Passwords that aren't secure? Over 100 million Samsung smartphones are impacted.

 

Samsung normally releases security upgrades for its Galaxy devices on a regular basis. However, such upgrades are only implemented when the associated issues are identified. According to a recent Tel Aviv University investigation, Samsung has shipped a number of phones with major factory security flaws.

HIGHLIGHTS

• According to a source, Samsung distributed Galaxy cellphones that included a significant security flaw.
• It is estimated that more than 100 million devices are impacted.
• Cryptographic key storage is flawed.

Since the launching of the Samsung Galaxy S8, there has been a security issue with the South Korean manufacturer's cellphones that no one was aware of until now. This flaw assured that the devices did not correctly store cryptographic keys. This permitted third people to obtain the keys without your knowledge.

As a result of such an attack, your passwords are no longer safe. The issue happened in the "Trust Zone OperatingSystem (TZOS)," which is in charge of critical security operations. The implementation of cryptographic functions in this system contained weaknesses that allowed passwords to be printed as plain text.

Countless devices affected

Because this flaw has been present since the Samsung Galaxy S8 and affects the S8, S9, S10, S20, and S21 series models, it is possible that more than 100 million smartphones are affected. There is no definite case number because no one was aware of the vulnerability. The researchers' study contains detailed information regarding the security breach.

Meanwhile, Samsung has responded and patched the flaw with two patches. However, it is unknown whether there are any more faults that have gone undiscovered. We can only hope that in the future, our passwords will be safe.