Previous Story
Samsung Galaxy S6 Edge Flaws Uncovered
Posted On Nov 06 2015
Comment: Off
The Project Zero team sought out vulnerabilities in the Galaxy S6 Edge, selected for its popularity, then reported them to Samsung to see how long it would take the manufacturer to fix the security risks.
Google’s Project Zero spent a week trying to find security flaws in the Samsung Galaxy S6 Edge and managed to find eleven ‘high-impact security issues’.
The folks over at Google are apparently taking security flaws very seriously and have assembled a team comprised of a few of their best experts in order to find and fix issues that might be plaguing various pieces of software.
The most critical issues have already been addressed in a recent device update.
The Galaxy S6 Edge was revealed back in March at Mobile World Congress, and gained great attention thanks to its curved glass screen.
“We will give UDS as standard in mass segment devices which increases the standby time by 2X”, Manu Sharma, Director-Product Marketing, Samsung India Electronics said. Another angle to this research would be that most of its vulnerabilities were the result of Samsung’s customisations to the stock Android firmware.
She also highlights the problem of OEMs introducing “additional (and possibly vulnerable) code into Android devices at all privilege levels”.
During its testing, Project Zero discovered the weakest areas attackers could target are within device drivers and image processing.
Around 11 vulnerabilities have been uncovered in Galaxy S6 Edge’s code, which could be used to target the device in different ways.
One of the issues Google’s team came across allowed hackers to intercept emails on the phone and forward them on to any other account without the victim knowing.
Details of the remaining bugs can be found on Project Zero’s blog and its database of closed flaws. The remaining three, which were marked as lower-severity, would be fixed throughout November, they added. The only way to ensure you’re running the latest and greatest version of Android with no compromises is to buy a Nexus phone straight from Google.
