SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission.

Notifications
    News For You

    Security researcher says that Tizen is a hacker’s dream, has 40 unknown zero-day vulnerabilities

    Phone
    By 

    Last updated: April 3rd, 2017 at 23:33 UTC+02:00

    Samsung plans to reduce its reliance on Android by launching Tizen-powered smartphones, smartwatches, fitness trackers, and TVs. However, the company's Android alternative seems to have serious security related issues. A security researcher has found 40 zero-day vulnerabilities in Tizen, making millions of smartphones, smartwatches, and TVs vulnerable to hacking.

    After it had came to notice last month that CIA could hack Tizen-powered Samsung smart TVs, an Israeli security researcher Amihai Neiderman managed to find 40 zero-day vulnerabilities in Tizen's code base. These vulnerabilities would allow someone to remotely hack a Tizen-powered device. Moreover, unlike the CIA hack, these newfound vulnerabilities (also known as remote code execution) do not need a device's physical address.

    “It may be the worst code I've ever seen. Everything you can do wrong there, they do it. You can see that nobody with any understanding of security looked at this code or wrote it. It's like taking an undergraduate and letting him program your software.”

    Of all the vulnerabilities, Neiderman found one particular design flaw inside the Tizen store, which is said to be critical. According to Neiderman, this vulnerability allowed him to hijack the software to deliver malicious code into his Samsung TV. Since the Tizen Store has the highest privileges, it can be used by a hacker as a Holy Grail for abuse.

    Amihai Neiderman, who heads research at Equus Software, first started studying Tizen's security issues when he purchased a Tizen-powered Samsung smart TV. Once he found out how badly written his TV's code is, he bought a bunch of smartphones to test Tizen. He says that a lot of Tizen's code base is old and borrowed from Bada OS, but most of the vulnerabilities he found were from the code that was written within the last two years.

    “You can see that they took all this code and tried to push it into Tizen,” Neiderman says.

    Samsung says that it is now in contact with Neiderman to solve all the vulnerabilities and security issues in Tizen's code. He also suggests that Samsung should reconsider deploying Tizen in phones before doing a major overhaul of the code. 

     

    Source PhoneTVWatch Tizen
    Galaxy AI summarized

    Scroll for more related content
    News For You

    You might also like

    Samsung to stop supporting its Tizen smartwatches from next year

    Samsung to stop supporting its Tizen smartwatches from next year

    There was a time when Samsung's smartwatches used to run on its Tizen operating system. The company later decided to switch over to Wear OS with the Galaxy Watch 4 series, and has remained on the Android-powered platform ever since. If it wasn't clear that Samsung is never going to release another Tizen smartwatch, the […]

    • By Adnan Farooqui
    • 1 week ago
    Try this trick if you can’t reboot your Samsung TV

    Try this trick if you can’t reboot your Samsung TV

    Although Tizen is one of the more stable smart TV operating systems on the market, you might sometimes find yourself in a situation where you need to fully power-cycle your Samsung TV — for example, if you get a Netflix connection error. However, in some cases, you might have trouble rebooting your Samsung TV even […]

    • By Mihai Matei
    • 4 weeks ago
    New Tizen update fixes soundbar and UI bugs for Samsung TVs

    New Tizen update fixes soundbar and UI bugs for Samsung TVs

    In March, Samsung released a Tizen update for its QLED, OLED, and Neo QLED TVs released in 2023. The firmware, version 1402.5, added many beneficial changes and UI improvements but also caused issues with some soundbars, including those manufactured by Samsung. Those problems should now be gone. Samsung is rolling out another Tizen update, version […]

    • By Mihai Matei
    • 4 weeks ago
    Samsung TVs get updated Philips Hue app with more features, monthly subscription

    Samsung TVs get updated Philips Hue app with more features, monthly subscription

    At CES 2023, Philips launched the Philips Hue Sync TV app for Samsung TVs. It linked Philips’ smart lights with Samsung TVs to allow those lights to change color based on the content the TV is displaying, offering a more cinematic experience. Back then, Philips had made the app available only in the US. Now, […]

    • By Abid Iqbal Shaik
    • 2 months ago
    New Samsung TV firmware updates the UI but causes sound issues

    New Samsung TV firmware updates the UI but causes sound issues

    Samsung has launched a new Tizen update for its QLED, OLED, and Neo QLED TVs from 2023, and it's a bit of a mixed bag for some users. On the one hand, the update brings some exciting visual changes to the UI, modernizing it further in areas that may have felt a little outdated. On […]

    • By Mihai Matei
    • 3 months ago
    YouTube-like video streaming app from X (Twitter) coming to Samsung TVs

    YouTube-like video streaming app from X (Twitter) coming to Samsung TVs

    After a decade-long cord-cutting boom that started in 2007, video streaming services have consolidated over the past couple of years. However, there is one new video streaming service on the horizon. X (formerly Twitter) plans to launch an app that lets you watch long-form videos. X (Twitter) plans to launch a video streaming app for […]

    • By Asif Iqbal Shaik
    • 3 months ago