Samsung Tizen Is Riddled With Zero-Day Flaws, According To An Israeli Cyber Security Researcher

Samsung’s Tizen operating system is ripe for exploitation by hackers, according to Israeli researcher Amihai Neiderman, who claims to have found 40 zero-day vulnerabilities in the code.

In an interview with Motherboard, Neiderman noted slammed Tizen for having numerous cyber security flaws, and deemed it “the worst code I’ve ever seen”, noting it resembles something an amateur coder could create not one of the largest technology companies in the world.

Tizen troubles

“Everything you can do wrong there, they do it. You can see that nobody with any understanding of security looked at this code or wrote it. It’s like taking an undergraduate and letting him program your software,” said Neiderman.

The vulnerabilities uncovered by the security researcher pose critical security flaws in that they enable remote code execution, which can lead to hacked devices being taken over by malicious actors.

While Samsung uses Google’s Android as the operating system for its smartphones, many of its other electronics, from smart TV and smartwatches through to connected fridges make use of Tizen.

This means there are potentially huge amounts of connected hardware running Tizen simply waiting to be cracked by hobby hackers through to cyber criminals, all thanks to the what Tizen containing what Neiderman deems to be basic coding flaws. One example being that Tizen does not require the use of the SSL protocol in all of its secure data transmissions.

Neiderman said Samsung was did not show much of a response to the flaws he pointed out to them a few months ago, but a statement sent to Silicon from the South Korean tech giant notes that it is beginning to take action to plug the Tizen security holes.

“Samsung Electronics takes security and privacy very seriously. We regularly check our systems and if at any time there is a credible potential vulnerability, we act promptly to investigate and resolve the issue. We continually provide software updates to consumers to safeguard their products. We are fully committed to cooperating with Mr. Amihai Neiderman, to mitigate any potential vulnerabilities. Through our Bug Bounty program and internal security safeguards, Samsung continuously patches any would-be vulnerabilities,” a Samsung spokesperson said.

Tizen could become a solid software platform for next-generation Internet of Things (IoT) devices, but it would appear for the time being that the operating system is not up to scratch to deliver a secure software environment for smart technology.

How much do you know about Samsung? Take our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

2 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

2 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

2 days ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

3 days ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

3 days ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

3 days ago