Forgetting to renew a domain name, Samsung could result in the hacking of millions of smartphones.
In computing, the security of users may be undermined by a bad action. However, there can be a tendency to forget that inaction is sometimes just as bad. The recent dumpling made by Samsung is there to remind us of the fact.
The south Korean manufacturer has forgotten to renew a domain name, thereby potentially jeopardizing the safety of millions of smartphones, as it learns on the site, Motherboard. To understand the concern, it is necessary to go back a few years back, when the terminals of Samsung offered natively an application called S Suggest.
The application S Suggest a cause
It was in the form of a widget on the home screen and offered to install a selection of applications. S Suggest also allowed to show your contacts the apps that you install through the integration of a plug-in Facebook. Samsung has put an end to S Suggest in 2014.
However, this is not because the builder did not have a more the follow-up of its application that they were no longer used by some consumers. It is impossible to define their exact number, but we can easily assume that a plethora is still of smartphones from the brand that came out before 2014.
A flaw that could be expensive
This is why the fact that Samsung has not renewed the domain name ssugest.com — a site that allows you to control the application S Suggest — is a problem. According to João Gouveia, the it security specialist who had identified the flaw, a hacker’s malicious would have easily been able to take control of the smartphones on which S Suggest installed.
He explained that the permissions of S Suggest allow him to restart the phone and install applications. It is easy to imagine the danger if the domain had fallen into the wrong hands. Note that Samsung contradicts João Gouveia and affirms that access to the domain name “does not install malicious applications and control the users ‘ phones “.
João Gouveia claims to have resolved the concern by seizing the domain. To get an idea of the number of users of S Suggest, the latter has indicated that he has recorded 620 million registrations and login in 24 hours from 2.1 million different devices.
The permissions of S Suggest (image : Motherboard / João Gouveia).
To finish on a note of anxiety, you may recall that Samsung had already been fingered for the lack of security of its services when an expert had discovered 40 faults 0-Day on Tizen. “This may be the worst code I’ve ever seen , “he said.