DEAL Galaxy S24 FE, Galaxy Watch 7. Subscribe today and be the first to learn about One 7 beta!

SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission.

News For You
News For You
Notifications

Samsung’s SmartThings connected home platform seems to have serious security issues

Latest Samsung news
By 

Last updated: May 3rd, 2016 at 11:30 UTC+02:00

It was evident from the technologies and products that were showcased at the Samsung Developers Conference 2016 that the company is pushing IoT (Internet of Things). However, have you ever considered how secure these products are? Researchers have recently found that Samsung's SmartThings platform has serious security issues.

Researchers at the University of Michigan have found multiple security flaws in Samsung's SmartThings platform that could allow malicious apps to unlock doors, remotely set access codes to a smart home lock, falsely set off smoke alarms, or put devices on vacation mode. All the attacks showcased in the video require users to install a malicious app from SmartThings app store or click a malicious link.

It seems that most pressing issues in the SmartThings platform are the privileges given to apps, many of which they don't even need to function. For instance, a smart lock only needs permission to lock itself, but SmartThings bundles a command that allows it to unlock itself, which could then be used by a malicious app to unlock the door. Researchers showcased an overprivileged app that lets hackers program their own PIN code for a smart lock.

Researchers showcased their findings through a proof of concept app that promises to monitor battery life on various devices. However, it asks permission for a lot of other things apart from a permission to monitor battery level on products and users unknowingly allow the app. The team analyzed 499 SmartApps and found that around 42 percent apps are currently overprivileged.

Following this report, a SmartThings representative said, “The potential vulnerabilities disclosed in the report are primarily dependent on two scenarios – the installation of a malicious SmartApp or the failure of third-party developers to follow SmartThings guidelines on how to keep their code secure. Following this report, we have updated our documented best practices to provide even better security guidance to developers,” in an email to The Verge.

Alex Hawkinson, CEO of SmartThings, said the company has issued a number of updates after the findings in the research. The company claims that it conducts app reviews to filter out malicious apps, but the researchers aren't convinced that the company's efforts are enough to stop these attacks. Samsung acquired SmartThings two years ago when the concepts of connected home and IoT were fairly new.

Via Source Latest Samsung news SmartThings
Galaxy AI summarized

Scroll for more related content
News For You

You might also like

Samsung to unveil One UI 7.0 at SDC Korea next month?

Samsung to unveil One UI 7.0 at SDC Korea next month?

Earlier this month, the Samsung Developer Conference (SDC) 2024 was held in the US, but the company didn't unveil the design and features of One UI 7.0 at the event. Instead, it said it would open the One UI 7.0 Beta Program before the end of this year. Now, it appears that it could open […]

  • By Asif Iqbal Shaik
  • 3 days ago
New SmartThings update brings Home Insights, Daily Routines, and more features

New SmartThings update brings Home Insights, Daily Routines, and more features

Samsung has released a major new update to its SmartThings app on Android devices. It brings some new features, including Home Insights, Daily Routines, expanded cards for devices, Quick Controls for more device categories, and automatic backup for SmartThings Hub. SmartThings app gets updated to bring Home Insights, Daily Routines, Quick Controls, and Hub backup […]

  • By Asif Iqbal Shaik
  • 4 days ago
Samsung’s legendary phones facing bootloop issues after update

Samsung’s legendary phones facing bootloop issues after update

A few days ago, Samsung released an update to the SmartThings app that reportedly caused severe issues for some older Samsung smartphones. Multiple Galaxy Note 10 and Galaxy S10 series users complained about their phones getting stuck in a boot loop. The company has now confirmed the cause. Samsung confirms SmartThings update caused bootloop issues […]

  • By Asif Iqbal Shaik
  • 4 weeks ago
SmartThings to offer AI-powered suggestions via Home Insight

SmartThings to offer AI-powered suggestions via Home Insight

Samsung unveiled several new features for its platforms last night at the Samsung Developer Conference (SDC) 2024. In addition to Bixby, One UI 7.0, and Tizen, the company showcased how it is planning to improve its smart home platform, SmartThings, with AI. One of those new features is SmartThings Home Insight. SmartThings Home Insight offers […]

  • By Asif Iqbal Shaik
  • 4 weeks ago
An overview of what Samsung is announcing at its developer conference

An overview of what Samsung is announcing at its developer conference

We are in San Jose for the Samsung Developer Conference (SDC24), where the company offered an overview of its software-related plans for the future. Jong-Hee Han, Vice Chairman, CEO, and Head of the Samsung Device eXperience (DX) Division, talked about the company's strategy. An even greater focus on AI experiences Unsurprisingly, Samsung's current vision involves […]

  • By Mihai Matei
  • 4 weeks ago
SmartThings Home Insight is a new tool to run an efficient home

SmartThings Home Insight is a new tool to run an efficient home

Samsung’s SmartThings platform continues to go from strength to strength, boasting more than 350 million subscribers and over 350 Works with SmartThings partners who make connected devices that work with Samsung’s smart home platform. It wouldn’t be a Samsung Developers Conference without a new feature for SmartThings, and that’s precisely what Samsung has given us […]

  • By Adnan Farooqui
  • 4 weeks ago