Samsung Shattered Encryption on 100M Phones
One cryptography expert said that 'serious flaws' in the way Samsung phones encrypt sensitive material, as revealed by academics, are 'embarrassingly bad.'
Samsung makes phones, chips, and connected devices whose software flaws, firmware updates, and supply-chain risks can affect data and system security.
Search across headline titles and summaries.
Background for this topic.
Samsung is a manufacturer of smartphones, tablets, wearables, televisions, appliances, and related software; in security coverage, the term most often concerns Galaxy mobile devices, their Android-based firmware, and enterprise controls such as Samsung Knox. Its large installed base makes Samsung firmware, preinstalled applications, and device-management interfaces relevant attack surfaces for both consumers and organizations.
Security news may involve vulnerabilities in the Android framework, Samsung components, drivers, boot chain, or bundled applications, as well as the availability and scope of monthly device updates. Practitioners should track affected models and software versions, apply vendor patches, and account for devices that no longer receive updates. Knox features can support hardware-backed key storage, secure boot, work-profile separation, and centralized policy enforcement, but their protection depends on configuration and the underlying device lifecycle. Privacy reviews should also consider permissions, telemetry, and data handled by Samsung services.
One cryptography expert said that 'serious flaws' in the way Samsung phones encrypt sensitive material, as revealed by academics, are 'embarrassingly bad.'
Academics found TrustZone-level code could not be trusted to keep secrets Academics at Tel Aviv University in Israel have found that recent Android-based Samsung phones shipped with design flaws that allow the extraction of secret cryptographic keys.…