It's bad when a security researcher finds a critical security flaw in your software. But when he finds about 40—all of them critical001 Archives Well, then you might consider rewriting the entire thing from scratch.
That's exactly what's happening to none other than Samsung and its Tizen operating system, which the company uses on a number of its devices, including phones, smartwatches, and smart TVs.
SEE ALSO: Say hi to Samsung Bixby, the new voice assistant in the Galaxy S8Israeli security researcher Amihai Neiderman laid out the numerous, previously unknown security flaws in Tizen in a report detailed at Kaspersky's Security Analyst Summit at St. Marteen Monday. Neiderman claims all of the holes he found are critical and would allow hackers to control a Samsung device remotely.
Some, however, are worse than others. A particularly nasty flaw would let an attacker take over the TizenStore app -- an app store for Tizen -- and hijack it to inject malicious software into a Tizen device. Since this particular app can access and change any part of the system, a malicious hacker exploiting the flaw would have absolute and total control over your Tizen device.
Neiderman, who started looking into Tizen's security after purchasing a Samsung smart TV last year, calls the Tizen code the "worst" he has "ever seen."
"You can see that nobody with any understanding of security looked at this code or wrote it."
"Everything you can do wrong there, they do it. You can see that nobody with any understanding of security looked at this code or wrote it. It's like taking an undergraduate and letting him program your software," he told Motherboard.
Neiderman claims he contacted Samsung about the security flaws months ago, but received nothing besides an automated response. However, Samsung did tellMotherboard that it's now working with Neidermanto "mitigate any potential vulnerabilities."
According to Samsung, the open-source Tizen powered 50 million Samsung devices as of Nov. 2016. These include Samsung's Gear S3 smartwatch; they also include the company's lineup of smart TVs, which recently came into focus after a WikiLeaks leak of CIA's hacking tools unearthed an exploit that enables the agency to eavesdrop on someone through a Samsung smart TV.
Samsung has big plans for Tizen; the company likely won't launch flagship phones based on the OS any time soon, but it does plan to use it on many future Internet-of-Things devices. If this report is accurate, however, it might put a big dent in those plans.
Mashablehas contacted Samsung about these security issues and we will update the post if we hear from them.
UPDATE: April 5, 2017, 8:16 a.m. CEST A Samsung spokesperson got back to us with what is possibly the blandest response ever.
"Samsung Electronics takes security and privacy very seriously. We regularly check our systems and if at any time there is a credible potential vulnerability, we act promptly to investigate and resolve the issue. We continually provide software updates to consumers to safeguard their products. We are fully committed to cooperating with Mr. Neiderman to mitigate any potential vulnerabilities," it said.
Topics Cybersecurity Samsung
Trump tells '60 Minutes' that climate change will 'change back again'
Russia's biggest search engine beats Google in antitrust case
Even LeBron wants to be at Coachella right now
Watch out, Ticketmaster: SeatGeek spends $56 million on TopTix
Today's Hurdle hints and answers for May 5, 2025
Snapchat's new world lenses are its biggest push into augmented reality
Facebook is giving Messenger bots a massive overhaul
'Star Wars' director confirms the last Jedi's identity
Best robot vacuum deal: Save $320 on Shark Robot Vacuum and Mop
United just made it a little harder for you to get bumped off a flight
Is it 'Thunderbolts*' or *The New Avengers'?
The 6 biggest takeaways from Star Wars Celebration
Easter isn't over until you find the egg in this sea of tulips
Instagram killing Snapchat? Don't count on it
#rateaspecies is basically Yelp reviews for zoo animals
Brazen Coachella thief steals 100 phones, is defeated with the help of 'Find My Phone'
Marvel plans to keep making movies until you're dead and your children are old
iPhone 8 could be delayed because of this cool feature
Antigua GFC vs. Seattle Sounders 2025 livestream: Watch Concacaf Champions Cup for free
An obsessive deep dive into the 'Outlander' Season 3 trailer
Millie Bobby Brown responds adorably to Kim Kardashian's Valentine's giftHubble captures a superheated gas jet streaking across spaceDonald Trump's proposed military parade might look like theseFacebook AI equated Black men with 'primates'. Cue a toothless apology.All of the Kardashian/Jenner family baby names, rankedElon Musk put a Tesla in space, and it has launched a thousand memesAmazon's 'Cinderella' is more manipulative than magical: ReviewImpossible chicken nuggets review: Promising but the batter needs workPhotos of workers fighting for a better life to help you celebrate Labor DayTwitter teases new privacy features (which actually sound great)Facebook AI equated Black men with 'primates'. Cue a toothless apology.Photos of workers fighting for a better life to help you celebrate Labor DayMother and daughter surprised each other with the same delightful Valentine's Day giftPhotos of workers fighting for a better life to help you celebrate Labor DayJoe Biden signed a Joe Biden meme because he's Joe freakin' BidenDramatic puppy meeting a husky gets a hilarious Photoshop battleFacebook AI equated Black men with 'primates'. Cue a toothless apology.John Boyega just tweeted the sweetest story about Daniel KaluuyaVW tries on tiny (but eyeAmazon's cashierless tech is coming to Whole Foods stores I don't know who needs to hear this, but the 'range' meme has the range Reflecting on the legacy of Hattie McDaniel, first Black actor to win an Oscar Amazon is coronavirus mess: Sellers sling merch, overpriced masks Coronavirus panic Top US crypto bank Silvergate has gone into liquidation Coronavirus and what we can learn from the 1918 flu's hidden history Drive your PC to peak performance in 2023 Why the scary fungus in 'The Last of Us' won't cause a terrible outbreak 'Quordle' today: See each 'Quordle' answer and hints for March 12 What is sensation play in BDSM? A handy guide. Is 'You's Joe a Swiftie? Penn Badgley weighs in Wordle today: Here's the answer, hints for March 10 Bailey, Elizabeth Warren's very good dog, stole and ate a burrito Wordle today: Here's the answer, hints for March 11 'Everything Everywhere All at Once' wins the Academy Award for Best Picture Elon Musk's latest project: Defending the QAnon Shaman and his role on Jan. 6 Video of a wild javelina sprinting down an Arizona street is perfect meme fuel Wordle today: Here's the answer, hints for March 9 'Quordle' today: See each 'Quordle' answer and hints for March 11 Using Google Chrome to manage your passwords is a bad idea. Here's why.
2.0145s , 8228.5859375 kb
Copyright © 2025 Powered by 【2001 Archives】,Prosperous Times Information Network