Reply
Thread Tools
Posts: 72 | Thanked: 194 times | Joined on Apr 2011 @ Norway
#1
Hello!
I come across an article with a link to an article in English on MotherBoard;
https://motherboard.vice.com/en_us/a...ulnerabilities
I do not have any products running Tizen myself, but should people take their Samsung TV offline if it runs Tizen?

Last edited by hhbbap; 2017-04-04 at 21:01. Reason: Just some extra info about I am not affected myself
 

The Following 8 Users Say Thank You to hhbbap For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#2
Great, just great. All of this time, absolutely little to no focus on security. Worse even, the patches will come slowly since it's Samsung.
 

The Following 2 Users Say Thank You to For This Useful Post:
Posts: 671 | Thanked: 1,630 times | Joined on Aug 2010
#3
Originally Posted by gerbick View Post
Great, just great. All of this time, absolutely little to no focus on security. Worse even, the patches will come slowly since it's Samsung.
My gut feeling about that shiny package at the store is sated,
and I am a bit startled about the security aspect.

, it's the Holy Grail for a hacker who can abuse it.

"You can update a Tizen system with any malicious code you want," he says.
Makes me want to make a ranking system,
perhaps I should get off my lazy chair and start a new thread.
(surely someone else has done exactly this somewhere else
that I simply have not seen yet...?)

Please feel free to expand revise copy paste or whatever:


Phone OS rated = security * flexibility)
on scales of 0.0 through to +1.0

Maemo5 (= 0.9 * 0.8)

UbuntuTouch (= 0.7 * 0.5)

Apple (= 0.6 * 0.3)

Android (= 0.4 * 0.6)

Tizen (= 0.2 * 0.1)

Somewhere there should be supporting evidence,
but only if this ends up in a proper thread of its own...
__________________
Three n900s: One for stable working platform,
One for development testing Chopping Onions
One for saltwater immersion power testing resurrected ! parts scavenging

My Mods for Wonko's Advanced Clock Plugin:
ISO8601 clock mod and Momental_IST clock mod

Printing your Email with the N900
 

The Following User Says Thank You to theonelaw For This Useful Post:
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#4
Originally Posted by theonelaw View Post
Phone OS rated = security * flexibility)
on scales of 0.0 through to +1.0

Maemo5 (= 0.9 * 0.8)

UbuntuTouch (= 0.7 * 0.5)

Apple (= 0.6 * 0.3)

Android (= 0.4 * 0.6)

Tizen (= 0.2 * 0.1)
Is this just guessing (what we call pulling numbers out of a Stetson) or do you have some thought-out evidence for the ratings?
I am critizising mainly the value 0.9 you assign to Maemo (since I really don't know anything about the others, never used them)

Maemo devices are fairly easy to break into, so the value seems tad high to me.
 

The Following 5 Users Say Thank You to juiceme For This Useful Post:
Posts: 671 | Thanked: 1,630 times | Joined on Aug 2010
#5
Originally Posted by juiceme View Post
Is this just guessing (what we call pulling numbers out of a Stetson)
Yep, Hoss,
just chewing the cud on my way back to the ranchhouse.
Throw the numbers on the barn door and see what sticks,
leaving the nitty-gritty for those who have the proper knowledge.

As for Maemo, simply adjust downward accordingly
as necessary.

We can hack the n900 surely, (I just started somewhere is all)
but does it come pre-hacked like the latest Android or Tizen ?
Those things come out of the giftwrapped box
stuffed like Thanksgiving turkey with more holes than Swiss cheese.

I am no expert in this,
(hoping a genuine expert steps up to do the dirty work)
but I have brief experience+ exposure to Android and iPhone.
I use an Android as a dummy modem,
but am retasking my Ubuntu to do that as it is such a stupid device.

Using Android is like
carrying around a set of crosshairs on your back,
but the Ubuntu is not vastly better (having few bad habits on GSM).
Maemo is completely under the radar however.
The providers don't hack it because it is so out of spectrum.
I have even gotten some very curious approaches by staff
about using it here.

I have already been tagged by certain people and gotten
a couple of services blocked in one region for using Ubuntu.
They named a server after my email address in a different locale,
which was funny/cute (different story altogether),
but there they did not exhibit the raw hostility I see these days.
The kinds of backflip handstands (like blocking github ?!?!)
we see here every week is enough to generate some concern.

Tizen may be more secure on the local side (guessing again)
whereas Android may be gelded by the local Google servers,
which are in the hands of entities I shall not talk about here.

But what can someone else kick into this anecdote bonfire ?

If anyone else is interested
maybe we should trot this colt over to a new thread?

cheers,
from what seems to be slowly morphing into
"one of the most unpleasant films of the year"
__________________
Three n900s: One for stable working platform,
One for development testing Chopping Onions
One for saltwater immersion power testing resurrected ! parts scavenging

My Mods for Wonko's Advanced Clock Plugin:
ISO8601 clock mod and Momental_IST clock mod

Printing your Email with the N900

Last edited by theonelaw; 2017-04-05 at 05:43. Reason: clarification
 

The Following 3 Users Say Thank You to theonelaw For This Useful Post:
kinggo's Avatar
Posts: 943 | Thanked: 3,228 times | Joined on Jun 2010 @ Zagreb
#6
Originally Posted by gerbick View Post
Great, just great. All of this time, absolutely little to no focus on security. Worse even, the patches will come slowly since it's Samsung.
if even that...... They have to sell all that new junk they made. Their new TVs (QLED ) cost way more then last year 7-8-9 series and are equal or worse in many aspects. But it looks that they managed to patch this type of holes
 

The Following 3 Users Say Thank You to kinggo For This Useful Post:
Posts: 509 | Thanked: 626 times | Joined on Jul 2012 @ Mexico/Germany
#7
Maybe take a look at samygo.tv
 

The Following User Says Thank You to chilango For This Useful Post:
kinggo's Avatar
Posts: 943 | Thanked: 3,228 times | Joined on Jun 2010 @ Zagreb
#8
http://www.gsmarena.com/newscomm-24387.php
now, if they spent that on actual R&D, QC and SW developers maybe they would be more than just makers of mediocre shiny plastic crap. Where quality stops, marketing begins.
 

The Following 3 Users Say Thank You to kinggo For This Useful Post:
Posts: 368 | Thanked: 975 times | Joined on Aug 2013
#9
Talk from Brian Lunduke about IoT. He could have probably made the case in a couple of minutes and he made some extraordinary claims but still (or probably because of that) quite entertaining. Seems on topic.

https://www.youtube.com/watch?v=304Lcn0nU3c
 

The Following User Says Thank You to t-b For This Useful Post:
wicket's Avatar
Posts: 634 | Thanked: 3,266 times | Joined on May 2010 @ Colombia
#10
In related news...

27 000 errors in the Tizen operating system

It's a shame really. It doesn't seem like Tizen will ever be a viable alternative. If I want a decent phone OS, I've got to make it myself. :/
__________________
DebiaN900 - Native Debian on the N900. Deprecated in favour of Maemo Leste.

Maemo Leste for N950 and N9 (currently broken).
Devuan for N950 and N9.

Mobile devices with mainline Linux support - Help needed with documentation.

"Those who do not understand Unix are condemned to reinvent it, poorly." - Henry Spencer
 

The Following 6 Users Say Thank You to wicket For This Useful Post:
Reply

Tags
hacker, samsung, security, title tldr, tizen, zeroday

Thread Tools

 
Forum Jump


All times are GMT. The time now is 15:37.