Samsung always has a grand vulnerability each year. Like clockwork!
In 2015, a vulnerability in Samsung's SwiftKey keyboard was discovered that allowed attackers to remotely execute code on the device.
In 2016, researchers discovered a flaw in Samsung's Knox security software that could allow an attacker to escalate privileges and gain root access to the device.
In 2017, a vulnerability was discovered that allowed attackers to take control of Samsung's SmartCam cameras.
In 2018, researchers found a flaw in Samsung's Secure Boot feature that allowed attackers to install malicious firmware on the device.
In 2019, researchers discovered a vulnerability in Samsung's Galaxy S10 fingerprint scanner that allowed anyone to unlock the phone with a 3D printed fingerprint.
Why is this? Id be interested to read the reasons why.
At the top of my head it's WFM opening up attack surfaces but it could be that hackers with more free time hacked more. Sociological reasons are more interesting for me.
Multiple industries laid off large parts of their workforce. US unemployment trippled, and more tourist heavy countries fared even worse. One of the biggest drivers of crime is "it was the best option available at the time", and most cybercrime isn't highly skilled and fairly accessible.
To make matters worse, "regular" crime struggled at the same time. It's harder to break into people's homes if they are at home all day, and you can't mug them in a dark alley either, neither can you pickpocket tourists.
My guess is with lockdowns you had a lot of people bored at home stuck with nothing but digital screens for entertainment. People with remote jobs or no jobs could be scanning sites for exploits in the background whilst doing other things since they have literally nothing better to do to keep them occupied, not like they can go outside very often.
This is a guess though, but now think of the millions upon millions of people bored at home who might think "I wonder if..."
In some forums I lurk in there was some hubub about massive holes in security that were opened up via people who are used to working in an environment with IT support (somewhat secure, depending), etc, to people trying to figure everything out at home on their own and using new tools (both software and hardware) to do it. Don't know how accurate it is but it makes some logical sense to me.
> Although Samsung told NowSecure in March that it had sent wireless carriers a fix which could be transmitted to the phones, and not to go public on it for three months, Samsung did nothing about it.
As if written today, even though it’s 8 years ago lol!
I've stopped buying anything Samsung because their quality control has become non-existant.
My S22 ultra has a major bug that causes the screen to no longer update until I screenshot my way to the restart button. (Their response is trade in for an S23, but at my expense).
I've never had a TV fail before, much less within two years. When I first put it together, it seemed like it was designed to fail. When they do, repair means either be charged $300 for a $10 fiber optic cable or $400 for a new output box.
Any appliance repair person worth their salt would tell you to never buy Samsung appliances. They're the most prone to failure, most expensive to repair. They try to appeal to consumers by appearing like a luxury brand, while having bottom of the barrel engineering inside.
I am avoiding anything Samsung until their track record turns around completely.
Possibly, but Samsung is the 2nd most popular phone manufacturer on the planet. It stands to reason that with the level of visibility they'd have a lot of eyes on them to find these things. That list provided at the top is also a bunch of different devices and entirely different types of electronics, which again is an argument that the bigger the market the more likely that something will be found.
>Samsung has much greater than average occurrences of critical root level vulnerabilities.
I get it you dislike Samsung but citation needed for such claims other than "trust me bro".
Also, since Samsung is possibly the world's biggest, or at least one of the biggest makers and sellers of electronics, serving a wide variety of markets and price points, it's inevitable that their name pops up more often than other brands.
The target on your back from hackers and security researchers is proportional to your size as a company. Everyone would like to gloat they hacked a Samsung device. Nobody cares you hacked a TCL device.
So a better metric would be severe vulnerabilities per number of devices sold .
IMO the metric should also consider how long it took them to patch it. Everyone has zero days, that's life. But there is no excuse for not patching a critical vulnerability.
i dont understand how anybody can be so sure with AI, i mean its billions of connections and information points acting as receptors, who the hell knows for sure
In 2015, a vulnerability in Samsung's SwiftKey keyboard was discovered that allowed attackers to remotely execute code on the device.
In 2016, researchers discovered a flaw in Samsung's Knox security software that could allow an attacker to escalate privileges and gain root access to the device.
In 2017, a vulnerability was discovered that allowed attackers to take control of Samsung's SmartCam cameras.
In 2018, researchers found a flaw in Samsung's Secure Boot feature that allowed attackers to install malicious firmware on the device.
In 2019, researchers discovered a vulnerability in Samsung's Galaxy S10 fingerprint scanner that allowed anyone to unlock the phone with a 3D printed fingerprint.