• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Whitepapers
  • Newsletters
  • Sign in
  • Events
    • Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Whitepapers
    • V3resources 120x194
      Network Security Forensics For GDPR Compliance

      An effective network security forensics strategy can assist an organization in providing key compliance-related details as part of any post-incident GDPR investigation.

      Download
      V3resources 120x194
      10 ways to increase productivity with managed Office 365

      For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Data Strategy Spotlight
  • Sign in
  •  
    •  

      You are currently accessing V3 .co.uk via your Enterprise account.

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      • Sign in
     
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    You are currently accessing V3 .co.uk via your Enterprise account.

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    • Sign in
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Security

Samsung's Tizen Android replacement riddled with security holes, claim researchers

Tizen might be "the worst code I've ever seen", claims Kaspersky security specialist

Tizen logo
Tizen has more serious security holes than Android, claims Kaspersky
  • Ben Woods
  • 04 April 2017
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
0 Comments

While Samsung's home-brewed Tizen operating system hasn't enjoyed the sort of full roll-out afforded to Android-based devices, Samsung has been slowly developing the platform and delivering it to smartwatches and televisions, as well as a few smartphones, in select countries.

However, Amihai Neiderman, a security researcher speaking at the Kaspersky Security Analyst Summit this week, claims that Tizen presents a significant security risk. It contains more than 40 known weaknesses, he claims, making it "maybe the worst code i've ever seen", according to Motherboard.

The number of security flaws all compromise the security of the devices they run on, but Neiderman says the TV implementation of the software is particularly poor, as the TizenStore module with the highest security privileges enables attackers to install any malicious software on demand, once the devices have been compromised.

One part of the problem is code being repurposed and re-used from earlier ‘Bada' projects, but Neiderman says that many of the more severe issues, which include buffer overrun exploits and incorrectly implemented encryption, are found in new code written in the last two years.

For Samsung, Tizen is its attempt to push beyond Google's Android confines for the future of its devices. It wants more control over both the hardware and software it creates, as well as higher profits from mobile and other devices.

But Neiderman argues that the South Korean company needs to reconsider a large-scale rollout of Tizen on smartphones until the overall security of the platform has been improved.

While it's worrying enough for Tizen-based TVs, putting an operating system on tens of millions of smartphones with these sorts of vulnerabilities could result in a lot of potential headaches for the company considering how much more personal info is stored on a phone compared to a TV.

Niederman says he tried to contact Samsung "months ago" but got a standard automated response. 

Now it has all been blown into the open, Samsung couldn't be keener to re-assure customers. 

In a statement to V3, the company said: "Samsung Electronics takes security and privacy very seriously. We regularly check our systems and, if at any time there is a credible potential vulnerability, we act promptly to investigate and resolve the issue.

"We continually provide software updates to consumers to safeguard their products. We are fully committed to cooperating with Mr. Amihai Neiderman, to mitigate any potential vulnerabilities.

"Through our Bug Bounty program and internal security safeguards, Samsung continuously patches any would-be vulnerabilities."

Further reading

  • Operating Systems
Google faces South Korean probe over claims it 'thwarted' Samsung's own Tizen OS
  • 15 Feb 2017
  • Operating Systems
Samsung unveils Tizen Z smartphone in first move away from Android
  • 02 Jun 2014
  • Mobile Software
MWC: Samsung unveils upgraded Gear 2 and Gear 2 Neo Tizen smartwatches
  • 23 Feb 2014
  • Mobile Software
Intel and Samsung take on Android and iOS with Tizen OS
  • 28 Sep 2011
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
  • Topics
  • Security
  • Cloud Computing
  • Software
  • Mobile Phones
  • Hardware
  • Tizen
  • Samsung
  • Cloud computing

V3 Latest

First plant to grow on the Moon, err, dies
First plant to grow on the Moon, err, dies

Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night

  • Communications
  • 18 January 2019
Fortnite news and updates: Fortnite made $2.4bn in 2018, according to SuperData
Fortnite news and updates: Fortnite made $2.4bn in 2018, according to SuperData

Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018

  • Software
  • 18 January 2019
Japanese firm sends micro-satellites into space to deliver artificial meteor showers on demand
Japanese firm sends micro-satellites into space to deliver artificial meteor showers on demand

Meteor showers as a service will be visible for about 100 kilometres in all directions

  • Communications
  • 18 January 2019
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data

New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago

  • Communications
  • 18 January 2019
Back to Top
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017