Israeli security researcher Amihai Neiderman has found 40 unknown zero day security vulnerabilities in Tizen, the operating system Samsung uses to power its Gear smartwatches, TVs and many other electronics.
"It's the worst code I've ever seen," Neiderman told Motherboard in advance of a talk about his Tizen research at Kaspersky Lab's Security Analyst Summit. "Everything you can do wrong there, they do it. You can see that nobody with any understanding of security looked at this code or wrote it. It's like taking an undergraduate and letting him program your software."
All 4o vulnerabilities would theoretically allow hackers to take control of Gear smartwatches such as the Gear S3 and other Tizen-powered Samsung devices remotely. The worst of them, according to Neiderman, revolved around the Tizen Store, which Samsung uses to push updates to devices and act as an app store.
Because Tizen Store requires the highest user permissions on a device, exploiting its vulnerabilities makes it a juicy target for hackers. Neiderman was able to exploit a Tizen Store flaw that allowed him to take control of the store prior to its authentication process, enabling him to deliver malicious code to his TV.
While Neiderman focused his research efforts on phones and TVs, Tizen's vulnerabilities extend to Samsung's Gear smartwatches. The Tizen Store framework is used to allow Gear users to download apps and receive updates for their smartwatch.
Other major flaws include a failure point where Tizen can't check whether there's enough storage space to write new data and a lack of SSL encryption when transmitting data. While Neiderman notes that some of Tizen's code is from Samsung's failed Bada operating system, most of the vulnerabilities are from code written in the past two years.
Samsung says it's "fully committed" to working with Neiderman to fix any vulnerabilities, and Neiderman himself says he's been in contact with Samsung, sharing "snippets" of the vulnerabilities with the company. Wareable has contacted Samsung with more questions, and we'll update this if and when we hear more.
The Tizen vulnerability news comes on the heels of news that the CIA allegedly hacked Samsung TV, potentially allowing the government agency to listen in and capture conversations. While it's a good thing that Samsung is made aware of these vulnerabilities, so that it can work on fixing them, it's a bit alarming that its flagship line of smartwatches is vulnerable.