banner

The New Stuff

Samsung Gear S3, Tizen, Security Holes, Gear S3
1133 Views

Samsung Gear S3 News: Tizen is said To be riddled with Security Holes


Samsung Gear S3 software, Tizen, is said to be riddled with security holes. Security researcher Amihai Neiderman has found 40 unknown zero day security vulnerabilities in Tizen, the operating system Samsung uses to power its Samsung Gear S3 smartwatch, TVs and many other electronics.

It’s the worst code I’ve ever seen, Neiderman told Motherboard in advance of a talk about his Tizen research at Kaspersky Lab’s Security Analyst Summit.

Samsung Gear S3 Frontier gets an update: Add ‘Jansky Wearable’ Feature

The whole thing you can do wrong there, they do it. You can see that nobody with any considerate of security looked at this code or wrote it. It’s like taking an apprentice and letting him program your software.

All 4o vulnerabilities would supposedly allow hackers to take control of Gear S3 smartwatches such as the Gear S3 and other Tizen-powered Samsung devices remotely.

The worst of them, according to Neiderman, revolved around the Tizen Store, which Samsung uses to push updates to devices and act as an app store.

Because Tizen Store requires the highest user permissions on a device, exploiting its vulnerabilities makes it a juicy target for hackers.

Neiderman was able to exploit a Tizen Store flaw that allowed him to take control of the store prior to its authentication process, enabling him to deliver wicked code to his TV.

While Neiderman focused his research efforts on phones and TVs, Tizen’s vulnerabilities extend to Samsung Gear S3 smartwatches.

The Tizen Store framework is used to allow Gear users to download apps and receive updates for their smartwatch.

Other major flaws include a failure point where Tizen can’t check whether there’s enough storage space to write new data and a lack of SSL encryption when transmitting data.

While Neiderman notes that some of Tizen’s code is from Samsung’s failed Bada operating system, most of the vulnerabilities are from code written in the past two years.

Samsung says it’s “fully committed” to working with Neiderman to fix any vulnerabilities, and Neiderman himself says he’s been in contact with Samsung, sharing “snippets” of the vulnerabilities with the company.

The Tizen Vulnerability news comes on the heels of news that the CIA allegedly hacked Samsung Tv, potentially allowing the government agency to listen in and capture conversations.

While it’s a good thing that Samsung is made aware of these vulnerabilities, so that it can work on fixing them, it’s a bit alarming that its flagship line of smartwatches is vulnerable.

Recently Published

flashx pair, Pair Error in Kodi, flashx.tv download online, Open load pair, vshare eu pair, Vidup pair, URL Resolver, Firestick on Kodi
»

Flashx.tv Pair Error Fixing

If you are Kodi user, at that point you may see the irritating ...

psiphon unblocked, psiphon download, psiphon unblocked download, psiphon free download unblocked, psiphon apk download, psiphon 3 unblocked download, psiphon 3 download, how to block psiphon, Psiphon 3, What is Psiphon 3
»

Psiphon 3 Unblocked

Here we are discussed about Psiphon unblocked. Psiphon 3 is an open ...

JCPenney Credit Card, JCPenney Credit Card login, JCPenney credit, JCPenney Credit Payments, JCPenney account login, JCPenney Credit Card Pay Online, JCP account balance, How to Pay Online
»

JCPenney Credit Card Login 2019: How to Pay Online

Here we are discussed about JCPenney credit Card login. JCPenney ...

How to Setup kodi, How to install kodi, install kodi, install kodi on roku, how to install Kodi on Roku, Roku, kodi addons, Kodi on Roku, Kodi for Roku, Roku System
»

How to Setup and Install Kodi on Roku

Here we are discussed about How to setup kodi and install kodi on ...

»

Best Searchtempest Alternatives

Searchtempest is an aggregator of online classified advertisements ...

MocoSpace Login, MocoSpace Login with Google, mocospace games
»

MocoSpace Login 2019: Full Login, Password or Username Guide For The MocoSpace

Now a day’s people are more connected on a social networking ...

Honey chrome extension, Honey chrome extension Review, Honey, honey extensions, chrome extensions, best chrome extensions, Download Honey Chrome Extension, how to use honey extension, money saving extension, browser extension
»

Honey Chrome Extension Review

Here we will discussed about honey chrome extension review and also ...

»

What is Service Host Superfetch and How to disable it?

Are you sure concerned about the service host superfetch causing ...

»

Tinklepad : Best Alternative Sites like Tinklepad 2019

If you are looking for watch free movies and furthermore a huge ...

Shares