Millions of Samsung smartphones shipped with a vulnerability
According to an investigation, Samsung has sold around 100 million unsafe mobile phones. The affected smartphones are devices from the group's flagship series. The vulnerability is said to have been patched by now – if users have installed an update.
Samsung: Galaxy S cell phones delivered with a security hole
According to a study by Tel Aviv University, around 100 million units of Samsung's Galaxy S series have come onto the market unsafely. Although the current flagship Galaxy S22 is not affected, according to the study, the Galaxy S8, Galaxy S9, Galaxy S10, Galaxy S20 and Galaxy S21 models were not safe out of the box. Attackers could have accessed encrypted information without the knowledge of the users, it is said.
According to the researchers, the serious error should have been found in Samsung's TrustZone Operating System (TZOS). TZOS is supposed to offer adequate protection against attacks. Instead, the way cryptographic functions were implemented represented a "weak, poorly documented link" in the security chain (source: International Association for Cryptologic Research).
The report by Tel Aviv University does not say whether other phones were affected in addition to the flagship phones mentioned. The investigation focused on top models . The results should be understood as a "general demand for open and proven standards" in the field of cryptography.
The current Galaxy S22 is not affected by the gap.
Insecure Samsung cell phones: gap already closed
Samsung was informed months ago about the vulnerability found. Affected smartphones received a corresponding update between August and October 2021 . Cell phone owners should always check when the last security update was installed.
Comments
Post a Comment