Samsung is using an extremely modified version of the open-source Tizen OS in a ton of different use cases that would call for powerful security, but a recent poke around the code by a seasoned security expert shows an OS full of security holes and vulnerabilities that could open the door to all sorts of nasty exploits. The security expert in question, Equus Software’s very own Amihai Neiderman, took a spin around the code on Samsung’s Tizen codebase, and managed to find no less than 40 distinct exploitable bits of code, all of which can potentially be used to elevate privileges and run unsigned code; while these two exploit types are quite dangerous on their own, when combined, they can literally hand over full control of the device to anybody who’s willing to take it.
Samsung has been making heavy use of Tizen in smart TVs, smartwatches like the Gear lineup, and even their Z smartphones in recent years, making these security concerns all the more egregious. To boot, all of them are “zero-day” exploits, meaning that the agency in charge of the code, in this case Samsung, does now know of their presence. Neiderman, for his part, tore into the OS calling it “…the worst code I’ve ever seen…”, and saying that “…nobody with any understanding of security…” could possibly have been involved in this code’s creation or review.
Tizen is not the first bit of IoT or mobile software to come under fire for a lack of security; smart locks that broadcast their password over Bluetooth in plain text, for example, have also raised eyebrows. This group of flaws in Tizen is, however, one of the biggest security problems in the sector right now due to the sheer scale of Samsung’s sales numbers. They’ve managed to move millions of smart TVs packing Tizen, and their flagship Gear smartwatch lineup all sport Tizen OS in some form. Neiderman’s crawl through the code revealed outdated bits of code and functions long since proven unsafe, as well as a good bit of code that seemed to be borrowed from older Samsung projects. It’s unclear exactly how much of the security issues can be blamed on the vanilla, mostly community maintained Tizen OS, and how much is strictly Samsung’s fault.