Security reports illustrate massive issues in software code
Tizen is apparently a hackers dream. The Samsung operating system was not a win with mobile phones, but the company said it was ideal for televisions and smartwatches.
The software platform would have given the firm, technological independence that it did not have had it stuck to outside software like Android. Media platform, Motherboard via researcher Amihai Neiderman reported that 40 unpatched vulnerabilities were present in the operating system.
This exposes many of Samsung’s smartphones, smartwatches, and televisions to remote attacks. Allegedly, this is the worst code that researchers have ever seen. The claims are that it was designed by a team with no apparent understanding of security concepts and makes mistakes that most in the field would avoid.
Tizen, which is open source, is mostly used on Samsung’s smart TVs, though it is also running on Gear S smart-watches and more smartphones than one would expect.
Samsung’s bread and butter are still Android of course, though there are millions of budget oriented Tizen run smartphones in the world such as Russia and India. Samsung’s plans were to expand sales of Tizen phones to 10 million units as of the present year.
Security Reports Illustrate Massive Issues in Software Code
This is not the first time that the reports have alluded to the software’s security flaws. Even WikiLeaks revealed some weeks ago, that Samsung’s Tizen on smart TVs, allowed for users to be monitored; though this would only be possible when one would physically access the TV and install the malware via USB. According to Motherboard, the security holes in the software are much more significant, and they can be found on every platform.
According to Neiderman, some of the mistakes made are obvious even to people who are not conversant with programming. For example, Tizen does not mandate SSL for every secure transmission. There are even vulnerabilities that allow potential hackers to have the ability to completely rewrite software on devices.
Another main flaw is based within Tizen store. Though the portal authenticates to ensure that a person is installing approved applications, there is an exploit which lets one take control before the authentication process starts to kick in.
If someone uses that, they can send whatever malware they want to a device. Samsung is also inconsistent in the way that it utilizes encryption after foregoing that protection at the moment at which it is needed the most.
The infuriating thing is that Samsung seems to be ignoring the severity of this information; Neiderman claims he revealed the flaws to Samsung two months, ago but all he got was an automated response until recently.
The tech firm recently released a brief statement saying that it is fully committed to working with the researcher and points to the Smart TV Bug Bounty Program as an example to patch holes in its systems.
Some of the problems brought out by Tizen may come from its reliance on the previous custom mobile platform, Bada. This operating system was discounted by the tech giant in 2013, though a lot of the code was migrated to Tizen.