“Samsung has a lot of explaining to do — once again,” Gene Steinberg writes for The Tech Night Owl. “First, there are those flawed security systems for the Galaxy S8 smartphone. It has three different biometric schemes to secure the handset, which is supposed to be a good thing. But that’s true only if they work properly.”
“Before the Galaxy S8 even went on sale, legitimate questions were raised about the placement of its fingerprint sensor, in the rear. It was so easy to accidentally touch the camera lens instead, you might want to have a tissue handy in case you want to clean it,” Steinberg writes. “There are two other security sensors, and there appear to be serious flaws with both. During the Galaxy S8 launch event, for example, someone was able to defeat facial recognition with a photo of the user’s face… What’s left is the iris scanner, which had some known limitations. So it is less accurate in bright sunlight, or when it’s dark. Worse, it’s clearly worthless even under the best conditions. According to published reports, some hackers who work with Europe’s Chaos Computer Club managed to make easy work of defeating the Galaxy S8’s iris recognition feature.”
“Let’s add this up now. The fingerprint sensor is awkward to use, the facial recognition feature and the iris recognition features are easily defeated with user photos,” Steinberg writes. “There are also reports of battery overheating issues with the Galaxy S8. Again, it doesn’t seem as if there are enough to warrant special attention, and a fair amount of product is out there. According to Samsung, five million were sold during the first month. That’s supposed to be a good thing, although Apple manages to move far more iPhones in a launch single weekend.”
Read more in the full article here.
MacDailyNews Take: Not to mention that the slavish copier’s flagship Galaxy S8 gets smoked by Apple’s two-year old iPhone 6s in head-to-head speed tests.
The slavish copier can’t even copy well. Those who opt for pretend iPhones certainly are masochists.
Happy Memorial Day weekend, U.S. readers!
Interns: Tap Those Kegs!
Apple’s two-year-old iPhone 6s beats Samsung’s Galaxy S8 in speed and memory management shootout – May 26, 2017
Breaking Samsung’s iris scanner that supposedly ‘locks’ the Galaxy S8 is laughably easy – May 23, 2017
Even more problems crop up with Samsung’s Galaxy S8 – May 1, 2017
Samsung Galaxy S8 and Galaxy S8+ users suffer randomly restarting phones – April 29, 2017
Samsung under fire: Galaxy S8 owners angry over ‘red tint’ display problems – April 18, 2017
Now beleaguered Samsung’s Galaxy S7 Edge is reportedly catching fire – October 25, 2016
Samsung refusing to pay for property damage caused by its exploding phones – October 22, 2016
Horror stories from the flight ban of Samsung’s exploding phones – October 17, 2016
Analyst estimates 5-7 million ex-Samsung phone users to switch to Apple iPhone – October 17, 2016
U.S. air passengers who try to take Samsung’s exploding phones onto planes face fines, confiscation, criminal prosecution – October 15, 201
Samsung has no clue why their phones explode, yet they shipped replacements anyway, assuring their customers they were safe – October 14, 2016
Keep rushing your products out samsung. You make Apple shine so brightly 😉.
Let me rephrase that! Keep chasing Apple rumors and rushing your products out of the door Samsung! Just to be first and beat Apple to the punch! Very sad! You make Apple shine brightly each and every time!
Much more precise, thanks mate 👍🏻
Absolutely! Nothing makes Apple appear better than the faults and foibles of its competitors. Apple doesn’t need to do or perform any better as long as MS, Samsung, et al do poorly. Apple only has to perform marginally better to be regarded better. Let’s all lower the bar. It’s easier.
It all just goes to show that this stuff is hard to pull off well. Apple makes tech and engineering look so simple that it often leaves the impression that it is easy. It’s not.
The ebb of Samsung simply means the rise of a different Android OS OEM. Currently that’s looking to be LG.
I’m pretty sure I’ve read articles fairly recently that contradict that… pointing to rising numbers of Androcopy users who intend to buy an iPhone next time.
My point was that if Samsung loses ground, though iPhone may get a portion, it is more likely that many will just move on to other Android OEMs. LG is simply the next in line after Apple and Samsung. If the situation were reversed where iPhone lost users, since there are no other iOS device OEMs the huge majority would move to Android.
On the upper end of features I’m also keeping an eye on One Plus. Outside of the camera, for the price it is a very impressive line of devices.
LG is cut from the same cloth as Samsung. LG is not poised to gain anything. LG suffers from the same issues and samsung it just no one notices in light of how big samsung is and how badly they screw up or should i say keep screwing up.
They also added software that tells you to clean the camera lense when it becomes too dirty to use.
To me, it has seemed that Android apologists in the tech blog echo-chamber have gone way out of their way to try and defend this gaudy Android junk.
Sure, Samsung makes probably the only Android phone worth getting, but still, it runs Android and is a gaudy mess.
I’ll give Google credit for their services which are fantastic, but Android? Junk.
Everyone knows you can buy cheap or buy quality. People with half a brain know what to do.
one mega blunder followed by another. this is what you get by being in a rush to beat your #1 competitor.
This month’s Android Security Nightmare. This exploit affects ALL Android phones, including the very latest AND you can download proof-of-concept malware from the Google Play Store right NOW:
All Android Phones Vulnerable to Extremely Dangerous Full Device Takeover Attack
Researchers have discovered a new attack, dubbed ‘Cloak and Dagger’, that works against all versions of Android, up to version 7.1.2.
Cloak and Dagger attack allows hackers to silently take full control of your device and steal private data, including keystrokes, chats, device PIN, online account passwords, OTP passcode, and contacts.
Here’s what the researchers explained how they got on the Google Play Store to perform Cloak & Dagger attacks:
“In particular, we submitted an app requiring these two permissions and containing a non-obfuscated functionality to download and execute arbitrary code (attempting to simulate a clearly malicious behavior): this app got approved after just a few hours (and it is still available on the Google Play Store).” researchers say.
Once installed, the researchers say the attacker can perform various malicious activities including:
• Advanced clickjacking attack
• Unconstrained keystroke recording
• Stealthy phishing attack
• Silent installation of a God-mode app (with all permissions enabled)
• Silent phone unlocking and arbitrary actions (while keeping the screen off)
• In short, the attackers can secretly take over your Android device and spy on your every activity you do on your phone.
So much for Google Play Store security, again.
Hey Google Project Zero! Wake the hell up and protect Google’s own software systems!
Google ought to be gagging on that one.
The operative word for Google, all too often, really is arrogant. I do have great respect for certain people in Project Zero. They’ve done great things and I hope they continue! But to spend their lives at Google finding OTHER vendor’s software security holes while NOT sufficiently examining, testing, patching Google’s OWN software is stupid sick in the head.
And yes, Apple has had its share of severe security embarrassments as well. Thankfully, the worst of that era is over. It just happens to be Google’s turn to get kicked in the butt repeatedly for years until they respond.
To be fair, considering Project Zero is Google, I don’t see any reason they need to report to others their bugs in their software which could be many and probably being fixed as they come up. When they find bugs in other’s software they have to announce it to have that company fix their software as Google has no control over other’s source code. As a result it may appear Google is hiding bugs when compared to the number they announce for software from other companies to appear as you say ‘arrogant’. If Apple, for one is uncomfortable, they definitely have the resources to help to help the larger software community similarly and at the same time provide a ‘check’ for Project Zero. That they don’t do so perhaps speaks for itself.
Oh no, not my inference at all. I’m pointing out that Google, kindly, find bugs in other’s software. Meanwhile, there are catastrophic security holes found in Android, by other researchers, on a monthly if not weekly basis. The result isn’t that Project Zero isn’t finding bugs in Android. It’s that other researchers are finding GIGANTIC bugs in Android while Google plays a fiddle tune with lyrics to the effect that they’ve made their Google Play Store ‘secure’ when in fact they have not.
It’s all relative.
I was pointing out that other companies do not have the responsibility to report bugs they find in their own software. They most likely fix that internally like Google does. Others finding bug in Google software is good, it lets them know of bugs they missed. Project Zero is good for the industry and is one way Google also makes sure that the software and platforms their software interacts with is safer.
I think I’ve covered this subject enough. But the fact that Android is the single least secure operating system commercially available today as well as the continual discovery and exploitation of outrageous security holes in Android are a constant source of Shame On Google. I’m not going to give them a pass for letting the security mess that is Android loose on an unsuspecting world.
However, I do give Google gold stars for currently taking a two pronged approach in an attempt to make the suffering stop. They are: Providing a simple core Android that can be upgraded on ANY Android device hereafter as well as this heuristics engine thingy they’re pushing out to all current Android devices. This probably means that Android security is looking up, improving, taking the cure, getting on the wagon, taking that oath, etc. Then maybe Android might actually be seriously competitive with iOS. That would be good for everyone.
Speaking of WEEKLY Android security catastrophes and the security FAILs of the Google Play Store, here is THIS week’s!
Judy Android Malware Infects Over 36.5 Million Google Play Store Users
The Judy Malware: Possibly the largest malware campaign found on Google Play
Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads. Some of the apps we discovered resided on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown….
This sounds more serious than it really was. Reading the articles you have graciously linked, it appears that the malware is dubbed “Judy” due to all the apps from a single company that produced the “Judy” line of apps.
I find the math rather odd also. “These apps also had a large amount of downloads between 4 and 18 million, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users.” Normally, I would expect the numbers to be reversed since a single user most likely has multiple Android devices and probably has installed on more than one owned device. Thus the download count should be higher than the user count, not the other way around. As it is stated, it seems like Android users that have never downloaded the “Judy” line of apps were inexplicably infected somehow.
From what I read, the articles on ‘Judy’ implied that it isn’t known exactly when their apps went rogue. They might have been fine for some time, then PoiSoNeD.
As for infection outside of installing ‘Judy’ turdulations, I need to see more data. That’s not clear to me from what I’ve read so far.
And to be fair, here is Google’s response. More pablum? We shall see.
Keeping you safe with Google Play Protect
Whether you’re checking email for work, playing Pokémon Go with your kids or watching your favorite movie, confidence in the security of your device and data is important. And since day one, Android has been built with security in mind.
As we’ve grown, so have our security services, which constantly protect the 2 billion active Android devices globally.
We know you want to be confident that your Android devices are safe and secure, which is why we are doubling down on our commitment to security. Today we introduced Google Play Protect—Google’s comprehensive security services for Android, providing powerful new protections and greater visibility into your device security. Play Protect is built into every device with Google Play, is always updating, and automatically takes action to keep your data and device safe, so you don’t have to lift a finger….
It’s a heuristics engine. We know how reliable they are… (o_O)
Agreed, only time will tell in the end as to how effective Google’s measures are.
Is there samsung wrong with Samsung?
I’m an Apple user BUT that Samsung 8 is NICE!!! Don’t let Apple fool you. Apple needs to step up it’s game!
The functionality of that S8 blows Apple out the water…
From various reports Apple planning to charge a grand for a tweaked 7 version with a few added specs it should have had years ago… Gouging the consumer…. Apple don’t care but consumer… Just it’s bottom line…
I do not want to see Samsung go the way of the dodo bird. Strong competition keeps a company on its toes and focused on beating it’s competition through better products and lower prices. A company does not need to be #1 in every category in order to be a winner. Steve Jibs said he would be happy to have 10% of the mobile phone market. How many Billions do you need to make to be successful? No competition means we all lose because Apple would not have any need to better itself in the long run.
Samsung has a lot bigger problem than mere consumer electronics…like Dennis Rodman’s bestest boyfriend in Pyongyang.