Alternative Keyboards: Are They Safe?

[WhoMe]

I installed the Gingerbread Keyboard to my Bolt and the warning Android gives me when selected the keyboard worried me a bit.

It said that using a different input method could be a security risk. In the sense that the third party keyboard application could store and perhaps send off everything I typed into it.

Is this warning just fluff or could such a thing actually happen?

 

[Cory Streater]

Moved to the main TB forum.

 

[paulmike3]

I installed the Gingerbread Keyboard to my Bolt and the warning Android gives me when selected the keyboard worried me a bit.

It said that using a different input method could be a security risk. In the sense that the third party keyboard application could store and perhaps send off everything I typed into it.

Is this warning just fluff or could such a thing actually happen?

The warnings are very real, but if you stick with trusted apps with a lot of good reviews, you shouldn't have to worry. If you're downloading apps (like keyboards) with no reviews or bad reviews in the Market, or installing them outside the Market, you're more likely to get into trouble.

 

[dcviper]

I think the warning is genuine, you never know what code is doing. However, knowing a few things about linux, I would posit the following: (Android gurus, PLEASE, correct me)
-Keyboards don't run with elevated permissions (su or root), so they should have permission to so anything but type. So if you aren't rooted, you should be safe.

-If you obtained the GB keyboard from the Market and not "chinesehax0rs.cn" or something crazy like that, and you looked at the permissions it requested and they didn't seem out of line, then again, I think you'll be okay.

There is a very real possibility that rogue code running with permissions that a ordinary keyboard wouldn't need could steal passwords, credit card numbers, etc. It would essentially work like a keylogger on your phone.