The vulnerability was patched by Samsung in security updates after it was reported to them.
The manufacturing of Android smartphones is mainly divided into two sides. On one side there are cheap smartphone makers offering great features at a low-cost or a reasonable rate. On the other side, there are big players who release expensive phones with more support and quality. The top smartphone maker in the expensive segment is Samsung.
Samsung, through its Galaxy series, dominates the premium Android smartphone sector, with Google’s Pixel series of phones being another major player.
The highlight of Samsung phones are their excellent display quality with its AMOLED screens and latest Android features among other things.
As far as Android updates are concerned. Not so long ago, Samsung announced that it will provide 4 years of software updates. That is, 3 years of Android OS upgrades and 4 years of security updates, to all its Galaxy phones and devices, something which no other smartphone manufacturer offers. Looks like a lot of people might find that useful due to a recently found vulnerability.
Security flaw
As per The Register, security researchers have found a massive flaw in Samsung phones which shipped in last 5 years. The flaw effects many phones including Galaxy S8, S9, S10, S20, and S21.
Basically all ARM processor based smartphones use a hardware backed encryption. That encryption is used in generating and storing passwords and other security related information.
Samsung’s mistake was that they did not implement this encryption properly, giving researchers and potentially even the hackers an ability to get the secret keys used in this hardware backed encryption feature.
The problem with Samsung’s implementation was, while normally the encryption outputs are randomized, but in Samsung’s case they remained the same, which is a complete no in the world of encryption as this allows predictability. Another mistake it did is that it allowed app level selection of encryption, as opposed to deep level one.
The issue with all this is that doing so allowed a potential hacker to easily gain access to the hardware protected encryption keys.
The vulnerability was mainly combined into two parts. One that affected older phones, and the one which allowed newer phones to downgrade their encryption levels to older ones so that same vulnerability can be exploited.
Outcome of this vulnerability
The researchers used this vulnerability to circumvent password protected security systems on various sites and even circumvented Google secure key sharing system, which is used to securely share keys between devices.
Imagine a hacker being able to do this. They can cause so many issues including getting access to secret data, passwords among all the other things possible.
Researchers are estimating that this vulnerability effected 100 million Samsung smartphones that were shipped in last 5 years.
Security patches
Thankfully, the vulnerability is now fixed by Samsung. The researchers had notified Samsung about main vulnerability in May 2021 which was fixed by Samsung in August 2021 security updates. Later they also notified Samsung about the downgrade vulnerability in July 2021 which Samsung fixed it in October 2021.
What should I do
We have always mentioned. Keeping your software updated is of utmost importance. Updating the software is not only about getting new features, but it’s also about getting important security issues fixed. Most of the security issues are something the public are not aware about. As Samsung has already fixed this vulnerability, everyone is advised to update their Android OS to the latest version with the updates Samsung has provided to its phones.
