Through Project Zero, Google has a team of engineers dedicated to discovering new vulnerabilities. One of the most recent discoveries of this team involves Samsung and the modifications that it operates on Android.
According to Google, the South Korean is making unnecessary changes to the Android kernel. These changes may even jeopardize the security of your users’ data.
Android is an open source operating system, which means that anyone can modify it. That’s why there are interfaces like One UI, MIUI, EMUI and many others.
In the case of Samsung, this has always been one of the companies that most distanced itself from pure Android. The South Korean has been improving her practices in this field, but apparently there are things that she moves and shouldn’t.
Samsung is trying to solve problems that should be left to Google
In short, what Samsung is doing is tinkering with how the hardware communicates with its drivers. These changes open the door to arbitrary software execution on devices running Android 9 and above, which can lead to the introduction of malware.
These conclusions come after an in-depth analysis of the latest update available for the Galaxy A50. However, it is not known whether other models suffer from the same disease.
The person responsible for Android exemplifies that one of the changes made by Samsung is related to who has permissions to read and write in the Android kernel. This is something that Google itself has been developing, that is, a totally futile modification.
By messing with the work already done by Google, Samsung not only devalues what has been done by the American company, but it can compromise the safety of its equipment. That is why the South Korean should rely more on official mechanisms.
This report shows us that sometimes it is better not to interfere with the work of others. This does not mean that Samsung engineers are weak in what they do. They are simply wasting time on futile things when they could channel that effort into developing updates for their equipment, for example.
EBox editors recommend: