Samsung’s Tizen OS Is Overloaded Security Loopholes: Researcher

Samsung’s Tizen OS Is Overloaded Security Loopholes: Researcher
leejeongsoo / Pixabay

Samsung has been trying to rebound from the loss it faced due to the Note 7 fiasco; however, fortune does not seem to be turning around for this South Korean electronics giant anytime soon. It is not very rare for security researchers to spot flaws in software, but when it adds up to 40 (all critical), then it is bound to be an alarming situation. The software in question here is Samsung’s Tizen.

Nothing right with Tizen

Researcher Amihai Neiderman found as much as 40 crucial issues in Tizen, which is used in smartphones, smatwatches and smart TVs. In a report presented at Kaspersky’s Security Analyst Summit in St. Marteen, the Israeli researcher pointed out various flaws which can allow hackers to control any Samsung device remotely.

Neiderman stated that there are a lot of issues, and the biggest one by far is the Tizen app store. The researcher could infuse malicious code into Samsung’s smart TVs without any complications using the app store. Since the app store is one of the most trusted installations of a Tizen device, it can be used as an easy route for hackers to update the system with nasty malware.

Odey’s Brook Fund Posted A Commanding Q3 Return On Long And Short Sides [EXCLUSIVE]

Eurekahedge Hedge Fund Index invest Value InvestingOdey's Brook Absolute Return Fund was up 10.25% for the third quarter, smashing the MSCI World's total return of 2.47% in sterling. In his third-quarter letter to investors, which was reviewed by ValueWalk, James Hanbury said the quarter's macro environment was not ideal for Brook Asset Management. Despite that, they saw positive contributions and alpha Read More

In one of the harshest comments, the researcher said, “Everything you can do wrong there, they do it. You can see that nobody with any understanding of security looked at this code or wrote it. It’s like taking an undergraduate and letting him program your software.”

According to the researcher, the majority of Tizen’s code is based on previous projects such as Bada, Samsung’s previous operating system which was shut in 2013. He found that Tizen can transmit data without SSL encryption, which is needed for secure transmission. He added that the programmers made a string of wrong assumptions, and moving from a secure to an unsecure connection is extra work.

Bad news for Samsung and its fans

This is not good news for those who depend on Tizen-run devices at homes. As of now, over 30 million devices run on Tizen, including smart TVs, the Galaxy Gear smartwatch and some phones in Bangladesh, India and Russia, notes the IB Times. The Korean firm is looking to expand the software to as much as 10 million smartphones towards the end of this year, a surge from the 3 million it sold in 2016.

There was a time when Samsung was giving thought to replaciing Android with Tizen on its flagship handsets such as the Galaxy Note and Galaxy S series. Although the Korean firm is relying on Android for smartphones, earlier this year, the company revealed the possibility of powering smart devices such as washing machines and refrigerators with Tizen.

Initially, the Korean firm did not pay much heed to Neiderman’s findings, but later, when the report went public, Samsung changed its stance. A spokesperson told the IB Times that the company does take its privacy and security issues seriously and is working with the help of Neiderman and the SmartTV Bug Bounty program to fix the issues.

Updated on

No posts to display