A few years ago Intel released a Remote Keyboard app for Android that allowed you to use a smartphone or tablet as a keyboard and touchpad for a Windows PC.
The idea was to make it easy to enter text, move a mouse cursor, or navigate when using an Intel Compute Stick, NUC, or another PC that might be connected to a TV rather than a monitor, and which might not always have a keyboard plugged in.
But it turns out that the Remote Keyboard app suffers from a few dangerous security vulnerabilities, so Intel has pulled it from the Google Play Store and the company recommends users uninstall the app.
According to Intel’s security alert, the most critical vulnerability could allow “a network attacker to inject keystrokes as a local user.”
In other words, a malicious hacker could connect to your device over the internet and essentially start typing commands that would be sent to your computer without your permission. That does sound pretty bad.
There are two other vulnerabilities that would allow local attackers to inject keystrokes or execute code as a privileged user. But in both of those cases someone would probably need physical access to your device.
Anyway, unless Intel patches those vulnerabilities and re-releases the app, it’s probably a good idea to find an alternative solution (and keep an eye out for security updates for those apps).
I always worried about the security of these types of apps. At least Microsoft is owning up to it.
Intel.