Order the brand new: Galaxy S23 FE, Galaxy Buds FE or Galaxy SmartTag 2023! Smartphone of the year Galaxy S23 Ultra!

SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission.

Samsung’s SmartThings connected home platform seems to have serious security issues

Latest Samsung news
By 

Last updated: May 3rd, 2016 at 11:30 UTC+02:00

It was evident from the technologies and products that were showcased at the Samsung Developers Conference 2016 that the company is pushing IoT (Internet of Things). However, have you ever considered how secure these products are? Researchers have recently found that Samsung's SmartThings platform has serious security issues.

Researchers at the University of Michigan have found multiple security flaws in Samsung's SmartThings platform that could allow malicious apps to unlock doors, remotely set access codes to a smart home lock, falsely set off smoke alarms, or put devices on vacation mode. All the attacks showcased in the video require users to install a malicious app from SmartThings app store or click a malicious link.

It seems that most pressing issues in the SmartThings platform are the privileges given to apps, many of which they don't even need to function. For instance, a smart lock only needs permission to lock itself, but SmartThings bundles a command that allows it to unlock itself, which could then be used by a malicious app to unlock the door. Researchers showcased an overprivileged app that lets hackers program their own PIN code for a smart lock.

Researchers showcased their findings through a proof of concept app that promises to monitor battery life on various devices. However, it asks permission for a lot of other things apart from a permission to monitor battery level on products and users unknowingly allow the app. The team analyzed 499 SmartApps and found that around 42 percent apps are currently overprivileged.

Following this report, a SmartThings representative said, “The potential vulnerabilities disclosed in the report are primarily dependent on two scenarios – the installation of a malicious SmartApp or the failure of third-party developers to follow SmartThings guidelines on how to keep their code secure. Following this report, we have updated our documented best practices to provide even better security guidance to developers,” in an email to The Verge.

Alex Hawkinson, CEO of SmartThings, said the company has issued a number of updates after the findings in the research. The company claims that it conducts app reviews to filter out malicious apps, but the researchers aren't convinced that the company's efforts are enough to stop these attacks. Samsung acquired SmartThings two years ago when the concepts of connected home and IoT were fairly new.

Via Source Latest Samsung news SmartThings

You might also like

SmartThings Head Jaeyeon Jung sheds light on challenges and platform evolution [Interview]

SmartThings Head Jaeyeon Jung sheds light on challenges and platform evolution [Interview]

SmartThings has quickly evolved into a potent smart home platform with Samsung devices at the heart of the ecosystem. Its embrace of the wider industry protocols such as Matter enables users to choose from thousands of smart devices to add to their set up. We had the opportunity to speak with Jaeyeon Jung, Executive Vice […]

  • By Adnan Farooqui
  • 1 week ago
SmartThings channels The Sims with Map View feature for smart device control

SmartThings channels The Sims with Map View feature for smart device control

With Samsung's SmartThings app, you can control all the smart devices in your home from a single location. SmartThings supports both Samsung and third-party smart devices, and Samsung continually makes improvements to make the app more convenient, easier, and powerful to use for the nearly 300 million SmartThings users globally. One new feature that SmartThings […]

  • By Abhijeet Mishra
  • 2 weeks ago
Samsung is making more of its products work as SmartThings Hubs

Samsung is making more of its products work as SmartThings Hubs

A hub is pivotal for the seamless operation of a smart home. With the different standards and platforms, it can often be confusing to figure out which hub to get and whether it would support all of the standards. Samsung wants to simplify this process so that everyone can join the smart home revolution, even […]

  • By Adnan Farooqui
  • 2 weeks ago
Samsung now has close to 300 million SmartThings users

Samsung now has close to 300 million SmartThings users

SmartThings is Samsung's smart home platform. The company has been hard at work to build out the platform, making it much simpler for users to incorporate connected devices in their homes. It shared some updates regarding the expansion of the SmartThings platform at the Samsung Developers Conference 2023 in San Francisco today. Samsung revealed that […]

  • By Adnan Farooqui
  • 2 weeks ago
Homey Pro review: A powerful, multiprotocol hub with infinite possibilities

Homey Pro review: A powerful, multiprotocol hub with infinite possibilities

There's no shortage of smart home hubs, but every once in a while, we come across a product that seems to be a cut above the rest. That was our impression of the new and improved Homey Pro, which brings some meaningful upgrades over its predecessor. So, let's take a closer look at this Homey […]

  • By Adnan Farooqui
  • 2 weeks ago
Amazon launches a new smart home control panel called Echo Hub

Amazon launches a new smart home control panel called Echo Hub

Amazon continues to expand its Echo lineup of smart hardware. The company has now unveiled a new smart home control panel that's meant to make it easier for you to control the different smart gadgets in your home. Called the Amazon Echo Hub, it's not a conventional smart display or tablet, rather it's meant to […]

  • By Adnan Farooqui
  • 4 weeks ago