It turns out that Samsung’s Tizen OS, the system it uses on its smart TVs, smartwatches, smartphones and plans to use as in-car infotainment, is highly vulnerable to hacking.
According to a report by researcher Amihai Neiderman Tizen OS has no less than 40 major zero-day vulnerabilities that will give hackers remote access to Tizen hardware.
One of the major weak points is the Tizen store from which people download apps to their Tizen devices. It’s easily hackable and has the highest level of clearance on Tizen-powered hardware. Hack the store and you can deliver malicious code to the entire OS.
Tizen’s code sometimes fails to use SSL (Secure Sockets Layer) to send encrypted data over the air, essentially sending it unprotected.
A recent report by WikiLeaks unearthed that Tizen Smart TVs could be hacked to monitor people. An ill-meaning person only needed to have access to the TV to install a hack through its USB port.
Amihai Neiderman says he has contacted Samsung about Tizen’s vulnerabilities and gotten only automated responses in return. Now that the information is making the rounds on the internet Samsung has said it is committed to cooperate with Neiderman to resolve the issues in its OS.
Source | Via 1 | 2