Modern smartphones have long become a repository of personal secrets, but it turned out that some of these secrets lie directly on the surface. One UI users – the branded shell of Samsung – found that passwords copied to the buffer, banking data and personal messages are stored in the memory of the device in open form and do not disappear by themselves. The problem is that Samsung is simply not provided for any auto-cleaning function of the Buffer of the exchange.
I discovered vulnerability user of the Samsung support forum, which regularly copies passwords from the manager and was surprised by how long they remain affordable. He was outraged not only by the delay itself, but also by the fact that the data is preserved without encryption and can be easily viewed. Lack of automatic cleaning after several minutes – according to him – a “wild” shortage.
One UI exchange buffer works at the system level and ignores the settings of many third-party keyboards. Even if the GBOARD keyboard is used, which usually cleanses the contents in an hour, the copied data continue to live in the memory of the device. The whole story of copying – from passwords to messages – is available in one click. You have to clean it manually, and there is no other choice yet.
Samsung representative at the forum confirmed problems, recognizing that now there is no opportunity to automatically delete the contents of the buffer. According to him, the proposal was transferred to the relevant team, and it would be useful to introduce a setup of auto-disposal, or at least an exception to the history of copies for applications containing sensitive information.
Temporarily, the company offers users to manually clean the buffer and, if possible, enter passwords directly from managers without intermediate copying. But this does not solve the main problem: any malicious program that gains access to the device also receives full access to the clipboard.
The situation is concerning, especially against the background of long-term campaigns to increase digital hygiene and the rejection of unsafe data storage methods. While companies like Google and Apple are actively introducing Passkey technology, minimizing the risks of