2017-09-22 01:09 · Score: 1
  
  Because tiny touch screens don't lend themselves to traditional keyboard layouts unless you have Nosferatu-like fingers.
  That answers the question why you might need another keyboard.
  It doesn't however answer the question why you would use the "Go" keyboard.
  
  --
  No, your children are not the special ones. Nor are your pets.
anything made in China by turkeydance · 2017-09-21 08:34 · Score: 1

and developed in the US has been hacked by the Russians or something like that
What permissions does it request at install ? by Alain+Williams · 2017-09-21 08:37 · Score: 1

Oh, I forgot: very few people even look at what the app is asking for, just as they click 'accept' to the T&Cs without having read them.
1. Re:What permissions does it request at install ? by Anonymous Coward · 2017-09-21 08:57 · Score: 0
  
  Pretty sure it doesn't ask for the "using a prohibited technique to download dangerous executable code" permission.
2. Re: What permissions does it request at install ? by F.Ultra · 2017-09-21 09:13 · Score: 1
  
  You mean they ignored to set the evil bit?!
All devices need user controlled firewalls by Anonymous Coward · 2017-09-21 08:54 · Score: 1

Every device with a UI (i.e. desktops, phones) needs a firewall that will not let *any* traffic out of the machine unless the user has approved it. Early versions of Zone Alarm on Windows were a perfect example of this done well. When a program tried to connect outwardly you were alerted. Proved vital in catching lots of nasties of less tech savvy friends machines before they'd managed to download their full payload etc..
And it should not be possible to add rules to the firewall programatically. The user should always be able to say "yes" or "no" to any and all outgoing traffic. Incoming traffic should obviously only be allowed in if it's in response to a request that's been allowed out.
So no automatic updaters, no automatic "upgraders", no background services silently connecting to who knows where.
Give the users control !
The AdGuard app by future+assassin · 2017-09-21 09:13 · Score: 1

Next thing you know RedGuard app discovers AdGuard is sending info back to their own servers.

--
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
gotta up your game! by Anonymous Coward · 2017-09-21 09:24 · Score: 0

android is spying on about one and a half BILLION users.
No Privacy policy by Trax3001BBS · 2017-09-21 09:32 · Score: 2

Your directed here https://adguard.com/en/privacy... from here https://adguard.com/en/privacy... me thinks they may be rewriting it.
Hacker Keyboard by Trax3001BBS · 2017-09-21 09:34 · Score: 1

https://play.google.com/store/... came with a ROM for the Xoom and I've used it every since. It allows key combos like ctrl+C/V and doesn't spy one you.
tell me again why you hate Apple? by zantafio · 2017-09-21 09:36 · Score: 1

You want highly customizable, you get highly insecure. you won't find this kind of security gap with IOS. Apple does not allow keyboard extension to access the network stack, simple as that. +1 for the walled garden.
1. Re:tell me again why you hate Apple? by AuMatar · 2017-09-21 10:22 · Score: 1
  
  It all depends on how much you trust the company. My keyboard downloaded local dialect words and location names when it saw I got off a plane. You can't do cool things like that on iOS, because Big Brother knows better (and wants all that data all to itself).
  
  --
  I still have more fans than freaks. WTF is wrong with you people?
2. Re:tell me again why you hate Apple? by tlhIngan · 2017-09-22 05:32 · Score: 1
  
  It all depends on how much you trust the company. My keyboard downloaded local dialect words and location names when it saw I got off a plane. You can't do cool things like that on iOS, because Big Brother knows better (and wants all that data all to itself).
  iOS can do that, actually. You just have to enable it. Alternative keyboards by default DO NOT have network access. You have to turn it on manually. And users usually want you to tell them why.
  and in this case, Big Brother knows better because Big Brother knows what developers love to lie, cheat and steal when they can. Most of the restrictions in IOS come from developers deliberately trying to do bad things. It's less about protecting users from themselves, and more about protecting users from developers
Track record of no spyware? by Anonymous Coward · 2017-09-21 09:57 · Score: 0

Is there a company with a good track record of selling electronic devices without spyware in them?
I don't want spyware in my keyboard, phone, etc., if the company purposefully sells me the device with spyware, or if the manufacturer put it in without telling the seller.
1. Re:Track record of no spyware? by Trax3001BBS · 2017-09-21 10:22 · Score: 1
  
  LineageOS https://forum.xda-developers.c... ? Google and Motorola phones were very good at allowing custom ROMs, till a TOS change.
  Alternately you want the ability to install and edit a HOSTS file.
2. Re:Track record of no spyware? by zantafio · 2017-09-21 13:20 · Score: 1
  
  Yeah well I dont think my grandma wants to edit a HOSTS file, but I'm sure she does want to not have her passwords key logged. Hence the iPhone is the safe choice for her and the rest of the non tech people, which is 99% of the market.
So basically the same as Google by Anonymous Coward · 2017-09-21 10:34 · Score: 0

Just the same as Google's own keyboard app and all of its other services offered to the user? Oh but it's a Chinese app so then it's suddenly evil? Right.
Why would that matter? by SuperKendall · 2017-09-21 11:28 · Score: 1

On Android you already know Google is spying on you, so why does it matter if another third party gets in on that action?

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re:Why would that matter? by Anonymous Coward · 2017-09-22 00:00 · Score: 0
  
  On iOS you know Apple's spying on you, but they don't let many third parties get in on the action.
Good reason to.... by HalAtWork · 2017-09-21 11:43 · Score: 1

Good reason to disable network for all apps and services you don't explicitly trust.

--
Twinstiq, game news
1. Re:Good reason to.... by Trax3001BBS · 2017-09-21 17:24 · Score: 1
  
  Good reason to disable network for all apps and services you don't explicitly trust.
  When I play a game I'll put it in "Airplane Mode" which blocks all but the built in ADs. When I'm done I'll go into APPS and "force stop" the application before unselecting Airplane Mode. It's extra steps but gives me a feeling of being in control however so slightly.
This shit just doesn't happen on iOS by shilly · 2017-09-21 12:15 · Score: 1

You know, people piss and moan all the fricking time here about Apple and iOS. But this kind of thing never, ever, happens on iOS -- because it can't. Meanwhile, Android leaves ordinary people hugely vulnerable all the time. It would be nice if the many critics of Apple on Slashdot would be willing to admit that security vulnerabilities like this are a significant disadvantage of their preferred platform.