Samsung’s squashing of malicious Tizen smart TV bugs is turning messy

0
4

After 40 critical vulnerabilities on Samsung’s Tizen — used in smart TVs and smartwatches — were exposed this week by Israeli researcher Amihai Neiderman, the company is scrambling to patch them.

But Samsung still doesn’t know many of the bugs that need to be patched. It’s also unclear when Tizen devices will get security patches, or if older Tizen devices will even get OS updates to squash the bugs.

Beyond Samsung’s smart TVs, Tizen is also used in wearables like Gear S3 and handsets like Samsung’s Z-series phones, which have sold well in India. Samsung wants to put Tizen in a range of appliances and IoT devices. Tizen also has been forked to be used in Raspberry Pi.

Samsung is now trying to resolve the issues, but progress has been slow because the company says it doesn’t have full details about the vulnerabilities, according to a post in the Tizen developers forum.

“The researcher has not provided a clear list of the 40 issues he claimed so far,” Samsung’s Carsten Haitzler, said while responding to a developer email seeking an update from Tizen on patching the vulnerabilities. Haitzler stressed that securing the OS was extremely important.

Neiderman, in an email, said he sent Tizen handpicked vulnerabilities, but he also sent a presentation that provides all the clues about what needs to be fixed in the OS.

“I sent them about four different vulnerabilities and a list of common types of problems they have all over their code,” Neiderman said.

There wasn’t enough time to review all the major exploits with Samsung, Neiderman said. “It seems they are only interested in the ones who affect their smart TV and not in the smartphones” in developing countries, he said.

Recommended for you

Leave a Reply