Re-use of code from earlier Samsung efforts help make Tizen the worst code I’ve ever seen, says security researcher,Hardware,Mobile Phones,Software,Security ,Samsung,Cloud Computing,Tizen
Samsung’s home-grown Tizen operating system has been blasted for containing a series of serious security flaws — making smartwatches, televisions and smartphones based on the operating system equally insecure.
That is the claim of Amihai Neiderman, a security researcher speaking at the Kaspersky Security Analyst Summit this week. It contains more than 40 known weaknesses, he claims, making it «maybe the worst code I’ve ever seen», according to Motherboard.
The number of security flaws all compromise the security of the devices they run on, but Neiderman says the TV implementation of the software is particularly poor, as the TizenStore module with the highest security privileges enables attackers to install any malicious software on demand, once the devices have been compromised.
One part of the problem is code being repurposed and re-used from earlier ‘Bada’ projects, but Neiderman says that many of the more severe issues, which include buffer overrun exploits and incorrectly implemented encryption, are found in new code written in the last two years.
