Google has a stake to protect with Samsung because the Mountain View search giant largely depends on the Korean phone maker if only for the continued popularity of the Android operating system. Any security flaw found in Samsung’s flagship devices could mean a bad thing for Google.
That is why security researchers at Mountain View were quick to send alerts to Samsung about nearly a dozen vulnerabilities they found specifically in Samsung Galaxy S6 Edge. The team described the vulnerability to be of high risk.
Some of the security loopholes discovered in the Samsung Galaxy S6 Edge model include the apps’ access to personal information such as contact numbers and photos. The researchers found that the Samsung Galaxy S6 Edge has been permitting a couple of apps to gain access to these pieces of data without the owner knowing about it.
In other instances, some apps are able to gain unwarranted entry to the owner’s private data through an SMS or email message sent to the user. The security team also found in other cases that a few other apps could have far more permission than just to a limited email function, which makes your email exposed to third-party prying eyes.
As of this posting, only eight out of 11 security issues were addressed by Samsung after the company received the advisory from the Google security team, who branded themselves as Project Zero. Project Zero worked for one week to study, examine and identify the security problems with Samsung Galaxy S6 Edge.
Google, for its part, can only advise a partner company such as Samsung on how to react when a security issue arises, because the Mountain View company does not have sufficient control over the security system for Samsung’s devices, unlike Apple which directly oversees the security of the iOS ecosystem.
Android is only somewhat borrowed by Samsung and other original equipment manufacturers from Google, being open source. That makes Android a little less secure compared with iOS devices such as iPhone and iPad. The only thing Google can do to help is to perform a variety of security tests on the OEMs to see how secure their devices are, and indirectly the Android as well.
The security flaws found in Samsung Galaxy S6 Edge were discovered through a contest sponsored by Google, specifically intended to hack the Galaxy device. After finding out the issues, Google gave Samsung up to three months to provide software fixes. Beyond the deadline, Google would publish a damning report on its blog site to shame the OEM involved that did not respond.
Leave a Reply