Researcher Finds 40 Zero-Days in Tizen, Samsung's Android Replacement

[Bot]

We like to think our devices are safe, but sometimes that can't be farther from the truth. That seems to be the case of Samsung devices running on the company's open-source operating system Tizen which a researcher discovered to be ridden with 40 previously unknown vulnerabilities.


This pretty much means that Tizen is a hacker's dream come true. All these zero-days discovered by Israeli researcher Amihai Neiderman could allow attackers to remotely hack millions of newer Samsung smart TVs, smart watches, and even mobile phones that are currently on the market, as well as some that are scheduled to be released. They wouldn't even need physical access to them.

With as much noise as the WikiLeaks CIA data dump produced last month, especially the notes indicating that the CIA can hack Samsung smart TVs via malware installed with the help of a USB stick, the fact that these devices could be hacked from afar should be cause for deep concern
Read more: Researcher Finds 40 Zero-Days in Tizen, Samsung's Android Replacement

 

[generalwu]

The problems lies with the development cycle of any product.
I believe due to the tight datelines, many checks were skipped and the focus was on production rather than security.

More like security is an afterthought rather than designed in right in the first place.
Afterall money matter the most and having your product out in the market ASAP equals more chance of getting more money.

 

[In2an3_PpG]

The problems lies with the development cycle of any product.
I believe due to the tight datelines, many checks were skipped and the focus was on production rather than security.

More like security is an afterthought rather than designed in right in the first place.
Afterall money matter the most and having your product out in the market ASAP equals more chance of getting more money.

I agree with everything you said. All about the money. Once they see that slip then the concern to fix the issues will come about.

 

[Entreri]

They definitely need to consider some security . Of course, TV's are hardly a critical tech device that people put their entire lives on (e.g. smartphones) or such things as routers.

Something like vehicles, completely different story. If they don't secure these, eventually going to see mass casualty events across nations.

 

[soccer97]

Here is a great source to monitor when Samsung releases new security updates: Samsung Mobile Security Blog

When they are rolled out to your device may vary.

 

[Deleted member 178]

And honestly , except us , who cares about security? (food for thoughts ^^)

 

[generalwu]

And some people say that the cybersecurity industry is selling snake oil. (More food for thought?)

 

[soccer97]

I would gladly wait an extra few weeks for a company to hold feature development and do a code review for Quality and Security.

To each and their own.

 

[jamescv7]

IOT = full of disaster in terms of security preparation.

Yes IOT can definitely ease with the productivity however the security should be a priority, since everything is rely on the technology and communication.

Samsung and other companies have same trend to each other, which focus on marketing rather on manufacturing.

 

[Handsome Recluse]

Maybe there's a reason they focus on marketing or investing on new stuff than security.

 

[Winter Soldier]

Android fragmentation is the real problem in my opinion.
From one hand, it offers great freedom to the producers (that with minimum software investment, have a complete product to put on the market), but at the same time it goes to hit the integrity of a system that is already good. Android stock, in fact, in addition to being comprehensive and reliable, turns out to be more powerful, thanks to the very few preloaded apps, which is not the case on branded devices...

Right here comes the biggest problem: a brand has its task to release updates and patch to ensure their devices are also secure. Some vendors carry out this work with “sensitive” delays or abandoning the product and leaving consumers in trouble. Not only that, considering the smartphones, in some cases, the way to upgrade is hampered also by the telephone operators, who are guilty of slowing down even more the times in order to approve the upgrade.