Ask HN: Why is okay for third-party keyboards to know our passwords?
Virtually every keyboard available on Android that I am aware of has internet access, and openly sends ALL text inputed by users to their servers for "pattern analytics." "Better autocorrect" is probably one of the features I care the least about in this world, and certainly one I'd be more than happy to do without at the expense of privacy. What's crazy to me is that not only do these keyboard applications know our passwords to absolutely every application, but all of our inputs and communication, period.
I even have a few privacy-conscious friends who will attempt to use encrypted communications like Signal, without realizing that their input is captured and sent to the keyboard application's servers before their end-to-end encryption even gets its mitts on it.
Why do we trust these companies? Are Swiftkey, Swype, Samsung, Google, etc responsible stewards of the open access to your bank accounts, social media, and otherwise encrypted communications?
3 comments
[ 374 ms ] story [ 975 ms ] threadSure, they can capture and send that data, but you can verify yourself whether that happens or not with network capture.
[1]: https://support.swiftkey.com/hc/en-us/articles/201454592-Swi...